Privacy

by Mike Masnick


Filed Under:
doj, encryption, fbi, going dark, imessages

Companies:
apple, microsoft



Apple Refused Court Order To Decrypt iMessages For DOJ; DOJ Debates What To Do

from the warning-shot dept

For many months now, there's been a war of words over the whole "going dark" issue, with the two loudest participants being the DOJ demanding backdoors to encryption, and Apple standing up and speaking out loudly about the importance of encryption. Sooner or later you knew the two would meet in a legal situation -- and now it's happened, with Apple clearly winning round one. The NY Times is reporting that the DOJ obtained a court order earlier this summer, demanding that Apple hand over decrypted iMessage messages (in real time) for an investigation. Apple, apparently, told the DOJ that those messages are encrypted, and it has no way to comply with the order. This is exactly the scenario that everyone's been chattering about for the past year. And apparently, people inside the DOJ are debating what to do about it:
The case, coming after several others in which similar requests were rebuffed, prompted some senior Justice Department and F.B.I. officials to advocate taking Apple to court, several current and former law enforcement officials said.
However, the article notes that any plans to take Apple to court have "been shelved for now." The rest of the article focuses on a somewhat related situation that we've discussed in the past, involving Microsoft refusing to comply with a DOJ subpoena to hand over emails that are stored on an Irish server. The issue in that case is not about encryption, so much as jurisdiction and the differences between a warrant and a subpoena. That case heads back to court this week. However, the issue about encryption and demands to decrypt communications or stored data will continue for quite some time.

The article notes that Apple did turn over some information, which the DOJ took as a sign of good faith:
In the drug and gun investigation this summer, Apple eventually turned over some stored iCloud messages. While they were not the real-time texts the government most wanted, officials said they saw it as a sign of cooperation.
Of course, the major difference here is that the iMessages are encrypted end-to-end, while data stored in iCloud is not, meaning that Apple actually has access to that content. Many have pointed out that in most cases, the important information that the DOJ will want is probably backed up in iCloud anyway, so perhaps that keeps the DOJ from actually going after Apple for the time being. But, still, it is noteworthy that a clash has already happened. Sooner or later, assuming Apple doesn't give in to the backdoor demands, the DOJ is likely to take someone to court over this... Perhaps it's just waiting for a company with pockets not quite as deep as Apple's.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Ninja (profile), 8 Sep 2015 @ 10:40am

    Perhaps it's just waiting for a company with pockets not quite as deep as Apple's.

    When it happens we must join forces and provide very deep pockets to the company that finds itself in the receiving end of the lawsuit.

    reply to this | link to this | view in chronology ]

    • icon
      SolkeshNaranek (profile), 8 Sep 2015 @ 10:58am

      Re:

      When it happens we must join forces and provide very deep pockets to the company that finds itself in the receiving end of the lawsuit.

      The DOJ acting the part of the bully we all know them to be, will certainly wait for an easier target to go after.

      If the DOJ thought they had a real case against Apple that they believed could be won, then they should take on Apple and let the case be settled on it's merits, and not on who they can steamroll.

      When the time comes for a smaller company to stand up to the DOJ, I hope everyone capable will help provide financial assistance so the bullies will be put in their place.

      The government is out of control, and the ignoramuses in charge are hellbent on stripping away the small remaining privacies we have left.

      We must not allow that to happen. In this case, it would be wise to "think of the children" and the world they will be forced to live in if the government has its way.

      reply to this | link to this | view in chronology ]

      • identicon
        David, 8 Sep 2015 @ 11:12am

        Re: Re:

        The government is out of control,

        Well, to be fair that is the exact goal of the electorate system written into the Constitution: to keep the government out of control of the hicks in the backwaters.

        Arguably, the voting system has not kept up with the changed voter profile. So the Constitution warrants some updates towards more direct democratic means here.

        However, the Constitution never intended the government to slip out of accountability, and that's what has been happening in the last decades.

