Tech Companies Tangle With U.S. Over Data Access
Apple and Other Tech Companies Tangle With U.S. Over Data
Access
By MATT APUZZO, DAVID E. SANGER and MICHAEL S. SCHMIDT SEPT.
7, 2015
Companies like Apple say they are protecting their
customers’ information by resisting government demands for access to text
messages. A standoff has grown between the sides as the companies have embraced
tougher encryption.
WASHINGTON — In an investigation involving guns and
drugs, the Justice Department obtained a court order this summer demanding that
Apple turn over, in real time, text messages between suspects using iPhones.
Apple’s response: Its iMessage system was encrypted and
the company could not comply.
Government officials had warned for months that this type
of standoff was inevitable as technology companies like Apple and Google
embraced tougher encryption. The case, coming after several others in which
similar requests were rebuffed, prompted some senior Justice Department and
F.B.I. officials to advocate taking Apple to court, several current and former
law enforcement officials said.
While that prospect has been shelved for now, the Justice
Department is engaged in a court dispute with another tech company, Microsoft.
The case, which goes before a federal appeals court in New York on Wednesday
and is being closely watched by industry officials and civil liberties advocates,
began when the company refused to comply with a warrant in December 2013 for
emails from a drug trafficking suspect. Microsoft said federal officials would
have to get an order from an Irish court, because the emails were stored on
servers in Dublin.
The conflicts with Apple and Microsoft reflect heightened
corporate resistance, in the post-Edward J. Snowden era, by American technology
companies intent on demonstrating that they are trying to protect customer
information.
“It’s become all wrapped up in Snowden and privacy
issues,” said George J. Terwilliger III, a lawyer who represents technology
companies and as a Justice Department official two decades ago faced the
challenge of how to wiretap phone networks that were becoming more digital.
President Obama has charged White House, Homeland
Security and cybersecurity officials, along with those at the Justice
Department, the F.B.I. and the intelligence agencies, with proposing solutions
to the technology access issue. They are still hashing out their differences,
according to law enforcement and administration officials.
Some Justice and F.B.I. officials have been frustrated
that the White House has not moved more quickly or been more outspoken in the
public relations fight that the tech companies appear to be winning, the law
enforcement officials said, speaking on the condition of anonymity because they
were not authorized to discuss the private conversations.
The White House, after months of study, has yet to
articulate a public response to the argument that a victory in the Microsoft
case would provide authoritarian governments, particularly those of China and
Russia, with a way to get access into computer servers located in the United
States.
“Clearly, if the U.S. government wins, the door is open
for other governments to reach into data centers in the U.S.,” Brad Smith,
Microsoft’s general counsel, said in a recent interview. Companies and civil
liberties groups have been sending in briefs of their own, largely opposing the
government’s surveillance powers.
Tensions between American technology leaders and the
government over access are hardly new: The Clinton administration was forced to
abandon plans to require technology manufacturers to build a small “clipper
chip” into their hardware systems to allow the government to unlock encrypted
communications.
Still, the nation’s phone companies ultimately supported
legislation requiring them to build access points into their digital networks
so they could comply with legal wiretap orders. (Tech companies like Apple and
Google are not telecommunications firms and not covered by the wiretap law.)
The politics today are far different. Stung by Mr.
Snowden’s revelations about how the National Security Agency had secretly
breached company networks — often without the companies’ knowledge — Apple,
Google and Microsoft are working to reassure customers around the world that
they are fighting efforts to give the United States government access to their
communications.
The businesses say they are seeing greater demand than
ever for built-in encryption — including the new operating system Apple
introduced last year for the iPhone, which James B. Comey, the F.B.I. director,
and other government officials have denounced as endangering efforts to thwart
criminals and terrorists.
“It’s important that we do not let these technological
innovations undermine our ability to protect the community from significant
national security and public safety challenges,” Sally Q. Yates, the deputy
attorney general, told Congress this summer.
At issue are two types of encoding. The first is
end-to-end encryption, which Apple uses in its iMessage system and FaceTime,
the video conversation system. Companies like Open Whisper Systems, the maker
of Signal, and WhatsApp have adopted such encryption for stand-alone apps,
which are of particular concern to counterterrorism investigators.
With Apple, the encryption and decryption are done by the
phones at either end of the conversation; Apple does not keep copies of the
message unless one of the users loads it into iCloud, where it is not
encrypted. (In the drug and gun investigation this summer, Apple eventually
turned over some stored iCloud messages. While they were not the real-time
texts the government most wanted, officials said they saw it as a sign of
cooperation.)
The second type of encoding involves sophisticated
encryption software on Apple and Android phones, which makes it all but
impossible for anyone except the user of the phone to open stored content —
pictures, contacts, saved text messages and more — without an access code. The
F.B.I. and local authorities oppose the technology, saying it put them at risk
of “going dark” on communications between terrorists and about criminal
activity on city streets. The American military is more divided on the issue,
depending on the mission.
The Justice Department wants Apple and other companies
that use end-to-end encryption to comply with the same kind of wiretap orders
as phone companies. Justice and some former law enforcement officials argue
that consumers want investigators to have the ability to
“If you ask about wiretap functionality in the broad
privacy context, you get one answer,” Mr. Terwilliger said. “If you ask it in
the context of a guy with a loose nuke, or some kind of device, you get a
different answer.”
Officials say a court fight with Apple is still an
option, though they acknowledge it would be a long shot. Some object that a
legal battle would make it harder for the companies to compromise, the law
enforcement officials said. They added that Apple and other companies had
privately expressed willingness to find common ground.
Apple declined to comment on the case for this article.
But company officials have argued publicly that the access the government wants
could be exploited by hackers and endanger privacy.
“There’s another attack on our civil liberties that we
see heating up every day — it’s the battle over encryption,” Timothy D. Cook,
the company’s chief executive, told a conference on electronic privacy this
year. “We think this is incredibly dangerous.”
Echoing the arguments of industry experts, he added, “If
you put a key under the mat for the cops, a burglar can find it, too.” If
criminals or countries “know there’s a key hidden somewhere, they won’t stop
until they find it,” he concluded.
The Microsoft case centers on whether the fact that data
is stored around the world relieves American firms of turning it over. The
government, which won in Federal District Court, has argued in its brief to the
appeals court that where the data is stored is irrelevant because the company
still has control of email records. The White House declined to comment because
the case is in litigation.
“People want to know what law will be applied to their
data,” Mr. Smith of Microsoft said. “French want their rights under French law,
and Brazilians under Brazilian law. What is the U.S. government going to do
when other governments reach into the U.S. data centers, without notifying the
U.S. government?”
Chinese firms already have plans to build facilities on
American soil that would store electronic communications, so the question may
be more than hypothetical. In its brief, Microsoft argues that Congress will
ultimately have to weigh in on the issue, since it is as much a political
matter as a legal one: “Only Congress has the institutional competence and
constitutional authority to balance law enforcement needs against our nation’s
sovereignty, the privacy of its citizens and the competitiveness of its
industry.”
A version of this article appears in print on September
8, 2015, on page A1 of the New York edition with the headline: Tech Companies
Tangle With U.S. Over Data Access.
Comments
Post a Comment