from the it-goes-on-and-on dept
Support our crowdfunding campaign to help us keep covering stories like these!
Like many, we wrote about the bizarre filing from San Bernardino County District Attorney Michael Ramos in the Apple/FBI encryption fight — you know, the one where he speculates randomly that the iPhone might contain evidence of a “dormant cyber pathogen” that is waiting to infect computer systems everywhere? Of course, that was found in his 4 page application to file the full brief, and as far as we can tell, no one else has explored the full 40 page brief that Ramos eventually did file, after magistrate judge Pym granted permission. And, it probably won’t surprise you that in a filing that’s 10x as long, it’s got much more room for crazy arguments, many of which seem to be in the “day is night, black is white” variety. Let’s dig in:
At issue before this Court is whether on balance there is a compelling
governmental interest in acquiring evidence of criminal activity contained solely on
the specific San Bernardino County-owned iPhone, seized and ordered searched
by a lawful search warrant issued by a United States Magistrate, that outweighs any
real or imagined interest that Apple, a for-profit California-based corporation,
asserts to deny assistance to the FBI, San Bernardino County District Attorney’s
forensic partners, and by extension the San Bernardino County District Attorney
and our client, the People of the State of California, in acquiring this evidence.
Actually, that’s not the issue. The issue is not whether there’s a compelling governmental interest, but whether or not a company can be compelled to build new hacking tools and surreptitiously load them onto user devices. That’s a very different question, and one that Ramos doesn’t even want to consider. So, instead, he makes up things unrelated to the issue at hand.
Then, Ramos repeats the whole bogus “there may have been a third shooter!” and “DORMANT CYBER PATHOGEN!” arguments, based on absolutely no evidence, and follows it up by flipping the burden of proof, and hilariously arguing that it is Apple’s burden to prove that there is no such dormant cyber pathogen. PROVE A NEGATIVE, APPLE!
At the time that the murders in San Bernardino County were being perpetrated on
December 2, 2015, at least two 911 calls to the San Bernardino Police Dispatch
Center reported the involvement of three perpetrators. Although the reports of three
individuals were not corroborated, and may ultimately be incorrect, the fact remains
that the information contained solely on the seized iPhone could provide evidence
to identify, as of yet, unknown co-conspirators who would be prosecuted by the
District Attorney for multiple murders and attempted murders in San Bernardino
In addition, the iPhone is a county telephone that may have connected to the
San Bernardino County computer network. The seized iPhone may contain
evidence, that can only be found on the seized phone, that it was used as a weapon
to introduce a lying-dormant cyber pathogen endangering San Bernardino County’s
infrastructure, a Violation of Cal. Penal Code § 502 (Lexis 2016), and which would
pose a continuing threat to the citizens of San Bernardino County.
Apple has not advanced a single argument to indicating why the
identification and prosecution of any outstanding coconspirators, or to detect and
eliminate cyber security threats to San Bernardino County’s infrastructure
introduced by its product and concealed by its operating system, and Apple’s refusal
to assist in acquiring that information, is not a compelling governmental interest.
To the extent that Apple states in its brief at page 33 that there is no compelling
state interest because the government “has produced nothing more than speculation
that this iPhone might contain potentially relevant information,” Apple completely
forgets that a United States Magistrate has issued a search warrant based on a
finding of probable cause that the iPhone does contain evidence of criminal activity.
The reason we search is to find out if the device contains evidence or is an
instrumentality of the crime. Such authority is granted by the United States
Got that? As long as the DA makes up some totally mythical “cyber pathogen,” so long as Apple has not proven that such a thing is not on the phone, then open ‘er up, Apple!. That’s a fascinating view of due process.
Oh, speaking of due process, Ramos then, absolutely ridiculously, flips Apple’s 5th Amendment due process argument on its head, arguing that by not hacking into users’ devices, Apple is the one that is harming due process rights. Really:
The California Constitution guarantees victims of crimes committed in
California a Victims’ Bill of Rights…. These rights include
those shared by all people of the State of California, “that persons who commit
felonious acts causing injury to innocent victims will be appropriately and
thoroughly investigated brought before the courts of California and tried by
the courts in a timely manner.” … The Victims’ Bill of
Rights continues to state, “In order to preserve and protect a victim’s rights to justice
and due process, a victim shall be entitled to the following rights… To be reasonably protected from the defendant and persons acting on
behalf of the defendant”… and the right to have all
relevant evidence admitted in any criminal proceeding….
