A legal battle weighing privacy rights against the government’s need to investigate terrorism came to an end Monday when the FBI said it found a way to gain access to Syed Rizwan Farook’s iPhone 5c.
The announcement may have staved off a historic court battle, but questions still linger about how the government gained access to the device and what implications the FBI’s tactics will have beyond the investigation into the San Bernardino terrorist attacks.
Q: How did the FBI get access to the data on Farook’s phone?
A: Federal prosecutors did not offer many specifics. Apple and the Department of Justice were headed for a court battle last week before federal prosecutors made an 11th-hour request for a delay, announcing that an outside group may have found a technique to hack the device.
The breakthrough came last weekend, according to an anonymous law enforcement official, who would not say how the device was hacked or what information the government found on Farook’s iPhone.
Previously, the FBI had been stonewalled by an update Apple made to its encryption practices in September 2014. Farook had enabled an auto-erase feature that would permanently delete all data on the phone after 10 consecutive failed attempts to enter the device’s password.
Data on the phone would be scrambled unless a correct password was entered, and Apple has repeatedly said it would need to create technology to defeat that encryption. Farook intentionally disabled the phone’s iCloud backup feature six weeks before the Dec. 2 attacks, according to court documents.
Q: Is the government required to say how it gained access to the phone?
A: The FBI is under no obligation to tell the public how it defeated Apple’s security measures, but the agency could be required to tell the company if the government exploited a defect in the company’s security protocols in order to gain access.
The policy that governs such disclosures is known as the “Vulnerabilities Equities Process,” according to Andrew Crocker, a staff attorney with the Electronic Frontier Foundation, a digital rights advocacy group. The EFF sued to make the 13-page policy public in 2014 and won access to the document earlier this year.
Crocker said the policy is weighted toward disclosure, but the government has successfully fought to keep such details secret before.
Q: What does this mean for other locked phones in police custody around the country?
A: Local law enforcement leaders have said encrypted data can serve as a roadblock in a wide range of investigations, and have called on Silicon Valley to create back channels that would provide police access to smartphones when necessary. Tech companies have scoffed at the idea, claiming the creation of a so-called “back door” would jeopardize the security of millions of customers who are not the target of a police investigation.
It is difficult to say what, if any, effect the breakthrough will have on local law enforcement investigations, but Monday’s news was concerning to some civil liberties experts.
“It’s likely that the FBI can and will just share its security hack with other federal, state and local agencies that want to crack iPhones, allowing law enforcement across the country to bypass Apple’s security even for routine criminal case,” Peter Bibring, the director of police practices for the American Civil Liberties Union of Southern California, said in an email. “The government has said they will continue helping state and local entities access data on mobile phones, but won’t explicitly say whether this includes the technique they’ve developed in this case.”
Q: What did the government find in Farook’s phone? What did they hope to find?
A: The FBI has not said what, if any, pertinent information was contained on Farook’s phone. Federal investigators have ruled out the idea that Farook and his wife, Tashfeen Malik, were working at the behest of a foreign terrorism nexus, but questions still linger about the planning of the attack.
The government likely now has access to six weeks of data thought lost when Farook disabled the phone’s iCloud backup. The families of some of those killed in the attacks have also said they believe the information on Farook’s phone could answer lingering questions about the possible involvement of a third shooter on Dec. 2.
It remains unclear whether the data will dramatically change the San Bernardino investigation. The FBI has already said the shooters acted alone and were “self-radicalized.” Investigators have found no evidence they were part of a larger plot.
Q: Who won, Apple or the FBI?
A: The FBI certainly gained a major investigative victory by gaining access to Farook’s phone, but in totality, the outcome might be best described as a draw.
Both sides had a lot to lose in court. A government victory could have set a precedent requiring Apple, and other tech companies, to create software in service of law enforcement investigations.
An Apple victory in court could have severely hampered future law enforcement attempts to compel tech companies to turn over user data.
Ultimately, the government got what it wanted in the San Bernardino case, and both the FBI and Apple avoided what could have been considered major defeats.
But larger questions about law enforcement’s right to access user data, and Silicon Valley’s role in aiding police investigations, remain unanswered.
Joel Rubin contributed to this report.