Burr-Feinstein (Anti-Crypto) Draft Legislation (updated June 7, 2016)

The Latest:

Security Win: Burr-Feinstein Proposal Declared ‘Dead’ for This Year (May 27, 2016) – EFF

Push For Encryption Law Falters Despite Apple Case Spotlight (May 27, 2016) – Reuters

Draft Bill: Text of the “The Compliance with Court Orders Act of 2016” (April 13, 2016)

Press Release by Burr and Feinstein (April 13, 2016)

Interesting Graphic on the Scope of the Bill: The Incredible Breadth of Feinstein-Burr (LawFare)

News Reports:

Senators Introduce Legislation to Compel Tech Companies to Submit Data to the Government (April 13, 2016) – Washington Post

Senate Intel Panel Releases Official Encryption Bill Draft (April 13, 2016) and Intel Chair: Encryption Bill Won’t Specify Noncompliance Penalties (April 12, 2016) – The Hill

Tech Industry and other Reaction:

Internet Association (IA) Statement on the Compliance with Court Orders Act of 2016 (April 11, 2016)

Bill That Would Ban End-to-End Encryption Savaged by Critics (April 8, 2016) – The Intercept

White House Declines to Support Encryption Legislation (April 7, 2016) – Reuters

Rep. Issa Says Senate Encryption Bill Is Flawed and Technically-Naive (April 8, 2016)

Analysis and Commentary:

Encryption Legislation: Critics Blinded by Outrage are Blinded to the Lessons (April 21, 2016) – Susan Hennessey at LawFare

Here’s What the Burr-Feinstein Anti-Crypto Bill Gets Wrong (April 15, 2016) – Riana Pfefferkorn in JustSecurity

Dumb, Delusional Senate Encryption Bill – Or Clever (April 17, 2016) – Jean-Louis Gassée in his MondayNote

The Burr-Feinstein Encryption Bill Is Probably D.O.A. (April 14, 2016) – FastCompany

Anti-Crypto Bill Continues to Miss the Point (April 14, 2016) – CDT

What If Feinstein-Burr Passes? – Paul Rosenzweig in LawFare

Related:

California Phone Decryption Bill Defeated (April 12, 2016) – Sacramento Bee

Encryption Legislation Advances in France (April 14, 2016) – Daniel Severson in LawFare

F.B.I. Tells Panel It Needs Hackers to Keep Up With Tech Companies (April 19, 2016) – New York Times

06/7/2016: 

Apple, the FBI and the All Writs Act (link round-up; updated 05.13.2016)

DOJ/FBI Vacate San Bernardino iPhone Case:

DOJ Motion to Vacate (pdf; 3 pages) (March 28, 2016) and Judge’s Order to Vacate (pdf; 1 page) (March 29, 2016)

Apple and DOJ Statements (March 28, 2016) – reproduced in a BuzzFeed article on the motion to vacate

U.S. Says It Has Unlocked iPhone Without Apple (March 28, 2016) – New York Times

“I guarantee you at some point, somebody told Director Comey, ‘good god, Jim, you’ve got to make this go away.'” – Jonathan Ździarski (@JZdziarski): March 28, 2016

Related: U.S. Government Drops New York iPhone Case After Third Party Gives It the Passcode (April 23, 2016) – Daily Dot

The San Bernardino iPhone Unlock:

Nothing Significant Found on San Bernardino iPhone So Far (April 13, 2016) – CBS News

FBI Paid Professional Hackers One-Time Fee to Crack San Bernardino iPhone (April 12, 2016) – Washington Post; and Apple iPhone Unlocking Maneuver Likely to Remain Secret (April 14, 2016) – Reuters

F.B.I. Director Suggests Bill for iPhone Hacking Topped $1.3 Million (April 21, 2016) – New York Times

FBI Says Method Used to Unlock iPhone Doesn’t Work with iPhone 5s or Newer (April 7, 2016) – TechCrunch

Apple Likely Can’t Force FBI to Disclose How It Got Data From Seized iPhone (March 28, 2016) – ArsTechnica; and the government’s Vulnerabilities Equities Process (pdf at the link; 14 pages). See also: Thank You for Hacking the iPhone, Now Tell Apple How You Did It (March 22, 2016) – BloombergBusiness weighing in on whether the FBI, if successful in getting into the San Bernardino iPhone, would be required to share with Apple the means it used.

What’s Next?

FBI’s Comey Expects More Litigation Over Access to Electronic Devices (May 11, 2016) – Reuters

Burr-Feinstein Draft Legislation – see my separate post here

A Possible Tool to Unlock the iPhone Means Something . . . or Nothing (March 22, 2016) – Susan Hennessy and Benjamin Wittes at LawFare:

“In the longer term, however, the episode changes nothing. It merely defers the important questions which we’re eventually going to have to resolve, either in the courts or in Congress or both:

• Does the All Writs Act apply to compel this type of assistance from an information service provider like Apple, or is such an order precluded by CALEA?

• If the All Writs Act does properly apply, what constitutes an undue burden under the controlling test in New York Telephone Company?

• Is there an obligation for the government to seek assistance from other federal agencies and the commercial sector before demonstrating that non-party assistance is required as a matter of necessity under the All Writs Act?

• More generally, what obligations do we want companies like Apple to have to cooperate with and assist law enforcement in the investigation and prosecution of their users?”

