Litigation , Mobility , Privacy
Justice Department Won't Characterize Data Retrieved from Shooter's Smartphone
The FBI has successfully retrieved data off the iPhone used by one of the San Bernardino shooters and is withdrawing its motion to have a federal court order Apple to help the government unlock the phone, according to the Department of Justice (see: Feds Obtain Delay in Apple Hearing).
See Also: Secure, Agile Mobile Banking: Keeping Pace with Last Best User Experience
A federal law enforcement official, briefing reporters on March 28, said the FBI is reviewing the information on the phone, "consistent with standard investigatory procedures." He declined to characterize the information discovered on the iPhone.
But the law enforcement official, who requested anonymity, didn't rule out future court actions to compel technology companies to cooperate with law enforcement. "It remains a priority for the government to ensure that law enforcement can obtain crucial digital information to protect national security and public safety, either with cooperation from relevant parties, or through the court system when cooperation fails," the law enforcement official said. "We will continue to pursue all available options for this mission, including seeking the cooperation of manufacturers and relying upon the creativity of both the public and private sectors."
The Apple-FBI dispute has resulted in a national debate that pitted the needs of law enforcement to gain access to data for a criminal investigation, voiced by FBI Director James Comey, against the security and privacy rights of users of technologies such as the iPhone, championed by Apple's CEO, Tim Cook, and many others in the IT sector (see FBI Versus Apple: A Lose-Lose Situation).
Retrieval Method Tailored for iPhone 5c
The law enforcement official would not describe how the iPhone was unlocked with the help of a third party, although he said the technique was designed specifically for an Apple iPhone 5c running iOS 9, the type of device used by Syed Rizwan Farook. In a Dec. 2 workplace rampage, Farook and his wife, Tashfeen Malik, shot and killed 14 of his coworkers at a San Bernardino County Department of Public Health event. Later that day, authorities recovered the iPhone after police killed Farook and Malik in a shootout. The official said it was premature to speculate whether the method used to unlock the iPhone in this case could be used on other smartphones.
The official said it's too early to decide whether the FBI would share the technique with Apple so it could patch the vulnerability in its iPhone 5c. "Right now, we're focused on the San Bernardino case," he said. "We can't comment on the possibility of future disclosures at this time."
Sharing Technique with Apple Urged
Andrew Crocker, a staff attorney for the advocacy group Electronic Frontier Foundation, says the FBI should disclose the technique with Apple, citing a recent revision in a government policy known as the Vulnerabilities Equities Process, or VEP. VEP establishes a process that allows the government to keep secret software vulnerabilities in national security matters, but encourages their dissemination in other instances. "If the FBI used a vulnerability to get into the iPhone in the San Bernardino case, the VEP must apply, meaning that there should be a very strong bias in favor of informing Apple of the vulnerability," Crocker writes in a blog. "That would allow Apple to fix the flaw and protect the security of all its users."
In a 2014 blog, following revelations that the National Security Agency had known about the Heartbleed vulnerability before it was made public, White House Cybersecurity Coordinator Michael Daniel unveiled an interagency process aimed to limit the government from keeping software bugs secret (see White House Policy on Disclosing Cyberflaws). The process, Daniel explained, "helps ensure that all of the pros and cons are properly considered and weighed. ... We weigh these considerations through a deliberate process that is biased toward responsibly disclosing the vulnerability, and by sharing this list we want everyone to understand what is at stake."
Apple did not immediately reply to Information Security Media Group's request for comment.
The law enforcement official said he hopes this case doesn't preclude Apple and government authorities from cooperating in other cases.
Help Came from Outside Government
The law enforcement official said the FBI was aided in retrieving the data by a non-government organization but declined to say whether that organization was based in the United States. The Israeli newspaper Yedioth Ahronoth last week identified the Israeli mobile forensics software provider Cellebrite as the company coming to the bureau's rescue. Cellebrite declined to comment on the report.
On Feb. 16, a federal magistrate granted a motion by the Justice Department to compel Apple to help unlock Farook's iPhone, which was owned by the county government. A day later, Apple CEO Tim Cook blasted the order, saying the company would oppose it (see Apple Blasts Judge's iPhone Backdoor Order ).
Last week, the Justice Department filed a motion to delay ordering Apple to cooperate, revealing a third party had come forward to help it unlock the password-protected phone. The court delayed a hearing on the case to April 5. The government's March 28 filing seeks to end the case.
Watch for updates on this developing story