Apple told a U.S. District Court judge in a brief this week that it is "impossible" for it to assist in unlocking most iPhones.
Apple was ordered to assist in a search warrant issued by the court, the brief posted by the Wall Street Journal stated. Apple's comments were issued in response to the court asking the company on "whether the assistance the government seeks from Apple is technically feasible."
In this Sept. 11, 2013, file photo, an Apple employee, right, instructs a journalist on the use of the fingerprint scanner technology built into the company's iPhone 5S during a media event in Beijing. (AP/Ng Han Guan)
"For devices running iOS 8 or higher, Apple would not have the technical ability to do what the government requests—take possession of a password protected device from the government and extract unencrypted use data from that device for the government," Apple stated. "Among the security features in iOS 8 is a feature that prevents anyone without the device’s passcode from accessing the device’s encrypted data. This includes Apple."
Overall, Apple said that 90 percent of its devices are running on iOS 8 or higher. It could, however, "extract certain categories of unencrypted data from a passcode locked iOS device" on these other 10 percent using older operating systems, which includes the phone involved in this case running iOS 7.
It makes some other stipulations though.
"Whether the extraction can be performed successfully depends on the device itself, and whether it is in good working order," Apple said. "As a general matter, however, certain user-generated active files on an iOS device that are contained in Apple’s native apps can be extracted. Apple cannot, however, extract email, calendar entries, or any third-party app data."
As for the burden performing such a task would place on the company, if the device were in acceptable working order Apple said it should not be a "a substantial financial or resource burden." Where it does become burdensome is when the number of these requests for data from the government increases.
"Each extraction diverts man hours and hardware and software from Apple’s normal business operations," the brief stated.
Apple took this opportunity to also address the issue of the government's request for data as it pertains to user privacy as well.
"[P]ublic sensitivity to issues regarding digital privacy and security is at an unprecedented level," it said. "This is true not only with respect to illegal hacking by criminals but also in the area of government access—both disclosed and covert. Apple has taken a leadership role in the protection of its customers’ personal data against any form of improper access. Forcing Apple to extract data in this case, absent clear legal authority to do so, could threaten the trust between Apple and its customers and substantially tarnish the Apple brand. This reputational harm could have a longer term economic impact beyond the mere cost of performing the single extraction at issue."
According to Reuters, a hearing for this case is scheduled for Thursday.
The law the government is leaning on to obtain such data in this and other similar cases is the All Writs Act, a statute dating back to 1789. The Electronic Frontier Foundation, an organization devoted to protecting digital privacy rights, said last week that the All Writs Act "is not a backdoor to bypass other laws":
The government cannot impose an unreasonable burden on Apple, and it cannot violate the Constitution. If the government truly wanted Apple to decrypt a phone running iOS 8 or later, it would blow past these boundaries. First, unless Apple is lying about how its system is engineered, it simply can’t grant access to the data on a locked phone—not by reflashing the operating system, and not by pushing a backdoored software update—because it’s locked. That should be the end of it. But if Apple in fact has this capacity, or if the government instead tried to require it to prospectively reengineer the operating system on an unlocked device, All Writs is not the means to do so.
Reengineering iOS and breaking any number of Apple’s promises to its customers is the definition of an unreasonable burden. As the Ninth Circuit put it in a case interpreting technical assistance in a different context, private companies' obligations to assist the government have “not extended to circumstances in which there is a complete disruption of a service they offer to a customer as part of their business.” What’s more, such an order would be unconstitutional. Code is speech, and forcing Apple to push backdoored updates would constitute “compelled speech” in violation of the First Amendment. It would raise Fourth and Fifth Amendment issues as well. Most important, Apple’s choice to offer device encryption controlled entirely by the user is both entirely legal and in line with the expert consensus on security best practices. It would be extremely wrong-headed for Congress to require third-party access to encrypted devices, but unless it does, Apple can’t be forced to do so under the All Writs Act.
At the WSJD event this week, Apple CEO Tim Cook said the company considers "encryption is a must in today's world" and also said "no back door is a must." The government has been pressing companies with encryption to create backdoors for law enforcement purposes.
(H/T: Wall Street Journal)