Litigation , Mobility , Privacy

FBI Unlocks iPhone; Lawsuit Against Apple Dropped

Justice Department Won't Characterize Data Retrieved from Shooter's Smartphone
FBI Unlocks iPhone; Lawsuit Against Apple Dropped

The FBI has successfully retrieved data off the iPhone used by one of the San Bernardino shooters and is withdrawing its motion to have a federal court order Apple to help the government unlock the phone, according to the Department of Justice (see: Feds Obtain Delay in Apple Hearing).

See Also: Faster Payments, Faster Fraud?

A federal law enforcement official, briefing reporters on March 28, said the FBI is reviewing the information on the phone, "consistent with standard investigatory procedures." He declined to characterize the information discovered on the iPhone.

But the law enforcement official, who requested anonymity, didn't rule out future court actions to compel technology companies to cooperate with law enforcement. "It remains a priority for the government to ensure that law enforcement can obtain crucial digital information to protect national security and public safety, either with cooperation from relevant parties, or through the court system when cooperation fails," the law enforcement official said. "We will continue to pursue all available options for this mission, including seeking the cooperation of manufacturers and relying upon the creativity of both the public and private sectors."

The Apple-FBI dispute has resulted in a national debate that pitted the needs of law enforcement to gain access to data for a criminal investigation, voiced by FBI Director James Comey, against the security and privacy rights of users of technologies such as the iPhone, championed by Apple's CEO, Tim Cook, and many others in the IT sector (see FBI Versus Apple: A Lose-Lose Situation).

Retrieval Method Tailored for iPhone 5c

The law enforcement official would not describe how the iPhone was unlocked with the help of a third party, although he said the technique was designed specifically for an Apple iPhone 5c running iOS 9, the type of device used by Syed Rizwan Farook. In a Dec. 2 workplace rampage, Farook and his wife, Tashfeen Malik, shot and killed 14 of his coworkers at a San Bernardino County Department of Public Health event. Later that day, authorities recovered the iPhone after police killed Farook and Malik in a shootout. The official said it was premature to speculate whether the method used to unlock the iPhone in this case could be used on other smartphones.

The official said it's too early to decide whether the FBI would share the technique with Apple so it could patch the vulnerability in its iPhone 5c. "Right now, we're focused on the San Bernardino case," he said. "We can't comment on the possibility of future disclosures at this time."

Sharing Technique with Apple Urged

Andrew Crocker, a staff attorney for the advocacy group Electronic Frontier Foundation, says the FBI should disclose the technique to Apple, citing a recent revision in a government policy known as the Vulnerabilities Equities Process, or VEP. VEP establishes a process that allows the government to keep secret software vulnerabilities in national security matters, but encourages their dissemination in other instances. "If the FBI used a vulnerability to get into the iPhone in the San Bernardino case, the VEP must apply, meaning that there should be a very strong bias in favor of informing Apple of the vulnerability," Crocker writes in a blog. "That would allow Apple to fix the flaw and protect the security of all its users."

In a 2014 blog, following revelations that the National Security Agency had known about the Heartbleed vulnerability before it was made public, White House Cybersecurity Coordinator Michael Daniel unveiled an interagency process aimed to limit the government from keeping software bugs secret (see White House Policy on Disclosing Cyberflaws). The process, Daniel explained, "helps ensure that all of the pros and cons are properly considered and weighed. ... We weigh these considerations through a deliberate process that is biased toward responsibly disclosing the vulnerability, and by sharing this list we want everyone to understand what is at stake."

The law enforcement official said he hopes this case doesn't preclude Apple and government authorities from cooperating in other cases.

Apple Responds

Apple , in a statement, said it objected to the FBI's demand that it build a backdoor into the iPhone because "we believed it was wrong and would set a dangerous precedent. As a result of the government's dismissal, neither of these occurred. We will continue to help law enforcement with their investigations, as we have done all along, and we will continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated."

Alex Abdo, an American Civil Liberties Union staff attorney, sees the battle between the government and technology providers as continuing. "This case was never about just one iPhone," Abdo says. "This news appears to be just a delay of an inevitable fight over whether the FBI can force Apple to undermine the security of its own products."

The law enforcement official said the FBI was aided in retrieving the data by a non-government organization but declined to say whether that organization was based in the United States. The Israeli newspaper Yedioth Ahronoth last week identified the Israeli mobile forensics software provider Cellebrite as the company coming to the bureau's rescue. Cellebrite declined to comment on the report.

On Feb. 16, a federal magistrate granted a motion by the Justice Department to compel Apple to help unlock Farook's iPhone, which was owned by the county government. A day later, Apple CEO Tim Cook blasted the order, saying the company would oppose it (see Apple Blasts Judge's iPhone Backdoor Order ).

Last week, the Justice Department filed a motion to delay ordering Apple to cooperate, revealing a third party had come forward to help it unlock the password-protected phone. The court delayed a hearing on the case to April 5. The government's March 28 filing seeks to end the case.

About the Author

Eric Chabrow

Eric Chabrow

Host & Producer, ISMG Security Report; Executive Editor, GovInfoSecurity & InfoRiskToday

Chabrow hosts and produces the semi-weekly podcast ISMG Security Report and oversees ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network