The due process protections of the California Constitution clearly attach to
not only the fourteen people murdered, and the twenty two injured in the assault,
but also those physically uninjured, but mentally injured survivors who witnessed
the mass murder.
Apple is infringing on the due process rights of these real, and not
speculative, victims. It is preventing protection from the defendant and those who
assist the defendant. Through the design of its operating system and its refusal
to assist in accessing the information contained on the seized phone, Apple is
preventing the acquisition of information leading to the identity or elimination of
outstanding coconspirators. This denies the surviving victims of the knowledge that
there are either no additional coconspirators, or that those that are outstanding will
be pursued. Apple’s actions in denying assistance in acquiring access to the phone
infringes on the Victims’ right to be reasonably protected. Denying access to this
information deprives victims of all relevant evidence in any criminal proceeding
that could be the product of the information contained on the phone, and it certainly
is denying the victims of the right guaranteed to them to have the case investigated
and prosecuted in a timely manner.
Let’s put this simply: this is an insane reading of the California Constitution. Based on this, Ramos can basically argue that anyone and anything that gets in the way of law enforcement finding out absolutely anything, no matter how speculative is infringing on someone’s due process rights. Did you sell someone a shredder that allowed them to shred a paper that may have included something useful? You’ve infringed someone’s due process rights. Did you happen to overhear someone planning a crime, but you can no longer remember what the person looked like? You’ve violated the victims due process rights. That’s not how it works. Private companies don’t infringe on someone’s due process rights — governments do.
And, then, just because this isn’t crazy enough already, in somehow arguing that a private company has the burden to prove a negative, and that a private company is responsible for due process, Ramos argues that Apple is “usurping the authority of the District Attorney“:
In refusing to assist in the opening of this repository of evidence, Apple is
making the defacto decision of who can be charged with a crime and is giving a de
facto grant of immunity to those iPhone users that use the phone as an
instrumentality of a crime, a cyber weapon, or store, intentionally or not, evidence
of a crime on the device. Questions of whether Apple’s conduct falls within
traditional definitions of harboring one who commits a crime aside, Apple is
infringing on the authority of the District Attorney to make charging and immunity
decisions. Apple is free to exercise its First Amendment rights to express what
activities, including none at all, should be considered crimes, or who should be
charged with a crime, including nobody, but Apple has no de jure or de facto
authority to make those decisions by its actions.
No person but the San Bernardino County District Attorney and his deputies
are authorized to decide when criminal charges are brought or not brought, or to
whom to provide a grant immunity from prosecution in San Bernardino County.
Apple has no such dejure or defacto authority in San Bernardino County.
Except… that’s nuts. Apple is not “granting immunity” or making decisions about who can be charged with a crime. Like the whole “dormant cyber pathogen” this is Ramos simply making up shit and telling it to a judge. Nothing that Apple is doing prevents law enforcement from bringing charges if they have enough evidence. But, once again, Ramos is flipping the very concepts of burden of proof and due process in suggesting that any technology that happens to get in the way of collecting evidence is somehow “granting immunity.”
If you thought that wasn’t crazy enough, Ramos keeps going deeper and deeper into the “What did he just say…..?” hole. Next up: claiming that Apple is an “Orwellian arbiter” of privacy, which in his mind is illegal because Apple is not a public policy maker, and thus is somehow not allowed to build systems that keep customers’ info private. I’m NOT JOKING (though, really, I wish I was).
Apple asserts that its operating system and its refusal to assist in unlocking
the phone is, in Apple’s view, necessary to protect the privacy interests of its
customers. Apple advances its concept of privacy as absolute privacy in the context
that it proffers the opinion that the contents of any Apple iPhone or Apple mobile
device is immune from any type of government intrusion due to its security features.
While Apple can represent what it chooses in its marketing of its devices and
operating systems, Apple is neither the legislature nor judiciary empowered to
define privacy as absolute. Apple in not a public policy maker. Apple is a for-profit
corporation. No one has appointed or elected Apple to be the Orwellian arbiter or
definer of privacy for society or even for all of Apple’s customers.
This falls into the so wrong it’s “not even wrong” category. It’s insane. It’s not even in the realm of reality. Of course a for-profit company gets to determine what kind of privacy tools it offers customers. Is Ramos honestly claiming that companies are somehow breaking the law by building secure systems? Because that’s crazy. It goes directly against basically… everything.
