FBI investigators investigating the San Berdanino terrorist attack have hit a stumbling block: Syed Farook, who killed 14 people, used an iPhone to communicate. The FBI believes that valuable information is stored on the Farook’s phone. Yet they can’t get at it.
Putting the wrong password into an iPhone a few times wipes the phone, turning it into a paperweight. The FBI have demanded Apple removes this function, and Apple has very publicly refused.
Decades of software development have been spent on making smart phones as secure as possible. Lamenting that a phone is encrypted is much the same as lamenting it has a screen and a headphone jack. After all, it makes perfect business sense.
We now carry more personal data in our pockets than in our medical records or bank statements combined. Nobody would buy a phone that risked spilling their secrets, and Apple knows this. If it was found that your bank details, personal correspondence and photos were easily accessible, the reputational damage would be enormous. Instead, outing the FBI as unable to break into an iPhone makes for fantastic PR.
A court has now ordered Apple to comply with the FBI, and the question is now whether Apple themselves can even decrypt an iPhone. The jury is out on this: Apple makes its money selling products, not data (like Google), and have traditionally insisted that even Apple cannot access an iPhone’s data once it’s been encrypted.
But the case sets an important precedent. The security services in the US and UK have complained about the problems encryption causes them for years. Vital information is being lost, they claim, and channels of communication that were once fruitful sources of evidence have ‘gone dark’.
But weakening encryption is not an option. Once a way of bypassing encryption is introduced – a "backdoor" – that backdoor is there for everyone. We would be outraged if a bank was unable to block a credit card if it was lost, and the same is now true for our phones.
And yet, terrorism poses a significant threat, and it is vital our security services have the tools at their disposal to counter it. Apple have offered to help where they can, and the same is true of many major technology companies. But demanding the weakening of basic encryption exposes us to more risk, not less, and Apple is right to fight against this.