- The American Conservative - http://www.theamericanconservative.com -

Losing Liberty Through the Backdoor

The question of how to balance government surveillance with individual privacy is really quite simple. On one side the government believes that the investigation of someone who is either planning or has actually carried out a crime should be without any conditions, that all evidence potentially relating to the event should be accessible to law enforcement. On the other side, citizens have a reasonable expectation of privacy in their day to day activities, meaning that the government should have to demonstrate indisputable “probable cause” to a judge before undertaking any intrusion into an individual’s private space. And even then, the intrusion should be narrowly defined to include only the actual criminal activity under investigation.

The problem comes in where the two principles collide, particularly as the new national security relationship between government and governed is still being laboriously defined in the wake of Edward Snowden’s revelations about the extent of American and British communications monitoring. The manufacturers of telephones and the providers of internet and phone services, which inhabit an uncomfortable space between the government and the public, have inevitably become the new zone of conflict. Apple, maker of the world’s most well known smartphone, has recently found itself in these crosshairs.

Companies such as Apple market hardware and communications services globally based on a presumption that the systems are secure, meaning that they are resistant to being hacked or accessed by either criminals or the government. As a result, security features have been incorporated that are at least in theory unbreakable, some of which are referred to as “end to end encryption” where only the sender and receiver can have access. Sophisticated security systems reportedly have so many variables built into them that they can only be broken by a computer capable of running thousands or even millions of numerical combinations. Such computers exist at NSA but they are unable to defeat a second feature that some phones have, which is a delete function that wipes the phone memory clean of data after 10 tries to break the security system are attempted.

The national security community, for its part, maintains that any communications system must have a “backdoor,” that is a point through which access can be obtained that bypasses or disables the security or passcode and reveals the contents. To further complicate the issue, a federal judge has now entered into the conversation, ordering Apple [1] to “unlock” the iPhone that was used by Syed Rizwan Farook, one of the two terrorists who killed 14 people in San Bernardino California on December 2. The FBI reportedly has been seeking to access the phones for over two months without success and is claiming that Apple has been uncooperative in revealing the technology involved.

Apple’s Chief Executive Tim Cook responded [2] to the demand with a refusal, saying that the “U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create.” Cook went on to state that any attempt to create a backdoor would weaken the overall integrity of the security system, making it susceptible to hacking and other cyber intrusion. And he also correctly noted that many people store substantial information on their phones, meaning that the government or a criminal would have access to personal data far beyond the record of who has been calling whom and when.

All the phone’s peripheral information would become vulnerable and there is no way to guarantee that the government would not access information that has nothing to do with its investigation. Indeed, the past 15 years would suggest that the government cannot be trusted whenever it is presented with an opportunity to overreach. And once a key is developed to compromise the security of even one phone it can be used on all phones that use the operating system, which means any one of the millions of Apple phones.

Cook did not note his other concern—creating a backdoor for the U.S. government would cost Apple much of its huge overseas market, after consumers there turned to other phones with unbreakable encryption. It would be devastating for the company.

The Apple chief also expressed another concern, that bowing to the FBI demand would inevitably lead to new administratively imposed requirements, where the “government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.”

Apple quite likely also understands that any key provided to the FBI would not just be destroyed after use. It would be shared with the CIA and NSA and likely with foreign partners like the British and Israelis, who would not be reluctant to use the new toy. Cook is certainly aware of legislation pending [3] in Great Britain. The British government security services, like the FBI, are particularly concerned over phone encryption and a new law would require the companies involved to “decrypt” desired information when presented with a warrant to do so. It is unclear what would happen next if the company cannot comply because no such technical option exists, as Apple argues, but the British government might well demand that such a feature be incorporated into new operating software. If the company failed to comply, it could be subject to punitive fines or even have its business operation shut down in the UK.

And there is also considerable debate [3] over proposed British government monitoring of the internet, which is likely a harbinger of what might be coming worldwide. Additional legislation being proposed by Home Secretary Theresa May as part of a package of new laws designed to enable the police and security services to have freer access to a whole range of communications services would require technology companies to retain all “internet connection records” for 12 months.

That means that any time you send or receive something or go to a website, the information would be saved and would be accessible to the police. And it would all take place without either judicial oversight or any requirement for a warrant. Interestingly, the legislation is being promoted as a tool to investigate child pornography sites, but it would no doubt be used much more extensively if it becomes law. As in the frequently abused FBI surveillance using National Security Letters, the target of the investigation would have no knowledge that he was being looked at and the communications provider would be forbidden by law from revealing to the customer that anything was taking place.

