In a briefing filed on Monday in a New York court, Apple said it would be “impossible” to access the data stored on the majority of locked iPhones.
Responding to Judge James Orenstein – who wanted help in deciding whether to fulfil a US Justice Department request that would see the company forced to aid the authorities in accessing the data on an iPhone seized as part of an investigation – Apple said it only had the “technical ability” to unlock older phones.
Reiterating comments made by CEO Tim Cook when the company launched its privacy website last year, Apple said it would be impossible to comply with the request on any device running iOS 8 or higher:
For devices running iOS 8 or higher, Apple would not have the technical ability to do what the government requests — take possession of a password protected device from the government and extract unencrypted user data from that device for the government.
Among the security features in iOS 8 is a feature that prevents anyone without the device's passcode from accessing the device's encrypted data. This includes Apple.
The company said around 90% of its user base is currently running that version of its mobile operating system, or the newer iOS 9 which is equally impossible to unlock.
With the release of iOS 8, Apple stopped storing encryption keys for devices, making it impossible for the company to unlock them, even in response to a warrant.
Without an encryption key, Apple simply cannot bypass a lock code. That, in conjunction with the fact that, in the US at least, police cannot force a suspect to unlock a device with a passcode, effectively puts the kibosh on law enforcement’s ability to access data on modern Apple hardware.
Even though the iPhone in this case is running iOS 7, meaning it could be unlocked by the company, Apple told the judge that forcing it do so could lead to an unfair burden being placed upon it in the future should the number of such government requests increase.
It also said such a request could tarnish its brand at a time when “public sensitivity to issues regarding digital privacy and security is at an unprecedented level,” highlighting the role it had taken in protecting its customers data from improper access:
Forcing Apple to extract data in this case, absent clear legal authority to do so, could threaten the trust between Apple and its customers and substantially tarnish the Apple brand.
Apple’s stance toward encryption may have won it new customers but the decision has not been popular among senior figures within law enforcement.
Shortly after Apple affirmed its commitment to safeguarding its user data last year, FBI Director James Comey delivered a speech in which he said tech companies were going too far, saying the “worrisome” approach to encryption taken by Google and Apple meant the good guys were “struggling to keep up” with criminals who use the technology to “place themselves above the law.”
Unperturbed by such comments, Tim Cook has this week re-emphasised Apple’s stance, stating that the company will not install encryption backdoors into any of its products.
Speaking at the WSJDLive conference on Monday, he said:
We said no backdoor is a must. Do we want our nation to be secure? Of course. No one should have to decide between privacy or security. We should be smart enough to do both. Both of these things are essentially part of the Constitution.
Cook went on to say that a backdoor wouldn’t be such an issue if it were to be used only for catching “bad people” but he doubted that was the case, concluding it was therefore in everyone’s best interests to deny such access to the legal authorities.
Speaking at the same event, NSA Director Mike Rogers said he too was in favour of strong encryption though, quite unsurprisingly, he appeared to be far less a fan of impenetrable encryption.
Image of Apple courtesy of GongTo / Shutterstock.com.