We all have an inherent need for privacy, we want things to be at our leisure of contemplated sharing. Yet, what is privacy? On one side we want privacy, but the next moment ladies will share whether their carpet is a landing strip or a martini glass, I for one do not care. If they want to share certain parts that’s fine with me. I am not too much about sharing. On the other side, apart from a few MP3 files, there is nothing interesting on my mobile. I reckon that my mobile is one of the dullest ones around.
So when I initially heard about the FBI wanting to access the iPhone of Syed Farook, I shrugged my shoulders and went ‘whatever!’ meaning that I was not opposed and I did not care. It was the techdirt site that has an interesting fact from the court case.
“Footnote 7, on page 18 details four possible ways that Apple and the FBI had previously discussed accessing the content on the device without having to undermine the basic security system of the iPhone, and one of them only failed because Farook’s employers reset the password after the attacks, in an attempt to get into the device“, so the boss went into ‘auto-moronic’ mode and did not check? He acted without knowing? So when we see “The ‘owner’ of course, being the San Bernardino Health Department, who employed Farook and gave him the phone. Basically, what this is saying is that if the password hadn’t been reset, it would have been possible to try to connect the phone to a ‘trusted’ network, and force an automatic backup to iCloud — which (as has been previously noted) was available to the FBI. But by ‘changing’ the password, apparently that option went away“, should we consider that his boss was stupid, or that his boss was scared he had done something wrong and this was his/her way of covering the mess up? (at https://www.techdirt.com/articles/20160219/17463033656/footnote-reveals-that-san-bernardino-health-dept-reset-syed-farooks-password-which-is-why-were-now-this-mess.shtml).
For the record, that was clear speculation on my side!
What happened was that Apple, the firm that initially ‘screwed over’ its customer base with error 53. A few days ago, the Guardian reported ‘Apple ordered to decrypt iPhone of San Bernardino shooter for FBI‘ (at http://www.theguardian.com/us-news/2016/feb/17/apple-ordered-to-hack-iphone-of-san-bernardino-shooter-for-fbi). In there we see the important quote: “In 2014, Apple began making iPhones with additional encryption software that they said they could not unlock, even if faced with a court order. Apple said this was done in the name of consumer privacy and cybersecurity, but the company has been locked in a public feud with the FBI since“. I understand that there is a need for privacy. My issue is why THIS level of privacy is needed. One could speculate that this is to keep the financial adviser’s customer base happy. I reckon that those people look for other means the moment their actions could be monitored, or investigated afterwards. Again, speculation from my side.
You see, I do not comprehend why law abiding citizens are so in fear, of what the government finds out. Most people can’t stop selfie themselves, their fashion and body parts to social media on a global scale. They tend to Facebook all details, especially when they are far away from home to ‘all’ their friends, so that the department of discreet entry and removal operations can empty their homestead in the meantime. With so much sharing, what privacy do you think you still have?
So back to the Granny Smith of automation, the next article (again the Guardian) gives us ‘FBI escalates war with Apple: ‘marketing’ bigger concern than terror‘ (at http://www.theguardian.com/technology/2016/feb/19/fbi-apple-san-bernardino-shooter-court-order-iphone), here we see the subtitle ‘Court filing from Department of Justice says Apple is more concerned with ‘its marketing strategy’ than helping FBI unlock San Bernardino shooter’s iPhone‘, which is fair enough when we consider that a failed marketing equals an alleged death in those houses. The quote “Cook called for public debate and has been backed in his fight by some of tech’s biggest names, including Google’s chief executive Sundar Pichai, WhatsApp and whistle-blower Edward Snowden“. I think that this is less about Americans and more about the 7 billion non-Americans that have this false fear of the CIA and the NSA. Yet in all this, the only true group to fear this is the 0.0001% of the population, I do not even register and in that regard most do not even register. Like the previous mass surveillance marketing ploy, simple fear mongering.
Now, let it be said that I have nothing against a person’s privacy and there is nothing wrong with wanting privacy, yet when we consider the 1.5 billion on Facebook, the 100 million on Instagram, the 307 million on Twitter and over 100 million users on Pinterest, we have well over 80% of the iPhone users on social media all sharing from mere events attended up to the grooming of the most private of parts, Which makes the shout for privacy a little too hilarious.
So how does this fit legally?
Well first there is the part that the DoJ is now relying on. It is the All Writs Act of 1789, which states “The Supreme Court and all courts established by Act of Congress may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law“, which sounds rather nice,
Yet the fact that the DoJ needs to rely on an act that has, according to several press sources, only been used thrice is a little too novel.
When we consider that the ‘self-destruct’ was enable by Farook’s boss (making the device useless to thieves), only leaves the DoJ without options. What is interesting is when the last cloud backup has happened, had it happened at all? Too many question that are all in the realm of speculation and none of it gives way to legislation. The question becomes should it be? I am not opposing the FBI, CIA or NSA. Yet these alphabet groups do know that they are fishing in murky waters. You cannot expect a corporation to set a product meant for 1,000 million to have options for the internally build exemption of 5,000-7,000 users. The math just does not add up!