Nearly everyone would likely agree that revealing the contents of terrorist Syed Farook’s phone would be desirable. But if doing so would also make all Apple smartphones vulnerable to government intrusion, it would be the devil’s own bargain—trading away a fundamental liberty for a tool that the security services would undoubtedly find helpful, though it is unlikely to be a game changer. And as soon as militants learn that some of their phones are vulnerable, they would undoubtedly find other ways to communicate, as they have done in the past.

Government inevitably pushes for more power to define the rules it operates under in such a way as to sanction behavior that once upon a time would have been considered unacceptable. In this case, it is important to understand that the Farook iPhone is not just a single phone owned by a terrorist, as the FBI would have one believe. It instead constitutes a wedge issue, representing the government’s insistence that everyone’s zone of privacy should be defined by some bureaucrat’s interpretation of “making you safe.” Developing an iPhone backdoor to find out whom Farook talked to would be a very bad bargain.

Philip Giraldi, a former CIA officer, is executive director of the Council for the National Interest.

15 Comments (Open | Close)

15 Comments To "Losing Liberty Through the Backdoor"

#1 Comment By Grumpy Realist On February 19, 2016 @ 9:39 am

This is also something that both conservatives and liberals can get behind as being A Bad Idea.

Camel’s nose under the tent, indeed.

#2 Comment By CM On February 19, 2016 @ 10:20 am

It is a mistake to buy into the narrative apple is selling. This back door can be a completely one use thing, designed specifically for that particular phone. Deliberately creating a vulnerability–something apple can whenever it wants to with its devices–does not have to spread across the entire apple ecosystem. Write the code in a secure room with RF dampening, transfer the update via a hard wire, and once the information is downloaded, destroy the code.

#3 Comment By Fran Macadam On February 19, 2016 @ 11:35 am

“Power always thinks it has a great soul and vast views beyond the comprehension of the weak; and that it is doing God’s service when it is violating all his laws.”

— John Quincy Adams

#4 Comment By Fran Macadam On February 19, 2016 @ 11:47 am

“This back door can be a completely one use thing, designed specifically for that particular phone.”

No, it’s requiring to be written and deployed without owner assent an operating system version “upgrade” that by its nature can be applied automatically to any or all of the billion phones.

You might as well pretend that atomic weapons could be uninvented. Once it’s compelled to be done, it will be required, as has already been made clear as a prior administration objective. It is likely that as with other “tailored operations” currently in use, it will be applied “unwittingly” (in Clapperese), pre-emptively and without meaningful oversight to any of the routine hundreds of millions targeted domestically and worldwide. The purported authority is already in full use.

#5 Comment By Fran Macadam On February 19, 2016 @ 11:57 am

It’s mind boggling how addicted the government has grown to keeping its own secrets from the public, including dirty laundry and embarrassments, while demanding members of that public must never have anything about themselves it cannot know and use.

If they have done nothing wrong, why are they hiding so much of their activity from us?

#6 Comment By Philip Giraldi On February 19, 2016 @ 12:17 pm

Check out this which appeared on Bloomberg today. The government’s intentions on this are far from benign:

[4]

#7 Comment By Fran Macadam On February 19, 2016 @ 1:30 pm

The perfect definition of fascism, where government and corporate interests become completely identical, whatever the contrary interests of the public subservient to them.

Note how the powerful exigencies of the secret Deep State so completely have captured the “community organizer” President, who either has no power himself to resist, or finds it pragmatic for his personal interests. How easily a supposed “philosopher king” embraces the tyranny of unaccountability.

That is always the high maintenance cost of empire – undermining liberty first abroad and then at home because it is an act of willfulness to rule others without their consent. Human nature is inexorable – such can only be done through domination, and the necessity of force becomes habit to those who try.

“In a secret meeting convened by the White House around Thanksgiving, senior national security officials ordered agencies across the U.S. government to find ways to counter encryption software and gain access to the most heavily protected user data on the most secure consumer devices, including Apple Inc.’s iPhone, the marquee product of one of America’s most valuable companies”

#8 Comment By Junior On February 19, 2016 @ 1:45 pm

I would not be surprised in the LEAST if it turned out that this Apple controversy is just a ruse being put on by the Government to give people a false sense of security so that they let their guard down. Hell, if I was the Head Honcho of some Big Brother Government that was seeking to give people the veneer that they have some last-line defense of prying Government eyes, this is EXACTLY the type of misinformation that I would be putting out there.

Call me a “Conspiracy Nut” if you want, but I think that they already have access to ALL the information put on these devices. I think that this controversy is only a question of whether or not they can admit to how they got any “actionable” information that they would use in court or have to come up with some other excuse for how they got any “actionable” information.

#9 Comment By TG On February 19, 2016 @ 2:10 pm

It bears reminding that if Apple puts a backdoor in its phones, it’s not just our government and ‘friendly’ foreign governments that will get it. Hostile governments and criminals will get it also.

