Apple to Defend Encryption, Privacy in House Judiciary Hearing

Apple Senior Vice President and General Counsel Bruce Sewell will be appearing before the House Judiciary Committee on Tuesday to testify on why giving the FBI the ability to bypass iPhone passcode security measures is a bad idea. FBI Director James Comey will offer up his own testimony, too, explaining why Apple—and by extension, other technology companies—should be subject to court orders compelling them to create hackable operating systems for criminal investigations.

Apple' Bruce Sewell to defend company's privacy and security position during House Judiciary Committee hearingApple' Bruce Sewell to defend company's privacy and security position during House Judiciary Committee hearing

Mr. Sewell will testify along with Worcester Polytechnic Professor Susan Landau and Manhattan District Attorney Cyrus R. Vance. The hearing is scheduled to start at 1PM eastern time. FBI Director Comey will testify alone in a second hearing.

The hearing, titled "The Encryption Tightrope: Balancing Americans' Security and Privacy," is in response to Apple's opposition to a court order the FBI obtained requiring the company to create a special iOS version that doesn't include the safeguards preventing a brute force attack on iPhone passcodes, and lets the agency automate entering passcodes until the correct one is found.

The FBI wants the less secure iOS version so it can hack into the iPhone Syed Farook used prior to a shooting rampage where he and his wife killed 14 of their San Bernardino County coworkers and injured 22 more. The husband and wife team were killed in a shootout with police, then the work issued iPhone was recovered.

Apple assisted the FBI in retrieving as much data from the iPhone as they could, but stopped short of creating a special operating system the FBI could use to hack into the device. The FBI then obtained a court order compelling Apple to do just that.

Apple is contesting the order calling it a threat to privacy and security, and an overreach of government authority. The company filed a motion to vacate the order late last week.

Mr. Sewell's opening statements were released to the media on Monday ahead of Tuesday's hearing. He will use his opening statement to pose three questions:

  • Should limits be imposed on the security for private data?
  • Should the FBI have the power to block companies from improving the security in their products?
  • Should the FBI have the authority to force companies to create new tools and products based on government specifications for government use?

Mr. Sewell will present a case against giving the FBI and the government those powers, and most likely Ms. Landau will, too. Mr. Vance, however, will explain why he thinks the government should be able to compel companies to strip away security and privacy features from our smartphones and other electronic devices.

Mr. Vance's stance comes as no surprise considering he already made it clear he has a long list of cases where he wants to force Apple to help unlock iPhones in criminal investigations.

Directory Comey originally said this court order would be a one-off case, and that it wasn't a precedent setting event. The DOJ contradicted that a few days later with the revelation that it has at least 12 cases where it plans to do the same, and Mr. Comey conceded a few days ago that it would, in fact, be precedent setting.

Tomorrow's hearing won't set policy, although it is the first step in open discussions between government officials and technology companies on the topic. Mr. Sewell will push for a commission on government-mandated iPhone unlocking, and wants to see security, privacy, and encryption addressed at the Congressional level instead of trying to bypass the issue with the All Writs Act, which is over 200 years old and not targeted at modern technologies such as smartphones.

"The FBI is asking Apple to weaken the security of our products," Mr. Sewell's statement reads. "Hackers and cyber criminals could use this to wreak havoc on our privacy and personal safety. It would set a dangerous precedent for government intrusion on the privacy and safety of its citizens."

Next up: Mr. Sewell's full statement to the House Judiciary Committee

Mr. Sewell's full statement to the House Judiciary Committee

Thank you, Mr. Chairman. It's my pleasure to appear before you and the Committee today on behalf of Apple. We appreciate your invitation and the opportunity to be part of the discussion on this important issue which centers on the civil liberties at the foundation of our country.

I want to repeat something we have said since the beginning — that the victims and families of the San Bernardino attacks have our deepest sympathies and we strongly agree that justice should be served. Apple has no sympathy for terrorists.

We have the utmost respect for law enforcement and share their goal of creating a safer world. We have a team of dedicated professionals that are on call 24 hours a day, seven days a week, 365 days a year to assist law enforcement. When the FBI came to us in the immediate aftermath of the San Bernardino attacks, we gave all the information we had related to their investigation. And we went beyond that by making Apple engineers available to advise them on a number of additional investigative options.

But we now find ourselves at the center of an extraordinary circumstance. The FBI has asked a Court to order us to give them something we don't have. To create an operating system that does not exist — because it would be too dangerous. They are asking for a backdoor into the iPhone — specifically to build a software tool that can break the encryption system which protects personal information on every iPhone.

As we have told them — and as we have told the American public — building that software tool would not affect just one iPhone. It would weaken the security for all of them. In fact, just last week Director Comey agreed that the FBI would likely use this precedent in other cases involving other phones. District Attorney Vance has also said he would absolutely plan to use this on over 175 phones. We can all agree this is not about access to just one iPhone.

Bruce Sewell's opening statement for House Judiciary Committee hearingBruce Sewell's opening statement for House Judiciary Committee hearing

The FBI is asking Apple to weaken the security of our products. Hackers and cyber criminals could use this to wreak havoc on our privacy and personal safety. It would set a dangerous precedent for government intrusion on the privacy and safety of its citizens.

Hundreds of millions of law-abiding people trust Apple's products with the most intimate details of their daily lives – photos, private conversations, health data, financial accounts, and information about the user's location as well as the location of their friends and families. Some of you might have an iPhone in your pocket right now, and if you think about it, there's probably more information stored on that iPhone than a thief could steal by breaking into your house. The only way we know to protect that data is through strong encryption.

Every day, over a trillion transactions occur safely over the Internet as a result of encrypted communications. These range from online banking and credit card transactions to the exchange of healthcare records, ideas that will change the world for the better, and communications between loved ones. The US government has spent tens of millions of dollars through the Open Technology Fund and other US government programs to fund strong encryption. The Review Group on Intelligence and Communications Technology, convened by President Obama, urged the US government to fully support and not in any way subvert, undermine, weaken, or make vulnerable generally available commercial software.

Encryption is a good thing, a necessary thing. We have been using it in our products for over a decade. As attacks on our customers' data become increasingly sophisticated, the tools we use to defend against them must get stronger too. Weakening encryption will only hurt consumers and other well-meaning users who rely on companies like Apple to protect their personal information.

Today's hearing is titled Balancing Americans' Security and Privacy. We believe we can, and we must, have both. Protecting our data with encryption and other methods preserves our privacy and it keeps people safe.

The American people deserve an honest conversation around the important questions stemming from the FBI's current demand:

Do we want to put a limit on the technology that protects our data, and therefore our privacy and our safety, in the face of increasingly sophisticated cyber attacks? Should the FBI be allowed to stop Apple, or any company, from offering the American people the safest and most secure product it can make?

Should the FBI have the right to compel a company to produce a product it doesn't already make, to the FBI's exact specifications and for the FBI's use?

We believe that each of these questions deserves a healthy discussion, and any decision should be made after a thoughtful and honest consideration of the facts.

Most importantly, the decisions should be made by you and your colleagues as representatives of the people, rather than through a warrant request based on a 220 year- old-statute.

At Apple, we are ready to have this conversation. The feedback and support we're hearing indicate to us that the American people are ready, too.

We feel strongly that our customers, their families, their friends and their neighbors will be better protected from thieves and terrorists if we can offer the very best protections for their data. And at the same time, the freedoms and liberties we all cherish will be more secure.

Thank you for your time. I look forward to answering your questions.