Ending one of the most public debates regarding cybersecurity and privacy in recent memory, the Federal Bureau of Investigation (FBI) dismissed its case against Apple over the government's ability to hack into a dead terrorist's iPhone for evidence, claiming that they had found a third party that was able to do it, for them.
While we covered the details of the case in detail here, the basic facts bear repeating: In the aftermath of the December 2, 2015, terrorist attacks in San Bernadino, California – where 14 people were killed and another 22 wounded – the FBI found the iPhone of one of the attackers, Syed Rizwan Farook. The FBI wanted to gain access to Farook's phone to gather evidence, but the encryption on the phone included a triggering mechanism that would wipe the phone's data if the passcode was entered incorrectly enough times. The FBI asked the maker of the phone, Apple, to break into it for them. Apple refused, claiming that not only did they not have the keys to do it, but they would not hack into a phone, for privacy concerns.
On March 29, the case took a turn when the FBI suddenly announced that they were dropping the case against Apple. The government agency claimed that they had found a third party who would provide the software necessary to break into the model phone – an iPhone 5C – making the lawsuit needless.
After all of the publicity and the heated debate about cybersecurity, your privacy, and the government's ability to intrude on it, the situation was suddenly and anti-climatically over.
But that does not mean that the underlying issue has gone away. In fact, the resolution between Apple and the FBI over Farook's iPhone is only a disturbing delay in the cybersecurity debate that is sure to flare up in the near future, all over again.
An important aspect of the case is that the hack was provided by a private party – allegedly an Israeli cybersecurity firm – and not a government agency. Your privacy is not protected by the Bill of Rights, including your right to not be victimized by unreasonable searches or seizures, if the intruder is a private company. That the FBI so willingly let a private organization do their investigating for them is eyebrow-raising.
However, the aftermath of the FBI's announcement that it had hacked into Farook's iPhone is perhaps, even more, disconcerting: State and local law enforcement agencies are now clamoring to be told how it was done, and the FBI has always expressed an interest in helping them out. Criminal defense attorneys across the country had predicted this – the FBI would want to break into a dead terrorist's phone now, but tomorrow it would be local police, trying to break into a U.S. citizen's phone to investigate a low-level offense. The slippery slope argument that we had warned against is coming true. The only thing that can stop it from happening is Apple's cybersecurity team coming up with a patch to prevent the hack. But once this is done, it will only be a matter of time before it all happens, again.