Apple has become privacy’s unfortunate champion

On Tuesday night, news crews surrounded the Apple store on Fifth Avenue near Central Park in Manhattan. But for once, the press wasn’t there to cover the launch of the latest iPhone. About two dozen people had gathered behind metal barricades across from the tech company’s glowing glass cube storefront, braving bone-chilling winds and freezing rain to chant slogans and display signs on the screens of their smartphones that said “Don’t break our phones” and “Secure phones save lives.”

The rally, one of dozens organized in cities across the country by the activist group Fight For the Future, was in support of Apple, which recently challenged an unprecedented court order demanding the company help the U.S. government hack an iPhone used by one of the attackers involved in last December’s mass shooting in San Bernardino, California, that left 14 people dead. In doing so, it plunged into a legal fray that few companies have the conviction — let alone the resources — to fight.

It’s strange and slightly unnerving to see people rally in support of a multibillion-dollar corporation, but Apple has earned this praise for good reason. Over the last few years, the computing conglomerate and its CEO Tim Cook have quietly become a bulwark of digital security and privacy, most notably through improvements in the encryption of mobile devices that prevent any third party, including the company, from accessing users’ data. This is the result of smart design: In order to protect customers’ private messages and data, Apple chose to engineer out every point of failure, including itself.

The U.S. Department of Justice has grown frustrated with this security model, claiming that Apple’s design places the company’s need to maintain its public image above its need to comply with the law. In a court filing responding to the company’s public defiance of the order, the government accused Apple of “marketing its products to allow technology, rather than the law, to control access to data.”

The government’s claim ignores both the consequences of Apple’s compliance and why companies started locking down their products in the first place. If the aftermath of National Security Agency whistleblower Edward Snowden’s revelations proved anything, it’s that allowing encryption technology to control access to data is now the only effective way Americans can protect their information when the law fails or refuses to do so. Apple may be posturing to maintain its reputation, but that reputation is built on providing something that consumers desperately need and want — and that governments fail to provide.

Still, the government’s criticism touches on a legitimate point, which is the undemocratic and ultimately dangerous prospect of outsourcing defense of our data and rights to giant corporations. As disturbing as the government’s request is, it can be similarly uncomfortable to see Apple painted as some kind of savior protecting us from an all-powerful Big Brother. 

Lest we forget, the company’s electronics empire was built on the backs of mistreated Chinese factory workers, Congolese coltan miners exploited by violent militias, and countless people in Asia and Africa suffering from toxic e-waste generated by the company's unsustainably designed products. Apple also routinely polices the content of software available on its walled garden App Store, issuing opaque and arbitrary rulings that impose strict limits on the range of acceptable political speech. (In the past, forbidden topics have included U.S. military drone strikes, suicide and unsurprisingly, the ethical issues of manufacturing smartphones.)

It's not the first time activists have rallied around large corporations to defend their rights. In 2014, a successful campaign for net neutrality, which challenged greedy Internet service providers’ plans to divide the Internet into fast and slow lanes, was significantly emboldened by the advocacy of large tech firms such as Netflix, Facebook and Google. Before that it was the Stop Online Piracy Act, the maligned Internet censorship bill disguised as an anti-piracy measure; that effort was also defeated, thanks in large part to Silicon Valley companies aligning with grass-roots activists. At this point, it’s assured that whenever digital rights are threatened, the ensuing protests must be uncomfortably couched by the endorsements of sympathetic tech firms, who lend their lobbying power to make these causes “legitimate” in the eyes of our representatives and the media.

In the San Bernardino mass shooting case, the stakes are especially high. The government’s demands would impact not only Apple and its customers, but the entire architecture of trust which underpins the technology industry. That’s because for Apple to comply with the order, it needs to build a modified version of its iOS operating system that disables several security measures, including one that wipes the device’s memory when the passcode is entered incorrectly 10 times. With that restriction removed, investigators would be free to “brute force” the code by trying every possible combination.

In order for the malicious version of iOS to properly load onto the device, Apple will also need to cryptographically sign it with a special key, just as it does for legitimate software updates. If the U.S. government shows it can legally force a company to use its trusted credentials to create malware, users will no longer have any reason to trust the updates that are routinely delivered to their devices. There will no longer be any legal or technical barriers preventing the government from unlocking any iPhone. And once the U.S. has this ability, China, Russia and other unscrupulous governments around the world will finally be on terra firma to demand the same.

In other words, what Apple’s critics misleadingly frame as privacy versus public safety is actually a battle between security and pervasive vulnerability.

Americans look to companies such as Apple for security because they simply have no alternatives. There is no political party in the U.S. that supports funding strong encryption or promises to reign in overzealous government surveillance. The sad reality is that if the average person wants digital security, their only option is to vote with their money. This is made worse by the fact that Apple’s secure iOS devices are prohibitively expensive compared to their much cheaper and much less secure competitor, Android. The result is what American Civil Liberties Union technologist Chris Soghoian calls the “digital security divide” in which poorer members of society are priced out of technologies to keep their data secure.

It’s crucial that Apple wins its case and prevents a dangerous legal precedent for being set. But ultimately, we will need to find ways to replace corporate allies with robust privacy laws, public investment in encryption, and government accountability.