Apple has defended its policy of using strong iPhone encryption such that not even the company can gain access to the personal data stored on devices.
The company struck to its privacy guns despite the Senate Judiciary Committee chairman issuing a threat against Apple and other tech giants …
ArsTechnica reports on the Encryption and Lawful Access: Evaluating Benefits and Risks to Public Safety and Privacy hearing.
In a hearing of the Senate Judiciary Committee yesterday, while their counterparts in the House were busy with articles of impeachment, senators questioned New York District Attorney Cyrus Vance, University of Texas Professor Matt Tait, and experts from Apple and Facebook over the issue of gaining legal access to data in encrypted devices and messages. And committee chairman Sen. Lindsay Graham (R-S.C.) warned the representatives of the tech companies, “You’re gonna find a way to do this or we’re going to do it for you.”
Graham didn’t appear to understand the contradictory stance he was taking, saying on the one hand that he appreciated that “people cannot hack into my phone” while at the same time asking Apple to create a vulnerability that would inevitably be discovered by others and used to do just that.
“When they get a warrant or court order, I want the government to be able to look and find all relevant information,” Graham declared. “In American law there is no place that’s immune from inquiry if criminality is involved… I’m not about to create a safe haven for criminals where they can plan their misdeeds and store information in a place that law enforcement can never access it.”
Manhattan district attorney Cyrus Vance – a longstanding opponent of iPhone encryption – also gave evidence.
Explaining that his office’s lab gets about 1,600 devices a year as part of case evidence, Vance said, “About 82 percent are locked—it was 60 percent four years ago,” he said. “About half of those are Apple devices. Using technology, we’re able to unlock about half of the devices—so there are about 300 to 400 phones [a year] that we can’t access with the technology we have. There are many, many serious cases where we can’t access the device in the time period where it is most important.”
Apple said that it worked extensively with law enforcement.
Apple Manager of User Privacy Erik Neuenschwander responded that Apple will continue to work with law enforcement, citing the 127,000 requests from law enforcement for assistance Apple’s team—which includes former law enforcement officials—has responded to over the past seven years, in addition to thousands of emergency requests that Apple has responded to usually within 20 minutes. “We’re going to continue to work with law enforcement as we have to find ways through this,” Neuenschwander said. “We have a team of dedicated professionals that is working on a daily basis with law enforcement.”
Although he didn’t go into specifics, this likely refers to Apple granting access to iCloud backups. While Apple has no ability to access the data stored on iPhones, it does hold the keys to encrypted iCloud backups, so is able to decrypt these.
Pressed on removing strong encryption from iPhones, Neuenschwander said there was no safe way to do this.
Ultimately we believe strong encryption makes us all safer, and we haven’t found a way to provide access to users’ devices that wouldn’t weaken security for everyone.
Graham, however, persisted in his threat.
By this time next year, if you haven’t come up with a solution that we can all live with, we will impose our will on you.
Apple will be discussing the issue during a roundtable event at CES, the first time the company has appeared there since 1992.