Out-Law News | 22 Feb 2016 | 4:51 pm | 2 min. read
The FBI has asked Apple to create a new version of the iPhone operating system that will circumvent security features, and to install it on an iPhone that was recovered during the investigation into a terrorist attack in San Bernardino in 2015, Cook said in a 'customer letter' on Apple's site.
Privacy expert Kathryn Wynn of Pinsent Masons, the law firm behind Out-Law.com warned that the US is taking quite an extreme approach in this case, and said that Europe and the UK are unlikely to follow suit.
The FBI wants to be able to 'crack' the password on the phone, but the current software will erase all data if a wrong password is entered ten times.
Apple was "shocked and outraged" by the terrorist attack and has worked to support the government in solving the crime, Cook said.
"When the FBI has requested data that's in our possession, we have provided it… We have also made Apple engineers available to advise the FBI," he said.
However, "now the US government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone," Cook said.
"The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control," he said.
The FBI is proposing to use the US All Writs Act to force Apple to comply, and Cook describes the implications of this as "chilling". The government could take this further and demand that Apple intercept messages, access data, track locations and "even access your phone’s microphone or camera without your knowledge", Cook said.
Google chief executive Sundar Pichai has backed Cook's stance. In a series of tweets on Twitter, Pichai said that forcing companies to "enable hacking" could compromise users' privacy.
"We know that law enforcement and intelligence agencies face significant challenges in protecting the public against crime and terrorism," he said, and "we give law enforcement access to data based on valid legal orders".
"But that’s wholly different than requiring companies to enable hacking of customer devices and data. Could be a troubling precedent," Pichai said.
Wynn said that the US should avoid taking too extreme an approach.
"There is certainly a need for surveillance and a degree of intrusiveness is inevitable, but it can be dangerous to opt for something so intrusive as a starting point. The risk is that people get used to increasing levels of invasiveness, as the bar continues to rise," she said.
The privacy landscape in Europe is very different to the US, Wynn said.
"While the UK will keep an eye on this and may reconsider its approach slightly if the US shows that this is effective in combatting terrorism, it's very unlikely that we'll ever move toward the US position, which leans more towards security than privacy," she said.