From there, Ramos again pretends the case is about something entirely different:
Apple’s concept of absolute privacy and immunity from government search
is not supported by the Constitution of the United States or the cases that interpret
it. Furthermore, Apple has no privacy rights in the device before the Court, nor is it
legally permitted to assert any privacy rights regarding the search of the San
Bernardino County-owned phone.
Right. And Apple is not asserting privacy rights here so what the hell is Ramos even arguing about here? He’s making things up that aren’t even remotely related to the case. Apple is not arguing about its privacy rights. It’s arguing about whether or not the All Writs Act can be used to force it to build hacking tools that undermine the safety and security of its customers.
Ramos then goes on to totally misinterpret the finding in the famous Supreme Court Riley v. California decision about whether or not law enforcement could search mobile phones without a warrant. The ruling in that case, quite rightly and importantly, noted that you could not search a mobile phone without a warrant. But, Ramos pretends that means that the Supreme Court’s decision means that all data on cellphones must be accessible under a warrant, which is not what the court said at all.
Hilariously, after raising issues that aren’t before the court at all (Apple claiming a right to “privacy”), Ramos claims that Apple is the one raising issues not before the court — and appears to do so by not understanding what the actual issue in this case is about:
Apple asserts that unlocking the seized iPhone will open the siege gates and
make its users’ personal information vulnerable to hackers, identity thieves, hostile
foreign agents and unwarranted government surveillance. It has also expressed
concerns about how foreign governments may treat their citizens and the demands
that might be made on Apple. None of these issues are before the Court. This case
does not involve speculation as to what foreign governments may demand of Apple,
or how Apple may respond to those demands in the future. There is no issue of
identity theft here, and Apple has not advanced an explanation of how unlocking
this phone would lead to identity theft elsewhere, nor have they advanced any
evidence of identity thefts caused by their unlocking phones prior to the deployment
of IOS 8. Similarly, Apple warns of unwarranted government surveillance. No
surveillance is present here. Apple has not advanced any evidence or explanation
of how this surveillance will be unleashed by unlocking this phone. Apple cites the
hacking of the Office of Personnel Management as illustrative of the dangers of
hacking into databases, yet these databases were not contained on a specific iPhone
as the evidence here is nor has there been an indication that the databases were
hacked by an unlocked iPhone. These speculative concerns do not outweigh the
compelling interest in the need to acquire real evidence of real crimes from the
Here’s the thing. This isn’t that complicated. The law at issue in this case is the All Writs Act. The All Writs Act specifically notes that any “writs of assistance” must be “appropriate” and under the law it’s been determined that to be “appropriate” it cannot be unduly “burdensome.” The judge in the case has specifically requested that the parties focus on whether or not the order is unduly burdensome, and that’s why Apple raised all of the issues above, directly answering the judge’s questions which directly relate to the law at hand. To argue that these are “issues not before the court” suggests such a profound ignorance of the case here that one wonders what Ramos is doing here and how he got elected to be San Bernardino’s DA.
And, really, for Ramos to whine that Apple’s evidence of actual security concerns are somehow too “speculative” when he’s the one spewing nonsense about speculative “dormant cyber pathogens” is just… insane.
Finally, Ramos concludes by saying that, look, he doesn’t really give a shit how Apple breaks encryption, but it needs to be able to break encryption:
Apple’s creation of their iOS 8 and iOS 9, the product of their brilliant
engineering created all these issues where it did not exist in previous operating
systems. There is nothing unreasonable in having this same brilliance applied to
remediating the problem they created. How Apple chooses to accomplish this is a
matter of their own choosing. Neither the FBI nor San Bernardino County District
Attorney is asking to know how they do it, or directly possess the tools to do so.
How Apple resolves the problem, or protects the solution is not our concern. We
only seek for this Court to compel that Apple do so.
That’s the DA version of “nerd harder, Apple.” Of course, it (once again) totally misunderstands and misstates the issue. Also, while it is true that, in this case, there do appear to be technical ways (very, very dangerous ones) to force Apple to do what the FBI wants (which, we should note has very specific requests, which Ramos doesn’t even seem aware of, despite being widely discussed), is Ramos honestly asserting that in cases where there isn’t such a backdoor possible that companies still be required to break in, even when that’s mathematically impossible?
The people of San Bernardino County deserve elected officials who actually understand the issues at hand. Not technically and legally ignorant buffoons who file such misleading tripe in such an important case.
Support our crowdfunding campaign to help us keep covering stories like these!
Filed Under: all writs act, amicus brief, cyber pathogen, doj, due process, encryption, fbi, michael ramos, privacy, san bernardino, san bernardino da