The FBI's Not-So-Compelling Pitch For Sacrificing Security For Safety

from the the-public-should-decide-this,-says-agency-seeking-compelled-action-from-a-priva dept

The FBI’s attempt to use an All Writs order to force Apple to help it break into a locked iPhone is seemingly built on a compelling case: a large-scale shooting involving people with ties to terrorist groups. This is exactly the sort of case Comey hoped would help push his anti-encryption agenda forward. Or so it seems.

But is the case really that “compelling,” especially in the legal sense of the word, which requires the court to weigh the imposition on Apple against the public’s interest in seeing wrongdoers punished/future terrorist attacks prevented?

Conor Friedersdorf, writing for The Atlantic, finds the agency’s “compelling” case to be far less interesting than the FBI imagines it is.

Even so, there are many factors that make me underwhelmed by the San Bernardino case, too. The killers deliberately destroyed other devices but didn’t bother destroying this one. It was a work phone issued by San Bernardino County. Until some time prior to the killings it was backing up to iCloud, and the FBI was able to get those backups.

]So once again, law enforcement personnel got information about some of what was on the phone. They’re missing a mere fraction of its contents. And one would guess that in the time between the last iCloud backup and the terrorist attack, Syed Farook did not suddenly start updating his work iPhone’s contacts with the addresses of his terrorist buddies, but refrained from calling or texting them (which the phone company could tell the FBI).

The FBI likely knows there’s little chance much of investigative worth will be found on this phone. It wants the precedent, not the iPhone’s contents. That’s why Comey is telling anyone who will listen about other cases where encrypted phones have led to “dead ends.” Comey’s pitch for an Apple-assisted break-in presumes locked phones are literally helping people get away with murder. Friedersdorf notes that Lawfare’s Ben Wittes — arguing on behalf of the FBI — cites testimony Comey gave to Congress in which he discusses a pregnant woman who was murdered last summer. Her phone was found near her body but the FBI has been unable to access the contents.

Again, Comey is making serious presumptions about the worth of the phone’s contents to investigators. Taking a more logical approach to the facts of the case, Freidersdorf points out this phone is likely to be as useless as the phone central to the FBI’s current actions.

For the first 230 years of U.S. history, police officers managed to investigate murders without the benefit of any evidence from smartphones belonging to the victim. Keep that baseline in mind, because any information that the cops get from the Louisiana victim’s device leaves them better off than all prior generations of law enforcement. And they presumably did get some useful information, because a locked device doesn’t prevent them from going to the phone company and getting access to call, text, and location data generated by the device.

It doesn’t stop the authorities from going to Uber to see when the victim last took a ride, to her cloud backup to see what was last uploaded, to her email client to see if she sent or received any messages through that medium, and on and on and on.

Admittedly, there could be something only on the device relevant to the murder. The victim could’ve recorded a quick voice memo. She could’ve jotted a note to herself. She could’ve snapped a photograph of the killer in the moment before he acted. But you’ve gotta think that the odds are against there being conclusive evidence on the phone that isn’t available elsewhere, not only because so much data is available in multiple places, but because the killer left the phone with the victim.

Encryption has turned smartphones into Chekov’s Device: if a locked phone is owned by a criminal or found with a crime victim, the automatic assumption is that it houses relevant information of high investigatory value.

Comey is carefully picking his examples when arguing for greater law enforcement access… for the most part. A mass shooting that left 14 dead. A murdered pregnant woman. A fender bender at a busy intersection?

Marcy Wheeler also quotes testimony from Comey.

I’d say this problem we call going dark, which as Director Clapper mentioned, is the growing use of encryption, both to lock devices when they sit there and to cover communications as they move over fiber optic cables is actually overwhelmingly affecting law enforcement. Because it affects cops and prosecutors and sheriffs and detectives trying to make murder cases, car accident cases, kidnapping cases, drug cases. It has an impact on our national security work, but overwhelmingly this is a problem that local law enforcement sees.

Yes, the FBI would like Apple to help it break into an iPhone because law enforcement needs a leg up in traffic enforcement. If the FBI is given what it wants, the precedent will allow local law enforcement agencies to seek the same assistance any time the most mundane of investigations runs into a locked phone.

James Comey said (but didn’t mean) the public needs to determine for itself whether they’d rather have security or safety (and presumably apply that conclusion to every member of the public who diagrees with them). But as Friedersdorf points out, every individual member of the public is free to make that decision for themselves, without having to drag in either party or 1789’s All Writs Act.

The fact that there’s an unsolved murder case where some evidence might or might not be on a locked phone doesn’t seem like a compelling anecdote demonstrating the need to weaken security on everyone’s consumer devices. And if you’re worried that you’ll be killed and the lock on your smartphone will prevent the cops from finding your killer, by all means, disable the lock screen or leave a copy of your code in a safety deposit box. Everyone is free to decide when the costs of having strong security outweigh the benefits.

This is a decision any individual can make on their own. It doesn’t have to involve the government compelling companies to purposefully weaken protective measures. Any member of the “nothing to hide” crowd can shut off anything meant to keep others (criminals or law enforcement) from accessing their phones’ contents. Anyone who thinks the government has a “right” to access the contents of their phone should do whatever they can to ensure the government actually has that access — provided it’s limited to their own devices.

Comey says the public should consider the balance between safety and security in light of his agency’s efforts. What’s left unsaid is that the public has always had the ability to consider the tradeoffs and act on those conclusions. It didn’t need the FBI’s permission. Or Apple’s. But this isn’t about the public’s ability to determine its own security/safety balance and applying it on a case-by-case basis. This is about the FBI seeking to have that balance determined by a magistrate judge and applied to everyone, regardless of the public’s determination of where that balance should actually lie.

