Apple's New Law Enforcement Guidelines User-Protective Measures Or Cop Out? - HotHardware
Apple's New Law Enforcement Guidelines User-Protective Measures Or Cop Out?

Apple's New Law Enforcement Guidelines User-Protective Measures Or Cop Out?

Earlier this week, Apple released an updated set of legal guidelines spelling out exactly what it can and cannot access on your iDevice, what material it will turn over to the police, and under which circumstances it will surrender it. What's particularly interesting is the split response we've seen from different corners of the Internet. Everything Apple does tends to generate attention, but this particular set of announcements is getting a great deal of press -- and two very different narratives have emerged over what it means.

Some readers and authors have reacted rather poorly to news that Apple can access user information even without knowing the passcode key. As my colleague, Rob Williams covered on Thursday, some people have read Apple's admission that it will give the Feds access to certain information from a locked iOS device as tantamount to a huge breach of user security and privacy. The company will only perform these information extractions under certain conditions, and it requires that the device be identified by serial number, IMEI, and that the cops ship the product to be data mined directly to Apple at Cupertino California, but that's still seen as a blow against user rights.

I understand why some people feel this way, but I think it's the wrong way to look at the situation. The fact is, companies have always had to balance between securing user rights and obeying lawful orders to disclose certain information. Long before the Internet existed, banks were required to turn over safe deposit boxes if police had a valid warrant to search them, even if the cops didn't have a key. The Fourth Amendment was written to protect people from what were known as general warrants, which did not require the authorities to name the specific items or persons to be seized / detained.



Apple has done several things of value with this move.

It Publicly Disclosed Its Own Policies: Maybe this shouldn't be a noteworthy item, but since 9/11 the government has pulled a veil of secrecy over all actions even tangentially related to security. It has a no-fly list you can wind up on through a clerical error, but you aren't allowed to see it, challenge it, or challenge your own presence on it without going to extraordinary lengths and fighting years of court battles. Even after Snowden, we don't know which type of events or circumstances trigger the NSA to start watching a particular person. Apple has come out and given data on exactly what it will and will not do for law enforcement, and under what conditions.

Its Policies Aren't A Rollover: Federal and state law enforcement officials have often argued that a subpoena should be sufficient to compel a company to unlock a device. Apple is pushing back on that requirement by requiring a valid warrant. It's pushing back doubly hard by requiring that device be shipped to headquarters in Cupertino or presented in person by an officer of the law.

If you think about it, there's no reason Apple couldn't have a manager at every Apple Store that's allowed to interact and handle police requests with approval from corporate. Requiring that devices go to HQ is another way to discourage the police from attempting to peer into every device they come across.

It Doesn't Compromise Its Own Services: When Microsoft bought Skype, there were rumors for years that the company had a method of spying on the supposedly secure conversations. If Snowden told the truth, MS does, in fact, have precisely this ability -- and used it in the past, despite what it continued to say about its own security. Similarly, Apple could have designed its iMessage and FaceTime services to be encrypted* where the * means "Unless we really want to read it." The company didn't do this, and states that it has no capability to see such data. Similarly, we're told that third-party services (some of which may offer encryption of their own) aren't available.

There are times when the ability to access information on a phone in an emergency could be vital to saving someone's life or required by law, and Apple has allowed for those events while simultaneously taking a "Let's not make it too easy" stance. The fact that the EFF and ACLU are both praising Apple's stand on these issues is important -- both groups have leveled sustained criticism at the NSA for its various policies and called for reform of the entire surveillance structure. 
0
+ -

apple is and has been a dbag for years im just waiting to see how long its customer base will put up with and support them

+1
+ -

I appreciate the clarification. When I first saw this headline, I thought it meant that Apple could scan any connected device ANYWHERE ANYTIME. This is much different.

I applaud Apple for not only requiring the device be physically in custody, but be sent to them with a warrant. I would assume the S/N and IMEI are readable by anyone with access to the device.

How terribly quaint, requiring a warrant! Once upon a time (in the 1920's) ATT basically told the Feds or some LEO to pound sand when they asked to tap phones or pen numbers without a warrant. Now they set up their own special room for them. Probably cater, too.

Login or Register to Comment
Post a Comment
Username:   Password: