Feb 21, 2016

Billions at stake in Apple encryption case, CNN.com

Billions at stake in Apple encryption case Peter Bergen By Peter Bergen, CNN National Security Analyst Updated 9:43 PM ET, Sat February 20, 2016 | Video Source: CNN Story highlights Two important principles are clashing in Apple vs. FBI dispute, Peter Bergen says But the tech companies have the winning argument, he says Bergen: If tech firms leave room for government to snoop, others can exploit that "back door" "Peter Bergen is CNN's national security analyst, a vice president at New America and a professor of practice at Arizona State University. He is the author of the new book "United States of Jihad: Investigating America's Homegrown Terrorists."" (CNN)It's a dispute that pits two important principles against each other. It's about the right of the U.S. government to investigate thoroughly the most deadly terrorist attack on American soil since 9/11 versus the right of the most valuable (and iconic) American company to go about its business without the same U.S. government undercutting the key promise it makes consumers -- that their most private communications are kept safely under lock and key. It's also a dispute that sets the stage for what promises to be one of the great commercial battles of the next years, between the U.S. government and the tech companies that are the most important engine of the booming American economy. The FBI has argued for years that it faces a "going dark" problem, that its investigations of everything from child pornographers to terrorists are hampered, or even completely undercut, by the fact that so much Internet communication is now encrypted to a level that the U.S. government can't break. As a result, the FBI wants a "backdoor" into the encrypted communications platforms engineered by American tech companies. The tech companies reject this demand on the basis that such a backdoor defeats the whole purpose of encrypted communications since if a backdoor exists, not only can the FBI use it, but also so can others. The companies argue -- quite properly -- that when you build a fence around your house to keep out intruders you don't leave a big hole in the fence for the easy access of police in the event that a crime might take place inside the house, because others can also exploit that big hole. In addition, the firms argue that if it is known they have given the U.S. government such a backdoor, then consumers around the world will be leery of using Apple and Google and other U.S. technology products. Many tens of billions of dollars are therefore at stake. The new occasion of this long-simmering dispute is Apple's rejection Wednesday of a federal judge's order to help the FBI hack into the encrypted iPhone of Syed Rizwan Farook, who in December, together with his wife, killed 14 of his co-workers at a holiday party in San Bernardino, California. The couple carried out the attack on behalf of ISIS, although there is no evidence they did so at the direction of the group. On the face of it, Apple's rejection of the judge's order seems quite wrongheaded. After all, the San Bernardino attack was the most lethal since 9/11. Apple's position, however, is that helping the FBI to decrypt Farook's iPhone would give the government access to all other similar iPhones and would also lead to an unfortunate precedent in which the government could eventually access encrypted communications on any American tech platform. Google has publicly supported Apple's position. So who is right here? The revelations by National Security Agency leaker Edward Snowden in 2013 about just how much U.S. tech companies had been playing footsie with the U.S. government had an effect on the firms' bottom lines around the globe. A 2014 paper by my colleagues at the New America think tank estimated that the Snowden revelations cost U.S. tech companies billions of dollars. Since Snowden went public, companies such as Apple and Google -- two of the world's most valuable companies -- have incorporated much greater encryption into their products and have also been at pains to show that they will not go along with U.S. government demands to access their encrypted products. What might be learned from Farook's iPhone? Of course, we don't know, but it's likely that it wouldn't be much beyond what we already know from the couple's Facebook postings, their Verizon phone account, their computers seized by police, the evidence found at their apartment complex and the fulsome confession of their friend Enrique Marquez, who allegedly provided them with the rifles used in their massacre and also allegedly knew of their plans to commit a terrorist attack as early as 2012. Mozilla chief: FBI snooping at Apple 'back door' makes you less safe FBI snooping at Apple 'backdoor' makes you less safe No evidence has emerged that Farook and his wife had any formal connection to a terrorist organization, and the plot involved only the couple and the alleged connivance of Marquez. What might be found on Farook's iPhone therefore is more than likely simply only some additional details to buttress the overall account of what we know already. Balanced against that is what the tech companies lose if they are seen to be doing the bidding of the FBI -- tens of billions of dollars and also the strong possibility of losing market share to other non-American tech companies, particularly software and cloud computing firms, around the world. A further wrinkle in the story is provided by Daily Beast reporter (and my New America colleague) Shane Harris who reported that Apple has decrypted iPhones for U.S. law enforcement authorities 70 times in the past several years and as recently as 2015. At the same time, Harris reports the government has successfully decrypted at least one version of the iPhone. These revelations suggest the possibility that the facts of this particular case aren't as important as the larger principles at stake and that both Apple and the U.S. government are using the San Bernardino case as something of a test of the question: Should tech companies give the FBI any kind of permanent backdoor? The San Bernardino test case will likely set up a legal fight that could go to the Supreme Court. It also may prompt Congress to intervene to pass legislation on the matter. Although the fight between American tech companies and the FBI hunting terrorists is undeniably important, to some degree it may also be increasingly moot. ISIS' key social media-encrypted platform is Telegram, which is engineered by a Berlin-based tech company that can simply ignore the rulings of American federal judges as well as legislation passed by the U.S. Congress. ISIS also advocates to its followers to use the "dark Web" Tor browser, which disguises users' IP addresses and is not controlled by any American tech company. In other words, once again, technology is outrunning the ability of both law enforcement and legislation to keep pace with it.