In a twist reminiscent of a James Bond film, Secretary of State John Kerry was meeting with his counterparts from Britain, Canada, Australia and New Zealand as a U.S. federal judge ruled that Apple must disable the encryption on the iPhone belonging to one of the San Bernardino killers.
They were in Washington, D.C., for a summit of Five Eyes, an intelligence sharing alliance born during the Second World War. The gathering of an international alliance dedicated to espionage and guilty of mass surveillance of everyday citizens should give pause to anyone who supports the judge’s decision to eliminate the security upon which we’ve all come to rely.
FBI Director James Comey has tried to assuage fears, writing a guest blog at Lawfare that we all should “take a deep breath and stop saying the world is ending,” insisting that the ability to hack terrorists’ phones is vital to national security. Though a slight majority of Americans agree with the FBI, Apple CEO Tim Cook has warned that disabling the encryption could have dire consequences. “…[T]he technique could be used over and over again, on any number of devices,” he wrote in a blog on the Apple website, equating it to a master key “capable of opening hundreds of millions of locks–from restaurants and banks to stores and homes. No reasonable person would find that acceptable.”
Using Cook’s definition, British Home Secretary Theresa May gave a speech the night before the ruling to the Center for Strategic and International Studies in which she called for U.S. internet companies to do more to lessen encryption. While stressing that “the British government believes that encryption plays a valuable role in today’s society,” May stressed that “we cannot be in a situation where technology is also used by terrorists to escape justice.”
Providing the American government a legal way to hack encrypted data, and emboldening other nations to do the same, is a frightening prospective.
“The fact that many of the major internet companies are situated here in the United States is a key issue for us all,” she said. It is of particular interest to May, who is currently pushing for a watered-down (but, as I wrote last month, still odious) version of her oft-maligned “Snoopers’ Charter,” which would, among other things, require British communication service providers and tech companies to provide a “backdoor” to encryption, just as Apple is now being ordered to do. However, Britain’s Draft Investigatory Powers Bill is unable to compel foreign companies (such as Apple) to provide such a backdoor. So this ruling is exactly what May has been hoping for.
It’s welcome news to the Canadian government too. Tamir Israel of the Canadian Internet Policy and Public Interest Clinic at the University of Ottawa told the CBC that “…law enforcement in Canada has been actively trying to attain the kinds of powers we see in the U.S.,” he said, “but doing it in a much less overt way.” The American ruling could embolden the Canadian government to pursue a similar path. “I would expect that if Apple is compelled to comply with the order, we’d eventually see something here that would test similar boundaries within the Canadian court system,” Halifax, Nova Scotia-based privacy lawyer David Fraser, told CBC.
Providing the American government a legal way to hack encrypted data, and emboldening other nations to do the same, is a frightening prospective. Given the close cooperation between the Five Eyes nations, the Apple ruling could allow American citizens’ data to be provided to foreign governments. It could also open an avenue through which foreign governments could finally circumvent jurisdiction and obtain the same information they themselves can’t force Apple to provide.
Five Eyes nations have a storied history of spying on their own and one another’s nationals. Last month, Canada’s spy agencies were found to have broken the law in bulk collection of metadata of Canadians. The Edward Snowden leaks revealed the startling extent to which the Australian government not only spied on its own people, but Americans, passing that data on to the NSA. Last March, a former head of the GCSB (the New Zealand intelligence agency) confirmed Kiwis’ data was collected. In 2013, former British Home Secretary David Blunkett revealed that the NSA passed on data collected on British citizens to GCHQ, Britain’s intelligence agency, to bypass British law. Our information is literally being shared by governments around the world.
This is ostensibly done is the name of security. These powers are needed to combat the threat of international terrorism, a point May emphasised last week.
Encryption is a vital security feature millions of Americans, Britons, Canadians, Australians, and New Zealanders rely on to protect their privacy from hackers, hostile countries, and even their own governments.
“Defeating terrorism requires a global response and we will not succeed by acting in isolation,” she said. Leaving aside the fact that bulk data collection makes combating terrorism more difficult due to the sheer volume of data that must be sifted through, this is still an incredibly short-sighted view of national security. Speaking at the Mobile World Congress in Barcelona on Monday, Facebook CEO Mark Zuckerberg said that backdoors to encryption will not “be an effective thing to increase security” nor is it “really the right thing to do.”
This isn’t surprising, Avi Greengart of Current Analysis, told the Guardian. “One of the things they are concerned with is that when they make policy in the U.S., that policy is cited by other regimes, including non-democratic ones,” he said. “There is also the real fear that once you ensure encryption can be broken, it will be broken, because the tools for doing so will inevitably leak out.”
According to Greengart, this poses serious concerns for not only individuals, but businesses, a concern echoed by Apple’s former security chief Rick Orloff. In an op-ed for CNBC.com, Orloff warned that this ruling creates a whole host of new security risks. “If these backdoors are built, it will be a question of when, not if, a hacker will create his own exploit and use it to get his hands on an enterprise’s, person’s, or government agency’s data.”
It’s a valid concern. The North Korean hack of Sony is indicative of a new cyber front in international warfare, one that threatens not only government targets but individuals and corporations, too. Meanwhile, Chinese cyberattacks on U.S. companies continue. As more of our business is conducted from mobile devices, such as iPhones, encryption is going to become not only a valuable tool in personal security but in national security, too.
Even the British Chancellor of the Exchequer has acknowledged this. Following the terrorist attacks in Paris last November, George Osborne revealed that ISIS had planned to hack British infrastructure in order to kill people. “From our banks to our cars, our military to our schools, whatever is online is also a target,” he said, warning of the dangers a hack of the electrical grid, hospitals, or air traffic controls would bring. He encouraged people to keep themselves safe online, the great irony of which is encryption is clearly one of the most effective tools people have. Even the FBI can’t hack an iPhone.
Given the abuses we know the Five Eyes nations have already committed, and the dilution of encryption by building even a single backdoor, we should all be concerned by the court’s decision on Apple. Encryption is a vital security feature millions of Americans, Britons, Canadians, Australians, and New Zealanders rely on to protect their privacy from hackers, hostile countries, and even their own governments. It imperils the privacy of citizens and their data, the intellectual property of our corporations and the very security of our nations. By forcing Apple to build a backdoor, the court is leaving it wide open for governments to peep through and terrorists and hostile actors to walk right in.
Skylar Baker-Jordan is a Chicago-based essayist, commentator, and journalist writing about masculinity, the LGBT community, and U.K. politics. Follow Skylar on Twitter @SkylarJordan.
Illustration via Max Fleishman