Apple Tells Employees Why It Won’t Help Hack Shooter’s Phone
Apple Inc. CEO Tim Cook acknowledged to employees Monday that “it does not feel right” to refuse to help the FBI hack a locked iPhone used by a gunman in the San Bernardino mass shootings. But he said that to do so would threaten data security for millions and “everyone’s civil liberties.”
“We have no tolerance or sympathy for terrorists,” Cook wrote in an early morning email addressed to the Apple “Team.” ”When they commit unspeakable acts like the tragic attacks in San Bernardino, we work to help the authorities pursue justice for the victims.”
But he reiterated the company’s position that to hack the San Bernardino gunman’s phone would ultimately risk “security of hundreds of millions of law-abiding people.”
Cook’s email came just hours after FBI director James Comey said in an online post that Apple owes it to the San Bernardino victims to cooperate and said the dispute wasn’t about creating legal precedent.
The FBI “can’t look the survivors in the eye, or ourselves in the mirror, if we don’t follow this lead,” Comey said.
The iPhone used by Syed Farook, who along with his wife killed 14 people in the Dec. 2 rampage, was locked. At the government’s request, a Federal magistrate judge has ordered Apple to help the FBI hack into the password-protected phone.
The case has sparked nationwide debate over digital privacy and national security. Apple, in its message to employees, appeared to be sensitive to criticism that the company is simply trying to protect its proprietary business.
“Apple is a uniquely American company,” Cook wrote. “It does not feel right to be on the opposite side of the government in a case centering on the freedoms and liberties that government is meant to protect.” But he said, “this case is about much more than a single phone or a single investigation, so when we received the government’s order we knew we had to speak out.”
Comey, in a statement posted on the Lawfare blog, sought to defend the FBI demand for access to the iPhone as well as counter Apple’s arguments that the request risks threatening the digital privacy of Apple customers all over the world.
“We simply want the chance, with a search warrant, to try to guess the terrorist’s passcode without the phone essentially self-destructing and without it taking a decade to guess correctly. That’s it,” Comey wrote in a four-paragraph statement. “We don’t want to break anyone’s encryption or set a master key loose on the land.”
Cook’s message to employees had “Thank you for your support,” in the subject line. He told employees that the company believes abiding by the judge’s order would set a dangerous precedent that would essentially create a backdoor to the encrypted iPhone. That would set “a dangerous precedent that threatens everyone’s civil liberties,” he said.
An accompanying question-and-answer posting for customers acknowledges that while it is technically possible for Apple to do what the judge ordered, that it’s “something we believe is too dangerous to do.”
Apple also points to the difficulty of keeping such a “master key” safe once it has been created. The government has said that Apple could keep the specialized technology it would create to help officials hack the phone — bypassing a security time delay and feature that erases all data after 10 consecutive, unsuccessful attempts to guess the unlocking passcode. This would allow the FBI to use technology to rapidly and repeatedly test numbers.
Cook said that if the company’s engineers were to do as ordered, Apple would do its best to protect the technology, but that the company “would be relentlessly attacked by hackers and cybercriminals.”
“The only way to guarantee such a powerful tool isn’t abused and doesn’t fall into the wrong hands is to never create it,” Apple said. The company has until Friday to formally protest the ruling in court.
The case would not have existed if the county government that owned the iPhone had installed a feature on it that would have allowed the FBI to easily and immediately unlock the phone. San Bernardino County had bought the technology, known as mobile device management from MobileIron Inc., but never installed it on any of the inspectors’ phones, including Farook’s, said county spokesman David Wert said.
There is no countywide policy on the matter and departments make their own decisions, he said.
The service costs $4 per month per phone.