On March 22nd, Apple and the FBI will head to federal court to determine whether or not the government can force Apple to open up an otherwise deeply-encrypted iPhone used by terrorist Syed Rizwan Farook leading up to the San Bernardino shootings.
The lead up to the hearing has been an unending game of back-and-forth between Apple and the government, and Apple has just lobbed the ball back to the other side of the court one last time prior to the hearing.
Last week, the FBI had filed with the court, describing Apple’s court-borne resistance to complying with its unlock order as ‘corrosive rhetoric’. Apple responded immediately, characterizing the FBI’s filing as “an indictment”. Basically, both sides had gotten to the openly hostile portion of these proceedings. During a call last week about the filing, Apple executives, including general counsel Bruce Sewell, spoke in a way that can be best characterized as surprised and outraged. The FBI’s tone shift from legal argument to character assassination in its filings had clearly taken Apple off guard.
The tone of today’s filing and subsequent call was much more cold and precise. Apple got some time to consider the best way to respond and went with dissecting the FBI’s technical arguments in a series of precise testimonies by its experts.
Where the FBI filing last week relied on invective, Apple’s this week relies on poking holes in critical sections of the FBI’s technical narrative.
The details of the reply
The gist of their final reply is summed up well in the following:
This Court should reject that request, because the All Writs Act does not authorize such relief, and the Constitution forbids it
In the reply and a brief press conference hosted just after its publishing, Apple focused on five main assertions:
- That the government is misinterpreting the All Writs act as a “virtually unlimited authority empowering courts to issue any and all orders the government requests in the pursuit of justice.” (pg. 3 of the below doc) and that “the founders would be appalled” by this interpretation.
- That there are no prior cases that support the government’s argument or interpretation of the All Writs act
- That making these demands “shows the government misunderstands the technology and the nature of the cyber-threat landscape” (pg. 19 of the below document)
- That, despite what the government has suggested in previous replies, Apple has never marketed their devices as being able to “thwart law enforcement”
- That, despite what the government has suggested in previous replies, Apple does not grant foreign governments any additional access to Apple user’s protected data.
Unsurprisingly, in its filing, Apple mentions that the FBI shot itself in the foot when it had San Bernardino county officials change the iCloud password of the device. In doing so, the FBI removed a critical pathway to getting the information it says it wants to see if Apple unlocks the phone.
But, along the way, Apple also pokes holes in two technical arguments that the FBI has been trying to make. First, that the iCloud backups are encrypted with the device passcode. They are not, as pretty much any security expert or even reporter on this case knows.
Apple’s Erik Neuenschwander, the wielder of the rapier in this filing, slices up some FBI spam:
The statement that even if the device did perform an iCloud backup “the user data would still be encrypted with the encryption key formed from the 256 bit UID and the user’s passcode” is incorrect. Data backed up to iCloud is not encrypted with a user’s passcode.
He also points out that Apple does not log keystrokes in its keyboard, as claimed by the FBI:
As noted above, I also reviewed the Supplemental Pluhar Declaration. I believe that declaration contains several mistakes. For example, in paragraph 10(a), Agent Pluhar claims that the device’s keyboard cache would not backup to iCloud and that such keyboard cache “contains a list of keystrokes typed by the user on the touchscreen.” This is false. The keyboard cache in iOS 9 does not contain a list of keystrokes typed by the user, or anything similar.
Embarrassingly, the FBI also appears to think that because Mail, Photos and Notes were turned off on the device, that this also toggles what gets backed up via iCloud Backup. It does not.
Apple spends the majority of its supplemental material dismantling various technical arguments put forth by the FBI. But the core of the filing itself rests on the limits of the FBI’s request and the limitations of the All Writs Act in general.
Some legal highlights
Here are what we read as some of the most important highlights of their reply (their full reply is embedded in the bottom of this post.):
Page 1, line 18
Thus, according to the government, short of kidnapping or breaking an express law, the courts can order private parties to do virtually anything the Justice Department and FBI can dream up. The Founders would be appalled.
Page 2, line 18:
It has become crystal clear that this case is not about a “modest” order and a “single iPhone,” Opp. 1, as the FBI Director himself admitted when testifying before Congress two weeks ago.
Page 15, line 18:
Forcing Apple to create new software that degrades its security features is unprecedented and unlike any burden ever imposed under the All Writs Act. The government’s assertion that the phone companies in Mountain Bell and In re Application of the U.S. for an Order Authorizing the Installation of a Pen Register or Touch-Tone Decoder and a Terminating Trap (Penn Bell), 610 F.2d 1148 (3d. Cir. 1979), were conscripted to “write” code, akin to the request here (Opp. 18–19), mischaracterizes the actual assistance required in those cases. The government seizes on the word “programmed” in those cases and superficially equates it to the process of creating new software. Opp. 18–19. But the “programming” in those cases—back in 1979 and 1980—consisted of a “technician” using a “teletypewriter” in Mountain Bell (Dkt. 149-1 [Wilkison Decl.] Ex. 6 at 7), and “t[ook] less than one minute”
Page 16, line 10:
This case stands light years from Mountain Bell. The government seeks to commandeer Apple to design, create, test, and validate a new operating system that does not exist, and that Apple believes—with overwhelming support from the technology community and security experts—is too dangerous to create.
Page 17, footnotes:
The government accuses Apple of developing the passcode-based encryption features at issue in this case for marketing purposes. E.g., Opp. 1, 22. This is a reckless and unfounded allegation. Since passcode-based encryption was first introduced in October 2014, Apple has produced 627 separate ads in the United States and approximately 1,793 ads worldwide. These ads have generated 99 and 253 billion impressions, respectively. Not a single one advertised or promoted the ability of Apple’s software to block law enforcement requests for access to the contents of Apple devices.
The idea that Apple enhances its security to confound law enforcement is nonsense. Apple’s “chain of trust” process—which follows accepted industry best practices—is designed to secure its mobile platform against the never-ending threat from hackers and cyber-criminals.
Page 18, line 10:
Here, if Apple is forced to create software in this case, other law enforcement agencies will seek similar orders to help them hack thousands of other phones, as FBI Director Comey confirmed when he said he would “of course” use the All Writs Act to “return to the courts in future cases to demand that Apple and other private companies assist . . . in unlocking secure devices.”
Apple is set to head to court next week and we’ll bring you updates then. As of now, the company has garnered support in the form of a ruling by Judge Orenstein of New York in a similar (though different) iPhone unlocking case. Orenstein also believes that the All Writs Act is too broad, and needs hard limits when applied. A host of other tech companies have backed Apple’s play and even former heads of the NSA and Homeland Security have stepped in on Apple’s side.
Many of those experts – like former U.S. counterterrorism official and presidential security advisor Richard A. Clarke — note that the FBI could very likely simply reach out to the NSA for assistance in unlocking the phone. But it has not, which makes this more about setting a precedent than it does getting into an iPhone which the FBI even admits may not hold anything relevant.