The intractable Problem of iPhone Privacy

An issue in our pockets

Dean Young, Columnist

In 2015, the public health department of a Southern California county decided to host a Christmas party for its seventy-odd employees. Little did they know this would turn into the deadliest terrorist attack on US soil since 9/11, and that the aftermath of that fateful day would open conversations regarding data privacy – ones in which we would do well to take part.

You may recall the 2015 San Bernardino attack, in which law enforcement managed to recover the shooter’s phone, but fumbled to unlock it. In their haste, they reset the password and reached out to Apple for help in cracking it open. Apple, however, replied that they would not and could not; since the Snowden leaks, Apple had upped their privacy with end-to-end encryption, so secure even Apple was not privy to the information. Moreover, Apple’s dedication to customers and protection of its reputation would prevent it from even trying to break the code. This sparked a lawsuit between Apple and the FBI and opened up a can of worms regarding the precarious balance between personal privacy and national security.

I started looking into this issue during January, and quickly realized the importance of the topic. Normally, I would leave this issue to the legal studies department; however, I became increasingly aware that this is a problem we must all be dealing with. It’s an issue that touches every one of us who has a smartphone – it is an issue we carry in our pockets. As students and citizens, how should we approach this?

Clearly, we want to avoid an excess in either direction, that of either diminished privacy or sacrificed safety. Given the precedent for search and seizures in physical spaces, it is not unreasonable to expect the same procedure with iPhones (assuming sufficient grounds as accords with fourth amendment rights). Naturally, then, it was proposed that Apple could create a key that would allow the government access to iPhones of interest for such searches. Though Apple was not able to bypass their end-to-end encryption at the time, finding a way in -a “backdoor” -would have only taken about 2 to 4 weeks and 6 to 10 Apple employees. With consideration of a government subsidy, it would not seem an unreasonable burden to saddle the tech giant with. Moreover, this would (in theory) lessen the force of illegal operations nationally, given that the encryption provided by Apple is so secure that many involved in illegal activity favor the iPhone to the traditional burner phone.

However, this solution may not be as readily beneficial as we expect — both in terms of personal privacy and national security. As illustrated by the Snowden leaks, any iPhone key held by the government can potentially be leaked, and in the case of an iPhone key, this would also entail the loss of privacy, presumably, to every iPhone. With the increased use of smartphones in all areas, from the management of national infrastructure to information regarding one’s family, the potential of a leak could create a national security issue far, far larger than any security gained by iPhone access. This point was well noted by Apple’s vice president of software engineering, Craig Federighi: “Criminals and terrorists who want to infiltrate systems and disrupt sensitive networks may start their attacks through access to just one person’s smartphone”. Some have suggested alternative options, such as Apple maintaining the key and sending requested information to the government, but I leave it to the reader to identify hazards of such a setup. 

Some might conclude that we are being selfish and prioritizing personal privacy over national security, and the concern is valid. However, we have to ask whether backdoor access to the iPhone will, in fact, be a net gain for national security. Barring the possibility of the aforementioned leak, we would still have to consider the question poised by scholar Matthias Schulze, “Which bad actor would use a technology that he/she knows the government is using to listen in?”. This could well lead to an “offshoring” of encryption to foreign markets, to use a term from the former Director of NSA Michael Hayden, where US law enforcement would have even less management. 

What does this mean? There may well be solutions that allow government surveillance of criminal activity in a way that does not come at such a high cost, and these should be sought out. Moreover, we must not forget that iPhones only represent a fraction of the available digital crumb trail that we leave behind. Much data remains unencrypted, and it may be wise for the government to become adept at using this sort of information in its attempt to establish national security.

The topic is enormous, difficult, and not at all adequately covered by a single opinion column. It can be approached from various angles: legal precedent, constitutionality, burden on Apple, philosophical principles, moral demands and even the second amendment. Whatever the angle, it is evident that any solution must adequately address both national security and personal privacy in a way that is robust, efficient and safe. Given the prevalence of iPhones and the scope of their use, it is clearly an issue we as students ought to spend some quality time thinking through. We can hope a good solution is found quickly; and in the meantime, we must not forget this issue in our pockets.