Attorney General William Barr, December 10, 2019.
Al Drago | Reuters
Apple and the FBI are again poised for a disagreement over whether law enforcement should be able to count on tech makers to provide them access to the devices of criminal suspects.
The FBI wants access to the phone of Mohammad Alshamrani, who is suspected of killing three people in a shooting spree on a Navy base in Pensacola, Florida, on Dec. 6.
FBI General Counsel Dana Boente said in a letter shared with NBC News that officials have sought help getting information from the encrypted device from other agencies as well as third-party vendors in foreign countries.
Apple has responded by saying it is working with officials on the matter.
But the issues would appear to set up a privacy and security debate that has pitted tech companies against the U.S. Justice Department for several years. The slow-burning dispute has heated up in recent years, with Attorney General William Barr and top FBI officials asking for greater access to consumer technology, even as encryption and privacy controls grow stronger.
A long-simmering debate
Although the FBI and tech companies have been at odds over encryption for more than a decade, the dispute came to a head after another mass shooting.
The Justice Department asked Apple to create software that would allow law enforcement officials to unlock the phone of the prime suspects in the San Bernardino, California, shooting that killed 14 people in 2015.
The FBI sued Apple in California Central District Court. Apple fought the suit, arguing that breaking its encryption would put all users at privacy risk, and won an initial hearing. But the FBI eventually dropped the suit in 2016 after finding a third-party vendor — long rumored to be Israeli security company NSO Group — to help unlock the device.
“The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals,” the company said at the time. “The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.”
The FBI later said the phone yielded no information relevant to the case, though it had said the passcode was needed to, in part, search for co-conspirators who may be planning further attacks. Later in 2016, Apple also updated security on its devices to prevent government snooping.
Since then, the debate has only ramped up as encryption and device security has improved. At an FBI conference in July 2019, Barr told an audience of law enforcement officials and cybersecurity specialists that encryption not just on Apple devices, but messaging apps such as Facebook‘s Whatsapp, were hampering law enforcement efforts.
FBI Director Christopher Wray echoed Barr’s sentiments at the same conference, saying that an investigation into the 2017 church shooting in Sutherland Springs, Texas, was also slowed by a lack of access to the suspect’s iPhone.
“Now, more than 600 days later, the FBI has still not been able to crack the encryption on the phone of the attacker,” Wray said in July.
Wray said some technology firms have helped investigators. He cited cooperation from unnamed tech companies in helping crack two previously unsolved child sex abuse cases. In one case, Wray said, a tip came in from a New England town that a nine-year-old girl was being abused. Information from one tech firm helped locate and rescue the girl. In another case, two young girls were rescued in less than 12 hours with the cooperation from the unnamed company.
Overseas law enforcement agencies have also asked for more access to encrypted devices and apps. In July 2019, the “Five Eyes” security alliance, which includes agencies from Australia, New Zealand, the U.K., the U.S. and Canada, told tech companies they “should include mechanisms in the design of their encrypted products and services whereby governments, acting with appropriate legal authority, can obtain access to data in a readable and usable format.”
“We are concerned where companies deliberately design their systems in a way that precludes any form of access to content, even in cases of the most serious crimes,” the group said in a statement.