There will be tens if not hundreds of thousands of US government employees with access to this technology. Your really think that none of them will be foreign agents, or have criminal contacts? Really?

Remember that our government GAVE unlimited administrative access to its personnel records to private contractors operating out of communist China and that had Chinese passports. Well?

Suppose that, in order to make it easier for the police to catch criminals, we outlawed all locks and everyone’s doors and windows. Sure, that might make the job of the police a little easier. And it would make the life of the rest of us hell.

The terrorists of 9/11 were largely illegal immigrants who only got here because we don’t enforce our immigrations laws. We don’t need to let the government snoop on everyone’s cellphones to stop terrorism. We just need to do what the Japanese do: not let the terrorists come here.

#10 Comment By bob sykes On February 20, 2016 @ 8:51 am

Apple is plainly wrong. This is a murder case, not a privacy issue. The Fourth Amendment to the Constitution covers exactly cases like this. The FBI has a valid court order, and Apple must comply. Paterico explains the law and the situation:

[5]

#11 Comment By truthseeker On February 20, 2016 @ 11:13 am

Phillip, I found this bit of info at McClatchy:

“The prosecutors also revealed that Farook’s employer, San Bernardino County, may have been responsible inadvertently for the inability to read the phone’s data. According to a footnote, county administrators, in an effort to access the phone, remotely reset the phone’s iCloud password after the attack. The change effectively severed the connection between the phone and its iCloud account, preventing further backups, the footnote said.”

Yet, it has been consistenly reported in what I’ve read that Farook himself had disconnected his phone from its iCloud connection, and I haven’t seen this anywhere else.

[6]

#12 Comment By jamie On February 21, 2016 @ 12:06 pm

CM-

It’s not clear that Apple can limit such a tool to a single phone. They certainly could write the code to recognize the particular phone and only operate when it’s running on the phone, but that code itself could be modified by a third party to recognize different phones.

Even if they were to destroy the program they’d created when they were done, the point would be they had done it, and the next customers would be the Chinese and Saudi governments.

A fair point here is that this whole scheme only has a chance of working because (1) this is an older iPhone, and (2) the owner had used a four-digit passcode. If he’d used an alphanumeric one, the FBI’s proposal would not work.

#13 Comment By connecticut farmer On February 21, 2016 @ 12:37 pm

“And as soon as militants learn that some of their phones are vulnerable, they would undoubtedly find other ways to communicate, as they have done in the past.”

Indeed, this would seem to be a no-brainer. Makes one wonder sometimes who is our real enemy. The terrorists? Or the government?

Without a doubt, for Apple to cave in to the Justice Department would set a bad precedent.

#14 Comment By Jeff Davis On February 23, 2016 @ 2:13 pm

I’m not buying it, I think the entire business is bogus. We have the NSA and the military’s cyber command. They have tens of thousands of the best IT minds money can buy, they can write and deploy Stuxnet, yet they can’t hack one little iPhone? Bull!

I’m not even an IT hardware professional, but I would bet that they could physically open up the phone, and using the design specs — gotten from Apple or simply gotten by buying another iPhone of the same model, opening it up, and examining it in microscopic detail — probe and vivisect the phone and either bypass or disable those parts that enable the encryption, or separate and extract the raw memory storage so that it can be read separately. Whatever. Don’t tell me they can’t do it, don’t insult my intelligence.

No, the National Security State is after a bigger prize. They want to establish precedent for their right to force anyone and everyone to obey their every command, because “they are trying to keep you safe”, and they are using the San Bernardino case as their vehicle for this power grab.

Remember that Farook’s employers have stated that it was the FBI that had them change the ICloud passcode (whatever that is), which set up this situation, providing the rationale — opportunity, actually — for them to go after Apple.

Believe what you will, but the US National Security infrastructure has a comprehensive record of bad faith regarding the US law, the citizenry’s Bill of Rights protections in general, and the Fourth Amendment right to privacy in particular. They view themselves as above the law because they have a greater duty — in their corrupted mind — to “keep us safe”.

Need more? The telephone companies have all the metadata from Farook’s phone. ***ALL*** the people he ever called on that phone. Thus, the FBI has unimpeded ***legal*** access to all of that. Presumably the NSA, which never stopped spying on everyone on the planet, has that data as well, and probably even complete recordings of all Farooks phone calls.

And the judge who ordered Apple to submit,… who is he, a Scalia wannabe who will gladly do the FBI/Govt’s bidding?

Too many levels of crap here for any of it to be taken seriously for even a second.

#15 Comment By Bob Wade On February 23, 2016 @ 10:50 pm

Interesting perspective and well thought-out argument. Is this really different than an old-time “wire-tap” or similar court-ordered surveillance of communications?

There’s an interesting historical perspective offered on [7]” It’s entitled “The Apple Controversy.”

It will be interesting to see how this turns out.