DOJ Claims Apple Should Be Forced To Decrypt iPhones Because Apple, Not Customers, 'Own' iOS
from the chilling-implications dept
The DOJ has filed its response to Apple's claims that unlocking an iPhone 5 would be unduly burdensome. This ongoing dispute over an All Writs Act order (the act itself dates back to 1789) is also an ongoing dispute over the use of encryption-by-default on Apple phones running iOS 8 or higher.
The argument started with one of the founding members of the "Magistrates' Revolt" -- Judge James Orenstein -- who, back in 2005, challenged another All Writs order by the DOJ. A decade ago, Orenstein pointed out that the government's use of these particular orders circumvented both the judicial system (by granting it powers Congress hadn't) and the legislative system (which hadn't created statutes specifically authorizing the actions the order demanded). Nothing has changed a decade later -- not even the DOJ's continued attempts to teach an old law new tricks.
The DOJ's argument is this: we've used these orders before to force Apple to unlock phones. Why should this one be any different? The filing cites three other cases in which the FBI used an All Writs order to compel the unlocking of an iPhone. Pointing to these, the DOJ argues that past successes should be indicative of future results, despite Judge Orenstein's assertions that the use of these orders grants powers to the FBI that haven't been given to it by Congress.
The filing also challenges Apple's assertions about the burdensomeness of the request. The government says Apple makes $100 million per day in profit. How can the unlocking of one phone -- no matter how many man hours might go towards testimony and cross-examination -- even begin to make a dent in this pile of money?
It then goes on to compare the present case to 1977's New York Telephone Co. Supreme Court decision, despite Judge Orenstein pointedly unbundling the two in his original order. In the 1977 case, the Supreme Court found that the All Writs Act could be used to compel a telephone company to provide the FBI with leased lines in order to facilitate its pen register order. As Orenstein pointed out in his order requesting input from Apple, that case is unlike this one because while Apple manufactures the phone, it does not own it.
The DOJ, however, argues that while Apple may not own the phone, it owns the software -- specifically, the lockscreen part of the operating system. And that's where the government makes it most unique -- and most dangerous -- assertion:
Apple wrote and owns the software that runs the phone, and this software is thwarting the execution of the warrant. Apple’s software licensing agreement specifies that iOS 7 software is “licensed, not sold” and that users are merely granted “a limited non-exclusive license to use the iOS Software.” See “Notices from Apple,” Apple iOS Software License Agreement ¶¶ B(1)-(2), attached hereto as Exhibit C. Apple also restricts users’ rights to sell or lease the iOS Software: although users may make a “one-time permanent transfer of all” license rights, they may not otherwise “rent, lease, lend, sell, redistribute, or sublicense the iOS Software.” Ex. C, ¶ B(3). Apple cannot reap the legal benefits of licensing its software in this manner and then later disclaim any ownership or obligation to assist law enforcement when that same software plays a critical role in thwarting execution of a search warrant.If the judge buys this argument, the government will be free to issue All Writs orders to access nearly any electronic device -- bypassing the purchasers and heading straight for manufacturers. As Cory Doctorow points out, this is not the future we want.
Virtually every commercial software vendor licenses its products, rather than selling them. If the DoJ establishes the precedent that a product's continued ownership interest in a product after it is sold obliges the company to act as agents of the state, this could ripple out to cars and pacemakers, voting machines and tea-kettles, thermostats and CCTVs and door locks and every other device with embedded software.The Internet of Things is now the Web of Government Informants.
Finally, the government argues that approaching the owner of the phone is an "unworkable option." The government wants Apple to do what it can't require the phone's owner to do: unlock it.
This Court’s October 9 order suggests that the government might attempt to compel Feng to unlock the Target Phone, see Order at 7, but that approach is also unworkable. Through counsel, Feng asserts that he has forgotten the passcode, which, if true, renders him unable to offer assistance.Soon the government may have no choice. As phone encryption heads towards ubiquity, the FBI will have to roll the dice on evidence suppression. The move towards encryption will render these All Writs orders useless. If the DOJ still wants the broad power those orders convey, it will need new legislation written and passed.
Even if Feng knew the passcode, attempting to compel him to unlock the Target Phone would not provide an adequate alternative to an order directed to Apple. Compelled decryption raises significant Fifth Amendment issues and creates risk that the fruits of the compelled decryption could be suppressed. See, e.g., In re Grand Jury Subp. Duces Tecum Dated March 25, 2011, 670 F.3d 1335, 1349 (11th Cir. 2012) (holding that the Fifth Amendment protects a defendant’s refusal to decrypt electronic storage media). The government should not be required to pursue a path for obtaining evidence that might lead to suppression.
The government also disagrees with Apple's claim that the damage to its reputation -- should it appear to be law enforcement's best friend -- is itself a cognizable burden. The court may agree with the government's reasoning, but Apple's assertion sends a strong message to the DOJ: tech companies are tired of facilitating the government's overreach.
Apple has told its customers only they hold the keys to their phones' contents going forward. If the government wants in, it will have to approach them directly. The government doesn't want to deal with the Fifth Amendment implications of prying passcodes out of reluctant defendants, but it probably should have thought of that while steadily abusing the Fourth. By skirting one repeatedly, it has put itself in the position of perpetually falling afoul of another.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: all writs act, doj, encryption, going dark, licensing, ownership
Companies: apple
Reader Comments
The First Word
“Re: The power of One
IOW, the DOJ wants backdoors in phone encryption so that they can keep using backdoors in the Constitution.Subscribe: RSS
View by: Time | Thread
The power of One
One phone on it's own may not do much, but the ripple effects could be enormous, as the damage to Apple's reputation in protecting their customers' privacy would be significant. If people know that the encryption set up by a company can be compromised any time the government comes asking the company, then anyone interested in security that actually works is liable to start looking elsewhere.
And it's not like the government doesn't know what one action, or one person can do to the reputation of a large company, or government. Just see their mad scramble for damage control when a whistleblower leaks some of their actions, and the resulting blow to their reputation and credibility.
Even if Feng knew the passcode, attempting to compel him to unlock the Target Phone would not provide an adequate alternative to an order directed to Apple. Compelled decryption raises significant Fifth Amendment issues and creates risk that the fruits of the compelled decryption could be suppressed. See, e.g., In re Grand Jury Subp. Duces Tecum Dated March 25, 2011, 670 F.3d 1335, 1349 (11th Cir. 2012) (holding that the Fifth Amendment protects a defendant’s refusal to decrypt electronic storage media). The government should not be required to pursue a path for obtaining evidence that might lead to suppression.
This? This is all sorts of nasty, in large part because of what it reveals about the ones making the argument. They know that if they were actually doing what they should be doing, that is serving the warrant to the owner of the device, there would be a good chance that any resulting evidence from compelling the owner to decrypt the device would be tossed out as having violated the person's Fifth Amendment rights.
They flat out admit this.
And yet, despite admitting that forced decryption would likely be treated as a fifth amendment violation, they instead choose to completely ignore the fifth amendment, and force someone else to do the decryption, so that they can use the resulting evidence, hands squeaky clean.
They're not even pretending to respect the constitutional rights of the public, they're flat out admitting that they see those 'rights' as obstacles to be worked around when they can't be ignored outright.
[ link to this | view in chronology ]
Re: The power of One
That is a thin edge of a wedge argument, each request is only for one phone, whether the total number of requests is for one phone or very phone.
[ link to this | view in chronology ]
Re: The power of One
[ link to this | view in chronology ]
Re: Re: The power of One
So there will only be those two. No more.
No need to worry about there being more than those two.
[ link to this | view in chronology ]
Re: Re: Re: The power of One
[ link to this | view in chronology ]
Re: The power of One
[ link to this | view in chronology ]
Re: The power of One
I'm afraid the government may have a case here on that one point.
[ link to this | view in chronology ]
Re: Re: The power of One
[ link to this | view in chronology ]
Re: The power of One
Give them a finger, and they'll take the whole hand.
[ link to this | view in chronology ]
Re: The power of One
Imagine if someone made the same argument when walking out of a store without paying for off the shelf items, or not paying medical fees to a hospital.
How can the cost of a cereal box make a dent on a supermarket's pile of money.
How can the cost of cancer treatment make a dent on a hospital's pile of money.
How come only the FBI gets away with making such a claim.
[ link to this | view in chronology ]
Insecure By Design
This is a clear admission that the DOJ is telling Apple that it should deliberately design its OS to be insecure.
Maybe cars should be designed to do law enforcement's bidding? Homes should be designed to be easy for government snoops to enter without leaving a trace.
Maybe all brands of cell phones, not just Apple should have to be designed to be insecure?
The government could promote this with a marketing / advertising campaign "Insecure By Design" to educate the sheeple how this is good for us.
