Apple's legal battle with the FBI over iPhone encryption continues: A federal magistrate, at the FBI's request, has ordered the tech giant to write software to help investigators circumvent iPhone security features to access a phone used by one of the San Bernardino shooters. Apple is fighting the order, calling it dangerous, illegal and unconstitutional.
Today was the deadline for amicus briefs, or "friend of the court" filings in the case.
Relatives of some of the victims of the San Bernardino shooting, meanwhile, have filed to support the federal government's position. Several law enforcement associations also oppose Apple, according to the Department of Justice.
The briefs filed on behalf of Apple (which have been shared by the company) reveal a wide swath of concerns affected by the question of smartphone security.
Here's a sampling:
International human rights and technology nonprofit Access Now, along with Wickr Foundation, a nonprofit group affiliated with the messaging app Wickr, looked at the international implications, particularly the risk for dissidents facing oppressive governments:
"Deliberately compromised digital security would undermine human rights around the globe. Pursuant to international law, the United States has a duty to foster basic human rights such as freedom of expression and privacy. The assistance sought by the government not only diminishes the commitment of the United States to uphold those fundamental rights in the digital age, but also keeps Apple from fulfilling its own responsibilities to respect the human rights of users.
"Technology and connectivity have empowered millions around the world to demand social and political change — but criminals and authoritarian regimes exploit the same technology to identify and persecute protesters, democracy activists, bloggers and journalists. In some countries, reliable security tools such as encryption can be the difference between life and death. The relief sought by the government endangers people globally who depend on robust digital security for their physical safety and wellbeing."
A group of individual security experts, represented by lawyers from the Stanford Law School Center for Internet and Society, described what they saw as a threat to public safety. The group — including Stanford cryptography professor Dan Boneh, independent researcher (and former NSA employee) Charlie Miller, and security expert Bruce Schneier, among others — described a practical risk (the technology could be used on other phones), a future risk (a precedent set for risky cybersecurity bypasses) and damage to public trust in software updates.
The last item, they said, represented a concrete threat — not just a change in feelings:
"Regular, silent, automatic updates are crucial for software security. The belief that such an update could be spyware that a company was forced by the government to sign and distribute might lead people to turn off automatic updates. This would render software patches less effective and the general public less secure."
The American Civil Liberties Union highlighted the rights of Americans and what it identified as disproportionate impact on the poor:
"While the government can in some circumstances require private parties to support law-enforcement investigations--for example, by requiring them to produce relevant evidence or give truthful testimony--the government does not hold the general power to enlist private third parties as its investigative agents to seek out information they do not possess or control. In other words, law enforcement may not commandeer innocent third parties into becoming its undercover agents, its spies, or its hackers. ...
"If the government prevails, then this case will be the first of many requiring companies to degrade the security and to undermine the trust in their products so essential to privacy in the digital age. For the many users who rely on digital devices to secure their information and communications, including members of vulnerable populations who rely on mobile devices to access the Internet, this burden would be severe."
A coalition of Internet-centric companies — including Airbnb, eBay, reddit and Twitter — got a little philosophical, arguing that the FBI's request "threatens the core principles of privacy, security, and transparency that underlie the fabric of the Internet."
Questions of privacy are personal, their filing says:
"An ever growing range of services delivered to devices as diverse as mobile phones, tablets, computers, appliances, and cars have become an increasingly important and integral part of our daily lives, in ways that could never have been envisioned as recently as five or ten years ago. These services provide the ability to communicate with friends, family, colleagues, external advisers and the world at large; to share and read live news from around the world or in-depth works of commentary and expression; and to engage in commerce whether shopping online, starting a business, or planning your next vacation or tonight's dinner. In sum, today the devices and the software that power them touch every aspect of our lives."
A group of trade associations from the tech industry objected that the government's demand would "effectively dictate product design" — not just affecting users' security immediately but laying the groundwork for altered products well into the future.
That could be bad for users, if privacy is weakened — and bad for law enforcement, the associations suggest, if companies are pushed into an arms race to try to make ever more impossible-to-unlock devices.
ACT/The App Association, which represents software companies, focused on the burdens the government's request would place on developers.
It also made an argument that will be familiar to anyone who has groaned in frustration after installing a brand-new software update:
"[T]he Government's position borders on the absurd in the context of software development. Not only are the burdens imposed extraordinary (i.e., diverting resources from company's actual business to being a tool of government), but the goals the Government seeks to achieve are far from assured. As any computer user knows, many software patches, which are far more basic than what the Government seeks to compel here, fail to fix problems, make other things worse, or simply necessitate more patches."
On the other side of the question, attorney Stephen Larson who represents some family members of some of the victims killed in San Bernardino sided with the FBI, saying the phone could reveal a possible accomplice. The Los Angeles Times reports:
"The 41-page amicus brief includes a letter from Mark Sandfeur, whose son was slain in the conference room where Syed Rizwan Farook and Tashfeen Malik opened fire on Dec. 2, 2015.
" 'Recovery of information from the iPhone in question may not lead to anything new. But, what if there is evidence pointing to a third shooter? What if it leads to an unknown terrorist cell?" Sanfeur wrote in a letter to Apple Inc. Chief Executive Tim Cook that was included in the brief. 'What if others are attacked, and you and I did nothing to prevent it?' "