I would add to the Hennessy/Wittes list of questions to be resolved: if the All Writs Act does properly apply in order to compel assistance from a company such as Apple, how might the constitution (primarily, though not exclusively, the first amendment) limit the type and extent of assistance to law enforcement a court could require?

Repetitive Encryption Tirades Could Be Giving Way to Debate Over ‘Lawful Hacking’ (April 20, 2016) – The Intercept

The Encryption Debate Enters Phase Two (March 16, 2016) – Daniel Weitzner (Director of the MIT Internet Policy Research Initiative and Principal Research Scientist at the MIT Computer Science and Artificial Intelligence Lab) in LawFare; and A New Front in the Second Crypto War (March 15, 2016) – the generally pro-FBI/IC and often provocative Benjamin Wittes in LawFare; two important reads on what might come next regarding encryption – law and policy

WhatsApp Encryption Said to Stymie Wiretap Order (March 12, 2016) – New York Times

Why Do the Feds Usually Try to Unlock Phones? It’s Drugs, Not Terrorism (March 31, 2016) – Wired; and Measuring the ‘Darkness’ of ‘Going Dark’ – Just How Dark is Law Enforcement Going? (April 4, 2016) – Ryan Hagemann of the Niskanen Center with a similar point regarding the typical governmental reason to seek decryption (i.e., the drug war)

Court Orders, Filings and Schedules:

Magistrate Judge Sheri Pym’s February 16, 2016 Order (alternate link)

DOJ Motion to Compel Apple Compliance (pdf; 35 pages)(February 19, 2016)

Apple’s Motion to Vacate Order Compelling Apple to Assist Agents in Search, and Opposition to Government’s Motion to Compel Assistance (link is to pdf hosted at cryptome.org; the motion is approximately 36 pages without supporting documents and 415 pages with supporting documents) (alternate link to the motion without supporting documents at the New York Times: Apple’s Motion Opposing the iPhone Order and alternate link to the motion without supporting documents at DocumentCloud) (February 25, 2016) – My quick initial reaction before seeing the upcoming DOJ response: If the magistrate judge is inclined to get out of the mess created by her initial order, there appear to be adequate grounds to do so based solely on Apple’s All Writs Act arguments, without getting to the constitutional question (primarily 1st Amendment)

Apple Files Motion to Vacate the Court Order to Force it to Unlock iPhone (February 25, 2016) – TechCrunch

Apple Files Appeal in San Bernardino iPhone Case (March 2, 2016) – Politico

DOJ Reply Brief (March 10, 2016) (pdf, hosted at cryptome; 484 pages with supporting documents; main portion of filing = first 43 pages)

The Tone between Apple and the FBI is Now Openly Hostile; includes transcript of the reaction to the DOJ filing of Bruce Sewell, Apple’s general counsel and SVP of legal (March 10, 2016) – Verge

Apple Response to Latest DOJ Filing (March 15, 2016) (pdf; 33 pages without all supporting documents; alternative link to pdf (351 pages) hosted at cryptome.org with the supporting documents)

Apple’s Response To DOJ: Your Filing Is Full Of Blatantly Misleading Claims And Outright Falsehoods (March 15, 2016) – TechDirt

Amicus Briefs and Letters to Court in Support of Apple – Apple website

Pro-FBI/DOJ Amicus Briefs: California State Sheriffs, Police Chiefs and Peace Officers Associations, San Bernardino County DA, Federal Law Enforcement Officers Association (pdf is included within the collection of amicus briefs at the link), and the relatives of several San Bernardino shooting victims (March 3, 2016)

Schedule Re: Magistrate Judge’s Order – Arguments set for March 22, 2016 (link to judge’s scheduling order, including briefing schedule, here)

Magistrate Judge, at the request of the DOJ, Vacates the March 22nd Hearing (pdf; 3 pages) (March 21, 2016) – in order to allow the DOJ/FBI time to ascertain if a method of unlocking the San Bernardino terrorist iPhone, that was suggested by a ‘third party’ on March 20, 2016, in fact works. Also: Court Reporter’s Transcript (pdf; 12 pages) of the Oral Hearing on Monday, March 21, 2016 regarding the motion to vacate the March 22nd hearing. DOJ committed to filing a status update by April 5, 2016. The Magistrate Judge’s original order to compel Apple was stayed.

DOJ Motion to Vacate (pdf; 3 pages) (March 28, 2016) and Judge’s Order to Vacate (pdf; 1 page) (March 29, 2016)

Legal Analysis:

A Coherent Middle Ground in the Apple-FBI All Writs Act Dispute (March 21, 2016) – law professors Robert Chesney and Steve Vladeck at LawFare; and A friendly critique of the proposed Chesney/Vladeck ‘middle ground’ in the Apple/FBI disputes (March 21, 2016) – law professor Marty Lederman at JustSecurity

The Convoluted Logic Behind Apple’s ‘Obstruction’ of Law Enforcement (March 8, 2016) – Sarah Jeong at MotherBoard

A Primer on Apple’s Brief in the San Bernadino iPhone Fight (February 26, 2016) – law professor Robert Chesney at LawFare

Really Understanding Apple’s Legal Brief in the FBI Case (February 26, 2016) – Nilay Patel in Verge

The Law is Clear: The FBI Cannot Make Apple Rewrite its OS (March 16, 2016) – Susan Crawford at Backchannel

