My guest today is Marcy Wheeler, independent journalist, author and blogger as Emptywheel at emptywheel.net.
JB: Welcome to OpEdNews, Marcy. We last spoke in March of 2015. A lot has happened in the meantime. The federal government and Apple have been at odds with one another since last December's mass killings in San Bernadino, California. The feds have requested Apple's help to hack into the iPhone that the shooters left behind. Is that it, in a nutshell? Why is that such a big deal?
MW: The Feds asked Apple to write a custom operating system so the FBI could brute force (guess killer Syed Rizwan Farook's four-digit password) the phone. It' s a big deal because rather than just asking a company to reset someone's password, as other All Writs Act requests have done, DOJ asked Apple to write new code.
JB: So, they used a cudgel when they could been much less intrusive and invasive. Not a particularly smart way to go about things, but again, why is that a big deal? I'm assuming there are larger issues at work here.
MW: Right. It turns out that, all along, there was a vendor or vendors that could have accessed Farook's phone without Apple's assistance, contrary to what DOJ claimed on 19 different occasions in court filings. But rather seeking that option, DOJ used what is called the "All Writs Act," which is a 1789 law that lets courts require assistance to implement their orders. Normally, AWA orders have been used to require companies to help with information or services they already have. What was new -- and particularly scary -- about this AWA was that Apple was being asked to create something it didn't have. If the order had stood, or if DOJ obtains similar orders in secret that stand, it would have been a way DOJ could have used the courts to obligate tech companies to modify their products in ways not otherwise required by law.
JB: The telecoms have long been suspected of aiding and abetting the government's ravenous appetite for surveillance - of terrorists, of activists, just plain citizens, minding their own business. Are we on a slippery slope regarding our civil liberties? Do we have much left at this point?
MW: The telecoms (AT&T and Verizon) are in a different position than the tech companies (Apple, Google, Facebook, and Microsoft, among others), because phone companies have always been regulated more strictly. And there's also a lot of variation between companies: Verizon does more to protect your privacy from the government than AT&T, but recently had to be forced to give up an intrusive "super cookie" that tracked what you were doing on your mobile. Similarly, many tech companies have challenged the government in one or another ways, but Google and Facebook thrive on spying on you for their own purposes, far more than Apple does.
There were some limits imposed on government domestic spying with the USA Freedom Act, though "CISA," which allows companies of all kinds to share data in the name of cybersecurity, was a step back. The big struggle at this point is to understand all the kinds of ways the government spies and how much they impact non-targeted people. Without that understanding, we can't really pressure the government to adopt less intrusive methods.
JB: I'm not proud to admit this but, as a non-tech savvy individual, a lot of this makes my eyes glaze over. Even though I know how important it is. Bottom line: Are we better or worse off today, in terms of government infringement on our privacy? I find it hard to believe that the feds are going to back off just because Apple didn't concede and they weren't granted unfettered access. Or am I just being unduly cynical?
MW: We narrowly avoided a vast expansion of the government's authority to ask companies to build back doors into their products in secret. The FBI can still get into people's phones, and the NSA probably still has back doors into the products we use. But at least Apple -- and any other companies trying to make their products safe -- can still try to do that. The government will absolutely keep trying to change that, and there will be a big fight in Congress in upcoming months, as well, but for now, Apple will still be permitted to try to build secure products.
Our privacy depends on our own efforts, but for better and worse, for non-technical users, our privacy depends on there being big companies working to try to make their products secure against our own government. That's what Apple is fighting to be able to do.
JB: So, Apple is definitely wearing the White Hat, at least in this instance. How much does the average person understand about this constant eroding of our privacy? What can we do to wake people up? And, finally, what can people do to agitate on our own behalf?
MW: Let's not kid ourselves: Apple is doing this because their business model depends on people being able to trust the security of their smart phones. They're not doing this just to be a good citizen!
But on this issue, Apple is on the right side, yes, and Apple does make more effort to make their devices secure than some other companies. I think people can best think of this in terms of what thieves could get if they stole your smart phone -- things like your pictures, financial records, and metadata tracking your habits. Apple is trying to make it so that, instead of getting that information, thieves will be standing with a useless brick. Those are the stakes of the battle over encryption. People can work to support the efforts to ensure we can have secure software and hardware by letting Congress know it's important.
JB: Do you have any links or action pages people can access? And anything else you'd like to add before we wrap this up?