eDiscovery Daily Blog

• January 20, 2020

Last week, we covered the government’s latest attempt (and Apple’s resistance) to get Apple to assist in unlocking the iPhones of a mass shooter – this time, with regard to password-protected iPhones used by Mohammed Saeed Alshamrani, who is suspected of killing three people last month in a shooting at a Navy base in Pensacola, Florida.  Ultimately, however, it may not matter whether Apple helps the government or not.

According to Business Insider (The Justice Department is demanding that Apple make it easier to unlock suspects’ iPhones, but experts say it can do that without Apple’s cooperation. Here’s how., written by Aaron Holmes), according to cybersecurity experts, new technologies have made it even easier for investigators to crack locked iPhones, even without help from Apple.

Last week, Attorney General William Barr said during a press conference on Monday that Apple had not helped the FBI crack into the password-protected iPhones used by Alshamrani.

“We have asked Apple for their help in unlocking the shooter’s iPhones. So far Apple has not given us any substantive assistance,” Barr said, next to a poster with a picture of the iPhones. “This situation perfectly illustrates why it is critical that investigators be able to get access to digital evidence once they have obtained a court order based on probable cause.”

For their part, Apple disputed Barr’s assessment that it has failed to provide law enforcement with “substantive assistance” in unlocking the password-protected iPhones used by the shooting suspect at a Navy base in Pensacola, Florida, last month, but still refused his main request to provide a backdoor.  Apple stated it “produced a wide variety of information associated with the investigation” after the FBI’s initial request on Dec. 6. The company said it provided “gigabytes of information” including “iCloud backups, account information and transactional data for multiple accounts” in response to further requests that month.

“We have always maintained there is no such thing as a backdoor just for the good guys,” Apple said in a statement. “Backdoors can also be exploited by those who threaten our national security and the data security of our customers. Today, law enforcement has access to more data than ever before in history, so Americans do not have to choose between weakening encryption and solving investigations. We feel strongly encryption is vital to protecting our country and our users’ data.”

In an interview with Business Insider, Chris Howell, CTO of Wickr said he understood why Apple wouldn’t intentionally build a backdoor into the iPhone as the FBI has requested.

“As a technologist I can tell you that there is no security mechanism that can discriminate between a hacker trying to crack it and a law enforcement officer trying to do the same thing. Either we secure it or we don’t, it’s that simple.”

However, according to The Wall Street Journal, the cybersecurity company Grayshift sells an iPhone hacking device for $15,000, and Israel’s Cellebrite sells a similar device.  Tech companies are constantly trying to develop more secure devices and platforms to win costumers’ trust, and are therefore reticent to build backdoors that would easily crack encrypted services. Similarly, companies like Grayshift and Cellebrite are constantly honing methods of cracking devices, which are kept secret.

The iPhone was long seen as uncrackable, but recent advances have changed that — one county in Georgia that purchased a Grayshift device was able to crack 300 phones in one year, The Wall Street Journal reported.

One commenter to our post last week stated “if I was a terrorist I’d throw away my iPhoneX and get an iPhone 11”.  Staying ahead of crackers and hackers seems to be a continual battle that device managers and website providers face daily.  And, if we think this issue only applies to discovery of devices in cases involving mass shooters, it could easily apply to discovery in any type of case today where a custodian of a device has something to hide.  Like this Fifth Amendment case that we covered last year and will discuss in our webcast on January 29.

So, what do you think?  Should companies like Apple and Facebook provide backdoor access to their encrypted technology to investigators?  Or are there bigger privacy concerns at play here?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.