Ever since the FBI announced its plans to try to use the All Writs Act to force Apple to write new code, cryptographically sign it, and deliver it to the county government-owned phone used by the San Bernardino shooter, we at the ACLU and other privacy advocates have said that this isn’t about one phone, or even just about phones. It’s about establishing legal precedent—and a very dangerous one, at that.
Now it’s not just privacy activists and digital security experts who are raising that alarm. Earlier this week, Richard Clarke spoke with NPR about the FBI’s war against Apple. Clarke is not a member of the privacy caucus: he worked in counterterrorism for four US administrations—Reagan, Bush Sr., Clinton, and Bush Jr..
Clarke apparently isn’t impressed by the FBI’s fear-mongering in this case. He told NPR:
For nine years, I was the senior counterterrorism official in the U.S. government. And I went to bed every night worrying about terrorist attacks. Had I done enough to stop a terrorist attack that might be out there that I don’t know about? I know what the counterterrorism feels like because I was there. But I also operated within limits. And within the United States government, we’ve decided long ago that there are limits on what we’re going to do in the war against terrorism. Under the Obama administration, for example, we’ve said we’re not going to torture people. You know, we could, at the far extreme to make the FBI’s job easier, put ankle bracelets on everybody so that we’d know where everybody was all the time. That’s a ridiculous example, but my point is encryption and privacy are larger issues than fighting terrorism.
Furthermore, Clarke observes, national security officials are by no means on the same page on this issue. It’s really only the FBI that thinks this is a good idea, according to Clarke.
I think the Justice Department and the FBI are on their own here. You know, the secretary of defense has said how important encryption is when asked about this case. The National Security Agency director and three past National Security Agency directors, a former CIA director, a former Homeland Security secretary have all said that they’re much more sympathetic with Apple in this case. You really have to understand that the FBI director is exaggerating the need for this and is trying to build it up as an emotional case, organizing the families of the victims and all of that. And it’s Jim Comey and the attorney general is letting him get away with it.
Most importantly, Clarke points out that the FBI’s legal argument is based on a fundamental lie, namely that the FBI needs Apple’s assistance to get inside the phone. To the contrary, Clarke argues, the NSA could easily help the FBI break into the San Bernardino iPhone.
If I were in the job now, I would have simply told the FBI to call Fort Meade, the headquarters of the National Security Agency, and NSA would have solved this problem for them. They’re not as interested in solving the problem as they are in getting a legal precedent. Every expert I know believes that NSA could crack this phone. They want the precedent that the government can compel a computer device manufacturer to allow the government in.
The government wants to establish that it has the right to get courts to force companies to write new code, sign it with their encryption keys, and deliver it to devices so that police departments large and small can do what the NSA can do: break complex security tools. That’s exactly what’s so worrying about the FBI’s legal battle. The real reason the FBI wants this precedent is that hacking into products is expensive and time consuming, which means it can only be done in the most serious investigations. That economic check on government monitoring in the digital age is absolutely vital if we want to live in a free society—and it’s that check that the FBI seeks to destroy.
To see how the NSA or any other well-funded and technologically competent enterprise could hack into the phone on its own, check out this blog by ACLU technologist Daniel Kahn Gillmor.