Topics

Sunday, February 28, 2016

We Read Apple’s 65-Page Filing Calling B.S. On The D.O.J., So You Don’t Have To

Apple didn’t need to reply until tomorrow, but has now released its Motion to Vacate the magistrate judge’s order from last week, compelling Apple to create a new operating system that undermines a couple of key security features, so that the FBI could then brute force the passcode on Syed Farook’s work iPhone. It’s clearly a bit of a rush job as there are a few typos (and things like incorrect page numbers in the table of contents). However, it’s not too surprising to see the crux of Apple’s argument. In summary:
  • The 1789 All Writs Act doesn’t apply at all to this situation for a whole long list of reasons that most of this filing will explain.
  • Even if it does, the order is an unconstitutional violation of the First Amendment (freedom of expression) and the Fifth Amendment (due process).
I really do recommend reading the 65-page filing (it goes fast!). But on the assumption that you have more of a life than we do, let’s dig in and detail what Apple’s argument is. The brief is quite well written (other than the typos) and makes the issues pretty clear:
This is not a case about one isolated iPhone. Rather, this case is about the Department of Justice and the FBI seeking through the courts a dangerous power that Congress and the American people have withheld: the ability to force companies like Apple to undermine the basic security and privacy interests of hundreds of millions of individuals around the globe. The government demands that Apple create a back door to defeat the encryption on the iPhone, making its users’ most confidential and personal information vulnerable to hackers, identity thieves, hostile foreign agents, and unwarranted government surveillance. The All Writs Act, first enacted in 1789 and on which the government bases its entire case, “does not give the district court a roving commission” to conscript and commandeer Apple in this manner. Plum Creek Lumber Co. v. Hutton, 608 F.2d 1283, 1289 (9th Cir. 1979). In fact, no court has ever authorized what the government now seeks, no law supports such unlimited and sweeping use of the judicial process, and the Constitution forbids it.
The motion also notes the importance of strong encryption in keeping people safe and secure:
Since the dawn of the computer age, there have been malicious people dedicated to breaching security and stealing stored personal information. Indeed, the government itself falls victim to hackers, cyber-criminals, and foreign agents on a regular basis, most famously when foreign hackers breached Office of Personnel Management databases and gained access to personnel records, affecting over 22 million current and former federal workers and family members. In the face of this daily siege, Apple is dedicated to enhancing the security of its devices, so that when customers use an iPhone, they can feel confident that their most private personal information—financial records and credit card information, health information, location data, calendars, personal and political beliefs, family photographs, information about their children—will be safe and secure. To this end, Apple uses encryption to protect its customers from cyber-attack and works hard to improve security with every software release because the threats are becoming more frequent and sophisticated. Beginning with iOS 8, Apple added additional security features that incorporate the passcode into the encryption system. It is these protections that the government now seeks to roll back by judicial decree.
And the filing makes it clear that the government is lying in claiming that this is all just about this phone:
The government says: “Just this once” and “Just this phone.” But the government knows those statements are not true; indeed the government has filed multiple other applications for similar orders, some of which are pending in other courts.2 And as news of this Court’s order broke last week, state and local officials publicly declared their intent to use the proposed operating system to open hundreds of other seized devices—in cases having nothing to do with terrorism. If this order is permitted to stand, it will only be a matter of days before some other prosecutor, in some other important case, before some other judge, seeks a similar order using this case as precedent. Once the floodgates open, they cannot be closed, and the device security that Apple has worked so tirelessly to achieve will be unwound without so much as a congressional vote. As Tim Cook, Apple’s CEO, recently noted: “Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks—from restaurants and banks to stores and homes. No reasonable person would find that acceptable.”
There’s a footnote in the middle of that which points to Manhattan DA Cyrus Vance already talking about why he supports the FBI, and how he has 155 to 160 phones that he wants to force Apple to help unlock.
Apple also details how accepting the government’s interpretation of the All Writs Act here could easily extend in absolutely crazy ways:
Finally, given the government’s boundless interpretation of the All Writs Act, it is hard to conceive of any limits on the orders the government could obtain in the future. For example, if Apple can be forced to write code in this case to bypass security features and create new accessibility, what is to stop the government from demanding that Apple write code to turn on the microphone in aid of government surveillance, activate the video camera, surreptitiously record conversations, or turn on location services to track the phone’s user? Nothing.
Apple also doesn’t pull any punches on how the FBI itself messed things up:
Unfortunately, the FBI, without consulting Apple or reviewing its public guidance regarding iOS, changed the iCloud password associated with one of the attacker’s accounts, foreclosing the possibility of the phone initiating an automatic iCloud back-up of its data to a known Wi-Fi network… which could have obviated the need to unlock the phone and thus for the extraordinary order the government now seeks.21 Had the FBI consulted Apple first, this litigation may not have been necessary.
Apple’s filing also does a good job debunking the DOJ’s ridiculous “this is no burden, because it’s just software and Apple writes software” argument:
The compromised operating system that the government demands would require significant resources and effort to develop. Although it is difficult to estimate, because it has never been done before, the design, creation, validation, and deployment of the software likely would necessitate six to ten Apple engineers and employees dedicating a very substantial portion of their time for a minimum of two weeks, and likely as many as four weeks…. Members of the team would include engineers from Apple’s core operating system group, a quality assurance engineer, a project manager, and either a document writer or a tool writer…. No operating system currently exists that can accomplish what the government wants, and any effort to create one will require that Apple write new code, not just disable existing code functionality…. Rather, Apple will need to design and implement untested functionality in order to allow the capability to enter passcodes into the device electronically in the manner that the government describes…. In addition, Apple would need to either develop and prepare detailed documentation for the above protocol to enable the FBI to build a brute-force tool that is able to interface with the device to input passcode attempts, or design, develop and prepare documentation for such a tool itself…. Further, if the tool is utilized remotely (rather than at a secure Apple facility), Apple will also have to develop procedures to encrypt, validate, and input into the device communications from the FBI…. This entire development process would need to be logged and recorded in case Apple’s methodology is ever questioned, for example in court by a defense lawyer for anyone charged in relation to the crime….
Once created, the operating system would need to go through Apple’s quality assurance and security testing process…. Apple’s software ecosystem is incredibly complicated, and changing one feature of an operating system often has ancillary or unanticipated consequences…. Thus, quality assurance and security testing would require that the new operating system be tested on multiple devices and validated before being deployed…. Apple would have to undertake additional testing efforts to confirm and validate that running this newly developed operating system to bypass the device’s security features will not inadvertently destroy or alter any user data…. To the extent problems are identified (which is almost always the case), solutions would need to be developed and re-coded, and testing would begin anew…. As with the development process, the entire quality assurance and security testing process would need to be logged, recorded, and preserved…. Once the new custom operating system is created and validated, it would need to be deployed on to the subject device, which would need to be done at an Apple facility…. And if the new operating system has to be destroyed and recreated each time a new order is issued, the burden will multiply.
From there we dig into the meat of the filing: that the All Writs Act doesn’t apply.
The All Writs Act (or the “Act”) does not provide the judiciary with the boundless and unbridled power the government asks this Court to exercise. The Act is intended to enable the federal courts to fill in gaps in the law so they can exercise the authority they already possess by virtue of the express powers granted to them by the Constitution and Congress; it does not grant the courts free-wheeling authority to change the substantive law, resolve policy disputes, or exercise new powers that Congress has not afforded them. Accordingly, the Ninth Circuit has squarely rejected the notion that “the district court has such wide-ranging inherent powers that it can impose a duty on a private party when Congress has failed to impose one. To so rule would be to usurp the legislative function and to improperly extend the limited federal court jurisdiction.”
Congress has never authorized judges to compel innocent third parties to provide decryption services to the FBI. Indeed, Congress has expressly withheld that authority in other contexts, and this issue is currently the subject of a raging national policy debate among members of Congress, the President, the FBI Director, and state and local prosecutors. Moreover, federal courts themselves have never recognized an inherent authority to order non-parties to become de facto government agents in ongoing criminal investigations. Because the Order is not grounded in any duly enacted rule or statute, and goes well beyond the very limited powers afforded by Article III of the Constitution and the All Writs Act, it must be vacated.
In short, Apple is leaning heavily on the idea that CALEA pre-empts the All Writs Act here, and that CALEA explicitly says that companies can’t be forced into helping to decrypt encrypted content. Beyond that, Apple is claiming that it’s “too far removed” from the case for the All Writs Act to apply and mocks the idea (put forth by the DOJ) that because Apple licenses its software instead of selling it, that makes it okay:
Apple is no more connected to this phone than General Motors is to a company car used by a fraudster on his daily commute. Moreover, that Apple’s software is “licensed, not sold,”…, is “a total red herring,” as Judge Orenstein already concluded…. A licensing agreement no more connects Apple to the underlying events than a sale. The license does not permit Apple to invade or control the private data of its customers. It merely limits customers’ use and redistribution of Apple’s software. Indeed, the government’s position has no limits and, if accepted, would eviscerate the “remoteness” factor entirely, as any company that offers products or services to consumers could be conscripted to assist with an investigation, no matter how attenuated their connection to the criminal activity. This is not, and never has been, the law.
From there, Apple attacks the argument that there is no undue burden on Apple if it’s forced to build this system, which Apple calls GovtOS. It starts out by noting that the idea that Apple can just create the software for this one phone and delete it appears nonsensical when put in context:
Moreover, the government’s flawed suggestion to delete the program and erase every trace of the activity would not lessen the burden, it would actually increase it since there are hundreds of demands to create and utilize the software waiting in the wings….. If Apple creates new software to open a back door, other federal and state prosecutors—and other governments and agencies—will repeatedly seek orders compelling Apple to use the software to open the back door for tens of thousands of iPhones. Indeed, Manhattan District Attorney Cyrus Vance, Jr., has made clear that the federal and state governments want access to every phone in a criminal investigation…. [Charlie Rose, Television Interview of Cyrus Vance (Feb. 18, 2016)] (Vance stating “absolutely” that he “want[s] access to all those phones that [he thinks] are crucial in a criminal proceeding”). This enormously intrusive burden—building everything up and tearing it down for each demand by law enforcement—lacks any support in the cases relied on by the government, nor do such cases exist.