Microsoft could consult on Insecure By Design. After all, Jim Allchin testified in the DOJ vs Microsoft trial that Windows 98 is "inherently insecure". (not necessarily the same as by design, but why didn't they tell everyone that before they bought it.)
[ link to this | view in chronology ]
Re: Insecure By Design
I hear the TSA has this great universal key...should be easy enough to require all doors to use this lock too right?
[ link to this | view in chronology ]
Re: Insecure By Design
Not just should, but should be required to.
'The filing cites three other cases in which the FBI used an All Writs order to compel the unlocking of an iPhone. Pointing to these, the DOJ argues that past successes should be indicative of future results,'
Depending on how you want to read that summary, they could 'just' be arguing that the fact that they've forced decryption in the past means they should be able to do so in this case, but based upon other parts of their argument, I could totally see them arguing that Apple and other companies are flat out required to be able to decrypt a device without the user knowing about it, which would necessitate built-in security holes.
The 'public' debate over encryption may be shelved while they wait for people's attention to wander to other things, but the private 'debate' continues.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Craaaaazy thought here
I had a crazy thought. Let's say the DOJ win this on this premise...
Could this lead to software vendors dropping the liscencing model and we actually own the software we purchase again?
[ link to this | view in chronology ]
Re: Craaaaazy thought here
[ link to this | view in chronology ]
Re: Re: Craaaaazy thought here
[ link to this | view in chronology ]
Re: Craaaaazy thought here
[ link to this | view in chronology ]
Re: Craaaaazy thought here
[ link to this | view in chronology ]
Re: Re: Craaaaazy thought here
[ link to this | view in chronology ]
Re: Re: Re: Craaaaazy thought here
[ link to this | view in chronology ]
Re: Re: Re: Re: Craaaaazy thought here
Nope. Owning the software does nothing for liability. You own the hardware, too, but that doesn't mean the manufacturer isn't liable if the hardware causes your car to kill 10 pedestrians.
[ link to this | view in chronology ]
Re: Craaaaazy thought here
[ link to this | view in chronology ]
Re: Re: Craaaaazy thought here
Matter of fact, Apple's open source allowed us to track down a bug in iOS 9's security infrastructure last week.
Yeah, there is proprietary crap on top of it, but it's a hell of a lot better than it used to be. And it's not like you are NOT agreeing to pages of licensing terms with some open source licenses....
FYI, here's the source for iOS/OSX cryptography routines...
http://www.opensource.apple.com/source/Security/Security-57031.30.12/Security/libsecurity _cryptkit/lib/
[ link to this | view in chronology ]
Re: Re: Re: Craaaaazy thought here
"Free software" (as in speech, not beer) says a lot about the licensing arrangement, but doesn't say much about the open source status.
Most people think of the two as analogous, since most open source software is also free software. But it doesn't have to be, and in many proprietary platforms it isn't.
[ link to this | view in chronology ]
Re: Craaaaazy thought here
They are already doing this with fingerprints, so it's not much of a stretch.
There is a huge irony here that the gov'ts demands for en-mass global decryption is actually leading to vastly more secure and harder to hack encryption....
[ link to this | view in chronology ]
Re: Craaaaazy thought here
[ link to this | view in chronology ]
Doesn't matter if the keys are encrypted. The fact duplicate keys exist makes individual security impossible.
In fact, Windows doesn't even allow you to encrypt directly unless you own the "pro" version of its software. Once encrypted, Microsoft tells you to keep the key in a secured location while it uploads a copy to its servers.
The DoJ knows full well all three of these companies keep these keys, even if they can't read them.
The device, not a person, decrypts the key. Whomever gave the device the copy/original doesn't matter.
That's the angle the DoJ is going for and thanks to the bullshit known as the EULA/ToS, users can't waive the software requirements imposed by the very companies "fighting" the DoJ.
It's amazing how these companies say "protecting" our data is their top priority and they destroy this very protection by copying the master key.
If you want your data encrypted and safe: use a third party tool.
I sure as hell wouldn't rely on anything made by Google, Apple, or Microsoft.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
My team spends a lot of time in the guts of iOS security (we've found & reported several bugs, one last week) and we haven't seen any automated uploads of credentials to Apple.
Yes, you can backup your credentials to iCloud if you want, but even then it's password protected by both your iCloud password & the login on your phone.
The login on your phone never leaves your phone, and this is what the DOJ is after as the uploaded credentials are pretty useless without this. What they are asking Apple to do is to insert a 'keyboard sniffer' into iOS so they can capture the login on the phone....