        The stuff Nixon was sent packing for is peanuts and privilege in today's political landscape. And that's indeed a development that the Constitution does not stand for.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 8 Sep 2015 @ 12:15pm

          Re: Re: Re:

          Wrong, the constitution is not the problem, it is people like YOU that do not know what you should be doing or think that it needs a 21st Century update by a group of people that have not only proven they cannot read basic English but are so far out of touch with reality it's a fucking comedy on capital hill!

          #1. People should be taught what serving on a Jury means as a citizen! A lot of people treat it as a burden to be artfully avoided, when in fact it is your MOST POWERFUL VOTE! There a well informed citizenry can completely annihilate any foul play by the government, but a lot of forces has gone into the effort of keeping people stupid.

          #2. WE should be the ones ensuring accountability, but instead we bicker over left vs right, north vs south, and repuke vs demtard! Both sides give their own a pass for what they would be screaming about from the other side.

          Bush damaged American Freedoms (DHS/TSA) more than a lot of people realize/admit and Obama instead, of undoing the damage, has started cutting into Americas throat with the knife Bush put there!

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Sep 2015 @ 11:08am

    Read between the lines what the US gov said. They said "they don't have real-time access to iMessage".


    Not access. Real-time access! That means they already have real-time access to everything else, and not just plain-text but also HTTPS communications. That's what I get from it. It probably wouldn't be too hard considering DoD has a root certificate in Apple's root store.

    reply to this | link to this | view in chronology ]

  • icon
    Violynne (profile), 8 Sep 2015 @ 11:11am

    while data stored in iCloud is not
    This statement is precisely why I won't use any company's "cloud" service.

    What's the fucking point in encryption when the data stored removes it, allowing companies like Apple, Google, and Microsoft to freely hand it over.

    Rhetorical question.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Sep 2015 @ 2:11pm

      Re:

      You should look at cloud storage services that encrypt at the source and allow to change/control the key. Crashplan is one of those, I'm sure there are others (SpiderOak?), but they exist.

      Barring that, encrypting something strongly & putting on Amazon S3 or Google Drive is probably as safe as having it on your internet connected machine.... Maybe safer as it's likely harder to get into the physical machines in a datacenter than it is to get into your house...

      reply to this | link to this | view in chronology ]

    • icon
      vdev (profile), 8 Sep 2015 @ 6:36pm

      Re: stored data

      Do you KNOW that the stored data is unencrypted? If so, please explain HOW you know that.

      And if you fail to do BOTH then you're just blowing smoke.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 9 Sep 2015 @ 10:50am

      Re:

      Call me tinfoil hat, but I firmly believe the "cloud" movement was started by government entities, most likely the alphabet agencies and government contractors like Lockheed, Northropp, etc. It was pushed as the next big shiny thing in IT and the only people that slurped it up were the executives that have no idea what they're doing making technology decisions. Everyone else with half a brain realized it is absolutely moronic to divorce your business from it's mission critical data and on top of all that store it on someone else's servers that you don't control. How did this ever sound like a good idea? Especially when all the alphabet agencies then need to do is compromise a few cloud hosts to get the keys to countless kingdoms.

      reply to this | link to this | view in chronology ]

      • icon
        vdev (profile), 10 Sep 2015 @ 8:55am

        Re: Re: cloudy origins

        Sorry, AC, but this really is tinfoil hat.

        I may be old'n'grey but I remember that companies were doing this - sort of - in the mid-to-late 70's. GE at the time had a worldwide data processing network and quite a few companies were doing selected parts of their business there. Not all, by any means, but there were certainly more than a few mission-critical applications (financial services mostly) that were not done in-house, and that were run on "someone else's servers".

