Donate
Encryption Backdoors Come In All Guises – Reacting to Apple’s Customer Letter Thumbnail
‹ Back
Encryption 17 February 2016

Encryption Backdoors Come In All Guises – Reacting to Apple’s Customer Letter

Christine Runnegar
By Christine RunnegarSenior Director, Internet Trust

Have you ever lost your smartphone or had it stolen? Have you ever worried that your passcode may not be strong enough? Didn’t you have a sigh of relief when you remembered that you had enabled the feature that would erase your data after 10 failed attempts?

The Internet Society is very concerned to learn about the recent order from the United States District Court for the Central District of California  requiring Apple to bypass or disable the auto-erase function on a seized iPhone and to enable the FBI to more effectively conduct a brute force attack on the device. Yes, the order is for only one device and sought for good intentions (i.e. law enforcement), but as Apple’s CEO points out:

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The order is, in essence, asking Apple to build a means to attack the security measures it has put in place to protect its users’ data from malicious actors.

While not technically an “encryption backdoor”, it could have the same practical effect.

Further, this approach is contrary to the spirit of the Secure the Internet petition recommendations, specifically:

  • Governments should not mandate the design … or vulnerabilities into tools, technologies, or services.
  • Governments should not require that tools, technologies, or services are designed or developed to allow for third-party access to unencrypted data ….
  • Governments should not, either by private or public agreement, compel or pressure an entity to engage in activity that is inconsistent with the above tenets.

which the Internet Society has signed to show its support for these guiding principles.

There is no doubt that having access to information is vital for law enforcement, and we are mindful of those needs, but we believe this outcome is not the solution.

We agree with Apple and others that there needs to be an open, transparent, public discussion about these issues.

On our main encryption page we provide links to resources, articles and projects that we support. We encourage you to review those materials and to share them widely.

We do not believe backdoors – in any guise – will help bring about a more trusted Internet. Please join with us in working to find solutions!

P.S. If you are an Internet Society member (or want to join – it’s free), you can discuss this in our Connect forums.


Image credit: Erich Ferdinand on Flickr. CC BY

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Encryption and Law Enforcement Can Work Together
Encryption and Law Enforcement Can Work Together
Encryption26 October 2017

Encryption and Law Enforcement Can Work Together

The Internet Society and Chatham House will be hosting a roundtable of experts to deconstruct the debate on encryption and...

The Week in Internet News: X-Ray I
The Week in Internet News: X-Ray I
Technology18 June 2018

The Week in Internet News: X-Ray I

AI to get X-ray vision: Researchers at MIT’s Computer Science and Artificial Intelligence Laboratory are getting close to creating AI...

Enough about Apple and Encryption: Let's talk system security
Enough about Apple and Encryption: Let's talk system security
Encryption29 March 2016

Enough about Apple and Encryption: Let's talk system security

I want to share a perspective on system security. My phone as a system The Apple/FBI case revolves around a...

Join the conversation with Internet Society members around the world