Saturday, February 20, 2016

Privacy and Government Compulsion

The US Department of Justice and Apple are in a legal battle over whether the company has to unlock one of their phones at the government's request. My opinion is that Apple is right, but not necessarily for privacy reasons.
The phone in question belonged to one of the shooters in the 2015 San Bernardino attack. Federal prosecutors believe the phone could hold evidence related to the attack. Apple says that they have cooperated in providing information that they have access to, such as what the attackers backed up to iCloud. But they've drawn the line at providing tools that could help to unlock the phone itself.

The natural surface reaction to that stance is "why not" - after all, the shooter is gone and his phone is physically held by the FBI. The issue, as Apple CEO Tim Cook stated in an open letter on the Apple website, is that the government wants Apple to build a tool that disables security features on the iPhone. Once they've done that, the government can order the use of that tool any time they want iPhone data. The next case might not be as clear-cut as a known perpetrator of a terror attack.

I don't have strong feelings on the privacy part of this issue. I understand the argument that any violation of privacy by the government is the first step on a slippery slope leading to a Orwellian Big Brother dystopia. I also understand the need for law enforcement to access the information of known criminals. Like nearly everything in life, I think the answer is somewhere in the middle rather than either extreme. If the government finds a way to open up that phone and get the data they need, then more power to them. (And it feels like they should be able to. There are a lot of very skilled hackers in the world, surely the FBI could find one.)

Where I do have a problem with the government's request is that they're trying to get Apple to weaken their own products. Once you've built a security-circumvention tool, that tool could end up in the hands of unscrupulous users. It also sets a legal precedent to force other companies to do similar things. Both of those things are dangerous to the public at large, not just criminals.

If any government believes that they need to have access to their citizens' information (electronic or otherwise), then they need to set up rules beforehand that allow them access. The free countries in the world don't have such access-granting rules, and likely won't because the people won't stand for it. Coming in after the fact and trying to force a company to violate their own privacy promises to the consumer is no better, and we shouldn't allow either.

No comments:

Post a Comment