Judge: Apple must help US hack San Bernardino killer's phone
WASHINGTON (AP) — A U.S. magistrate ordered Apple Inc. on Tuesday to help the Obama administration hack into an encrypted iPhone belonging to one of the shooters in the December attack in San Bernardino, California, in a first-of-its-kind ruling that pits digital privacy against national security interests.
The ruling by Magistrate Judge Sheri Pym, a former federal prosecutor, requires Apple to supply highly specialized software the FBI can load onto Syed Farook’s work iPhone to bypass a self-destruct feature, which erases the phone’s data after too many unsuccessful attempts to unlock it. The FBI wants to be able to try different combinations in rapid sequence until it finds the right one.
The decision gives the Justice Department a significant victory in an entrenched technology policy battle, as more-powerful encryption services threaten the ability of federal agents to uncover important evidence in criminal or terrorism cases. The Obama administration, which has embraced stronger encryption as a way to keep consumers safe on the Internet, had struggled to find a compelling example to make its case.
The ruling Tuesday tied the problem to the deadliest terrorist attack on U.S. soil since the 2001 attacks on the World Trade Center and the Pentagon. Farook and his wife, Tashfeen Malik, killed 14 people in a Dec. 2 shooting at a holiday luncheon for Farook’s co-workers. The couple later died in a gun battle with police.
Federal prosecutors told the judge in a court application Tuesday that they can’t access a work phone used by Farook because they don’t know his passcode and Apple has not cooperated. Under U.S. law, a work phone is generally the property of a person’s employer. The judge told Apple to provide an estimate of its cost to comply with her order, suggesting that the government will be expected to pay for the work.
Apple has provided default encryption on its iPhones since 2014, allowing any device’s contents to be accessed only by the user who knows the phone’s passcode.
The Cupertino, California-based company did not immediately respond to messages from The Associated Press asking about the case.
The order requires that the software Apple provides be programmed to work only on Farook’s phone, but it was not clear how readily that safeguard could be circumvented. The order said Apple has five days to notify the court if it believes the ruling is unreasonably burdensome.
It also was not immediately clear what investigators believe they might find on Farook’s work phone or why the information would not be available from third-party service providers, such as Google or Facebook, though investigators think the device may hold clues about whom the couple communicated with and where they may have traveled.
The couple took pains to physically destroy two personally owned cell phones, crushing them beyond the FBI’s ability to recover information from them. They also removed a hard drive from their computer; it has not been found despite investigators diving for days for potential electronic evidence in a nearby lake.
Farook was not carrying his work iPhone during the attack. It was discovered after a subsequent search. It was not known whether Farook forgot about the iPhone or did not care whether investigators found it.
The phone was running the newest version of Apple’s iPhone operating system, which requires a passcode and cannot be accessed by Apple, unlike earlier operating systems or older phone models. San Bernardino County provided Farook with an iPhone configured to erase data after 10 consecutive unsuccessful unlocking attempts. The FBI said that feature appeared to be active on Farook’s iPhone as of the last time he performed a backup.
The California judge didn’t spell out her rationale in her three-page order, but the ruling comes amid a similar case in the U.S. District Court for the Eastern District of New York.
In that case, Magistrate Judge James Orenstein has not yet decided whether the government can compel Apple to unlock an iPhone under the same 18th century law applied to the California case. The All Writs Act has been used to compel a party to help the government in its law enforcement efforts, but Apple has argued that it is not its role to act as a government agent and that doing so would breach trust with its customers.
Investigators are still working to piece together a missing 18 minutes in Farook and Malik’s timeline from Dec. 2. Investigators have concluded they were at least partly inspired by the Islamic State group; Malik’s Facebook page included a note pledging allegiance to the group’s leader around the time of the attack.
FBI Director James Comey told members of Congress last week that investigators in the case had been unable to access a phone in the California case but provided no details.
“It is a big problem for law enforcement armed with a search warrant when you find a device that can’t be opened even when a judge says there’s probable cause to open it,” Comey said. “It affects our counterterrorism work. San Bernardino, a very important investigation to us, we still have one of those killers’ phones that we have not been able to open, and it’s been over two months and we’re still working on it.”
Follow Tami Abdollah on Twitter at http://www.twitter.com/latams and Eric Tucker at http://www.twitter.com/etuckerAP
This article was written by Tami Abdollah and Eric Tucker from The Associated Press and was legally licensed through the NewsCred publisher network.
Online Degrees & Certificates In Cybersecurity
American Military University's online cybersecurity programs integrate multiple disciplines to ensure you gain the critical skills and management practices needed to effectively lead cybersecurity missions – from government or private industry. Learn from the leader. American Military University is part of American Public University System, which has been designated by the National Security Agency and the Department of Homeland Security as a National Center of Academic Excellence in Cyber Defense Education.