A long-running dispute between Apple and the U.S. government regarding the company’s cooperation with law enforcement officials deepened today, as the two sides exchanged accusations regarding their respective roles in the 2019 Pensacola, Florida naval air station terror attack investigation. Following an announcement by Attorney General William Barr suggesting that Apple had not cooperated with efforts to access iPhones possessed by deceased gunman Mohammed Saeed Alshamrani, Apple today accused the government of making “false claims” in a manner that would ultimately hurt national security.
The specifics of the Pensacola dispute are similar to ones that have previously raised issues between Apple and the U.S. government: investigators sought Apple’s help in determining whether a lone gunman was acting on behalf of a larger criminal organization, and while Apple provided assistance, it didn’t go far enough to satisfy investigators. Following court authorization to search the phones in early December 2019, the FBI says it asked Apple for help in early January 2020. After the FBI spent months working to unlock the phones “under difficult conditions,” Barr said that it succeeded in linking Alshamrani to Al Qaida, with “no thanks to Apple.”
Apple contested that suggestion, saying that it began to cooperate with the FBI “just hours after the attack on December 6, 2019,” continued offering support during the investigation, and “provided every piece of information available to us” over the subsequent months. But then it went further, suggesting that Barr was falsely attacking the company as an “excuse to weaken encryption and other security measures that protect millions of users and our national security.”
Reconciling the two sides’ claims pivots on a single major point: Apple’s refusal to provide a “backdoor” into its operating systems that would enable law enforcement officials — and Apple says, “bad actors” — to gain access to the encrypted contents of its devices. In reiterating its defense of the iPhone’s security, the company noted that it sells “the same iPhone everywhere,” doesn’t “store customers’ passcodes,” and doesn’t “have the capacity to unlock passcode-protected devices.” Another way of reading those points is that it has denied requests to sell less protected iPhones in some countries, log passcodes, or create backdoors to unlock its devices.
Interestingly, the company also says that it uses “strong encryption across our devices and servers,” the accuracy of which may hinge on the word “our,” and be subject to some exceptions. While Apple says that its data centers have “strong hardware and software security practices” to “ensure there are no backdoors into our systems” and “keep information safe” — practices that “apply equally to our operations in every country in the world” — the company publicly turned over some user data and server keys to a Chinese government organization.
Apple also says that it provided iCloud backups and other account information to the FBI in this case, the company clearly makes exceptions to its server-level protections for government requests, but it draws the line at compromising individual devices. A report in January suggested that the company opted not to encrypt iCloud backups in an effort to compromise with law enforcement officials.