While it's certainly technically possible for Apple to do this, it would be pretty stupid. You can easily run a iOS in a sandbox and do traffic analysis to figure out what it is sending - we did this just last week. It would be fairly trivial to figure out that a phone was sending a login payload.
Apple's security, while not perfect, is pretty good and makes every attempt to give control to the user. Which is why the DOJ is pissed.
[ link to this | view in chronology ]
Re: Re:
"That's not entirely true, at least on iOS 9. You _can_ have a copy of your credentials sync'd with iCloud, but you can choose not to."
So Apple claims, but unless you can verify this first-hand (and I don't see how that's possible), you have to take their word for it. In the security world, if you have to take someone's word for it, then the security model is broken.
[ link to this | view in chronology ]
Re: Re: Re:
> You can easily run a iOS in a sandbox and do traffic analysis to figure out what it is sending - we did this just last week.
Careful reading can lead to answers.
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
This is not a game Apple would want to play, when they can make money hand over fist by NOT doing it.
The only alternate argument I can think of is that this is all security theater, and the US government has required that ALL major US companies provide them with back doors for years. This would be the coverup. But due to the fallibility of people and the fact that this has never been caught out on the people side of things, it probably hasn't happened.
[ link to this | view in chronology ]
Re:
Google and Microsoft, yes -- Apple, no. Every time I upgrade my OS, I'm prompted to "upload my keychain to iCloud" -- every time I choose not to.
Apple has a copy of my developer key and the hashed value associated with my AppleID, and that's it. The rest I store elsewhere.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
What's good for the goose....
[ link to this | view in chronology ]
What does ownership have to do with it?
[ link to this | view in chronology ]
Re: What does ownership have to do with it?
I'm licensing the right to use the software, not the right to have a copy of it on a device that I possess. After all, if I smash my phone Apple doesn't sue me for destruction of property; if I get a new phone, they don't make me 'return' my old copy of iOS.
[ link to this | view in chronology ]
Just start executing them for treason
Starting to execute random employees of the Department of Justice cannot be wrong. How can the execution of one man even begin to amount to an injustice compared to what this pile of bullshitters inflict on the U.S. and its Constitution?
They are paid to represent the U.S. government, not a crime syndicate if you can see the difference. Oh well, try squinting. It's a question of the right viewing angle I think. I had it a moment ago.
[ link to this | view in chronology ]
Without going into any specifics on the details of this particular case, does anyone else find that line of argument a bit hypocritical, coming from a site that defends the First and Fourth Amendments at every opportunity?
[ link to this | view in chronology ]
Re:
An order or law regarding communications on the other hand can absolutely be outdated, as the situations envisionable by those that wrote the original law are likely to be vastly different than the situation even decades later, never mind centuries later.
When 'communications' means letters and physical records, and when there's a limit to what can be realistically stored and produced with regards to information or details, an order to produce 'all' of it with regards to an individual is only going to end up producing so much info. Notably, such an order is not likely to result in the handing over of the 'key' to all of a person's personal data, from friends to any messages they've sent and received.
However, when 'communications' are digital on the other hand, such an order has the potential to produce incredible amounts of data, much of it personal, and which would otherwise require a warrant to access.
The difference in scope between what could be acquired via the All Writs Order when it was put into place, and what it can compel to be released now are enormous, so I'd say it's pretty fair to say it's outdated and needs to be tossed.
[ link to this | view in chronology ]
Re:
The All Writs Order specifies a set of things the government can compel non-governmental entities to do. Since these are burdens upon the citizenry, non-authoritarians believe that resolving ambiguity in favor of the citizenry, by reading the compulsions narrowly, is a good thing.
The authors could expressed a bit more specifically that old laws which help citizens should be read broadly and old laws which burden citizens should be read narrowly, but I see no inherent hypocrisy in the idea that government power should be confined until Congress specifically legislates otherwise.
[ link to this | view in chronology ]
Re:
The implication is in your mind.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
And now, with this new argument, it's even worse. They're saying that any tech product you BUY is NOT YOURS, therefore they can once again bypass any protections you may have thought you have, in order to get that data from a third party.
It's unacceptable, and people need to fight to change this. We need real ECPA reform that demands the government has to go to the OWNER OF THE DATA with a warrant, not any third party company.
[ link to this | view in chronology ]
Feng is a smart man. No indefinite detention in a jail cell for Feng, due to refusal of complying with a judge's order to unlock his phone. He's simply incapable of complying with that order due to his memory loss.
