The past week has been a good one for those of us who follow developments in digital privacy law and practice. Whether you like Apple or not, they have surfaced the important tension between our need for privacy and our need for protection. This discussion needs to be had – and the widespread media coverage has helped to educate a public that has been relatively oblivious to the relationship between privacy by encryption and security by surveillance.
Another, less divisive, lesson to be taken from the Apple vs. FBI dispute is that mobile device management (MDM) is important. The phone the FBI wants to hack into is a San Bernardino County issued iPhone. Organizations who provide smart phones to their employees have an obligation to consider the implications of the use, misuse, and loss of that device. MDM is software that allows an IT department to manage the device and it’s contents remotely. Among other things, it can control the apps that are installed, remotely erase all data, and unlock the phone. Although San Bernardino County was paying for MDM, it had not yet been installed on the phone in question.
For IT departments still struggling to keep up with the ever-increasing calls for more devices, a faster move to the cloud, and greater IT flexibility for its workforce, the MDM lesson is valuable. Progress is important, but so is the protection and control of information. Build privacy, security and information governance into your IT planning and deployments. It is a good investment.
Apple CEO Tim Cook has responded forcefully to U.S. Magistrate Judge Sheri Pym’s order that Apple assist the FBI in hacking into an iPhone used by one of the assailants in the December 2015 San Bernardino shootings.
To be clear, Apple is already helping the FBI in the investigation, complying with with production orders and making Apple engineers available to advise them. What Apple is refusing to do is to build a new operating system that will bypass security features to let the FBI hack in to the iPhone.
Cook has released a compelling statement explaining why he will fight the order. His eloquent response captures the essence of the tension between privacy by encryption, and security by surveillance. The erosion of privacy is a slippery slope, and Cook points out the dangerous precedent this order sets. “The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.”
Cook concludes with his fear that the consequences of the FBI compelling them to build a backdoor “would undermine the very freedoms and liberty our government is meant to protect.”
The other compelling reason for Apple to oppose this order is economic. Privacy matters to consumers. Apple has invested heavily in its security model, and that investment is paying huge dividends. This response gave Cook the opportunity to reinforce Apple’s security philosophy and, if they are successful in their challenge, it may help to sell more iPhones.
Jian Ghomeshi is not being promoted as a role model for much these days. However, his sexual assault trial is offering up some pretty solid lessons about the potential for long forgotten (or whatever you want to call it) electronic evidence to take centre stage in a factual inquiry.
Ghomeshi’s accusers, after the alleged assaults (which were over a decade ago) continued to communicate with him by email. Those communications were apparently not disclosed to the Crown. But Ghomeshi had kept them, and his lawyer, Marie Henein, used them well. If Ghomeshi does not take the stand (as he is expected not to) we may never know whether he hoarded all of his communications, or just those he thought may help him some day. Either way, he has capitalized on his digital archives.
One important lesson is not to underestimate the potential of a digital history. In a high stakes game, it is worth digging deep into the digital landfill. Yes, it is complicated and can be expensive, but sometimes the payoff is worth it – no matter which side you are on.