Government Not Obliged to Disclose iPhone Crack Method
Apple’s legal battle against the government ended abruptly yesterday when the FBI gained access to the iPhone 5c used by one of the San Bernardino shooters. As a result, neither Apple’s assistance nor GovtOS are now required. At this point it is unknown whether the crack was done by Cellebrite, but earlier reports pointed to the Israeli firm as the FBI’s mobile forensic partner.
Following the court filing that essentially ended the legal battle between the iPhone maker and the FBI, Apple issued a statement (via The Verge):
From the beginning, we objected to the FBI’s demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government’s dismissal, neither of these occurred. This case should never have been brought.
We will continue to help law enforcement with their investigations, as we have done all along, and we will continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated.
Apple believes deeply that people in the United States and around the world deserve data protection, security and privacy. Sacrificing one for the other only puts people and countries at greater risk.
This case raised issues which deserve a national conversation about our civil liberties, and our collective security and privacy. Apple remains committed to participating in that discussion.
Since the FBI was able to crack open the iPhone, this means there is a flaw a forensic expert was able to exploit, so the next question would be, whether the government would disclose the method used to access the locked device.
An anonymous law enforcement official told Ars Technica that the US government would not comment on the matter.
“We cannot comment on the possibility of future disclosures to Apple,” the law enforcement official said in response to a question from Ars. Just a week ago, Apple told reporters in a conference call that it would insist in court on knowing everything about the vulnerability.
The official’s remarks counterbalance a statement from the White House Cybersecurity Coordinator Michael Daniel, who said in 2014 that, in limited circumstances, authorities would disclose vulnerabilities. This is known as the Vulnerabilities Equities Process.
When asked whether Apple has the legal right to know the method, Ahmed Ghappour, a UC Hastings College of the Law professor, told Ars: “I’m not aware of any legal obligation to reveal that information to Apple. I can’t think of one,” he added.
Overall, this could be an important test for the government’s disclosure policy. What do you think? Will the government disclose the flaw to Apple?