Forefront by TSMP: FBI vs Apple – Showdown at the I.T. Corral

CLOSE

Directory

Thio Shen Yi, SC

Joint Managing Partner

Litigation

Stefanie Yuen Thio

Joint Managing Partner

Corporate

Derek Loh

Partner

Litigation

Jennifer Chia

Partner

Corporate

Melvin Chan

Partner

Litigation

Ian Lim

Partner

Litigation

June Ho

Partner

Corporate

Kelvin Koh

Partner

Litigation

Ong Pei Ching

Partner

Litigation

Mark Jacobsen

Partner

Corporate

Felicia Tan

Partner

Litigation

Leon Lim

Partner

Corporate

Nanthini Vijayakumar

Partner

Litigation

Jeffrey Chan, SC

Senior Director

Litigation

Prof Tang Hang Wu, PhD

Consultant

Litigation

Prof Hans Tjio

Consultant

Corporate

Tania Chin

Director

Litigation

Mijung Kim

Director

Litigation

Raeza Ibrahim

Director

Litigation

Nicholas Ngo

Associate Director

Litigation

Kevin Elbert

Associate Director

Litigation

Benjamin Bala

Associate Director

Litigation

Vu Lan Nguyen

Associate Director

Litigation

Stephanie Chew

Associate Director

Litigation

Ernest Low

Associate Director

Corporate

Brenda Chow

Associate Director

Corporate

Heather Chong

Associate Director

Corporate

Nicole Lee

Associate Director

Corporate

Tay Quan Li

Senior Associate

Litigation

Lyn Toh Leng

Senior Associate

Corporate

Angela Chai Rui Min

Senior Associate

Litigation

Arthur Chin Yen Bing

Senior Associate

Litigation

Joshua Phang Shih Ern

Senior Associate

Litigation

Chow Jian Hui

Senior Associate

Corporate

Claudia Hui Ru Jun

Senior Associate

Corporation

R. Arvindren

Senior Associate

Litigation

Chia Wan Lu

Senior Associate

Litigation

Lau Tin Yi

Senior Associate

Corporate

Phoon Wuei

Senior Associate

Litigation

Terence Yeo

Senior Associate

Litigation

Juliana Lake

Senior Associate

Litigation

Sabrina Lim Su Ping

Senior Associate

Corporate

Kashib Shareef bin Ahmad Hussain

Associate

Corporate

Sherlyn Lim Li Xuan

Associate

Litigation

Kimberly Ng

Associate

Litigation

Vanessa Cheong Shu Qi

Associate

Corporate

Ryan Yap Cheah Jin

Associate

Litigation

Ang Kai Le

Associate

Litigation

Glenn Ng Qiheng

Associate

Litigation

Isaac Tay Zhuo Yan

Associate

Litigation

Markus Low Yu Wen

Associate

Corporate

Stasia Ong Pei Qi

Associate

Litigation

Sarah Kim Mun Jeong

Associate

Litigation

Yang Hai Kun

Associate

Corporate

Nicole Sim

Associate

Litigation

Ryan Ang

Associate

Corporate

Juvy Pang

Associate

Corporate

John Thomas George

Associate

Litigation

Pearlie Peh

Associate

Litigation

Arvind Soundararajan

Associate

Corporate

Perl Choo

Associate

Litigation

Forefront by TSMP

8 March 2016

FBI vs Apple – Showdown at the I.T. Corral

Big Tech takes on Big Brother, in the fight between personal privacy and public safety. Forefront: By TSMP considers the dilemma of state-sponsored hacking in a world increasingly torn apart by terrorist threats.

By Ian Lim

Cover photo credit: Unsplash.com

The San Bernardino Shooting

On 2 December 2015, Syed Rizwan Farook and Tashfeen Malik, parents of a six-month old baby girl, opened fire with semi-automatic weapons at a San Bernardino Public Health Department party. Farook was a born and bred American citizen, and his Pakistani-born wife held a Green Card. They were eventually shot dead by law enforcement officers, but not before they had tragically killed 14 people and seriously injured 22 in what is now called the “San Bernardino Shooting”. In the aftermath of the awful massacre, the FBI’s investigations revealed that the couple were “homegrown violent extremists … inspired by foreign terrorist organizations”. There was no indication that the radicalized couple were themselves part of a broader terrorist cell or organization.

The iPhone Impasse

Further investigations by the FBI are still ongoing, and these have now led to the present and very public stand-off between Apple and the FBI over Farook’s iPhone.

