Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Apple, US Govt to Face Off in Court Over iPhone Privacy

Los Angeles – The US government and Apple will face off in court on Tuesday in a closely-watched case that could have wide-reaching implications on digital security and privacy.

Los Angeles – The US government and Apple will face off in court on Tuesday in a closely-watched case that could have wide-reaching implications on digital security and privacy.

The crucial hearing before a federal judge in Southern California focuses on the battle between the tech giant and federal investigators who want help from Apple to unlock an iPhone linked to one of the shooters in the December terror attack in San Bernardino, California.

“It’s a fight over the future of high-tech surveillance, the trust infrastructure undergirding the global software ecosystem, and how far technology companies and software developers can be conscripted as unwilling suppliers of hacking tools for governments,” wrote Julian Sanchez, a surveillance law expert at the libertarian Cato Institute in Washington.

“It’s also the public face of a conflict that will undoubtedly be continued in secret, and is likely already well underway.”

Apple, backed by a broad coalition of technology giants like Google, Facebook and Yahoo, argues that the FBI is seeking a “back door” into all iPhones as part of the probe into the December 2 massacre that left 14 people dead.

It also contends that the government is overstepping legal bounds by using a statute called the All Writs Act, which dates back to 1789, in order to force Apple to hack into the iPhone in question.

The company says that in deciding the case, the court must take into account the “broader context” which touches on the larger debate over data privacy.

Advertisement. Scroll to continue reading.

‘Narrow, targeted order’

The government has fired back, saying that Apple was not above the law and that its request for technical assistance concerns a single case — the Apple iPhone 5C, which was shooter Syed Farook’s work phone from the San Bernardino health department.

Both Farook and his wife Tashfeen Malik died in a firefight with police after the attack. Two other phones linked to the couple were found destroyed.

“It is a narrow, targeted order… The government and the community need to know what is on the terrorist’s phone, and the government needs Apple’s assistance to find out,” Justice Department lawyers wrote in their brief to the court.

Each side in the case has dug in its heels, exchanging a volley of legal briefs, with the outcome being watched closely across the globe.

Tech companies, security experts and civil rights advocates say the issue is not so much about one iPhone as it is about setting a precedent that would open the door to companies being forced to hand over customer data.

“This is very much not a case about this particular phone,” Sanchez told AFP.

“The concern is about what happens next when it’s established as a legal principle that the government cannot just require companies to turn over information they have — which they have been doing for a long time — but can require companies to write new software to in fact break their own security measures.”

He said that would essentially amount to the government being handed a “master key” to devices.

“We are not just talking about risks to privacy, we are talking about the keys to things that serve essential security functions … and it’s an awfully dangerous thing to have start happening.”

Also in question is whether Apple encryption engineers would abide by a court order to help the government unlock Farook’s iPhone.

The New York Times, citing more than half-dozen current and former Apple employees, said some may refuse to abide by a court order and others could even quit the company rather than undermine the security of the software they created.

Experts also say that the likelihood of any significant information being found on the iPhone is slim given that it was Farook’s work phone and that he and his wife apparently destroyed two other phones found after the attack.

“The odds that there are going to be things on this phone that are useful is extremely slim,” Sanchez said. “The odds that this kicks off a wave of extremely troubling demands that undermine the kind of network of trust and developer updates is very high.”

Tuesday’s hearing is expected to last some three hours, with each side presenting arguments and witnesses.

A ruling is not expected the same day. Any decision is also likely to be appealed and could go all the way to the Supreme Court, meaning the case could drag on.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.