Apple’s iPhone Blunder (February 22, 2016) – Law professor Richard Epstein

Apple’s Strongest Legal Defenses Against the FBI (February 24, 2016) – Jason Koebler at MotherBoard

Preliminary Thoughts on the Apple iPhone Order in the San Bernardino Case (Part 1) and (Part 2): the All Writs Act and (Part 3): the Policy Question (February 18, 19 and 24, 2016) – Orin Kerr in the Washington Post

The Weak Main Argument in Judge Orenstein’s Apple Opinion (March 2, 2016) – Orin Kerr in the Washington Post

Trust, Apple, and the First Amendment (February 23, 2016) – Law professor Andrew Keane Woods at LawFare

Apple’s ‘Code = Speech’ Mistake (March 1, 2016) – law professor Neil Richards in MIT Technology Review; and Apple-FBI Fight Asks: Is Code Protected as Free Speech? (February 23, 2016) – Bloomberg; and Apple’s First Amendment Case Against the FBI (February 19, 2016) – Jason Koebler at MotherBoard

Why the Fourth Amendment Should Be Part of the Apple Case (February 29, 2016) – law professor Richard Re

CALEA Limits the All Writs Act and Protects the Security of Apple’s Phones and More CALEA and Why It Trumps the FBI’s All Writs Act Order (February 19 and 22, 2016) – Albert Gidari, Director of Privacy at Stanford’s CIS

DOJ Misleads Court on CALEA in the Apple Case (March 11, 2016) – Albert Gidari at Stanford CIS

Apple, the FBI, and the All Writs Act (February 19, 2016) – Michael Dorf at Dorf on Law

The Public Relations Battle:

The Behind-the-Scenes Fight Between Apple and the FBI (March 20, 2016) – Bloomberg

Full Transcript of TIME’s Interview With Apple CEO Tim Cook (March 17, 2016) – Time

Apple Encryption Engineers, if Ordered to Unlock iPhone, Might Resist (March 17, 2016) – New York Times. While I understand the sentiment, this strikes me as the kind of thing that might annoy the magistrate judge.

Video of President Obama speaking at SXSW on the FBI vs. Apple dispute (relevant portion: 01:16:00 to 01:27:35).

  “Shorter Obama at #SXSW on crypto: we need tech community to figure out a compromise that allows lawful access. (There, saved u 10 minutes.)” – Kevin Bankston (@KevinBankston): March 11, 2016

Obama Wants Nonexistent Middle Ground on Encryption; Warns Against ‘Fetishizing Our Phones’ (March 11, 2016) – The Intercept

President Obama Is Wrong On Encryption; Claims The Realist View Is ‘Absolutist’ (March 11, 2016) – TechDirt

Apple and U.S. Bitterly Turn Up Volume in iPhone Privacy Fight (March 10, 2016) – New York Times

Who’s for Apple and Who’s for the FBI: The Full List (March 4, 2016) – Fortune

Video of the House Judiciary Committee hearing on “The Encryption Tightrope: Balancing Americans’ Security and Privacy” (March 1, 2016)

The Apple-FBI Encryption Hearing Was Unexpectedly Hostile to the FBI Director (March 1, 2016) – Motherboard

Testimony of Susan Landau, Professor of Cybersecurity Policy Worcester Polytechnic Institute for House Judiciary Committee Hearing on ‘The Encryption Tightrope: Balancing Americans’ Security and Privacy’ (March 1, 2016) (pdf; 25 pages); See also: Bruce Sewell’s (Apple General Counsel and SVP) statement for the committee (pdf; 3 pages)

Apple’s Dear Customer Letter (February 16, 2016)

Apple’s FAQ for Customers: Answers to Your Questions about Apple and Security; related: Demystifying Apple’s FAQ – a Rebuttal (February 29, 2016) – Blair Reeves at LawFare

Apple’s Internal Employee Letter: In Employee Email, Apple CEO Tim Cook Calls For Commission On Interaction Of Technology And Intelligence Gathering (February 22, 2016; full text of employee email at the link)

Tim Cook’s Full 30-minute Interview on Apple’s Fight with the FBI; Apple’s CEO Says Federal Authorities are ‘Trampling Civil Liberties’ (February 24, 2016) – full ABC News interview available at Verge

The FBI Wants to Roll Back Safeguards that Keep Us a Step Ahead of Criminals (March 6, 2016) – Apple SVP Craig Federighi op-ed in the Washington Post

FBI Director Comey’s Statement (published at LawFare): We Could Not Look the Survivors in the Eye if We Did Not Follow this Lead (February 21, 2016)

Pro-Encryption Lawmakers See ‘Apple vs. FBI’ Fight as a Chance to Educate Congress (February 23, 2016) – DailyDot

In the Apple Case, a Debate Over Data Hits Home (March 13, 2016) – New York Times

Intelligence Community Viewpoint:

On Encryption Battle, Apple Has Advocates in Ex-National Security Officials (April 22, 2016) – New York Times

Encryption, Privacy Are Larger Issues Than Fighting Terrorism, Clarke Says (March 14, 2016) – NPR

Why the NSA is Staying Out of Apple’s Fight with the FBI (March 9, 2016) – Russell Brandon of The Verge on what is a very interesting question. See also NSA Is Mysteriously Absent From FBI-Apple Fight (March 3, 2016) – The Intercept

