By Shuyang Li, Meghan Pfeifer, Andrew Russell, and Zach Waterson
It has been a showdown for the ages: Apple, the most valuable company in the world, stands in the way of an FBI terrorist investigation. What an incredible marketing ploy! Or so it would seem, at least. Today’s debate surrounding encryption is often positioned around specific situations in an attempt to make the conflict easier to understand for outside parties. Indeed, in the national polls used to gauge the degree of support Apple has in its case against the FBI, the following question was posed by Pew:
“As you may know, the FBI has said that accessing the iPhone is an important part of their ongoing investigation into the San Bernardino attacks while Apple has said that unlocking the iPhone could compromise the security of other users’ information.
Do you think Apple:
(1) Should unlock the iPhone
(2) Should not unlock the iPhone?”
This is a biased framing of the debate, for the conflict at heart is far larger than that of a single phone. To recognize why, it is important to have a working understanding of the underpinnings of encryption and how it protects information.
Encryption is an umbrella term for how we keep all our data and communications secure and private in the digital age. It is similar to how militaries used secret codes and machines to secure their communications from their enemies in the past, but in the modern era, it is far more ubiquitous: all major online service providers and device manufacturers now adopt some encryption scheme. When you browse Facebook, your Facebook feed is encrypted, so nobody can snoop on your friends’ updates; when you send an iMessage on your iPhone, your message is encrypted, so no one can read your messages; when you transfer money between bank accounts, your instruction is encrypted too, so hackers cannot modify your instructions to move your money to their accounts.
Another important property of encryption is that all secure encryption algorithms today are based on mathematical principles and can be performed by any computer instead of specially designed machines. This means that it is not possible to weaken the algorithm for just one device or one service: for encryption algorithms to work, every computer must agree on how they can decrypt the code and understand the actual message, otherwise it is impossible to communicate at all. It works exactly like mathematics: we cannot say that 1+1 equals 2 on these devices but equals 3 on this one specific device.
Now that the concept of encryption has been introduced, one can turn to the conflict between Apple and the FBI and evaluate it within a larger context. All iPhones encrypt the data stored on the device using the passcode of the phone as a secret key. Without the passcode, it is impossible (practically speaking) to access the data. So, the FBI is asking Apple to build a custom version of its iPhone software, known as iOS, that has weakened security restrictions, allowing the FBI to guess the passcode of the phone at an artificially accelerated rate without consequence. Apple has multiple objections to this request, but one of its greatest fears is that this custom version of iOS, which it calls GovtOS, could escape into the wild. If that happens, then anyone who steals an iPhone can load GovtOS onto that phone, enabling it to be hacked using the same tool that the FBI wants for itself. No such tool currently exists. The security of the iPhone, which protects user information such as passwords, payment information, and personal data, would be compromised, and users could no longer trust the iPhone to serve as the nexus of their digital lives.
This is the fundamental issue with requests to weaken encryption “only for the good guys:” encryption works by taking advantage of fundamental mathematical principles to obscure data, and one cannot weaken the principles of encryption without compromising them equally for all parties. There is no way to ensure that, if Apple were to secretly build a backdoor for the government to use to unlock iPhones, that only the government would use it. A hole in security is open for both good and evil, and opening a hole should be done with the knowledge that such holes make hacking by criminals easier as well. In an age where hackers already compromise companies and users regularly, is it responsible to make it even easier to hack into personal information?
Unlocking iPhones for the FBI would accomplish nothing more than the weakening of American-designed phones. Criminals and terrorists will still find a way to encrypt their information and communications by purchasing different phones or services (or building their own) that provide stronger encryption. Weakening customer-level encryption would only further increase the risk that your personal information is hacked, which is irresponsible and near-sighted. Imagine a world in which you cannot be sure that your digital information is secure; the implications for the future of technology are outrageous. There are better ways to defend national security; compromising the security of every iPhone user should not be one of them.
Zach's Ethics Blog 