The U.S. Justice Department (DOJ) announced on Monday its decision to withdraw its lawsuit to force Apple, Inc. to unlock an iPhone used by one of the San Bernardino attackers. U.S. Attorney Eileen M. Decker, of the Central District in California, made the two-paragraph announcement:
"The government has asked a United States Magistrate Judge in Riverside, California to vacate her order compelling Apple to assist the FBI in unlocking the iPhone that was used by one of the terrorists who murdered 14 innocent Americans in San Bernardino on December 2nd of last year. Our decision to conclude the litigation was based solely on the fact that, with the recent assistance of a third party, we are now able to unlock that iPhone without compromising any information on the phone.
We sought an order compelling Apple to help unlock the phone to fulfill a solemn commitment to the victims of the San Bernardino shooting – that we will not rest until we have fully pursued every investigative lead related to the vicious attack. Although this step in the investigation is now complete, we will continue to explore every lead, and seek any appropriate legal process, to ensure our investigation collects all of the evidence related to this terrorist attack. The San Bernardino victims deserve nothing less."
The announcement confirmed that a undisclosed third party had successfully unlocked the attacker's newer model iPhone and retrieved information from it without triggering the auto-erase security feature. Rumors have speculated that Israel-based Cellebrite is the third party assisting the Federal Bureau of Investigation (FBI). There also was speculation that the National Security Agency (NSA) assisted the FBI.
After a cancelled March 22 court hearing, the government had an April 5 deadline to provide a status to the court. In its original complaint, the government used a 227-year-old law to force the tech company to build software to unlock the newer model iPhone and bypass its security features. The judge agreed and Apple appealed the decision.
The announcement did not mention what, if any, useful information the phone revealed. The government had suspected the device may contain information about other persons working with the attackers.
The legal fight between the FBI and Apple probably is not over. The New York Times reported:
"... what happened in the San Bernardino case doesn’t mean the fight is over,” said Esha Bhandari, a staff lawyer at the American Civil Liberties Union. She notes that the government generally goes through a process whereby it decides whether to disclose information about certain vulnerabilities so that manufacturers can patch them. “I would hope they would give that information to Apple so that it can patch any weaknesses,” she said, “but if the government classifies the tool, that suggests it may not.”
Apple released a brief statement yesterday:
"From the beginning, we objected to the FBI’s demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government’s dismissal, neither of these occurred. This case should never have been brought.
We will continue to help law enforcement with their investigations, as we have done all along, and we will continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated. Apple believes deeply that people in the United States and around the world deserve data protection, security and privacy. Sacrificing one for the other only puts people and countries at greater risk..."
At least for now, engineers at Apple can refocus on improving the device's security without being forced to do investigative work the government should have done. According to TechCrunch:
"... the Department of Justice said the method only works on this phone in particular. But it’s hard to believe this argument as there’s no reason the FBI wouldn’t be able to unlock other iPhones 5c running the same version of iOS 9. Moreover, if the FBI found a software exploit, this exploit should work with all iPhones running on this version of iOS 9 (and most likely the current version of iOS, iOS 9.3)..."
What to make of these events?
If the government didn't find any useful information on the attacker's phone, then this court case has been a huge waste of time and taxpayer's money. There was speculation that the government's strategy was to gain broader legal powers to force tech companies to help it break into encrypted devices. (Reread Decker's announcement above, including "... seek any appropriate legal process...") It didn't get that legal precedent by abandoning the case.
However, two U.S. Senators have drafted proposed legislation giving federal judges such broader powers. The latest proposal was drafted by Senators Richard Burr (Rep.-North Carolina) and Dianne Feinstein (Dem.-California), leading members of the Senate Intelligence Committee. Will this proposal continue now that the government has withdrawn its lawsuit? Should this proposal continue? If it does, that bears watching. I guess the DOJ didn't want to wait for a gridlocked Congress to act next year after elections.
What are your opinions of these events?