Case Analysis - Exam Question 1

Parties involved:

Defendant: Apple Inc.

Plaintiff: US Government

Relevant Facts:

On Dec 2nd 2015, San Bernardino County health inspector Syed Rizwan Farook, with

his wife, Tashfeen Malik, attacked at the Inland Regional Center in San Bernardino.
The

unfortunate incident claimed lives of 14 people and left 22 wounded. Farook and
Malik

died a few hours later in a shootout with police. The police recovered iPhone 5c on
Dec.

3 in a warrant search of Farook’s mother’s car. Apple provided the FBI Farook's
iCloud

backups through mid-October, and it was discovered that Farook had stopped backing

up his iPhone since October. The data left on the phone is encrypted with 256-bit
AES

security, which makes a brute-force attack on the iPhone 5C by the FBI nearly

impossible. Apple engineers suggested that if phone is connected to a familiar Wi-

Fi

network, it will create a new iCloud backup which would have the missing
information

between the October backup and December 2. Meanwhile, without consulting Apple

Inc., FBI tried to reset the iCloud password with the help of San Bernardino County

officials who owns the phone. The password reset meant that someone would need to

log in to the phone and enter the new password before it could sync with Apple's
iCloud

servers again. According to FBI, Farook’s phone has iOS 9 which is programmed to

shut down after 10 failed attempts at the pass code. FBI is seeking software from
Apple
to modify its iOS and bypass the security feature and remove a delay between

passcode attempts that’s usually intended to make brute-force entry even more
difficult.

Procedure: Civil Case

Main Issues:

This case highlights a very interesting issue of privacy vs security, how much of
digital

security is required especially when it comes to terrorism. This issue has much
broader

perspective than just about unlocking one phone. If we look at the bigger picture,
things

get complicated when we introduce digital information from smart phones,

smartwatch,

cars, or anything connected to internet. The issue is not whether Apple should
build

software to bypass the security mechanisms in iOS 9 to unlock Farooq’s iPhone. Main

issue lies in developing a solution that would give law enforcement some ways to
stop

acts of terror yet not creating backdoor into gadgets which could be provide access
to

hackers. In this case, both sides are abiding by its duties to protect its
customers.

FBI’s arguments:

 Direct data extraction from the phone will have more information than the
iCloud

backup since backup does not contain all the information available on the
phone.
 The courts are relying heavily on the All Writs Act of 1789 which gives them
the

authority to order Apple to hack the iPhone under a "lawful search warrant"
in the

San Bernardino case.

  The U.S. Supreme Court's 1977 ruling in United States v. New York Telephone

Co. set precedent for allowing the All Writs Act to be used to force
companies to

provide technical assistance to help with a federal investigation.

 FBI argues that the order requiring Apple to create the software program to
crack

the iPhone's encryption does not raise any First Amendment issues, having "an

incidental effect on speech."

 FBI’s request to Apple to help unlock the iPhone does not pose a burden on
the

company, allowing the courts to order the assistance to aid law enforcement.
 FBI is requesting Apple to perform the passcode-bypass in its own lab, using
its

own technicians, without revealing anything to the government. Therefore,

granting the application will not affect the technological security of any
Apple

iPhone nor hand the government a “master key.”

 On multiple occasions Apple has extracted data from a passcode-locked device.
Few

examples: United States v. Jansen, No. 08-CR-753, United States v. Navarro,

No. 13-

CR-5525.

Apple’s arguments:

 The All Writs Act of 1789 allows courts to "issue all writs necessary or

appropriate in aid of their respective jurisdictions and agreeable to the

usages

and principles of law."

The company argues the All Writs Act does not give the courts such broad

authority to "commandeer" the company to hack the iPhone, threatening the

privacy rights of anyone in the world with a smartphone. Moreover, there are

limits where this law is applicable. The judge must have no other legal
options

available, the target of the writ (Apple) must be closely connected to the
case,

and the court order cannot impose an undue burden.

 The government's request violates the First Amendment because forcing Apple

to create the software program to hack the iPhone amounts to "compelled

speech". Moreover, Apple has to cryptographically "sign" any software it

creates.
 The Fourth Amendment right of the people is to be free from unreasonable

searches and seizures. FBI’s demand to compromise the security of the iPhone

may extend to other iPhones in future which will violate the Fourth Amendment

rights.