I was talking about the legality, so let’s continue there.
In McCabe v British American Tobacco Australia Services Ltd,’ and the appeal, British American Tobacco Australia Services Ltd v Cowell (Representing the Estate of McCabe (deceased)), exposed some of the difficulties that plaintiffs who sue large corporations may face in litigation involving access to documentation. The Victorian Court of Appeal reversed the first instance decision which had struck out the defence of a tobacco company (‘BAT’). The basis for the first instance decision was that BAT had systematically destroyed documents that might have been relevant to the plaintiff’s case. It important to state WHO destroyed documents. You see, in case of Farook it was the boss who ‘destroyed’ the options for information retrieval. The important issue is that INTENT becomes near impossible to prove. In addition that case gives us: “The High Court declined the opportunity to clarify the law in this important area by refusing leave to appeal. The effect of this case, absent statutory reform, is that corporations may destroy potential evidence provided that their actions do not constitute an attempt to pervert the course of justice or a contempt of court. These are notoriously difficult to establish” (source: Playing for keeps? Tobacco litigation, document retention, corporate culture and legal ethics by Matthew Harvey and Suzanne Lemire. The reason for going towards this case is that the entire approach to mobile architecture and auto-backup could instigate updates where the mirror is encrypted extern from Apple. Which means that any phone would have an XML set-up and data object, but the object would be irretrievable. The ‘responsibility’ for proper password maintenance would be kept with the ‘client’ or end user. Taking Apple out of the equation leaving the DoJ with the apple pie made from the famous Granny Smith (AKA Janet Abigail Doe).
This takes the entire cyber conversation towards Spoliated Evidence, where we see “a party is faced with the fact that certain key evidence has been destroyed, altered, or simply lost“, destroyed implies intent, but proving that is next to impossible (which got us the tobacco case. Altered is basically what the DoJ faces as the boss decided to reset the password, again malicious intent becomes next to impossible to prove, whilst lost is not in play in this case but could clearly complicate the issue if that was the case, as the DoJ would have no implied evidence at all.
This entire endeavour goes even further south when we consider Federal Insurance Co. v. Allister, 622 So. 2d 1348, 1351 (Fla. 4th DCA 1993), where the Fourth District decided to set forth five factors to consider before imposing sanctions for spoliation of evidence. They were:
- whether there is prejudice;
- whether the prejudice can be cured;
- the practical importance of the evidence;
- the good faith or bad faith surrounding the loss of evidence;
- Possible abuse if the evidence is not excluded.
As bad faith is now linked to the degree of wilfulness, we get back to intent. If mere ‘negligent loss’ does not cut the cake and the cake cannot be devoured without the essential evidence, the entire issue goes nowhere really fast. Basically, it boils down to the boss of Farook having one set of glasses on with the limiting mindset of cost if his mobile was ‘abused in usage’, leaving Apple in the clear shrugging their shoulders going ‘not my problem now’, whilst in all this we are left with no evidence linking to intent or malice. That small scope that was available will in all expectations to be diminished further. It basically solves all of Apple’s problems.
In the need for privacy we have gone from exceptionally rare to just hilariously ridiculous. The Guardian article (at http://www.theguardian.com/technology/2016/feb/20/apple-fbi-iphone-explainer-san-bernardino) shows in equal measure another side. Which comes from Senator Ron Wyden, Democrat from Oregon. Here we read “Some are calling for the United States to weaken Americans’ cybersecurity by undermining strong encryption with backdoors for the government,” he wrote on Medium on Friday afternoon. “But security experts have shown again and again that weakening encryption will make it easier for foreign hackers, criminals and spies to break into Americans’ bank accounts, health records and phones, without preventing terrorists from ‘going dark’“, as such correctly implying that the medication will end up being a lot worse than the disease they face. In addition to that, should Farook have relied on another path, for example receive orders and message a ‘guild’ within a Facebook RPG game, the wasted time on the iPhone becomes nothing more than an iconic episode of the Comedy Capers. With these games receiving billions of messages a day, parsing though 1 of a dozen games would take years. The fact that none of this required any encrypted android or IOS system, just a mere desktop like millions of students use makes for the case against the Alphabet teams. When looking at Extremetech, we see a quote that is important in all this, the quote: “how terrorist organization uses social media to spread its message and radicalize curious readers. GWU’s research found that while ISIS uses a wide range of services, including Facebook, Google Plus, Kik, WhatsApp, and Tumblr, Twitter is the social media site of choice. Twitter already patrols and bans the accounts of ISIS supporters“, it casually forgets the 3-4 dozen accounts that do not raise any flags, the accounts that ACTUALLY bring details of the attacks to the transgressors.