Fallout from Apple’s Battle on Digital Privacy Could Impact P.R.
SAN JUAN — The wave of terrorist attacks last year, like the ones in Paris and in San Bernardino, California, have brought to light that terrorists are using the same secure digital communications used by regular people to shop or speak with family online, to disguise their illicit activities.
This situation has raised a challenge on how to reconcile the right to privacy and security of citizens and law enforcement’s obligation to protect national security, a situation that could also impact Puerto Rico.
The Federal Bureau of Investigation (FBI) recently compelled Apple to assist in unlocking an iPhone belonging to Syed Farook, one of the shooters in the San Bernardino workplace violence incident that left 14 dead.
Apple is fighting a court order to assist in the case arguing that it would have to create a special software to cooperate with the FBI. It would also need to create an FBI forensics lab on site that Apple says could likely be used to unlock iPhones in the future as law enforcement officials have already indicated they would do so.
“The demand violates Apple’s First Amendment rights against compelled speech and viewpoint discrimination. Apple wrote code for its operating system that reflects Apple’s strong view about consumer security and privacy. By forcing Apple to write software that would undermine those values, the government seeks to compel Apple’s speech and to force Apple to express the government’s viewpoint on security and privacy instead of its own,” the company argues.
In response to the challenge, House Homeland Security Committee Chairman Michael McCaul (R-TX) and Sen. Mark Warner (D-VA), a member of the Senate Intelligence Committee, introduced legislation on Feb. 29 to create a national commission on security and technology challenges in the digital age. The purpose of the commission is to collectively address the larger issue of protecting national and digital security, without letting encrypted communications become a safe haven for terrorists.
Any laws enacted as a result of the analysis of the proposed congressional commission will impact Puerto Rico since federal laws are applicable to the island.
Critics of the commission say there is no way to reconcile encryption with what law enforcement wants and that the FBI is in effect asking for a “backdoor” that would undermine security. McCaul said in response that while a simple solution could be to legislate to create such a backdoor, he noted that networks are different and that there is a need to find a collaborative solution.
“The FBI does not have the capability to crack the device…. If they did, they would not be asking for help,” Warner said at a recent forum titled “Shedding Light on ‘Going Dark’: Practical Approaches to the Encryption Challenge,” by the Bipartisan Policy Center.
While there are other ways law enforcement can get the information through phone companies that can reveal the identities of the persons the terrorists contacted, McCaul said the case is not that easy.
He added that terrorists responsible for the Paris attacks used “point to point” encryption that prevents law enforcement from seeing the communication that took place.
In the case of the terrorists in San Bernardino, he said the FBI has some of the shooters’ communications because they were backed up by the cloud but officials cannot have access to the communications made after “the cloud was turned off.”
That information is in the shooter’s iPhone’s hardware, which law enforcement has been unable to crack.
Michael German, fellow at the Brennan Center for Justice’s Liberty and National Security Program in New York University School of Law, said the government has a huge amount of information on citizens so “the idea that there is data out there that the government cannot get” is not true. He added that the President’s Review Group on Intelligence & Communications noted the need to have a free and open Internet for economic growth, that the government must provide support to create encryption standards and should not weaken commercial encryption used for data on transit.