FT, February 26, 2016 5:16 pm Apple is right. Our smartphones must be kept secure by Evgeny Morozov
To watch the confrontation between the US’s most valuable company and its top law enforcement agency is to find oneself in a state of nearly permanent cognitive dissonance. Apparently, America’s government agencies are both omnipotent and helpless. Omnipotent because, as this week’s batch of surveillance revelations from WikiLeaks suggests, they have no problems intercepting highly secretive communications between their European allies. Helpless because, as the Federal Bureau of Investigation’s bosses keep repeating, they need Apple’s co-operation in order to break into the iPhone of the shooter in the San Bernardino attacks. It gets worse. On February 9, James Clapper, the director of national intelligence, boasted in his Senate testimony that “in the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials.” Now we learn that such agencies cannot get into our smartphones . . . let alone our smart fridges. Something in the government’s rhetoric does not add up. The FBI either has solid reasons to break into that phone — in which case it is not obvious why the mighty power of the National Security Agency and other government bodies has not yet been mobilised — or it is simply using the San Bernardino case as an excuse to redefine its relationship with Silicon Valley. Asked by a judge about its willingness to enlist the help of all the federal agencies in a similar case from 2015, the government responded that “federal prosecutors don’t have an obligation to consult the intelligence community in order to investigate crime.” And since very little is known about the true capabilities of America’s intelligence community, everyone involved in the current debate has to pretend that the world’s most powerful spying agency does not exist. While the FBI’s defence has been that their request is extremely narrow — once Apple has facilitated access to that single phone, it is free to destroy the code required to do so — the broader political context in which this battle unfolds suggests that Apple’s stance will have far-reaching implications. First, the FBI’s request comes at a time when the US government is exerting immense pressure on America’s largest technology companies to join it in the fight against Isis. Both the state department and the Department of Defense have recently expanded their presence in Silicon Valley. While many such requests are straightforward — removing jihadist propaganda from YouTube or Twitter, for example — there are concerns that such pressure might extend to modifying their algorithms in order to hide certain types of content from easily susceptible users. Google knows what is in your inbox; why should it not modify your search results to make you less of a terrorist? Second, it is hard to believe that the San Bernardino case will be an isolated episode. Not only are there several similar cases already pending in US courts but many prosecutors have already indicated they have their own backlog of phones to unlock. Manhattan district attorney Cyrus Vance said recently that he would “absolutely ... want access to all those phones that are crucial in a criminal investigation.” Even if Apple chose to destroy the code it writes to help the FBI on this occasion, it would need to rewrite it for a new request. Should it keep this code forever, it would be holding on to a magic key to its devices — a highly prized asset for any hacker. Given the publicity of the case, any terrorists would probably stop using Apple’s products anyway. The only people to suffer would be ordinary users, stuck with their iPhones and iPads. Third, the FBI’s rationale in this case would make any other manufacturer of smart devices — including all those smart fridges and smart thermostats in your smart home — subject to similar requests. If Apple can be forced to modify security protocols on its phone, what stops the FBI from asking the manufacturer of the smart smoke detector to trigger a fake smoke alarm? Or asking the manufacturer of the smart car to drive suspects directly to the police station? All of this would seem neat so long as the government agencies were competent and nobody else could take advantage of such vulnerabilities. This is not so. The San Bernardino case — where the FBI had a chance to break into the phone but blew it by changing the suspect’s Apple password — suggests that the FBI’s technical competence does not yet match the NSA’s. And it would be suicidal to force technology companies to weaken security at a time when institutions of all sorts are vulnerable to hackers demanding ransoms — earlier this month, a hospital in California paid the bitcoin equivalent of $17,000 to hackers who had breached its computer network. Apple’s proposed solution is the right one: America needs a comprehensive political debate on the issue — one that would bypass inter-agency squabbling. Alas, given how little the current batch of presidential candidates seems to care, or even understand, these issues, this debate is not likely to happen. The writer is the author of ‘To Save Everything, Click Here’ _______________________________________________ pen-l mailing list [email protected] https://lists.csuchico.edu/mailman/listinfo/pen-l
