Friday, 26 February 2016

FBI v. Apple, or, The Power of Words


Sometimes, reading the papers and listening to the news convinces me that my feet are firmly planted on planet earth even though I know I am hanging upside down over a chasm deep and wide. This has to do with the extraordinary power of words to alter perceptions of reality by re-framing it.

Take the recent kerfuffle between the FBI and Apple.  The FBI asked a US court to order Apple to create new software to get around the encryption system on one of Apple's phones. The court complied. Apple is appealing. It claims its First Amendment rights are being abrogated, that being forced to write a specific code is like being forced to make a specific speech and speech cannot be compelled.

Apple's phone encryption can be broken with about 10,000 tries, but its phones are designed to make their memories go phhhhhht! after ten unsuccessful attempts with the wrong password. The FBI has asked Apple to invent a method to break into the phone of the San Bernardino terrorist -- the nut-cake who killed and wounded so many of his colleagues at their annual Christmas party last year.  Why? His phone might reveal if he conspired with others. Apple has refused on the grounds that if they give in to this request, every tin pot dictator or authoritarian regime (especially China's) will demand the same sort of software key and then no one's information will be safe from wicked foreign governments, crooks, or terrorists. If we make this software,  Apple says, it will soon jump from the hands of the FBI to anyone with the cash to pay. The privacy of customers means everything, our entire business depends upon it, says Apple CEO Tim Cook.

This court battle has been portrayed by various journalists as an existential struggle between security and privacy, as if Apple's Tim Cook stands on the bridge, sword in hand, protecting us from governments run amok in the cause of making us safe. Simply repeating the phrase-- privacy versus security-- makes it seem as if we still have security and privacy to protect.

And there you have it, the false frame.

Recall, please, the first stories published in the Guardian and the Washington Post in the early summer of 2013 based on Edward Snowden's purloined documents. The first stories concerned a top secret order issued by the US FISA court (which does its business in secret), requiring the huge American phone company, Verizon, to hand to the NSA all the phone records of all of its US subscribers for a three month period. This was a shocker. Americans communicating with Americans were thought to be exempt from the NSA's signals snoopers. The second stories dealt with an NSA program called Prism. An NSA document copied by Snowden showed that from 2007 on, the NSA had gradually acquired direct access to the US based server systems of Microsoft, Google, Facebook, Skype, YouTube PalTalk, AOL, and Yahoo.  Apple joined Prism in 2012. Because most Internet traffic moves through servers in the US as it swishes around the globe, the NSA had what it calls home team advantage. By getting server access, it was able to grab the communications of pretty much every person -- American or foreign -- using the Internet. Through Prism, NSA acquired " email, video and voice chat, videos, photos, voice-over-IP (Skype, for example) chats, file transfers, social networking details and more."

When asked for comment, the companies involved said they had no knowledge of such a program. Apple executives in particular claimed never to have heard of Prism. These denials notwithstanding, the Guardian characterized the program this way:

"The Prism program allows the NSA, the world's largest surveillance organization, to obtain targeted communications without having to request them from the service providers and without having to obtain individual court orders. With this program, the NSA is able to reach directly into the servers of the participating companies and obtain both stored communications as well as perform real-time collection on targeted users."  

Also according to the Guardian, after the 2012 amendments to the Act which enables the FISA court, the NSA required neither individual authorizations by the court nor anything more than a reasonable suspicion that "one of the parties was outside the country at the time... records were collected by the NSA. The document also shows that the FBI acts as an intermediary between other agencies and the tech companies, and stresses its reliance on the participation of US Internet firms, claiming 'access is 100% dependent on ISP provisioning.' "

These revelations were a huge embarrassment to the named companies which had made many public statements declaring their commitment to the protection of their customers' private communications.

As if to amplify the issues of the FBI v. Apple case, the Citizen Lab at University of Toronto this week revealed that the Chinese company, Baidu, collects an incredible range of information about its Android phone users from the various apps they download. Millions of people around the world make use of these apps, not just citizens of China.

I read and reread these stories, trying to understand why Apple is making such a fuss about fighting the FBI's current demand, and why the FBI went to court to try and compel Apple to obey.

I think the answer is that their use of the words" privacy"  and "security" make both parties seem much better than they are. They create a false frame that makes us forget that our security is, at best, hit and miss, and that companies like Apple, Google, Microsoft, etc. let the privacy horse out of the barn many years ago.

No comments:

Post a Comment