Encryption Backdoors Come In All Guises – Reacting to Apple’s Customer Letter Thumbnail
Encryption 17 February 2016

Encryption Backdoors Come In All Guises – Reacting to Apple’s Customer Letter

By Christine RunnegarSenior Director, Internet Trust

Have you ever lost your smartphone or had it stolen? Have you ever worried that your passcode may not be strong enough? Didn’t you have a sigh of relief when you remembered that you had enabled the feature that would erase your data after 10 failed attempts?

The Internet Society is very concerned to learn about the recent order from the United States District Court for the Central District of California  requiring Apple to bypass or disable the auto-erase function on a seized iPhone and to enable the FBI to more effectively conduct a brute force attack on the device. Yes, the order is for only one device and sought for good intentions (i.e. law enforcement), but as Apple’s CEO points out:

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The order is, in essence, asking Apple to build a means to attack the security measures it has put in place to protect its users’ data from malicious actors.

While not technically an “encryption backdoor”, it could have the same practical effect.

Further, this approach is contrary to the spirit of the Secure the Internet petition recommendations, specifically:

  • Governments should not mandate the design … or vulnerabilities into tools, technologies, or services.
  • Governments should not require that tools, technologies, or services are designed or developed to allow for third-party access to unencrypted data ….
  • Governments should not, either by private or public agreement, compel or pressure an entity to engage in activity that is inconsistent with the above tenets.

which the Internet Society has signed to show its support for these guiding principles.

There is no doubt that having access to information is vital for law enforcement, and we are mindful of those needs, but we believe this outcome is not the solution.

We agree with Apple and others that there needs to be an open, transparent, public discussion about these issues.

On our main encryption page we provide links to resources, articles and projects that we support. We encourage you to review those materials and to share them widely.

We do not believe backdoors – in any guise – will help bring about a more trusted Internet. Please join with us in working to find solutions!

P.S. If you are an Internet Society member (or want to join – it’s free), you can discuss this in our Connect forums.

Image credit: Erich Ferdinand on Flickr. CC BY

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Encryption 11 August 2023

Encryption, Bad Bills, and Ripple Effects: How Riana Pfefferkorn Protects the Internet

We spoke with Riana Pfefferkorn, research scholar at the Stanford Internet Observatory, about encryption and protecting the Internet.

Strengthening the Internet 14 June 2023

Speak Out Against Bills That Threaten End-to-End Encryption

The EARN IT Act, STOP CSAM Act, and KOSA in the United States threaten to weaken end-to-end encryption which...

Encryption 3 May 2023

Encryption Keeps Kids Safe Online

Policymakers are proposing laws that will weaken encryption. The EARN IT Act, STOP CSAM Act, and many other proposed...