In the ongoing iPhone encryption battle between the Department of Justice (“DOJ”) and Apple, March 22, 2016 might have been a pivotal moment in the national discourse on digital privacy rights, encryption, and the bounds of federal investigative authority. March 22 was the day for the hearing on the competing motions surrounding the February 16, 2016 court order issued out of the United States District Court for the Central District of California requiring Apple to provide “reasonable technical assistance” to the government in recovering encrypted data from the iPhone 5C used by San Bernardino shooter Syed Farook. That hearing did not go forward, however, after the DOJ requested the hearing be postponed; the DOJ told the Court that “[o]n Sunday, March 20, 2016, an outside party demonstrated to the FBI a possible method for unlocking [terrorist Syed] Farook’s iPhone.” But the postponement only raises more questions. Is there some other motivation to postpone the hearing and avoid a judicial determination? What method is the FBI considering and why wasn’t it considered before?
Following Magistrate Judge Sheri Pym’s order compelling Apple’s assistance in accessing encrypted data on Farook’s iPhone – and in light of Apple’s very public resistance to rendering such aid – both the DOJ and Apple filed competing motions with court. Where the DOJ argued that the All Writs Act (the “Act”) gave the Court sufficient authority to order Apple’s compliance, Apple responded that the creation of new code and compromising of its own security and the security of its customers’ data (among other factors) put the request beyond the scope of the Act. One critical element of the DOJ’s request for judicial intervention under the All Writs Act is that it will likely need to demonstrate that there is no other way to get around the encryption except for the requested order. It is possible that the method the FBI learned of on March 20 would be sufficient justification for the Court to deny the DOJ’s motion and refuse to order Apple’s cooperation.
The DOJ has an interest in avoiding setting additional legal precedent that weighs against using the Act to force Apple to unlock seized iPhones. On Monday, February 29, 2016, another United States Magistrate Judge, in a different federal court (Magistrate Judge James Orenstein, in the Eastern District of New York) issued a Memorandum and Order denying a very similar request by the FBI, under the Act, to force Apple to bypass the passcode security on an iPhone 5S belonging to a drug trafficking suspect. Judge Orenstein held that the Act does not give the government the right to “conscript and commandeer” Apple to write a new operating system that would bypass the passcode encryption. Judge Orenstein emphasized that “[h]ow best to balance [the competing interests of commerce, the government’s interest in ensuring that no door is too strong to resist lawful entry, and individuals’ reasonable expectations of privacy] is a matter of critical importance to our society. . . [is a debate that] must happen today, and must take place among legislators who are equipped to consider the technological and cultural realities of a world their predecessors could not begin to conceive.” The DOJ did not discuss any of these things in their request to postpone; observers are left to wonder if there is a greater policy consideration behind the DOJ’s position. For now, there remains a prospective split in authority between federal district courts in New York and California.
The remaining question is much more granular, though no less important. What exactly is the method that the FBI has latched on to as a possible alternative to the remedies they sought under the Act? Early evidence indicates that the FBI entered into a $15,000.00 contract with Israeli mobile software developer Cellebrite. The evidence of the contract does not elaborate on the specific service being rendered. However, speculation within the tech community puts the most likely candidate for this alternate method as “NAND mirroring”. The process is outlined in detail in a March 7 blog by the ACLU. According to reports, while potentially destructive and not without risk to the integrity of the data, the iPhone 5C does have a hardware architecture that would allow for this approach. NAND mirroring does require physical possession of a specific device and has to be done on a per-device basis.
While these specific matters are being decided by the courts, the legislative discussion will move forward as well. One would hope that a fully-informed debate of the competing values will result in a more comprehensive statutory resolution outlining the rights and responsibilities of the affected stakeholders. In the meantime, the world will wait until April 5 to see if the FBI chooses to drops its request for Apple’s assistance, or if the dispute will require appellate court resolution.