The alternative—keeping and maintaining the compromised operating system and everything related to it—imposes a different but no less significant burden, i.e., forcing Apple to take on the task of unfailingly securing against disclosure or misappropriation the development and testing environments, equipment, codebase, documentation, and any other materials relating to the compromised operating system…. Given the millions of iPhones in use and the value of the data on them, criminals, terrorists, and hackers will no doubt view the code as a major prize and can be expected to go to considerable lengths to steal it, risking the security, safety, and privacy of customers whose lives are chronicled on their phones. Indeed, as the Supreme Court has recognized, “[t]he term ‘cell phone’ is itself misleading shorthand; . . . these devices are in fact minicomputers” that “could just as easily be called cameras, video players, rolodexes, calendars, tape recorders, libraries, diaries, albums, televisions, maps, or newspapers.”…By forcing Apple to write code to compromise its encryption defenses, the Order would impose substantial burdens not just on Apple, but on the public at large. And in the meantime, nimble and technologically savvy criminals will continue to use other encryption technologies, while the law-abiding public endures these threats to their security and personal liberties—an especially perverse form of unilateral disarmament in the war on terror and crime.
That last point is key. Criminals will still use other forms of encryption, while forcing Apple to do this harms everyone else by putting them more at risk.
Here Apple goes even deeper in questioning what are the limits to the All Writs Act:
For example, under the same legal theories advocated by the government here, the government could argue that it should be permitted to force citizens to do all manner of things “necessary” to assist it in enforcing the laws, like compelling a pharmaceutical company against its will to produce drugs needed to carry out a lethal injection in furtherance of a lawfully issued death warrant, or requiring a journalist to plant a false story in order to help lure out a fugitive, or forcing a software company to insert malicious code in its autoupdate process that makes it easier for the government to conduct court-ordered surveillance.
Next, Apple calls bulls**t on the DOJ’s claim that it absolutely needs Apple’s help here. First, the FBI messed things up with the whole resetting iCloud password thing, and then what about the NSA? Why can’t the NSA just hack in? That’s what the following is saying in a more legalistic way:
… the government has failed to demonstrate that the requested order was absolutely necessary to effectuate the search warrant, including that it exhausted all other avenues for recovering information. Indeed, the FBI foreclosed one such avenue when, without consulting Apple or reviewing its public guidance regarding iOS, the government changed the iCloud password associated with an attacker’s account, thereby preventing the phone from initiating an automatic iCloud back-up…. Moreover, the government has not made any showing that it sought or received technical assistance from other federal agencies with expertise in digital forensics, which assistance might obviate the need to conscript Apple to create the back door it now seeks. See… (Judge Orenstein asking the government “to make a representation for purposes of the All Writs Act” as to whether the “entire Government,” including the “intelligence community,” did or did not have the capability to decrypt an iPhone, and the government responding that “federal prosecutors don’t have an obligation to consult the intelligence community in order to investigate crime”).
From there, we move onto the Constitutional arguments, which the court might not even address if it decides the All Writs Act doesn’t apply. But, here, Apple starts with the First Amendment concerns of “compelled” speech.
Under well-settled law, computer code is treated as speech within the meaning of the First Amendment…. The Supreme Court has made clear that where, as here, the government seeks to compel speech, such action triggers First Amendment protections….. Compelled speech is a content-based restriction subject to exacting scrutiny… and so may only be upheld if it is narrowly tailored to obtain a compelling state interest….
The government cannot meet this standard here. Apple does not question the government’s legitimate and worthy interest in investigating and prosecuting terrorists, but here the government has produced nothing more than speculation that this iPhone might contain potentially relevant information… It is well known that terrorists and other criminals use highly sophisticated encryption techniques and readily available software applications, making it likely that any information on the phone lies behind several other layers of non-Apple encryption….
This argument feels a bit weakly supported. Then there’s the Fifth Amendment argument, concerning due process:
In addition to violating the First Amendment, the government’s requested order, by conscripting a private party with an extraordinarily attenuated connection to the crime to do the government’s bidding in a way that is statutorily unauthorized, highly burdensome, and contrary to the party’s core principles, violates Apple’s substantive due process right to be free from “‘arbitrary deprivation of [its] liberty by government.’”
Again, this feels a bit weakly developed, but not surprisingly so. Apple is betting heavily that its main argument, concerning the All Writs Act not applying, will win the day (which seems to have a strong likelihood of being true). The Constitutional arguments are just being thrown in there so that they’re in the case at this stage, and can then be raised on appeal, should it get to that level.
I imagine the DOJ will respond to this before long as well, so stay tuned (we certainly will).

No comments:

Post a Comment