Technical Aspects:

Apple Policy on Bugs May Explain Why Hackers Would Help F.B.I. (March 22, 2016) – New York Times

My Take on FBI’s ‘Alternative’ Method (March 21, 2016) – Jonathan Zdziarski

One of the FBI’s Major Claims in the iPhone Case is Fraudulent (March 7, 2016) – Daniel Kahn Gillmor, Technology Fellow, ACLU Speech, Privacy, and Technology Project

In Apple vs. the FBI, There is No Technical Middle Ground (March 2, 2016) – MIT Technology Review

A Bomb on a Leash + Apple Should Own The Term ‘Warrant Proof’ + An Example of ‘Warrant Friendly’ Security + Mistakes in the San Bernardino Case (all March 11, 2016 except for the last, which is March 2, 2016 and updated on March 9th) – Jonathan Zdziarski

Members Of Congress Dismayed By FBI Director’s Lack Of Tech Knowledge (March 12, 2016) – Fast Company

San Bernardino iPhone Technically Can Be Hacked Without Apple, Researchers Say (February 21, 2016) – ABC News

Who Needs Apple When the FBI Could Hack Terrorist iPhone Itself (March 4, 2016) – Bloomberg

Common Software Would Have Unlocked San Bernardino Shooter’s iPhone (February 21, 2016) – CBS News

Code is Law and The Burden of Forensic Methodology on Apple and On FBI’s Interference with iCloud Backups and On Ribbons and Ribbon Cutters (February 17, 18, 21 and 23, 2016) – Jonathan Zdziarski

Apple Is Said to Be Trying to Make It Harder to Hack iPhones (February 24, 2016) – New York Times

Johns Hopkins Researchers Poke a Hole in Apple’s Encryption (March 21, 2016) – Washington Post

How Did Governments Lose Control of Encryption? (March 2, 2016) – BBC

The Ground Truth About Encryption and the Consequences of Extraordinary Access – Chertoff Group report (pdf; 28 pages)

On the San Bernardino Suspect’s Apple ID Password Reset (February 21, 2016) – Daring Fireball

Apple Says the Government Bungled Its Chance to Get That iPhone’s Data (February 19, 2016) – Kim Zetter in Wired

On FBI’s Interference with iCloud Backups (February 21, 2016) – Jonathan Zdziarski

FBI Rebuts Reports that County Reset San Bernardino Shooter’s iCloud Password without Consent (February 20, 2016) – Los Angeles Times

Apple’s iOS Security Guide on Passcodes and the Secure Enclave (February 17, 2016) – Daring Fireball

Apple Can Comply with the FBI Court Order (February 17, 2016) – Dan Guido at Trail of Bits Blog

A Technical Perspective on the Apple iPhone Case (February 19, 2016) – EFF

Some Notes on Apple Decryption of San Bernardino Phone (February 16, 2016) – Errata Security

No, Apple Has Not Unlocked 70 iPhones For Law Enforcement (February 18, 2016) – Matthew Panzarino

Most Software Already has a ‘Golden Key’ Backdoor: the System Update (February 27, 2016) – ArsTechnica

MSM Initial News Reports:

Apple Fights Order to Unlock San Bernardino Gunman’s iPhone (February 17, 2016) – New York Times

Apple Vows to Resist FBI Demand to Crack iPhone Linked to San Bernardino Attacks (February 17, 2016) – Washington Post

Background – Events Leading up to FBI’s Action:

US Government Pushed Tech Firms to Hand Over Source Code (March 17, 2016) – ZDNet

Secret Memo Details U.S.’s Broader Strategy to Crack Phones (February 19, 2016) – Bloomberg

Apple’s Line in the Sand Was Over a Year in the Making (February 18, 2016) – New York Times

How Tim Cook, in iPhone Battle, Became a Bulwark for Digital Privacy (February 18, 2016) – New York Times

Inside the FBI’s Encryption Battle with Apple (February 18, 2016) – Guardian

Apple vs. FBI: ‘Just This Once’? (February 23, 2016) – Julian Sanchez at JustSecurity

The List Of 12 Other Cases Where The DOJ Has Demanded Apple Help It Hack Into iPhones (February 23, 2016) – TechDirt

Why the Government Can’t Actually Stop Terrorists From Using Encryption (March 15, 2016) – Washington Post

Background – the All Writs Act:

Text of the All Writs Act (28 U.S. Code § 1651) in its entirety:

(a) The Supreme Court and all courts established by Act of Congress may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.

(b) An alternative writ or rule nisi may be issued by a justice or judge of a court which has jurisdiction.