The worst thing you can do is admit to knowing the passcode, but refuse to unlock the phone. That stupid move will land you in jail indefinitely without a trail until you comply with the Judge's order to produce the passcode.
[ link to this | view in chronology ]
Obligatory
[ link to this | view in chronology ]
Why are they trying so hard?
They'll have your browsing history, the content of every text (even the ones erased from the phone), GPS info, every single call that's been made, probably your contact list, ect. While I can imagine a couple scenarios in which a suspect has an incriminating photo on the phone that they haven't texted to someone else or uploaded to the internet, that can't possibly be often enough to warrant all this fuss.
[ link to this | view in chronology ]
Re: Why are they trying so hard?
I won't entertain the fiction that they're after content that the service provider once had and has already discarded, because that would assume the service provider ever deletes anything.
It isn't. That's why this whole argument is completely unwarranted. (rimshot)
[ link to this | view in chronology ]
Re: Why are they trying so hard?
[ link to this | view in chronology ]
I actually kinda agree with the government's arguement here
I mean it flat out says that in the EULA right?
So then they want to turn around and claim no responsibility and they can't do anything because the user "owns the device wholly"?
Sounds like they want their cake and eat it too.
[ link to this | view in chronology ]
Re: I actually kinda agree with the government's arguement here
A manufacturer of safes might well have tools that could let them into my safe in a less destructive manner than I would resort to, but that does not mean the manufacturer should be required to maintain such tools or to make them available just because the government would find that to be more convenient than a crowbar.
[ link to this | view in chronology ]
Re: Re: I actually kinda agree with the government's arguement here
This is an interesting analogy.
First, the manufacturer of a safe does not have copies of keys or combos that would allow them entry, and there is no "backdoor" -- that is, no master key or combo.
Second, safe manufacturers will help you open a safe you own if you lose the key/combo -- but they will do so using the same methods that safe-crackers use. The advantage (and it's not a small advantage) that the manufacturer has is that they intimately know how the thing is built, so they know the right spot to drill, for example.
In the end, a safe manufacturer does not have any ability to open their safe beyond what a skilled and knowledgeable safe cracker has. I find it interesting that the DOJ is demanding more concessions from the like of Apple than they demand from safe manufacturers.
[ link to this | view in chronology ]
Re: I actually kinda agree with the government's arguement here
The DOJ is presuming authority to compel Apple to engineer a product specifically to gather data that Apple doesn't doesn't want, and doesn't have. The difference is that the technology for the tap is not derived from the evolution of being a "witness", but is instead a compulsory demand for engineering services.
The DOJ would correspondingly have to find jurisdiction for that that demand somewhere else, like the commercial code or some sort of selective service act. And last time I checked, the army doesn't draft people just because somebody at the DOJ learned BASIC.
In a nutshell the DOJ is presuming they can nationalize Apple. And frankly this smells of a game of "screw thy competitor". So there needs to be some investigation into their motive. My guess is you'll find somebody who has been promised a board seat in Redmond.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Destroy the EULA
[ link to this | view in chronology ]
Re: Destroy the EULA
1. Software should be subject to the first sale doctrine. Once it's sold, it's yours to do whatever you want. If you brick it, flash it, whatever, it's yours. It shouldn't matter if it's software, hardware, or firmware. I should be able to disassemble, reverse engineer it, or whatever strikes my fancy.
2. If you want to continue using the software *and* get support or new versions, you have to pay. Jut like buying a book, you don't get the 2nd printing for free.
3. If you use copyrighted code in your reverse-engineered competitive product, the company *might* have a copyright claim against you, but not a license violation. It would be hard to prove, since the competitor won't have seen the source code.
4. If you modify the code and get paid apps for free in iOs or Google, that's a theft issue.
Set software free from EULAs.
[ link to this | view in chronology ]
Re: Re: Destroy the EULA
[ link to this | view in chronology ]
Conflation
[ link to this | view in chronology ]
Target Phone
[ link to this | view in chronology ]
Government
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
EULA and DMCA biting Apple right back in the ass? Color me uninterested. The government will do whatever it wants to anyway, after all they're the ones in power.
[ link to this | view in chronology ]
i Has a Bucket
Hence, even if Apple did gain access to the device for the DoJ are they not invading the person's privacy in some sense?
Taking this a step further: What if he has intellectual property on the phone that he owns the copyright to and does not want it released as of yet. Would he still be forced to unlock the device and risk his IP being stolen/seen?
I think too much maybe.
[ link to this | view in chronology ]
[ link to this | view in chronology ]