Search warrant ruling could blow hole in cellphone privacy
Ruling in sealed federal case provides slight glimpse at government legal tactics.
Privacy advocates cheered when Apple announced last month that an updated encryption scheme would disallow Apple from bypassing user passcodes at the request of law enforcement officials armed with search warrants.
Now, the Justice Department is fighting back against these updates, and they’re using an ancient tactic to do it.
The Wall Street Journal explains:
That technological shift prompted tense private meetings this fall between Apple and Justice Department lawyers…
Amid that standoff, the government on Oct. 10 obtained a search warrant to examine the contents of the phone in the credit-card case. The phone was locked, so prosecutors asked U.S. Magistrate Judge Gabriel Gorenstein to order the manufacturer to unlock it. They cited the All Writs Act, originally part of a 1789 law that gives courts broad authority to carry out their duties.
Judge Gorenstein agreed. “It is appropriate to order the manufacturer here to attempt to unlock the cellphone so that the warrant may be executed as originally contemplated,” he wrote on Oct. 31. The judge gave the manufacturer, referred to only as “[XXX], Inc.,” five business days after receiving the order to protest.
Much remains unknown, including the maker of the phone, and what happened next. The language of the opinion suggests it could apply to a company like Apple. The order is directed at the “manufacturer of the cellphone,” and Apple is one of the few companies that produce both the phone itself and the software that would manage the encryption.
The order (full embed at bottom of post) was signed and published by a federal magistrate; this is significant because, as the article above explains, these types of decisions don’t normally come down in a published opinion. (Magistrates usually just sign an order granting or denying a request.)
The fact that this decision is now published is a signal to other judges who may examine it that we could be looking at the development of a new legal precedent to answer evolving technology.
Jonathan Mayer of the Stanford Law School has a fantastic overview of what an All Writs order is, and the different ways they have been used to aid in surveillance (h/t Ars Technica):
“The TL;DR is that there is nothing new about using the All Writs Act to compel assistance,” Mayer told Ars by e-mail. “And there is also nothing new about using it to compel assistance with unlocking a phone. That repeated language you saw? It’s provided by Apple itself!”
“As for the opinion discounting the All Writs Act, that had to do with surveillance under the Electronic Communications Privacy Act. Where ECPA applies, the All Writs Act doesn’t. (It’s just a default, as the court rightly noted.) Phone unlocking isn’t covered by ECPA, so the All Writs Act remains in play.”
It may not be novel, but if you’re Apple, you have to be wondering how far the government is going to go to maintain their ability to execute hassle-free searches though our data. The majority of these proceedings are sealed, which means that there’s little transparency surrounding this latest development in data privacy.
IN RE ORDER Cellphone unlocking.pdf
[Featured Image: Legal Insurrection]
Donations tax deductible
to the full extent allowed by law.
I think just the opposite of AM here – Apple is likely going to be able to say to the judge “Sorry, we can’t do it” Not “won’t”, but “can’t”. And it might just get me to move from mu iPhones 4 and 5 to 6, just for this feature.
As some have pointed out here, the problem is that it is too easy for cops to do fishing expeditions when they get their hands on phones. Absent serious exigent circumstances, they should have to get warrants to view the contents of cell phones, should have to provide specifics as to what they are looking for, and be able to credibly document that they didn’t exceed such.
The problem is that much of our lives have migrated to our smart phones. Our mail, address book, records, photos, locations, etc. Much of it would have been in filing cabinets, etc in our houses in the past, and a warrant for an arrest would not have entitled the police to dig through the filing cabinet, photo albums, etc. Moreover, the cops couldn’t pretend it was an accident. But now, they grab cell phones upon arrest, then dig through them as a matter of course.
I think that what is really needed here is education of the judges, for them to understand what they are signing off on when they issue such a warrant, and that it often violates our 4th Amdt rights. Also, that they can limit their warrants to what is relevant, and tools are available to enforce this.
Don’t worry. Jeremiah Ebenezer Holder has banned profiling (once again). Encrypt your name/phone account to Jamel Smith.
I don’t understand how the phones could be encrypted so that they are are to decrypt. There are only 4 digits in an IPhone password so that’s less than 10,000 alternatives for passwords.
You could copy the data on the phone to a hard drive and replace the memory with memory that you could write to from an external device. Then just try every one of the 10k possible passwords and reload the IPhone memory when every it’s erased.
This would require some hardware, but allow them to break the encryption.
Leave a Comment