Wikipedia entry, including a useful audio summary by Jonathan Mayer of the All Writs Act (see the audio link on the Wikipedia page)

The Centuries-Old Law the Government Wants to Use to Unlock a Terrorist’s iPhone (February 17, 2016) – Washington Post

The Obscure 1789 Statute That Could Force Apple to Unlock a Smartphone (October 13, 2015) – Sarah Jeong at MotherBoard

The Dangerous All Writs Act Precedent in the Apple Encryption Case (February 19, 2016) – New Yorker

Background – Selected Noteworthy All Writs Act Cases:

United States v. New York Telephone Co., 434 U.S. 159 (1977)

Price v. Johnston, Warden, 334 U.S. 266 (1948)

Pennsylvania Bureau of Corrections v. United States Marshals Service, 474 U.S. 34 (1985)

Background – Recent DOJ Use of the All Writs Act:

This Map Shows How the Apple-FBI Fight Was About Much More Than One Phone (March 30, 2016) – ACLU

Department of Justice Drops Brooklyn iPhone Case (April 22, 2016) – San Francisco Chronicle; and U.S. Government Drops New York iPhone Case After Third Party Gives It the Passcode (April 23, 2016) – Daily Dot

Justice Department Asks Judge to Revisit NY iPhone Case (March 7, 2016) – Reuters

pdf (51 pages) of the DOJ’s March 7, 2016 appeal to the United States District Court (Eastern District of New York) from Magistrate Orenstein’s rejection (pdf; 50 pages) of the Apple New York All Writs Act order. The appeal will be considered by Judge Margo Brodie.

Apple Wins Major Court Victory in a Case Similar to San Bernardino (February 29, 2016) – The Intercept

Judge Orenstein’s Order (pdf; 50 pages) (alternate links: here and here)

The Weak Main Argument in Judge Orenstein’s Apple Opinion (March 2, 2016) – Orin Kerr in the Washington Post

Apple v. FBI Primer #2: On Judge Orenstein’s Ruling in the Queens Meth Case (March 1, 2016) – law professor Robert Chesney at LawFare

Magistrate Judge Orenstein’s Order in the EDNY, Denying DOJ’s All Writs Act Request (February 29, 2016) – law professor Marty Lederman at JustSecurity

DOJ Claims Apple Should Be Forced To Decrypt iPhones Because Apple, Not Customers, ‘Own’ iOS (October 26, 2015) – TechDirt

The All Writs Act, Software Licenses, and Why Judges Should Ask More Questions (October 26, 2015) – Jennifer Granick and Riana Pfefferkorn at JustSecurity

Some Academic Papers of Potential Relevance:

1st Amendment: Metaphor is the Key: Cryptography, the Clipper Chip, and the Constitution – A. Michael Froomkin (1995)

4th Amendment: Furtive Encryption: Power, Trust, and the Constitutional Cost of Collective Surveillance – Jeffrey Vagle (2015); and related: Why the Fourth Amendment Should Be Part of the Apple Case – law professor Richard Re

Background – Crypto Wars 1.0, 2.0 and Backdoors:

Keys Under Doormats: Mandating Insecurity by Requiring Government Access to All Data and Communications (pdf; 34 pages) – MIT Computer Science and Artificial Intelligence Laboratory Technical Report (July 6, 2015)

Encryption: Selected Legal Issues (pdf; 29 pages)(March 3, 2016) – Richard M. Thompson II and Chris Jaikaran of the Congressional Research Service; and Encryption and Evolving Technology: Implications for U.S. Law Enforcement Investigations (pdf; 12 pages) – Kristin Finklea of the Congressional Research Service

Keeping Secrets: Four Decades Ago, University Researchers Figured out the Key to Computer Privacy, Sparking a Battle with the National Security Agency that Continues Today. (November 7, 2014) – Henry Corrigan-Gibbs (Stanford Magazine)

Encryption and Globalization – a 2011 academic paper (Columbia Science and Technology Law Review, Vol. 23, 2012) by Peter Swire and Kenesa Ahmad, which includes a brief summary of the original 90’s “Crypto Wars”

A History of Backdoors and How Do We Build Encryption Backdoors? (July 20, 2015 and April 16, 2015) – Professor Matthew Green (Johns Hopkins) at his A Few Thoughts on Cryptographic Engineering blog

“Don’t Panic – Making Progress on the ‘Going Dark’ Debate” – Berkman Center Report (overview here; the Report pdf here (37 pages, including notes and appendices)) (February 1, 2016)

Why Are We Fighting the Crypto Wars Again? (March 11, 2016) – Steven Levy at Backchannel

Tech Industry Reaction:

Apple Gets Tech Industry Backing in iPhone Dispute, Despite Misgivings (March 2, 2016) – New York Times; and Solidarity With Apple Masks Unease In Silicon Valley About Legal Fight Over Dead Terrorist’s iPhone (February 29, 2016) – International Business Times

Amicus Briefs and Letters to Court in Support of Apple – Apple website

Statement of Reform Government Surveillance coalition (including AOL, Apple, Dropbox, Evernote, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo)(February 17, 2016)

Analysis and Opinion – Pro-FBI:

NSA Isn’t the Going Dark Solution, Part I: Richard Clarke Gets It Wrong (March 24, 2016), NSA Isn’t the Going Dark Solution, Part II: There’s No Such Thing As Magic (March 25, 2016), NSA Isn’t the Going Dark Solution, Part III: “Beat Me If You Can” (March 25, 2016), and The Very Definition of Digital Age Chutzpah (March 23, 2016) – LawFare (Susan Hennessy, except for the last, written by Benjamin Wittes)

Apple is Selling You a Phone, Not Civil Liberties (February 18, 2016) – Susan Hennessy and Benjamin Wittes at LawFare; and previously (February 3, 2016) at LawFare by Susan Hennessy: Apple’s Going Dark Doublespeak

Apple’s iPhone Blunder (February 22, 2016) – Law professor Richard Epstein

Questions for Apple (March 1, 2016) – Susan Hennessy and Benjamin Wittes at LawFare

