The Justice Department took off the gloves in its latest volley against Apple and its refusal to comply with a court order to unlock a terrorist’s iPhone.
“Apple deliberately raised technological barriers that now stand between a lawful warrant and an iPhone containing evidence related to the terrorist mass murder of 14 Americans,” wrote attorneys for the DoJ on Thursday. “Apple alone can remove those barriers so that the FBI can search the phone and it can do so without undue burden.”
Apple and the DoJ have gone back and forth several times in respective court filings ahead of a March 22 hearing before Judge Sheri Pym. Pym is the federal magistrate who issued the original order last month compelling Apple to assist the FBI in unlocking San Bernardino shooter Syed Farook’s county-issued iPhone 5c.
Apple contends that the order places undue burden on the company and sets a dangerous precedent that can be used over and over in other cases and against other devices.
The Justice Department’s filing on Thursday was a no holds barred assault on each of Apple’s contentions to date, in particular its challenges of the FBI’s use of the 1789 All Writs Act to compel Apple to unlock the phone. Apple, the DoJ said, argues that the All Writs Act is archaic and that compliance with the court order opens the door to the equivalent of a police state.
“Apple’s rhetoric is not only false, but also corrosive of the very institutions that are best able to safeguard our liberty and our rights: the courts; the Fourth Amendment, longstanding precedent and venerable laws and the democratically elected branches of government,” the DoJ wrote.
Ed McAndrew of D.C. law firm Ballard Spahr, a former federal cybercrime prosecutor, said the aggressive and adversarial nature of the Justice Department’s tone is unusual.
“It’s really strong language and meant to express not just the government’s strength of position, but its sense of outrage over the position Apple has taken,” McAndrew said.
Today’s filing reiterated that the court order applies only to this one iPhone and in this one case, something that Apple has challenged from Day 1 when CEO Tim Cook defiantly refused to comply with the order.
The DoJ also showed precedent in the government’s use of the All Writs Act to compel New York Telephone in 1977 to assist with the installation of a pen register, a device that records phone numbers dialed from a particular phone. New York Telephone’s challenge was defeated and the DoJ said the company made similar arguments to Apple’s almost 40 years later, in particular Apple’s fear of the precedent a government victory here would set.
“Apple demands that the Court should instead address the broad questions whether Apple should be required to unlock every iPhone in every instance, or whether Apple should be required to give the government the means to do so,” the DoJ attorneys wrote. “Those questions are not before this Court. Indeed, if Apple’s compliance with the AWA in a single case were sufficient to require it to comply in all cases, there would be no dispute here: Apple routinely complied with AWA orders in the past.”
Apple has been asked to build new iOS firmware that would disable or bypass security provisions in the operating system that prevent brute-force attacks against the passcode unlocking the phone; the phone automatically wipes itself after 10 missed guesses.
An amicus brief filed last Friday by a number of crypto experts, iOS researchers and forensics specialists argues that the custom version of iOS the FBI is after would be used on other iPhones in the future; it’s been uncovered that Apple has already received a dozen similar requests from law enforcement, and that New York County district attorney Cyrus Vance said his offices have 175 devices it would like unlocked.
“This spread increases the risk that the forensic software will escape Apple’s control either through theft, embezzlement, or order of another court, including a foreign government,” the brief says. “If that happens, the custom code could be used by criminals and governments to extract sensitive personal and business data from seized, lost, or stolen iPhones, or it could be reverse engineered, giving attackers a stepping stone on the path towards their goal of defeating Apple’s passcode security. Compelling Apple to create forensic software for the government is also dangerous due to any bugs the software might contain.”
In today’s filing, the DoJ said the court order does not mandate that Apple turn over the code, or explain to the government how it works. It argues that if Apple has mechanisms to secure its source code, it can equally keep the secrets behind the new firmware secure.
Also worrisome from the iOS experts’ point of view is that the firmware update would have to be cryptographically signed by Apple. This mechanism, the brief says, is an implied assurance to customers that Apple will not manipulate their devices and that the software is safe to run and cannot be turned into a FBI surveillance device.
“The Order would compel Apple to create new software that does not currently exist, to carry out a capability Apple does not presently have,” the brief says. “This is the first time any Court has ever publicly ordered a vendor to do something like this.”
