ACLU Says Fight for Privacy Isn’t Over, EFF Urges U.S. to Disclose iPhone Security Bypass

| Analysis

gPhoneThe FBI withdrew its demand for Apple to create a new operating system bypassing security protections on iPhones Monday, but the American Civil Liberties Union (ACLU) and the Electronic Freedom Foundation (EFF) both issued statements saying the fight over privacy wasn't over. The EFF also asked the U.S. Department of Justice to disclose the method used to break into the work iPhone of Syed Farook to Apple.

"This case was never about just one phone," Alex Abdo, staff attorney at the American Civil Liberties Union, said. "It was about an unprecedented power-grab by the government that was a threat to everyone's security and privacy. Unfortunately, this news appears to be just a delay of an inevitable fight over whether the FBI can force Apple to undermine the security of its own products. We would all be more secure if the government ended this reckless effort."

The FBI asked a federal court last week to vacate, or cancel, a hearing in Apple's fight against the FBI's request. The reason given in the court filing was that an unspecified third party (believed to be Israeli firm Cellebrite) had stepped forward with a method for accessing the data on the device in question.

The FBI noted in its filing that if this method worked, it would not need Apple's help. For its part, Apple said that if the method worked, the DOJ should try it on an unrelated iPhone in an unrelated case, and that if it didn't work, Apple would be happy to attempt the method itself, providing the courts would disclose that method.

On Monday, the FBI said the method worked, and it no longer needs Apple's help. That should put an end to the specific request over Syed Farook's work iPhone, but it hardly lays to rest the issue of whether the U.S. can use the All Writs Act of 1789 to compel technology companies to create backdoors in otherwise secure products.

And that's where the EFF comes in, because if there is a method to break into a locked iPhone, it's not really "otherwise secure." The EFF issued a statement noting the issue of privacy remains unsettled, and it urged the DOJ to disclose the method used to unlock the iPhone to Apple.

The EFF's statement:

The FBI has successfully accessed data on an iPhone that has been the subject of a legal battle between the Justice Department and Apple, according to a court filing.

EFF is pleased that the Justice Department has retreated from its dangerous and unconstitutional attempt to force Apple to subvert the security of its iOS operating system. However, we are still calling on President Obama not to undermine security and encryption, and you can add your voice to the chorus.

In addition, this new method of accessing the phone raises questions about the government's apparent use of security vulnerabilities in iOS and whether it will inform Apple about these vulnerabilities. As a panel of experts hand-picked by the White House recognized, any decision to withhold a security vulnerability for intelligence or law enforcement purposes leaves ordinary users at risk from malicious third parties who also may use the vulnerability. Thanks to a lawsuit by EFF, the government has released its official policy for determining when to disclose security vulnerabilities, the Vulnerabilities Equities Process (VEP).

If the FBI used a vulnerability to get into the iPhone in the San Bernardino case, the VEP must apply, meaning that there should be a very strong bias in favor of informing Apple of the vulnerability. That would allow Apple to fix the flaw and protect the security of all its users. We look forward to seeing more transparency on this issue as well.

All of which is to say this fight is far from over. President Barack Obama, the FBI, and the DOJ all believe law enforcement is entitled to backdoor access into encrypted communications, while the tech industry, encryption experts and privacy advocates say that such backdoors make all of us vulnerable to the hackers, criminals, and malicious foreign agents. At the same time, U.S. intelligence services largely side with the tech industry and encryption experts.

Most importantly, the issue of whether the All Writs Act can be used to compel a company like Apple to do what the FBI demanded remains unanswered. As of this writing, the case in New York over an accused drug dealer's iPhone remains open, and in that case a U.S. Magistrate Judge ruled that the government could not use the All Writs Act to compel Apple.

If that case is similarly dismissed, use of the All Writs Act could remain an open question until the U.S. Congress passes new legislation (that is then signed into law by the president) covering this area, or until the U.S. tries to use the All Writs Act for some other device or service. Dollars to donuts says the U.S. will try and secure a precedent involving a company other than Apple before coming after Apple again.

But you never know.

Popular TMO Stories



The topic of the New York case is very much on point here. Not being a lawyer, I am not sure what happens. The FBI requested order and it was denied (the Judge Orenstein Order), and the FBI has already appealed that denial (appeal not yet heard).

The FBI would love to get that Order eliminated but they might have to go forward with the appeal in order to do so. And they could well lose again. Apple will fight very hard to keep that set of legal reasoning in place.


When I went to the EFF’s website ( ) to add my name to their (& their 50 partners’) petition they’d created for the White House’s “We the People” API (which the White House promises POTUS will respond to, when at least 100,000 email-verified signatures are electronically submitted onto any petition created there), I found this very disappointing note from EFF, beside the petition:
“153 days since this petition hit 104,000 signatures with no substantive response from the President.”

So then, I went to this other “Share Your Thoughts on Strong Encryption” “We-the-People” petition (at ), & I posted this there:
Mr. President, don’t believe those who say compromise on security is possible. They’re either lying to you about that possibility, or else they actually do not understand what they are talking about; it’s a truly binary either/or question. if any backdoor exists to a system, it will always sooner or later be available to any geek - you’re either secure or you’re not (as with pregnancy or microbiological sterility).

Weakening Apple’s (or any other computer’s) defenses puts all us Americans, & everyone else in the world, at risk of predation by criminal hackers & oppression by anti-democratic governments & oligarchies.

So far, I’ve not seen any response to either from POTUS.

George Sheehan

So, what’s the chances that the fbi has not, in fact, broken in and that they are merely dropping this issue which was turning against them? I am sure they were a bit taken aback at the (remarkably) bipartisan congressional opposition to or skepticism about their position.
They will not let apple in on the method of the b&e…because it didn’t happen.

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account