Judge Calls Bluffs On Encryption Debate; Asks Apple To Explain Why Unlocking A Phone Is 'Unduly Burdensome'

Legal Issues

from the no-more-FBI-shitposting? dept

Things on the Crypto War 2.0 battlefront just got a little more interesting. The administration won’t seek backdoors and neither will Congress. The intelligence community has largely backed away from pressing for compliance from tech companies. This basically leaves FBI director James Comey (along with various law enforcement officials) twisting in his own “but people will die” wind.

Comey continues to insist encryption can be safely backdoored. He claims the real issue is companies like Apple and Google, who hire tons of “smart people” but won’t put them to work solving his “going dark” problem for him. As pretty much the entirety of the tech community has pointed out, holes in encryption are holes in encryption and cannot ever be law enforcement-only.

We may get a chance to see who’s telling the truth. As the Washington Post’s Ellen Nakashima reports, a NY federal judge is calling everyone’s bluff.

Magistrate Judge James Orenstein of the U.S. District Court for the Eastern District of New York released an order Friday that suggests he would not issue a ­government-sought order to compel the tech giant Apple to unlock a customer’s smartphone.

But before he can rule, the judge said, he wants Apple to explain whether the government’s request would be “unduly burdensome.”

The order details what the government is trying to accomplish, but has yet to succeed in doing.

In a sealed application filed on October 8, 2015, the government asks the court to issue an order pursuant to the All Writs Act, 28 U.S.C. § 1651, directing Apple, Inc. (“Apple”) to assist in the execution of a federal search warrant by disabling the security of an Apple device that the government has lawfully seized pursuant to a warrant issued by this court. Law enforcement agents have discovered the device to be locked, and have tried and failed to bypass that lock. As a result, they cannot gain access to any data stored on the device notwithstanding the authority to do so conferred by this court’s warrant.

The order demands Apple submit a response by October 15th. First, it seeks an answer as to whether the government’s request is even “technically feasible.” If it is, Apple will need to explain why complying with the order would be “unduly burdensome.” If further discussion is needed, oral arguments from both parties will be heard a week from that date (at this point oral arguments are purely optional).

The order also closely examines the government’s request in light of the All Writs Act. This would be the 1789 law the DOJ is trying to use to “cover” a gap between what Congress has specifically authorized and what the FBI is hoping to have granted. The presiding judge in this case — Judge Gabriel Gorenstein — has had previous experience with the FBI, phone manufacturers, and the All Writs Act, having dealt with a similar case back in 2005. In that case, he noted the government’s request seemed to be a “Hail Mary play” designed to elude statutory restraints, the checks and balances built into the system, and put the magistrate judge in the position of granting something possibly beyond his power to grant.

The government thus asks me to read into the All Writs Act an empowerment of the judiciary to grant the executive branch authority to use investigative techniques either explicitly denied it by the legislative branch, or at a minimum omitted from a far-reaching and detailed statutory scheme that has received the legislature’s intensive and repeated consideration. Such a broad reading of the statute invites an exercise of judicial activism that is breathtaking in its scope and fundamentally inconsistent with my understanding of the extent of my authority.

The All Writs Act is challenged here by Gorenstein again, nearly a decade later. After quoting a lengthy bit of report on “going dark” written by everyone’s favorite terrorist-sympathizer Peter King, Gorenstein goes on to challenge Comey’s public statements in light of his agency’s desire to deploy a 1789 law to punch holes in 2015’s phone encryption.

More specifically — in a lengthy footnote — Gorenstein basically calls Comey a hypocrite.

In a similarly-titled article published shortly before his Senate testimony, Director Corney discussed the extent to which companies like Apple should be compelled to ensure law enforcement access to the user content stored on its devices. Pertinent to the instant analysis of the All Writs Act, he wrote:

Democracies resolve such tensions through robust debate… It may be that, as a people, we decide the benefits here outweigh the costs and that there is no sensible, technically feasible way to optimize privacy and safety in this particular context, or that public safety folks will be able to do their job well enough in a world of universal strong encryption. Those are decisions Americans should make, but I think part of my job is [to] make sure the debate is informed by a reasonable understanding of the costs…

Director Corney’s view about how such policy matters should be resolved is in tension, if not entirely at odds, with the robust application of the All Writs Act the government now advocates. Even if CALEA and the Congressional determination not to mandate “back door” access for law enforcement to encrypted devices does not foreclose reliance on the All Writs Act to grant the instant motion, using an aggressive interpretation of that statute’s scope to short-circuit public debate on this controversy seems fundamentally inconsistent with the proposition that such important policy issues should be determined in the first instance by the legislative branch after public debate – as opposed to having them decided by the judiciary in sealed, ex parte proceedings.

The order also points out that the previous use of the All Writs Act to secure phone records is a completely different legal animal than the current demand that Apple open up a customer’s phone and expose all it contains to federal investigators.

[U]nlike the Telephone Company, Apple is not “a highly regulated public utility with a duty to serve the public[.]” It is a private-sector company that is free to choose to promote its customers’ interest in privacy over the competing interest of law enforcement. Indeed, whereas in New York Tel Co. “it [could] hardly be contended that the Company … had a substantial interest in not providing [the requested] assistance,” it is entirely possible, if not likely, that Apple has thus far made a deliberate decision to balance those competing interests in favor of its customers’ privacy preferences, as discussed further below.

Similarly, unlike the Telephone Company, which as the Supreme Court noted, regularly used pen registers for its own business purposes, there is nothing in the record to suggest that Apple has or wants the ability to defeat customer-installed security codes to access the encrypted data that its customers store on Apple devices after purchasing them.

Gorenstein also notes that the government has other ways of obtaining the contents of the phone, including the use of coercive measures to force the owner to unlock it. This has its own constitutional implications, but they are not under the purview of the magistrate judge. (There are also any number of third-party services utilized by the phone’s owner that may be more amenable to turning over information in response to court orders.)

Gorenstein says the government’s interpretation of the All Writs Act seems to exceed the intent of that law and completely bypasses the checks and balances built into the system — namely, the legislative branch, which has notably not pushed for mandated backdoors no matter how much Comey and others have complained about the threat it poses to the safety of Americans.

In the end, though, Gorenstein says it comes down to Apple pointing out why decrypting this phone would be “unduly burdensome,” if it is actually possible at all. Judging from the content of the order, it appears the Gorenstein is far more skeptical of the government’s claims than Apple’s, but we won’t know for sure until he responds to Apple’s response. If Apple responds with answers the government doesn’t like, it may move to have any further discussion on the matter sealed, which means we may not find out where this stands until years from now.

Then again, it may mean nothing at all. As Nakashima points out, this particular battle may not provide the best chance to defeat Comey’s backdoor fantasies.

Law enforcement officials said Saturday that the device at issue is a phone that runs on an older version of Apple’s operating system that Apple can unlock.

Filed Under: all writs act, burden, encryption, fbi, going dark, james comey, james orenstein
Companies: apple