Wednesday, March 02, 2016

So what's the problem ..... eh?

Good Day Readers:

So why can't the Judge who'll rule in the FBI versus Apple case place some very tight restrictions on the code that can be used to break encrypted information?

(1) At all material times the code remains in the care, custody and control of the court

(2) At no time is it to be reproduced by the FBI, Justice Department or anyone else. After its usage the formula must be returned to the court

(3) Failure to comply will result in contempt of court citations resulting in large fines and jail time for anyone who has violated these conditions

(4) The ruling in the San Bernardino case applies to that and only that decision. It is not a legal precedent. Every additional request by the authorities will be subject to a separate and distinct legal challenge

Now why wouldn't that work ..... eh?

Sincerely,
Clare L. Pieuk
America's rotten request to unlock an Apple iPhone

If law enforcement win right to security back door everyone's privacy suffers

By Michael Geist
Tuesday, March 2, 2016
Legal battle over access to a San Bernardino terrorist's iPhone could take months to resolve. (Phone photo via Shutterstock)

Related


The U.S. government's attempt to invoke a centuries-old law to obtain a court order to require Apple to create a program that would allow it to break the security safeguards on the iPhone used by a San Bernardino terrorist has sparked an enormous outcry from the technology, privacy, and security communities.

For U.S. officials, a terrorism related rationale for creating encryption backdoors or weakening user security represents the most compelling scenario for mandated assistance. Yet even in those circumstances, companies, courts, and legislatures should resist the urge to remove one of the last bastions of user security and privacy protection.

This case is about far more than granting U.S. law enforcement access to whatever information remains on a single password-protected iPhone. Investigators already have a near-complete electronic record: all emails and information stored on cloud-based computers, most content on the phone from a cloud back-up completed weeks earlier, telephone records, social media activity, and data that reveals with whom the terrorist interacted. Moreover, given the availability of all of that information, it seems likely that much of the remaining bits of evidence on the phone can be gathered from companies or individuals at the other end of the conversation.

Dangerous precedent on horizon

As Apple and other technology companies have recognized, scratch below the surface and you find a case that is fundamentally about establishing legal precedent that can be wielded to require companies to establish backdoor access to devices, break encryption, or weaken security measures. In fact, despite claims that it is a one-time request, there are already reports of at least nine other cases involving Apple in the U.S. alone.

The problem with such a precedent extends beyond the "slippery slope" argument. Creating security vulnerabilities leaves everyone more vulnerable since there is no mechanism to limit weakened security measures or backdoors to the "good guys." If the U.S. government can get it, so too can other foreign governments or criminal organizations.

Moreover, the case enhances the role of government and law enforcement in the design of security safeguards within consumer devices.

Ironically, the U.S. government has recognized the danger of its approach in other venues. For example, it has pointed with approval to provisions in the Trans Pacific Partnership that purport to restrict the ability of governments to impose conditions on products that contain encryption, claiming those restrictions will allow companies and individuals to "use the cybersecurity and encryption tools they see fit, without arbitrary restrictions that could stifle free expression."
That is a laudable goal, yet the TPP contains its own backdoor provision that allows law enforcement to use the courts to require access to unencrypted communications. The Apple case highlights how the TPP will ultimately do little to address the issue, with the U.S. example paving the way for foreign governments to demand similar access to otherwise secure devices.

Will consumer privacy prevail?

While the Apple case may take months to resolve, it has already placed the spotlight on the near-complete erosion of privacy within our modern communication system. Telecom transparency reports have revealed how law enforcement is able to use our everyday communications to create detailed maps of our movements and communications habits. Our reliance on cloud computing services for email, photographs, and document storage grants centralized access to data that previously only resided on harder-to-access personal computers.

The last line of defence may be our portable devices, where access can be secured through passwords, data can be encrypted from prying eyes, and security settings can thwart would-be hackers.

Yet should Apple lose this case, those safeguards will be gone, escalating fears that in today's internet-enabled, smartphone world, privacy is gone too.

Read more: Rights + Justice, Politics, Science + Tech

Michael Geist holds the Canada Research Chair in internet and E-commerce Law at the University of Ottawa, Faculty of Law. He can reached at mgeist@uottawa.ca or online at www.michaelgeist.ca.

0 Comments:

Post a Comment

<< Home