The United States Attorney General William Barr announced this week that the government has asked Apple to unlock two encrypted iPhones belonging to the perpetrator of last month’s fatal shooting at a naval base in Pensacola, Florida. Barr called the attack an act of terrorism, saying that access to the shooter’s devices would protect Americans.
What the attorney general misses is that his request could endanger us all: it would require companies to weaken the encryption that keeps our digital lives safe and secure.
Apple encrypts iPhones in such a way that even the company’s own engineers cannot unlock the devices. To comply with the government’s request, Apple would likely have to build special software to weaken every iPhone’s security, opening the door to government snooping and letting hackers exploit devices. Barr did not say why the government believes the information on the devices of the shooter, who killed three sailors and wounded eight others before he was killed, merits such an invasive measure.
Device encryption protects your most important digital information – details about your finances, sex life, family, and political views – from exploitation and surveillance. Journalists, whistleblowers, and activists rely on encrypted iPhones to stay safe around the world. Repressive governments and malware developers alike would be quick to exploit weakened security to harm Apple’s users.
This week’s request is just the latest attempt by the US government to weaken strong encryption for law enforcement purposes. In October 2019, Attorney General Barr demanded that Facebook halt plans to implement encrypted messaging on its platforms, citing the need for law enforcement to access that data in investigations.
Four years ago, the US government used a court order to try to force Apple to decrypt an iPhone owned by a perpetrator of a horrific attack in California. When Apple challenged the court order, the FBI paid professional hackers to break into the phone instead.
The US’ obligation to investigate and prosecute those involved in the tragic Pensacola attack isn’t a green light to override the cybersecurity of hundreds of millions of iPhone users. The US government should withdraw its request and not resort to court orders to force Apple to systematically weaken iPhone protections. Apple should also continue to stand firm on its commitment to its users and their human rights.