Apple’s Crocodile Tears (March 2, 2016) – law professor Omri Ben-Shaham at TAP

Apple’s Rotten Core; CEO Tim Cook’s Case for Not Aiding the FBI’s Anti-Terror Effort Looks Worse Than Ever (February 28, 2016), and Tim Cook’s Bad Apple Refusing to Cooperate with the FBI is About Protecting the Brand, Not iPhone Users (February 21, 2016) – Gordon Crovitz in the Wall Street Journal (subscription required)

Who Does Apple Think It Is? (February 20, 2016) – Michael Wolff in USA Today

Why Apple’s iPhone Battle with the Government will Likely be a Privacy Setback (February 18, 2016) – Vivek Wadhwa in The Washington Post

  “The war on terror can’t be a war on one of world’s great religions. Jim Comey must give a speech calling Apple a religion of peace.” – Stewart Baker (@stewartbaker): February 22, 2016

The China Question and Other International Ramifications:

Apple Refused China Request for Source Code in Last Two Years (April 20, 2016) – Reuters

A View of ISIS’s Evolution in New Details of Paris Attacks (March 19, 2016) – New York Times on the operational security (e.g., use of burner phones rather than encrypted iPhones) of the Paris attackers

UK Surveillance Powers Bill Could Force Startups to Bake in Backdoors (March 10, 2016) – TechCrunch

Feds Fire Back on San Bernardino iPhone, Noting that Apple has Accommodated China (March 10, 2016) – ArsTechnica

The World’s Not Waiting for California: France Moves to Enforce Decryption (March 7, 2016) – Daniel Severson at LawFare; and France Clears Bill That Could Force Apple to Unlock Terror Data (March 8, 2016) – Bloomberg News reporting on the lower house of the French Parliament clearing the proposed bill (which still has a ways to go before it could become law)

British Spy Agency Chief Says Tech Companies Should Provide a Way Around Encryption (March 8, 2016) – MIT Technology Review

Deposing Tim Cook (February 25, 2016) – Stewart Baker in the Washington Post posing questions to Apple about the extent of its cooperation with Chinese authorities

Apple in China, Part I: What Does Beijing Actually Ask of Technology Companies? (February 22, 2016) – Samm Sacks at LawFare

Apple is Reportedly Giving the Chinese Government Access to its Devices for ‘Security Checks’ (February 23, 2015) – Quartz

Other Analysis and Opinion – Largely Pro-Apple:

Some For-the-Moment Final Thoughts on Apple, Encryption and the FBI (April 7, 2016) – David Post in the Washington Post

John Oliver Explains Why Apple Needs Encryption to Stay a Step Ahead of Hackers (March 14, 2016) – video embed (18 minutes) at The Verge

  “Reminder: Farook destroyed his + wife’s personal phones. There isn’t jack on his work iPhone. He didn’t even bother to hit it with a hammer.” – SecuriTay (@SwiftOnSecurity): March 10, 2016

The Feds Are Wrong to Warn of ‘Warrant-Proof’ Phones (March 17, 2016) – professor Woodrow Hartzog in the MIT Technology Review

Why This iPhone?- One Thing Getting Lost in the Apple-FBI Debate: It Doesn’t Seem Likely that the Device in Question will Yield any Critical Information (February 19, 2016) – Marcy Wheeler in Slate

Apple, FBI, and Software Transparency (March 10, 2016) – Bryan Ford at Freedom to Tinker

Apple Is Right on Encryption; the FBI Doesn’t Want Merely One Phone, and Its Warrant is Legally Suspect (March 1, 2016) – Wall Street Journal Editorial Board

The Apple Case Will Grope Its Way Into Your Future (February 24, 2016) – Farhad Manjoo in the New York Times

Why Apple Is Fighting Not To Unlock iPhones For The Government (February 17, 2016) – Matthew Panzarino at TechCrunch

How to Destroy Pandora’s iPhone (February 26, 2016) – Nicholas Weaver at LawFare

Apple’s FBI Battle is Complicated; Here’s What’s Really Going On (February 18, 2016) – Kim Zetter at Wired

Feeble Noise Pollution; FBI, Apple, Liberty, Security, blah blah blah (February 19, 2016) – the Grugq

Dissecting And Dismantling The Myths Of The DOJ’s Motion To Compel Apple To Build A Backdoor (February 19, 2016) – TechDirt

On Preventing the Widespread Use of a Law-Enforcement-Friendly iOS Patch and Apple and FBI: PIN Codes to Update Firmware, Code as Free Speech, and Legislative Clarification (February 25 and 26, 2016) – Herb Lin at LawFare

Decrypting an iPhone for the FBI (February 22, 2016) – Bruce Schneier

The iPhone Writ Large (February 19, 2016) – Derek Bambauer at Info/Law

Obama Administration, FBI Must Act to Restore US Government’s Credibility in Apple’s Encryption Debate (February 25, 2016) – AppleInsider on what it deems the FBI’s disingenuous positioning (e.g., it’s not about precedent) in the San Bernardino case

The Conscription of Apple’s Software Engineers (February 18, 2016) – Conor Friedersdorf in The Atlantic

Apple, the FBI, and the San Bernadino iPhone (February 17, 2016) – Dan Wallach at Freedom to Tinker

