Encryption Backdoors Come In All Guises – Reacting to Apple’s Customer Letter Thumbnail
Encryption 17 February 2016

Encryption Backdoors Come In All Guises – Reacting to Apple’s Customer Letter

By Christine RunnegarSenior Director, Internet Trust

Have you ever lost your smartphone or had it stolen? Have you ever worried that your passcode may not be strong enough? Didn’t you have a sigh of relief when you remembered that you had enabled the feature that would erase your data after 10 failed attempts?

The Internet Society is very concerned to learn about the recent order from the United States District Court for the Central District of California  requiring Apple to bypass or disable the auto-erase function on a seized iPhone and to enable the FBI to more effectively conduct a brute force attack on the device. Yes, the order is for only one device and sought for good intentions (i.e. law enforcement), but as Apple’s CEO points out:

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The order is, in essence, asking Apple to build a means to attack the security measures it has put in place to protect its users’ data from malicious actors.

While not technically an “encryption backdoor”, it could have the same practical effect.

Further, this approach is contrary to the spirit of the Secure the Internet petition recommendations, specifically:

  • Governments should not mandate the design … or vulnerabilities into tools, technologies, or services.
  • Governments should not require that tools, technologies, or services are designed or developed to allow for third-party access to unencrypted data ….
  • Governments should not, either by private or public agreement, compel or pressure an entity to engage in activity that is inconsistent with the above tenets.

which the Internet Society has signed to show its support for these guiding principles.

There is no doubt that having access to information is vital for law enforcement, and we are mindful of those needs, but we believe this outcome is not the solution.

We agree with Apple and others that there needs to be an open, transparent, public discussion about these issues.

On our main encryption page we provide links to resources, articles and projects that we support. We encourage you to review those materials and to share them widely.

We do not believe backdoors – in any guise – will help bring about a more trusted Internet. Please join with us in working to find solutions!

P.S. If you are an Internet Society member (or want to join – it’s free), you can discuss this in our Connect forums.


Image credit: Erich Ferdinand on Flickr. CC BY

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related Posts

Encryption 10 December 2024

Global Encryption Day Panel Highlights Encryption’s Role in Children’s Online Safety

Encryption is a tool that ensures privacy for all online users, including children. In our panel, we heard from...

Encryption 19 July 2024

Encryption Is a Preventative Tool that Protects Children

Encryption is one of the best tools we have to help keep children safe online. Child safety and encryption...

Strengthening the Internet 30 May 2024

Bill S-210 Threatens Canadians’ Access to the Internet 

Canadian Bill S-210 threatens to break the Internet in Canada and fragment Canadians' access. Help spread the word that...