Apple CEO Tim Cook’s now widely shared “Message to our Customers” is an attempt to make the best PR move in a bad situation.
Were Apple to comply with the FBI’s request to access information locked on a suspected San Bernardino shooter’s phone, it probably wouldn’t be the first time that the government has deputized Apple to breach its customers’ privacy.
According to documents revealed by Edward Snowden in 2013, Apple was one of the participants in the U.S. National Security Agency’s PRISM program, giving authorities access to its customers' information including their emails, messages and photos.
Apple for its part has denied any such involvement, but given the secretive nature of the United States Foreign Intelligence Surveillance Court (FISA Court), Apple and other technology companies would be prohibited to publicly acknowledge their involvement in such programs.
Hence the frustrating Catch-22 — is Apple really a champion of privacy rights? Or is all this bluster just an act to score PR points with their customers, despite the fact that legislative conditions already exist to force Apple to co-operate in secret?
Maybe we’ll never know, and it probably doesn’t matter, because the real lesson that can be learned from this episode is the importance of open source software.
While Apple has invested heavily in encryption and security, most of its systems and applications are closed. For all we know, Apple could already have been secretly compelled to program backdoors into its popular services such as iCloud and iMessage — even against the wishes of its CEO.
In fact, rumours such as this one have been circulating for quite some time. If true, this means that millions of customers could already have had their privacy invaded without ever knowing, and more importantly the decision to do so would be adjudicated in a secret court, completely out of Apple’s hands.
In contrast, in an open source model, the source code of an application is available to the general public, and a global community of curious engineers (there are millions of us) could effectively “look under the hood” to ensure that no backdoors existed. Such transparency can only be achieved in an open-source environment, and Apple has historically chosen to operate contrary to this model.
The second and more important lesson is that situations such as this distil the abstract concept of encryption into frightfully political sound bites. Recently, John J. Escalante, chief of detectives for Chicago’s police department, went so far as to suggest that “Apple will become the phone choice for the pedophile.”
The truth about encryption is obviously far more nuanced. Encryption is not a dirty word, nor is it something that’s only useful to terrorists and pedophiles. Consider going a day without encryption — being unable to use your credit card, withdraw funds from an ATM, or simply make a mobile phone call — and you quickly realize how any legislation that weakens encryption would have far-reaching social, political, and economic consequences.
It has been argued that mathematically crippling encryption systems to grant the government a so-called “master key” would be a good way to protect our safety and security. That’s a strange case to make when most people would never agree to give the police a master key to open every house in the country (even if pedophiles and terrorists also live in some of those houses).
Furthermore such arguments naively assume that only the “good guys” would retain (or devise) such master keys. At a time when accidental data losses by governments around the world have become an all too common occurrence, it’s no wonder Apple is concerned about being forced to grant the government such access.
The U.S. government has painted not just Apple, but the entire technology industry into a corner. The industry’s answer needs to lie in advances in encryption technology and open source software. Given the opaque and Byzantine nature of the security apparatuses in both the U.S. and Canada, it will soon be impossible to decipher who’s been compelled to do what, and when — no matter what their press release states.
– Frederick Ghahramani is the CEO and Founder of just10.com, an ad-free private social network