Apple vs. FBI: An open door is not selective

Though characterized as a request to help unlock only one iPhone belonging to a San Bernardino shooter, there is no doubt that this case sets a precedent for how Apple Inc. (NASDAQ:AAPL) will deal with its users’ private information down the road.

President Obama’s comments at SXSW over the weekend seem to reflect at least part of this consideration. In contrast to some more extreme statements made by other public figures, the president expressed the need for less absolutism surrounding this issue. His remarks suggest that we should not necessarily think of this conflict as tech versus government or even personal liberty versus security.

“What makes it even more complicated is the fact that we also want really strong encryption because part of us preventing terrorism or preventing people from disrupting the financial system or our air traffic control system or a whole other set of systems that are increasingly digitalized, is that hackers, state or non-state, can’t get in there and mess around… So we have two values, both of which are important, right?”

An open door is not selective

Electronic Frontier Foundation attorney Nate Cardozo is less optimistic that it is possible to find a happy medium:

“You hear over and over and over again, from the pro-backdoor camp, that we need to strike a balance, we need to find a compromise,” says Cardozo. “That doesn’t work. Math doesn’t work like that. Computer security doesn’t work like that…It’s kind of like climate change. There are entrenched political interests on one side of a ‘debate.’ On the other side is the unanimous scientific and technical community … It would be great if we could make a backdoor that only the FBI could walk through but that doesn’t exist. And literally every single mathematician, cryptographer, and computer scientist who’s looked at it has agreed.”

Even if individuals are not worried about the FBI spying on them, they should be worried that this will open the door to increased threats from hackers, identity thieves and even foreign governments. CNET’s Dan Ackerman explained that not only is Apple “concerned that the government would ask for [backdoor access] multiple times,” but that “once it exists, then other governments could use it. The Chinese government will ask for it also, just as a prerequisite of Apple doing business in that country.”

EFF’s Nate Cardozo adds that if China were to try to force Apple to create a backdoor today, the company would refuse and could even threaten to stop selling its products there, creating a “public relations nightmare” for the Chinese government. “That equation changes once Apple accedes to an FBI order. If the FBI can compel Apple to do it, and it’s publicly known that Apple has given the FBI this key, then China has a very different calculus…The PR around a Chinese demand gets a lot better for China, and a whole hell of a lot worse for Apple.”

Terrorism as a selling point

The shooting at San Bernardino has sparked American fear of terrorism to a level unprecedented since the aftermath of 9/11, and it is not difficult to see the troubling parallel between the FBI-Apple case and post-9/11 hysteria leading to the Patriot Act. Namely, it is reminiscent of the government’s circumvention of norms and seeking of shortcuts to get access to information now, while neglecting to think about long-term consequences on the security they are trying to protect.

As BBC’s Dave Lee reported, Congressman Darrell Issa said “the FBI had not explored all the options for accessing the data and circumventing Apple’s security. He said the FBI should be investing in bringing in people with that expertise, not relying on companies like Apple to do the work for them.”

This sentiment was supported by cybersecurity and cryptology expert Professor Susan Landau who said that “while Apple could no doubt keep the code required to crack Syed Farook’s phone a secret, the real issue is what will happen when Apple is subjected to possibly hundreds of requests to do the same thing on other devices … the only real course of action was for the FBI to invest heavily in becoming smarter – rather than compelling Apple to make its products less secure.”

If Apple is believed to be capitalizing on American fear of government overreach, the FBI is taking advantage of the momentum of American fear of terrorism, which is reminiscent of how the Patriot Act came about.

Wired’s Brian Barrett hit the nail on the head:

“That it’s a terrorism case, in particular, spurs sympathies to align with law enforcement, regardless of how much benefit the FBI would actually get from the access it has requested … So far, buoyed by the specter of terrorism and the false duality of privacy and security, the public in general is buying what the FBI is selling.”

Issue goes beyond just Apple

Moreover, the broad nature of Tim Cook’s defiant statement and the technology community’s vigilantresponse makes clear that the precedent being set is not limited to Apple but that it affects all companies who have access to and could reveal user data, as well as our collective vulnerabilities to dangerous hacking through the backdoor Apple is being asked to create.

Apple has been accused of having ulterior motives — that it is standing up for users’ privacy to support its sales, that they are emphasizing the gravity of the FBI’s request to appeal to consumers, and that they are capitalizing on the momentum of American fears that the government violates citizens’ right to privacy.

Of course Apple is driven by profit and there is no reason to dispute that consideration, but even so, it does not make their concerns any less legitimate, regardless of their motives. The same applies to elected officials representing constituencies in Silicon Valley— politics are inherent in this debate, but that does not mean that particular political interests are not applicable to all citizens.

The issue with this debate is that it paints a dichotomy between security as tangible and privacy as virtual. This limited view makes it very easy to treat privacy as the ‘softer’ consideration in contrast to security as one tied to physical survival. If it were that simple then there would be no question that the risk of lives lost to violence is far more important than bank account or health data.

But here’s the thing: emerging technologies are so rapidly spilling over the boundaries of virtual reality and making their way into our very real, physical lives. What might just be meaningless data today may not be so meaningless tomorrow.

Yes, one cannot compare a mass shooting with cyberattack, but the internet is not just virtual anymore – it is being woven into the fabric of our physical lives. Cyberterrorism can very well manifest itself into physical attack if perpetrators have the right intelligence (like the ability to track your location) and are able to manipulate the systems in place. Going down this slippery slope actually puts us at risk for more attacks in the future.