Encryption & Key Management , Enterprise Mobility Management / BYOD , Governance & Risk Management

Apple Wins Legal Round Over Unlocking a 2nd iPhone

Magistrate in New York Says U.S. Can't Compel Apple to Retrieve Data from Device
Apple Wins Legal Round Over Unlocking a 2nd iPhone

A federal magistrate in Brooklyn, N.Y., unlike another judge in California, has denied a request by federal authorities to force Apple to retrieve data from an iPhone, this time in a New York narcotics case.

See Also: Cyber Insurance Assessment Readiness Checklist

Magistrate Judge James Orenstein on Monday said the government cannot compel Apple to help law enforcement bypass a locked screen on an iPhone seized by prosecutors.

In the California case, involving the iPhone of one of the San Bernardino shooters who killed 14 people, U.S. Magistrate Sheri Pym approved a Justice Department order citing a 1789 law known as the All Writs Act to require Apple to help the FBI crack open the phone (see Apple, FBI Draw Lines in Crypto Battle). Government lawyers contend the All Writs Act allows courts to require actions to comply with their orders when not covered by existing law. Apple is fighting the California order.

But Orenstein, in the New York case, said the government's interpretation of the All Writs Act is too broad. To apply the All Writs Act, Orenstein wrote, the government would need to show that Apple had a close relationship to underlying criminal conduct of the suspect named Jun Feng of Queens, N.Y., and government investigators. In addition, Orenstein said to apply the 18th century law, he must consider the burden such a request would impose on Apple, as well as the necessity of inflicting the burden on the iPhone maker.

Kind of Corporation Apple Aspires to Be

In a footnote, Orenstein wrote that in considering the burden, "it is entirely appropriate to take into account the extent to which the compromise of privacy and data security that Apple promises its customers affects not only its financial bottom line, but also its decisions about the kind of corporation it aspires to be.

"The fact that the government or a judge might disapprove Apple's preference to safeguard data security and customer privacy over the stated needs of a law enforcement agency is of no moment: in the absence of any other legal constraint, that choice is Apple's to make, and I must take into account the fact that an order compelling Apple to abandon that choice would impose a cognizable burden on the corporation that is wholly distinct from any direct or indirect financial cost of compliance."

Orenstein ruled the government failed to justify imposing on Apple "the obligation to assist the government's investigation against its will. I, therefore, deny the motion."

Order Extolled

Civil liberties groups quickly praised Orenstein's order.

"Orenstein argues persuasively that Apple's decisions to implement robust security features in iOS must be viewed against the backdrop of congressional inaction," Electronic Frontier Foundation staff attorney Andrew Crocker and copyright activism director Parker Higgins write in a blog. "Under current law, Apple's choice to design its software this way is entirely legal; indeed some members of Congress have introduced legislation to protect the right to uncompromised encryption."

The Justice Department expressed disappointment with Orenstein's order and said it would appeal, according to published reports. "This phone may contain evidence that will assist us in an active criminal investigation," a Justice Department statement says. "We will continue to use the judicial system in our attempt to obtain it."

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.