The filing also points out that if Apple is forced to weaken its own encryption, real criminals will just seek out other encryption tools. It quotes FBI Director James Comey, who said at a recent Congressional hearing, “Encryption will always be available to bad actors.” At the same hearing, the filing notes, Professor Susan Landau agreed that the order “would weaken us but not change [the availability of strong encryption] for the bad guys.”
Apple also rejects the government’s insistence that this GovtOS could be made, tested, used once, and destroyed without ever getting out. The filing quotes cybersecurity experts both in and out of the government as saying that simply isn’t true, that hackers are always looking to exploit these kinds of weaknesses. One footnote even cites the Mac ransomware attack from just last week, in which malicous software was even cryptographically signed to trick Macs into thinking it was legit.
There’s no limiting principle
Good laws come with limits. In its earlier motion to dismiss the court order, Apple complained that the All Writs Act, since it’s designed to fill in the gaps between statutes, doesn’t have that limiting principle. So if the government is allowed to use the All Writs Act to compel Apple to write a new, crackable version of iOS, this could be precedent for even more alarming scenarios. A drug company be compelled to make lethal injection drugs against its wishes, for example, or Apple could be compelled to make a version of iOS that would allow the government to track a single phone’s location or use it to eavesdrop. If the All Writs Act really is a magic wand, let’s see what it can do, right?
In this new filing, Apple notes that in the DOJ’s last brief, it didn’t touch Apple’s hypotheticals with a 10-foot legal pole. “Indeed, it is telling that the government fails even to confront the hypotheticals posed to it (e.g. compelling a pharmaceutical company to manufacture lethal injection drugs), or explain how there is any conceivable daylight between GovtOS today, and LocationTrackingOS or EavesdropOS tomorrow.”
(In fact, that isn’t purely hypothetical—one of Apple’s footnotes cites a Texas case in which courts wouldn’t allow the government to hack a vehicle’s OnStar system to take photos and report its location. “The government is adept at devising new surveillance techniques,” Apple notes dryly, with so leave us out of it, please left unsaid.)
The All Writs Act can’t circumvent CALEA
CALEA, or the Communication Assistance for Law Enforcement Act, was passed in 1994 to require telecom carriers to assist the government with some wiretapping and surveillance. Since then, it’s been expanded to cover Internet and VoIP traffic as well. Apple’s brief reads:
Sign up for CIO Asia eNewsletters.