The American Civil Liberties Union (ACLU) today filed an amicus brief with a California federal court, taking Apple's side in the dispute about whether the company should be compelled to help the government access an iPhone.
The friend-of-the-court brief set out multiple arguments why Apple should not be forced to assist the Federal Bureau of Investigation (FBI) in brute-forcing the passcode on an iPhone used by Syed Rizwan Farook. Farook and his wife, Tafsheen Malik, killed 14 in San Bernardino, Calif. on Dec. 2, 2015, before they died in a shootout with police. Authorities later labeled it an act of terrorism.
Last month, a federal magistrate ordered Apple to help the FBI gain access to Farook's iPhone by creating a heavily modified version of iOS that would disable several security safeguards, then put the software on the device so authorities can bombard it with passcode guesses. The FBI has repeatedly said it believes there is unique information on Farook's iPhone that will help its investigation.
Apple is fighting that court order. And the ACLU was the first to file an amicus brief supporting the Cupertino, Calif. company in that battle.
"This case is not about a single phone -- it's about the government's authority to turn the tech companies against their users," Alex Abdo, an ACLU staff attorney, said in a Wednesday statement.
In the brief, the ACLU argued constitutional as well as case law, citing the Fifth Amendment, for example, and asserting that the All Writs Act -- a 1789 law that the Department of Justice (DOJ) used to compel Apple's assistance -- does not give the government the authority to force the firm's hand.
"The government seeks to compel an innocent third party into becoming an agent of the state, to conscript a private entity into a criminal investigation, and to require it to develop information for the government that is neither in its possession nor control," the ACLU stated in its brief. "This is a tactic foreign to free democracies."
But while many of the ACLU's arguments had been made by Apple in its motions before the same court, one had not.
"The burden imposed by the government's request extends far beyond Apple itself," the brief said. "If the government's interpretation of the law holds, not only could it force Apple to create the cryptographically signed software it seeks here, but it could force Apple to deliver similar signed software using Apple's automatic-update infrastructure. This would be devastating for cybersecurity, because it would cause individuals to legitimately fear and distrust the software update mechanisms built into their products."
In other words, if users lost their trust in software updates, they wouldn't apply them. Sans updates -- specifically, security updates that patch vulnerabilities -- everyone would be at greater risk from run-of-the-mill cybercriminals eager to hijack PCs, smartphones and tablets to harvest profitable information, from bank account passwords and intellectual property to government secrets and companies' research and development.
Sign up for CIO Asia eNewsletters.