The order violates its Fifth Amendment rights by requiring it to write a

"Government OS" that would affect the integrity of the company's products.
 The order to develop the software program would not be limited to one iPhone,

but instead would provide a "master key" to the government to seek similar

assistance in courts around the country.

 There is no legal precedent for a court to force a company to weaken its own

security systems to give government unfettered access to individuals' private

information.
 If FBI wins the case, then it could act as a precedent for future.
 Modified iOS would create a "backdoor" into the iPhone that hackers and

malicious governments could use to undermine the privacy and security of all

iPhone users.
 Apple will have to invest in more resources in a new 'hacking' department" to

service government requests.

 CALEA does not regulate manufacturers of consumer devices,
only

telecommunications carriers.
 The Electronic Communications Privacy Act of 1986 (“ECPA”) is directed to

electronic communication services and remote computing services and thus is

not applicable to Apple. ECPA does not address the duty of Apple to assist in

extracting data from an iPhone.

  There is no proof that shows that there might be any useful information on
the

phone.

Furthermore, Apple could use following cases as precedents to support argument for

considering software as speech.

1. Bernstein v. United States – Apple could us this case as a precedent for

First

Amendment rights. Under this case, the Ninth Circuit Court of Appeals ruled

that software source code was speech protected by the First Amendment and

that the government's regulations preventing its publication were

unconstitutional
2. Universal City Studios, Inc. v. Reimerdes – consider software as a speech.
3. In a drug case in the United States District Court for the Eastern District
of New

York in Brooklyn, Apple had previously challenged the U.S. Department of

Justice's authority to compel it to unlock an iPhone.

Court reasoning:

Before giving ruling, here is an analysis of this case using five principles of
this course:

Legal: Apple’s arguments against All Writs Act is justified as Apple is not
connected to

the case, it merely manufactured and sold the iPhone to a customer. Also, FBI’s ask

poses a great amount of burden on Apple not only to build the “Govt OS” but to
maintain

and fight similar future cases. As stated above, the order violates First Amendment
and

Fifth Amendment rights of Apple.

Moral: Apple has a moral duty towards its customers to ensure that their data
remains

private and secure. At the same time, it is a moral responsibility to help the FBI
in cases

which involves acts of terror. There is a very delicate balance between choosing
the

privacy of its customers and security of the country. Apple was helpful in
providing the

information which it could retrieve from Farook’s iCloud account. But developing

software which could hack the privacy does not seem to be a moral solution from

customer’s perspective.

Ethical: Apple is standing by its ethics to provide a secure and private platform
to its

users. If Apple develops the hack which could potentially get into hands of
hackers, that

will ruin what Apple has invested so far in its encryption technology. Also, this
could also

hurt Apple’s bottom-line as customers become less confident (& trustful) of Apple

devices.

Societal: There shall be a huge impact on the society if Apple decides to build the
“Govt

OS”. Encryption is not only about privacy but it is about public security as well.
People

want to address both the issues of privacy and security to go hand in hand. If
hackers

somehow get the encryption key for the iPhone, it will become a threat to personal

security as people save all sorts of data on their iPhone. Apple is acting to
preserve

certain rights at the expense of burdening law enforcement’s interest in

investigating

crimes.
Business: If Apple agrees to provide hack software to FBI, it will cost them lot of
money

to build such software. Even after this case is over, Apple fears that such
requests will

not end and it has to set up a special department to run the overhead of handling

government requests. Moreover, people pay premium to Apple to keep their data safe

and helping FBI to crack down iPhone and potentially to hackers will severely
impact

Apple’s business.

As a judge, I would rule in favor of Apple and not force Apple to build a “Govt OS”
which

could open doors for hundreds of such open requests. This case could become

precedent for similar cases in future. If “Govt. OS” gets leaked somehow, it will
be

catastrophic in terms of privacy and national security as well. By providing the

hack

software to FBI, Apple will be harming its business. When people buy iPhone or any

other products, they have an expectation that their data will remain secure and
private,

and Apple intends to maintain the reliable reputation among its customers.

References:

 https://www.justsecurity.org/wp-content/uploads/2016/03/Apple-EDNY-AWA-

Government-District-Court-Application-for-Order-to-Compel.pdf
 http://www.csoonline.com/article/3038731/security/apple-vs-the-fbi-the-
legal-

arguments-in-a-nutshell.html
 https://en.wikipedia.org/wiki/Bernstein_v._United_States