Not a Slippery Slope, but a Jump off the Cliff (February 17, 2016) – Nicholas Weaver at LawFare

Why the FBI’s Request to Apple Will Affect Civil Rights for a Generation (February 17, 2016) – Rich Mogull at MacWorld

The FBI is Striking at the Heart of Apple’s Security System; the Entire industry has Followed the iPhone’s Security Model – What Happens if it Breaks? (February 17, 2016) – The Verge

Why Tim Cook is Wrong: A Privacy Advocate’s View; Apple Should be Unable to Comply with this Request (February 17, 2016) – Trevor Potts

03/17/2016: 

Problems with Current Crypto Implementation

Academic Paper: “Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice” (pdf; 13 pages), published earlier this year, but presented at a recent conference

General Explanation (by two of the fourteen co-authors of the academic paper): How is NSA Breaking So Much Crypto? – Freedom to Tinker

EFF’s Two Part Explainer: Logjam, Part 1: “Why the Internet is Broken Again” and Logjam, Part 2: “Did the NSA Know the Internet Was Broken”

EFF’s Practical Advice: How to Protect Yourself from NSA Attacks on 1024-bit DH

Bruce Schneier: Breaking Diffie-Hellman with Massive Precomputation (Again) and his previous post The Logjam (and Another) Vulnerability against Diffie-Hellman Key Exchange

10/15/2015: 

Leaked NSC Memo on Encryption – Is It All Just Kabuki?

Background: The leaked NSC Draft Options Paper – at The Washington Post

News Story: Obama Faces Growing Momentum to Support Widespread Encryption – The Washington Post

Skepticism: Obama Edges Toward Full Support for Encryption – But Does He Understand What that Means? – Kieren McCarthy at The Register:

“By voluntary cooperation [in the absence of compulsion], what is the White House saying? That the encryption is secure and backdoor-free until a company cooperates with the Feds, at which point the encryption is somehow dialed back, and messages and files can be suddenly magically read? That sounds like a backdoor. Does the White House want, say, Apple to volunteer, at the sight of a warrant, to intercept key exchanges in the cloud so that intercepted iMessages can be decrypted? Won’t that undermine the whole practice of end-to-end encryption by introducing backdoors by another name? Either encryption is secure and backdoor-free, or it isn’t and is generally useless. We assume by ‘voluntary cooperation,’ the President is willing to be told to get lost by the tech giants in November – if they have the strength to do so. If not, then all of this is a sham; a political maneuver to keep privacy-loving nerds quiet. It is very possible that the decision has already been made and outreach is about to begin, leading to the leak of the NSC memo.”

09/17/2015: 

The Revived Encryption Wars Continue (updated)

The Latest (09.15.2015):

The FBI’s Problem Isn’t ‘Going Dark’ – Its Problem is Going Slowly – Marshall Erwin at JustSecurity

Of Course the Government Wants to Read Your Texts – Megan McArdle at BloombergView

Why the Fear over Ubiquitous Data Encryption is Overblown – Mike McConnell, Michael Chertoff and William Lynn op-ed in The Washington Post

Some Additional Background:

A History of Backdoors – Matthew Green at his A Few Thoughts on Cryptographic Engineering

Deep Dive into Crypto “Exceptional Access” Mandates: Effective or Constitutional—Pick One – EFF

Can the FBI and IC already Access Apple’s iMessages (and Tor Users)?

iPhones, the FBI, and Going Dark – Nicholas Weaver guest post at LawFare

Let’s Talk about iMessage (again) – Matthew Green at his A Few Thoughts on Cryptographic Engineering; Also from Matthew Green: Can Apple read your iMessages?

FBI Director Claims Tor and the ‘Dark Web’ Won’t Let Criminals Hide From His Agents – The Intercept’s Unofficial Sources

  “We can ‘win’ the crypto wars in public, and still lose behind closed doors. If Apple & WhatsApp quietly backdoor their crypto the FBI wins” – Christopher Soghoian (@csoghoian): July 10, 2015

Related:

FBI and Apple’s Encryption – Bruce Schneier

Apple and Other Tech Companies Tangle With U.S. Over Data Access – New York Times

Background – 2014-15, the Crypto Wars Return

Keys Under Doormats: Mandating Insecurity by Requiring Government Access to All Data and Communications (pdf; 34 pages) – MIT Computer Science and Artificial Intelligence Laboratory Technical Report (July 6, 2015)

Code Specialists Oppose U.S. and British Government Access to Encrypted Communication – New York Times on the July 6th MIT report

Encryption, Public Safety, and ‘Going Dark’ – FBI Director James Comey writing at LawFare in advance of several Congressional hearings July 8th on encryption and related issues.