Seeking to unlock the iPhone to parse the information within, the FBI had obtained an order from the Central California District Court requiring Apple to provide the FBI with a version of iOS (the iPhone’s operating system) that would not contain the auto-erase data function. This is the default function that ordinarily kicks in to erase the iPhone’s data after 10 failed password attempts. The FBI would then be able to install this special iOS on Farook’s iPhone, allowing it to safely unlock the phone without risk of data deletion by sheer and overwhelmingly repeated trial and error, a hacking technique aptly known as “brute force”.

Apple has resolutely refused to comply with the Court order, hinging its public defiance mainly on its customers’ paramount right to privacy. It says that creating the iOS the FBI are asking for would give the agency a “master key” that could be used to unlock any of Apple’s other devices at any time, a gross overreach by the US Government. Predictably, the FBI says that public safety must be paramount, a valid argument in many quarters.

The impasse raises difficult public interest issues, sparking debate and dividing opinion. New media giants, Google, Facebook and Twitter, have all backed Apple’s defiance, while Microsoft founder Bill Gates wants Apple to render the assistance ordered by the court (interestingly, Microsoft itself appears to support Apple).

So who is in the right? Which side do we come down on when the competing interests of public privacy and safety cannot be concurrently served?

What if Mas Selamat had had an iPhone?

Mas Selamat bin Kastari was the infamous head of the Jemaah Islamiyah (JI) terrorist cell in Singapore who plotted an attack on Singapore’s Changi Airport more than ten years ago. Arrested in Indonesia and extradited to Singapore, he managed to escape from detention in Singapore (after a massive but ultimately fruitless manhunt) to Malaysia in 2008. He has since been recaptured and remains detained under the Internal Security Act to this day.

What if Mas Selamat had had an iPhone? Would Singapore law have allowed our authorities to compel Apple to essentially hack his phone in order to discover his whereabouts?

Under Singapore’s Criminal Procedure Code, the police have extensive powers of investigation. These include the power to access decryption information, and to require third parties to provide technical assistance for such decryption (upon the approval of the Attorney-General). It would then be an outright offence carrying stiff penalties for someone to fail to provide such cooperation. Whilst Singapore’s Personal Data Protection Act (PDPA) specifically protects data privacy, the Act expressly preserves Singapore police and authorities’ statutory powers of investigation.

The short answer then is: Yes, Apple could probably be compelled to provide the IOS software. Whether the Singapore authorities would be able to enforce this order would depend on whether Apple would be subject to the jurisdiction of the Singapore courts on this, or if we would need to apply to the courts in the US (and if so, how they would rule is much less certain).

Our Takeaways

What does this mean for us?

With Singapore’s small geographical footprint, our status as a logistics, transportation, financial and legal hub, we must aggressively defend our public safety. Very few people would argue against an order to hack a known terrorist’s iPhone if that could reveal more information to prevent further attacks.

But the act of creating and handing over that software to the government also means that the authorities have the ability to hack into any Apple phone. With two million iPhones in Singapore, one third of all mobile phone users in our city state would be affected. Who would police the police? We may believe in the integrity of our government officials but checks and balances are a necessary pillar of any legal system. We may need to create laws specifically designed to limit access to digital information in an IT age.

Or perhaps this is rushing to shut the stable door after the horse has bolted.

We are beating our chests about the provision of software tools to the government; what about the fact that this hacking ability is or could easily be fully available to Apple? Who controls the tech giant, and what assurance do we have that the creator of our mobile phone or our social media platform is not using the information for unscrupulous ends? And it’s not just Apple. Android devices are potentially even less secure due to the open source software systems they use.

Of course, most of us are not plotting the bombing of airports or the overthrow of governments. But all of us will have information we would rather remain private. A drunken admission that could be used in divorce proceedings by your spouse; an indiscreet comment about a company where one day you may apply for a job; an ill-conceived criticism of a government that pops up as a red flag on the screen of the immigration officer who has to decide if you should be allowed entry to that country.

If we recognize the twin truths of the internet age: that what we put in cyberspace is permanent and accessible (even if not by us), and public safety trumps personal privacy in an increasingly dangerous and militarized world, we might start to view our smart devices with a touch of suspicion, and think before we tweet.

This article is jointly written by Ian Lim, Executive Director and Alexander Pang, Senior Associate, TSMP Law Corporation.