Filed Under: , , , ,
Companies: apple

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “The FBI's Not-So-Compelling Pitch For Sacrificing Security For Safety”

Subscribe: RSS Leave a comment
AJ says:

At least the FBI is now willing to admit that there is more at stake for Apple than unlocking a single phone.

“Manhattan prosecutor Cyrus Vance has said he has a backlog of 175 locked iPhones awaiting the resolution of the Apple-FBI fight, which is almost certain to be decided in high federal courts.

The outcome “will be instructive for other courts”, Comey told the House intelligence committee.”

Stand your ground Apple, the world is watching you.

Anon says:

not Really?

The most important data point of this episode – this was just a case of a couple “going postal”. If it were a true terrorist attack, I’m sure even in San Diego, with a navy base and a number of extremely large public gathering spots – this couple could have found a more high profile target that the husband’s workplace. I would be surprised if anyone in the middle east would not also tell them so – still more proof it was a lone wolf “postal” episode rather than a terrorist attack.

Anonymous Coward says:

Re: not Really?

– this was just a case of a couple “going postal”.

Really? Looks like you haven’t looked much at the evidence.

Terrorism doesn’t have to be some kind of well organised thing you know. Nor does it have to be particularly targetted at anything important. The idea of random attacks on “any infidel you can find” is circulating around he islamist space and these two were simply responding to that.

Given the amount of ammunition and the bombs they had put together it can hardly be seen as a spur of the moment thing.

Having said that – in my opinion it makes no difference at all to the privacy vs security issue.

Wendy Cockcroft says:

Re: Re: not Really?

Terrorism doesn’t have to be some kind of well organised thing you know. Nor does it have to be particularly targetted at anything important. The idea of random attacks on “any infidel you can find” is circulating around he islamist space and these two were simply responding to that.

If that’s true, why did they go after their co-workers? That was planned, not random. Why not someone else?

Bergman (profile) says:

Re: Re: not Really?

By the same token, not every attack — even with jihadist motivations — is terrorism.

Terrorism is a specific sort of violence, intended to alter political behavior through fear that you might be next. Murdering someone because you hate their religion is a hate crime, but not necessarily terrorism.

Terrorist is one of the few professions where you can be 100% successful by missing your target 100% of the time — the people a terrorist kills aren’t his targets, they’re collateral damage. The target is the people he wants to scare into changing their behavior.

So, who exactly has been scared into changing behavior by a couple people going postal at work?

Anonymous Coward says:


Well, if you go by the numbers, traffic accidents, kidnapping, and drug dealers make a far less non-compelling argument then terrorism…

Like falling out of bed, or drowning in the bathtub- those each kill thousands of times more people then terrorism, Maybe that’s why we should have ubiquitous surveillance. They should take a different tact. When oh when will it be time for the war on beds and bathtubs? Think of the children!

Anonymous Coward says:

Re: statistically....

Deaths due to bathtub-related drowning in the US, in 2000: 341.
Deaths due to accidental suffocation in bed (ditto): 327
Deaths due to firearms (assault): 10,801
Deaths due to firearms (suicide): 16,586
Overall 9/11 death toll: 2,977 (one set of events)
Deaths from Oklahoma City bombing: 168 (one event)

So, no, you’re looking at about 9 years worth of bathtubs to make up for 9/11. Of course, the USA has a very low terrorist related fatality rate compared to some other parts of the world. Syria, Iraq, and Nigeria account for about 66% of the incidents recorded. So perhaps you should consider instead the War on Solid Food (744 choking deaths) or the War To Simplify Medical Care (3,059 deaths from ‘complications’) before starting your bathtub crusade.

Lawrence D’Oliveiro says:

Is Liberty Worth Dying For?

Is freedom just some kind of dessert that we ordinary citizens can be allowed to have after we’ve been good and finished our main meal of building an orderly society?

Or is it a fundamental core value without which such an “orderly” society is meaningless?

Our ancestors fought wars and suffered and died to gain and retain the freedoms we take for granted today. Are these freedoms something to be lightly given up just because we fear a bit more suffering and dying?

Anonymous Coward says:


(slow clap) bravo man… you made me look it up- it’s possible I picked up some false info at some point- cause I was under the impression both bed and bath deaths where over 3k PER year; but I can’t find much to support that. It may have been, that many elderly deaths were from those two and it’s not commonly reported as such due to age and other health factors.

still- using the statistics you provided.
911+oak= 3145 911 was 14 years ago, oaklahoma over 20…
bed (x14years)=4578
bath (x14years)=4774
lightening (global per year) 6000

this is fun…

here’s some other things purported to be more then twice as likely to kill you then terrorism.
9,300,000/1 terrorist attack
4,400,000/1 left-handed people killed using a right-handed product
3,500,000/1 snake bite
3,000,000/1 food poisoning
2,300,000/1 falling off a ladder
2,000,000/1 dying after falling out of bed
685,000/1 drowning in the bath
500,000/1 train crash
43,500/1 accident at work
8,000/1 road accident
5/1 cancer
2.5/1 heart attack or stroke

yea, war on obesity, or heart disease where my first thoughts, but it didn’t seam to capture the absurdity. War on lightning has a good ring though- lets give up our rights and spend hundred of billions on that.

good point on the international aspect though… maybe it’s short sighted to only consider US deaths- even if the topic is, the US response. team america, world police after all.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...