        It was groundbreaking for its time. Pity that GE squandered it.

        reply to this | link to this | view in chronology ]

    • icon
      tracyanne (profile), 10 Sep 2015 @ 1:17am

      Re:

      I use a 'Cloud' service that purports to allow me to control the encryption key - Copy Cloud - plus I pre encrypt the data going to the 'Cloud' on the fly, using encfs (a FUSE filesystem) which transparently encrypts. I place unencrypted data in one directory and encfs automagically encrypts it into the Copy Cloud directory. Data in the CopyCloud directory is transparently decrypted into the unencrypted directory.

      So if the Copy Cloud encryption is not as secure as they claim I have an extra level of encryption that only I control

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Sep 2015 @ 11:31am

    The DOJ and the US government are dead in the middle of driving the internet dealing companies out of the US if they wish to deal with the rest of the global market. Should the US win their case on this and the Microsoft issue of emails residing in foreign servers being subject to US law, expect a massive surge out of the US as corporations move out of the US to protect their bottom line.

    It's pretty short sited of the government but given the way they've been acting, who can blame corporations for moving?

    reply to this | link to this | view in chronology ]

    • icon
      Bergman (profile), 14 Sep 2015 @ 12:51am

      Re:

      There's another aspect to this that the DoJ is apparently not realizing:

      If a court in the US can order a multinational company to violate the laws of another country in order to disclose data on a server located in that other country, another country could also do it.

      Does Microsoft supply any products to any part of the US government? Is there any confidential or even top secret information on those Microsoft systems? What if a foreign court, in France to arbitrarily pick a country, issued a court order demanding Microsoft turn over that top secret data to the French government?

      If a US court can compel obedience with a court order of that nature, then Microsoft could also be compelled to obey such an order that harms the US.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Sep 2015 @ 11:35am

    That's a nice little business you've got there, Apple;

    Sure hate for it to be regulated by the heavy hands in DC.

    (However, since it's election season, perhaps it would be a good time to fork over some serious coin to make sure your interests are protected -- hint, hint.)

    reply to this | link to this | view in chronology ]

  • identicon
    DigDug, 8 Sep 2015 @ 11:39am

    Erroneous title.

    Apple didn't "refuse" the court order. The court ordered an impossibility.

    If that's considered refusal and there are any repercussions due to an invalid court order, then you know that the DOJ can get anyone imprisoned just by having the judge order the impossible.

    Judge to Hillary Clinton: The court orders you to grow 20 years younger, 13 points hotter and 20 points blonder.

    Hillary Clinton to Judge: ...

    Judge to Hillary Clinton: I find you in contempt of court, 30 years prison sentence.

    Hillary Clinton to Judge:

    reply to this | link to this | view in chronology ]

  • icon
    Ben (profile), 8 Sep 2015 @ 12:33pm

    The correct response to the DOJ

    Apple should respond to the DOJ:

    No messages were found responsive to your request

    (to paraphrase the DOJ's seemingly favorite response to a FOIA request)
    ... and since they don't have any decrypted iMessages, it would actually be true.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Sep 2015 @ 7:37pm

      Re: The correct response to the DOJ

      "Apple should respond to the DOJ:"

      We have >>>ENCRYPTED>>>

      The new redacted.

      reply to this | link to this | view in chronology ]

      • icon
        Bergman (profile), 14 Sep 2015 @ 1:05am

        Re: Re: The correct response to the DOJ

        Just imagine the trouble you could cause by responding to a subpoena by supplying what it requires you to supply, but inserting a few redaction blocks here and there, covering blank spaces.

        It wouldn't violate the subpoena, but man would it ever mess with their heads...

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 9 Sep 2015 @ 10:34am

      Re: The correct response to the DOJ

      sldkjoifsdjfonvnwertlinerncvsdsdlisdfjsdlfjsdlflsdfljsdfsdf
      rueyrueyriuwyeryewrwermnewnrmwenrwejbfjfk jdsfjnsdfndfkjsmnc

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Sep 2015 @ 12:57pm

    Meanwhile in the EU

    Many of the big US companies, Apple and MS included, are fighting a law that would prevent them from giving data to other countries i.e. the US.
    The argument they use is that the only choice they'd have is to either break EU or US law.