Let’s Get Real About Decryption, Says GCHQ Tech Director – ComputerWeekly

It’s Time to End the ‘Debate’ on Encryption Backdoors – Kevin Bankstown at JustSecurity arguing that it is time for FBI head James Comey to admit that he has lost the battle over encryption backdoors

Encryption, Biometrics, and the Status Quo Ante – Paul Rosenzweig at LawFare proposing mandatory biometric encryption, a novel, but problematic proposal in the encryption debate

The Battle Between Washington and Silicon Valley Over Encryption – CSM’s Passcode

James Comey, F.B.I. Director, Hints at Action as Cellphone Data Is Locked – The New York Times, and FBI director Attacks Tech Companies for Embracing New Modes of Encryption; James Comey says Data Encryption Could Deprive Police and Intelligence Agencies of Potentially Live-saving Information – The Guardian

How Do We Build Encryption Backdoors? – Professor Matthew Green (Johns Hopkins) analyzes the problems with building encryption backdoors, including split key approaches, at his A Few Thoughts on Cryptographic Engineering blog

You Can’t Backdoor a Platform – Jonathan Mayer at his Web Policy blog

As Encryption Spreads, U.S. Grapple with Clash between Privacy, Security – Ellen Nakashima and Barton Gellman writing in The Washington Post reveal that federal officials are considering a variety of means of ensuring access to encrypted communications, including split key approaches, as well as, in certain circumstances, mirror accounts. Under the split key approach (difficult from an engineering and cryptography standpoint), a technology company creates a decryption key that is split into pieces, with different pieces held by different parties, and all of the pieces are needed for decryption. But even aside from the question of trust in the holders of the key parts, risk of disclosure of the decrypted information and the like, as security expert/researcher, Dino A. Dai Zovi (@dinodaizovi) tweeted: “The big question of the #cryptodebate isn’t whether vendors can make a decryption key for USG, but what happens when other [governments] want it too?”

Apple Will No Longer Unlock Most iPhones, iPads for Police, even with Search Warrants – The Washington Post

iPhone Encryption and the Return of the Crypto Wars – Bruce Schneier

What NSA Director Mike Rogers Doesn’t Get About Encryption – Julian Sanchez at CATO

What President Obama is getting wrong about encryption – The Washington Post

The FBI Keeps Demanding Impossible Solutions to Its Encryption Problem – MotherBoard/Vice

Background – the 1990’s (and earlier) Crypto Wars

Keeping Secrets: Four Decades Ago, University Researchers Figured out the Key to Computer Privacy, Sparking a Battle with the National Security Agency that Continues Today. – Henry Corrigan-Gibbs (Stanford Magazine)

Encryption and Globalization – a 2011 academic paper (Columbia Science and Technology Law Review, Vol. 23, 2012) by Peter Swire and Kenesa Ahmad, which includes a brief summary of the original 90’s “Crypto Wars”

Crypto Wars – Wikipedia

Hacker Lexicon: What is End-to-End Encryption – Wired

Related

Want to Protect your Phone from the Cops? You Might Want to Use a Passcode, Not a Fingerprint; Virginia Court Rules Using Fingerprint Technology to Protect Your Phone Doesn’t Carry Same Legal Rights as Passcodes – FastCompany

09/15/2015: 

The (Revived) Encryption War Continues

The Latest:

As Encryption Spreads, U.S. Grapple with Clash between Privacy, Security – Ellen Nakashima and Barton Gellman writing in The Washington Post reveal that federal officials are considering a variety of means of ensuring access to encrypted communications, including split key approaches, as well as, in certain circumstances, mirror accounts. Under the split key approach (difficult from an engineering and cryptography standpoint), a technology company creates a decryption key that is split into pieces, with different pieces held by different parties, and all of the pieces are needed for decryption. But even aside from the question of trust in the holders of the key parts, risk of disclosure of the decrypted information and the like, as security expert/researcher, Dino A. Dai Zovi (@dinodaizovi) tweeted: “The big question of the #cryptodebate isn’t whether vendors can make a decryption key for USG, but what happens when other [governments] want it too?”

How Do We Build Encryption Backdoors? – Professor Matthew Green (Johns Hopkins) analyzes the problems with building encryption backdoors, including split key approaches, at his A Few Thoughts on Cryptographic Engineering blog

You Can’t Backdoor a Platform – Jonathan Mayer at his Web Policy blog

Background – 2014-15, the Crypto Wars Return

James Comey, F.B.I. Director, Hints at Action as Cellphone Data Is Locked – The New York Times, and FBI director Attacks Tech Companies for Embracing New Modes of Encryption; James Comey says Data Encryption Could Deprive Police and Intelligence Agencies of Potentially Live-saving Information – The Guardian

Apple Will No Longer Unlock Most iPhones, iPads for Police, even with Search Warrants – The Washington Post

iPhone Encryption and the Return of the Crypto Wars – Bruce Schneier

What NSA Director Mike Rogers Doesn’t Get About Encryption – Julian Sanchez at CATO

What President Obama is getting wrong about encryption – The Washington Post

The FBI Keeps Demanding Impossible Solutions to Its Encryption Problem – MotherBoard/Vice

Background – the 1990’s (and earlier) Crypto Wars

Keeping Secrets: Four Decades Ago, University Researchers Figured out the Key to Computer Privacy, Sparking a Battle with the National Security Agency that Continues Today. – Henry Corrigan-Gibbs (Stanford Magazine)

Encryption and Globalization – a 2011 academic paper (Columbia Science and Technology Law Review, Vol. 23, 2012) by Peter Swire and Kenesa Ahmad, which includes a brief summary of the original 90’s “Crypto Wars”

Crypto Wars – Wikipedia

Hacker Lexicon: What is End-to-End Encryption – Wired

Related

Want to Protect your Phone from the Cops? You Might Want to Use a Passcode, Not a Fingerprint; Virginia Court Rules Using Fingerprint Technology to Protect Your Phone Doesn’t Carry Same Legal Rights as Passcodes – FastCompany

04/23/2015: