Most people following the business news have heard about the Apple versus FBI case, which is about gaining access to a locked iPhone. If you haven’t, get the recent news here. The comments are as interesting as the article!
I’ve been wondering if I should write about this topic, as I’m not close to the details and obviously not party to the underlying subtleties. I’m neither a lawyer nor a constitutional expert; I’m not even living in the USA! It appears to me that a form of chess game is being played out, with important moves by both Apple and the FBI.
However, an outsider can form opinions and can read about developments in the newspapers. So, here’s a few observations from my perspective; everything is clearly IMHO.
First, as I understand it, the FBI has an iPhone problem they want to solve with Apple’s help. They don’t necessarily want Apple to solve it for them, just to create the conditions for it to be solvable. To do this would require Apple to develop software that may (although not necessarily guaranteed to) cause privacy and security problems on a large scale. I understand this involves either a special version of iOS that has a “backdoor” or software that allows unlimited password tries. At least I think this is what is wanted.
Apple does not believe they can or should be ordered to do this. A hearing on March 22, 2016 will begin the legal arguments for or against this court order. Apparently, the matter could eventually end up at the Supreme Court. Many large IT companies are supporting Apple including Facebook, Twitter, Microsoft and Google, but not everyone.
Since this has become general public news, there’s bound to be considerable F.U.D. (Fear, Uncertainty, and Doubt) as well as incorrect information, legal questions, and a general lack of understanding. The comments referenced above illustrate this.
So, here’s some thoughts and questions that have occurred to me:
- There’s more to this issue than meets the eye — does it have implications for PCs, or even for IoT connected objects? Would access to connected cars ever be required?
- Although the case is based in the USA, it has international implications. Should the rules be the same everywhere and for everyone?
- If Apple were to give in, then it proves the solution exists, which then becomes a bull’s eye for hackers — it is not likely good to prove the possibility.
- Apple could already have a universal (secret) password to open any iPhone — how would we know if they do or don’t?
- If Apple is forced to comply, then what else could a company be forced to do? Is this case a precedent for other demands?
- If the FBI has no proof there’s evidence on the phone, then should they be allowed to break into it?
- How can the proper balance between privacy and security enforcement be determined? Do safety laws trump privacy laws?
- Is this issue even understandable to the general public, or does it just make people nervous? Will it slow down the digital transformation and the move to cloud and IoT?
- What is the impact if this takes several years to work itself out in the courts?
- What is the impact if the next generation of connected devices is built in such a way that not even the manufacturer can access the data?
- What if the device is a BYOD with both corporate and personal parts? Should the company be able to access both sides of the device?
There are many more questions that could be asked, and hopefully authorities will be doing just that. There is no doubt this case will bring more attention to overall security and privacy issues, and hopefully will lead to more adoption of privacy by design.
This is what I think; I’m sure you have opinions as well, so comments are welcomed.