Put Simply: The Apple vs FBI Frequently Asked Questions (FAQ)

| Analysis

The legal case between the FBI and Apple is very complex, both legally and technically. Yet, the impact of the court's decision and the appeals process could have a major impact on the rights and freedoms of every American. Here's a simple FAQ that explains the basics at hand in a plain, understandable way.

Q: What started this whole affair?

A: The FBI sought and was granted a court order compelling Apple to create a special version of the iPhone operating system (iOS) the agency can use to access an iPhone recovered from Syed Farook, one of the shooters in last year's San Bernardino County Department of Public Health terrorist attack. The FBI suspects, but does not know, that there is additional information in that iPhone that could be helpful in the investigation.

Q: What was Apple's response?

A: Apple filed a response to the court stating that the court's order is unconstitutional and should be vacated—that is, found invalid.

Q: What is the core issue?

A: Apple claims that if it is forced to write this new "government operating system" for the FBI, dubbed GovtOS by Apple, it could be demanded by other law enforcement agencies and even foreign governments to access other iPhones of suspected criminals. And perhaps, anyone at all.

That GovtOS would likely be demanded by defense attorneys, so it cannot be destroyed when the FBI is done. Once GovtOS is created, even if kept solely in Apple offices, it could be stolen or leaked. Then several hundred million iPhones of honest customers would be vulnerable to theft, data breaches, and other criminal actions. It would create a brand new market for stolen iPhones, risking our safety. Apple maintains that it's far better for this code to never be written at all, ever.

Q: What is the legal basis for Apple's objection?

A: There are several. Aside from the risk to the safety, security and privacy of all iPhone users, one of Apple's major legal objections is that computer code is protected by the 1st Amendment to the Constitution. By that law and precedent, the government cannot compel someone to write code on its behalf. In familiar terms, it would be like the FBI compelling a journalist to write a slanted, smear article about a presidential candidate. The highest courts have consistently ruled that freedom of speech also includes freedom from being compelled to speak. A ruling for the government would set a dangerous legal precedent, undermining a core principle of the Bill of Rights for everyone.

Q: We hear a lot about "encryption" in this case. What is that exactly?

A: Encryption is a mathematical process that converts plain text into text that is not understandable by a human or a computer. For example, "Hi, grandma" becomes, for example, "ff6%fgt$ahhqz." A user selected password is used in the process as a "key" that can access the original text again. See the next item.

Q: What is decryption?

A: It's the reverse of encryption. A password unscrambles the encrypted text and recovers the original text. "ff6%fgt$ahhqz" becomes "Hi, grandma." Every file on your iPhone is strongly encrypted with your sign-in password. The longer the password, the harder it is for another computer to try all combinations and eventually discover the right one.

Q: Can encrypted text (or files) be decrypted without knowing the password?

A: Yes. If Apple were to weaken the protections used in the (compelled) GovtOS, any person or government in possession of this powerful tool could use another computer to try to guess all possible passwords and eventually defeat the encryption.

Q: I have nothing to hide. Why do I need encryption on my iPhone (or any smartphone or Mac or PC, etc.)?

A: You may not have anything to hide from the government, but you have plenty to hide from criminals and malicious hackers. Your iPhone protects its own contents, which may include health data, credit card numbers, family photos, travel plans, contact data of all your friends and family. Using Internet security protocols, it also protects your private communications.

When you send a text message with your iPhone, the text is encrypted. For example, "The house will be empty for the next 2 weeks." (Result: home security implications.) When you contact your bank to make a payment, your banking username, password, account number, challenge questions, balance, and so on are encrypted during the transaction. If we didn't encrypt our connections to PayPal, our banks, and online purchases, there would be massive financial crime and chaos. Internet commerce and finance would collapse.

Q: Why is the FBI so adamant about this court order?

A: The FBI is a law enforcement agency. It is compelled, by its charter, to address cases of crime in its jurisdiction. Terrorism is especially troublesome and dangerous. The FBI believes it needs the tools it is demanding Apple create to investigate its cases. Unfortunately, what the FBI is asking Apple to do would set a far-reaching legal precedent that would endanger all citizens and wreak havoc on overall national security and finances.

Q: How will this case be decided?

A: In the short term, the courts will balance the needs of the many vs. the needs of the few and the applicability of Constitutional law. In the long run, it's up to us as citizens to express our wishes to the U.S. Congress to be enacted in good Constitutional law.

Q: How can I express my views?

A: Contact your U.S. Congressman and let him/her know how you feel. Your perception of what's at stake, for all future time, for all people with smartphones must be weighed against the FBI's special needs in this case.

Further Reading

1. To find out more about who's siding with Apple and who's siding with the FBI, see: "Apple’s Supporters File Court Briefs in FBI iPhone Privacy Fight."

2. To learn more about Apple's responses to the FBI's court order, see: "Apple Files Objection in FBI iPhone Unlock Fight." and "6 Powerful Quotes from Apple’s Newest Court Filing."

3. To read more about what distinguished former law enforcement officials think about the FBI's case, see:

"Former Director of CIA and NSA Says FBI is Wrong about Apple’s Encryption." and

"Richard Clarke [former National Coordinator for Security, Infrastructure Protection and Counter-terrorism] Slams FBI’s Pursuit of Weaker Encryption on Apple’s iPhone."

4. This editorial ponders the question: "Does the Government Have the Authority to Grant Itself Absolute Power?"

Popular TMO Stories



I found this article enlightening:

One of the FBI’s Major Claims in the iPhone Case Is Fraudulent
- American Civil Liberties Union

“We have enormous computing power in the US government, but we need to be able to bring it to bear without the phone killing itself.”
                      - FBI Director James Comey, March 1, 2016.


There is a subtle but serious error in the following description (abbreviated) ...
Q: What is decryption?
A: It’s the reverse of encryption. A password unscrambles the encrypted text and recovers the original text.

Q: Can encrypted text (or files) be decrypted without knowing the password?
A: Yes. If Apple were to weaken the protections ...

It is not a single-stage process as suggested here, but two-stage. There is a key and a password and they’re separate but related. The key itself is big (128 bits I believe, perhaps 256) and effectively impossible to break. The “password” is much smaller and often only four digits. That’s only 10,000 possibilities and can be easily solved by trying all of them - except that (1)an iPhone extends the retry time after repeated failures, and (2)it’s possible that the iPhone is configured to self-erase after ten failed attempts.

In this particular instance, “key” and “password” have a similar effect although they are quite different. Readers should be careful to distinguish the two and not be loose in terminology, lest there be unfortunate misunderstandings.

Jonas Bilious Slough

“If we didn’t encrypt our connections to PayPal, our banks, and online purchases, there would be massive financial crime and chaos. Internet commerce and finance would collapse.”
THIS. Think of the disaster this would create if all of a sudden everyone began to think (whether rightly or not) if their online transactions were no longer safe. E-commerce (like Amazon) would get hit real hard. Might even put them out of business. UPS and FedEx would lose a ridiculous amount of business. (Note: I work for UPS, there are times where I’m buried in Amazon and other e business packages.) So, its not a matter of if e-commercer and banking encryption is actually weakened, but the perception that it would be.

John Martellaro

vpndev: You are of course correct, and readers should take note.  One of the challenges in an article like this FAQ for beginners is the trade-off between difficult, perhaps off-putting concepts and relative simplicity for the non-technical person - the target audience. I had to think about that throughout the article.

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account