    So while I do think it's great they stand up for the US costumer it would be nice if they did the same world wide.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Sep 2015 @ 1:00pm

    So, Apple gave the same answer that my wife gives concerning backdoor requests?
    Awesome.

    reply to this | link to this | view in chronology ]

  • icon
    jilocasin (profile), 8 Sep 2015 @ 1:39pm

    Here's the beauty of the situation.

    And now we see the beauty of the situation.

    If the system actually is designed to use end-to-end encryption, with the keys handled by the client directly, then Apple isn't being obstinate.

    No court can order someone to do something they can't actually do. It's a fruitless as demanding Apple produce voice recordings of , or turn over a mated pair of unicorns to the DOJ. Not possible (probably).

    The best the government could do is to outlaw further production of the communications network, or in the extreme force Apple to turn off the existing system.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Sep 2015 @ 1:49pm

      Re: Here's the beauty of the situation.

      If the system actually is designed to use end-to-end encryption, with the keys handled by the client directly, then Apple isn't being obstinate.

      Except that are obstinately refusing to use their position make their OS give them the user keys.

      /FBI Logic.

      reply to this | link to this | view in chronology ]

    • icon
      DannyB (profile), 8 Sep 2015 @ 2:05pm

      Re: Here's the beauty of the situation.

      What we get into here is the government telling giant successful megacorps how they are supposed to write software.

      reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 8 Sep 2015 @ 5:11pm

      Re: Here's the beauty of the situation.

      No court can order someone to do something they can't actually do. It's a fruitless as demanding Apple produce voice recordings of , or turn over a mated pair of unicorns to the DOJ. Not possible (probably).

      You greatly overestimate the technological knowledge of the vast majority of judges. All the DOJ has to do is find one dumb enough that all that 'encryption' stuff is beyond them, and you can be sure they absolutely will order Apple or some other company to do something impossible, simply because they don't know that it is impossible.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Sep 2015 @ 3:20pm

    Microsoft subpeona will be warrent

    At least according to this article on Ars
    http://arstechnica.com/tech-policy/2015/09/us-claim-on-the-worlds-servers-at-a-crossroads/

    If the DoJ wins the case then the US will officaly rule internet world. In case the DoJ wins local law won't mean anything. By that measure other countries might be allowed to request information about US users. You post a picture that some Gov/country doesn't like? Well you better hope the US doesnt have an extradition treaty with them or you might end up in jail.

    And I'm not talking about a nice 24/7 solitary, no vists jail that violates human rights... no I mean the kind you get visitors and cellmates. Those really ugly 3rd world prisons everyone fears!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Sep 2015 @ 3:27pm

    "Most bad government has grown out of too much government." Thomas Jefferson

    "I predict future happiness for Americans if they can prevent the government from wasting the labors of the people under the pretense of taking care of them. Thomas Jefferson.

    "Resistance to tyrants is obedience to God." Thomas Jefferson

    "Government, even in its best state, is but a necessary evil; in its worst state, an intolerable one." Thomas Paine

    "Today the nations of the world may be divided into two classes - the nations in which the government fears the people, and the nations in which the people fear the government." Amos R. E. Pinochet

    "It is dangerous to be right when the government is wrong." Voltaire

    "In order to rally people, governments need enemies. They want us to be afraid, to hate, so we will rally behind them. And if they do not have a real enemy, they will invent one in order to mobilize us." Thich Nhat Hanh

    "Too bad all the people who know how to run the country are busy driving taxi cabs and cutting hair." George Burns

    "Of all tyrannies a tyranny sincerely exercised for the good of its victims may be the most oppressive. It may be better to live under robber barons than under omnipotent moral busybodies. The robber baron's cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for own good will torment us without end, for they do so with the approval of their own conscience." C. S. Lewis

    "There is not enough jails, not enough policemen, not enough courts to enforce a law not supported by the people." Hubert Humphrey


    So what in heavens name happened?
    Uncle Sam has fallen and he can't get up.

    (Quotes from Hillwatch.com)

    reply to this | link to this | view in chronology ]

  • identicon
    J.R., 8 Sep 2015 @ 4:29pm

    Chattel

    That's what the government and its agencies see the people of this country as: its chattel, its property. Who could object to a swineherd or shepard surveilling his property? When they decide to install GPS-enable microchips with microphones on everyone, (except themselves) it will be for our "own good. Think of the lambs, think of the piglets..."

    reply to this | link to this | view in chronology ]

  • icon
    vdev (profile), 8 Sep 2015 @ 6:31pm

    I am sure that Apple did not "rebuff" the subpoena. I expect that it replied with all the relevant information that was available.

    And that would look just like the DoD/DoJ/NSA redacted documents do - a header follower by a lot of black lines.

    reply to this | link to this | view in chronology ]

  • icon
    Jeff Green (profile), 9 Sep 2015 @ 3:30am

    The DOJ know that Apple cannot comply with the order, what is needed is for the few judges who actually understand to start acting properly and when the DOJ ask for an impossibility to call them out, require the presence in court of the official who asked for the data, and have him repeat the request on oath. Then jail him for contempt and ask for his arrest for perjury.

    After a few senior official are shuffling round the exercise yard for a while maybe they will start to act their age.

    reply to this | link to this | view in chronology ]

    • icon
      nasch (profile), 9 Sep 2015 @ 6:59am

      Re:

      The DOJ know that Apple cannot comply with the order,

      Why do you supposed they asked for it then? Just trying to get Apple in trouble for some reason?

      reply to this | link to this | view in chronology ]

      • identicon
        DigDug, 9 Sep 2015 @ 7:40am

        Re: Re:

        Yup - Exactly.

        They are trying to attack companies that allow encryption without their golden key through manipulation of the courts through lies, damned lies, and double dumb-ass lies.

        In other words, standard operating procedure for the Executive branch. Whatever it takes to get what they want, to hell with the law, it doesn't apply to them.

        reply to this | link to this | view in chronology ]

      • icon
        That One Guy (profile), 9 Sep 2015 @ 10:45pm

        Re: Re:

        Why not? What makes you think they wouldn't knowingly ask for the impossible just to send a message to other companies considering encryption?

        "We knew our request wasn't possible, but we dragged Apple to court and forced them to pay legal fees to fight it regardless. Unless you want to suffer a similar fate, you'd best make sure that you can hand over what we want, when we ask for it, because as we've just shown, we will take it to court if we have to, even if we know our demand is impossible."

        Alternatively, they could be hoping to use it as an example of another sort.

        "Look, even when we went through all the steps, they still refused to give us what we asked for, claiming it 'wasn't possible'. Clearly encryption is indeed posing a real obstruction to law enforcement efforts, and needs to be careful controlled so that this sort of thing doesn't happen in the future."

        And the third option of course is that they really didn't realize that they were asking for the impossible, being completely clueless about encryption, but I have a hard time believing that it reached the point of a lawsuit without a single person in the DOJ realizing this, so I rather doubt this is the case.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Sep 2015 @ 9:23pm

    Metadata is more useful and revealing than content. All your contacts, your location history, and your web browsing history can all be gleaned from matadata.

    I'm surprised law enforcement even bothers looking at message content anymore. That's the old, outdated, method of investigation.

    Now-a-days, we kill and arrest people based solely on metadata.

    reply to this | link to this | view in chronology ]

  • icon
    karthik (profile), 8 Oct 2015 @ 1:10am

    beauty tips

    if you want to look younger than your age need to some good natural beauty products which are available at low prices in a store http://nore-online.com

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.