DOJ To NY Court: Hey, Can We Have Another Judge Look Over That Ruling About Breaking Into iPhones?

Legal Issues

from the because-of-course dept

This is hardly a big surprise, but the Justice Department is not at all happy about NY magistrate judge James Orenstein’s decision last week in the case against accused drug trafficker Jun Feng, that it cannot force Apple to break the security on an iPhone using the All Writs Act. While so much of the attention concerning iPhone encryption has been placed on the case in San Bernardino, the NY case made news well before the California case, and Orenstein was clearly aware that his ruling would have a much wider impact (and it was clearly written with that intent in mind). The Justice Department, of course, is now, in effect asking for a second opinion on the issue, carefully trying to position this case as something quite different than the San Bernardino case. In particular, the Justice Department is claiming that since this particular iPhone is using iOS 7, rather than 8, Apple already has a backdoor, and can easily unlock the contents of the phone.

To be clear, the DOJ probably does have a stronger argument in this case than it has in San Bernardino, but it’s still got some serious problems.

The FBI/DOJ has been going around spreading misleading claims about how Apple has readily complied with similar orders to the San Bernardino order in the past. As we’ve noted, that’s not actually true. The earlier orders involved earlier versions of iPhones where Apple did have easy access to opening up those phones — and the San Bernardino case was different because it used a more modern version of the operating system, where it did not have such access. The DOJ’s argument in NY is that this case is basically like the earlier cases since iOS 7 doesn’t have the same strong encryption as later versions.

This is a routine application asking the Court to order a third party to assist in the execution of a search warrant. The Department of Justice has made the same application, for the same assistance, from the same company, dozens of times before. Federal courts around the nation have granted these applications. The company has complied every time. Until now.

In mid-2014, law enforcement agents arrested Jun Feng on charges related to his participation in a methamphetamine distribution conspiracy. Agents conducted a search of Feng?s home, pursuant to a warrant, and seized an Apple iPhone 5s running iOS 7. The government subsequently obtained a warrant to search the phone. The government is unable to access the data on the phone, however, because the phone is locked with a passcode. The government cannot bypass the lock screen without risking data destruction. Apple can. Apple has extracted data from iPhones like this one pursuant to All Writs Act orders numerous times, including as a result of orders issued in the Eastern District of New York. Apple has confirmed that it can do so again, in this case, with this phone, and that doing so would pose no significant burden to the company.

As an aside, the DOJ also points out that because someone has activated the “remote wipe” feature on Feng’s phone, it’s afraid to even turn on the phone, as that might destroy whatever is on the phone — and claims that this service “can interfere with execution of a warrant.”

To strengthen its argument, the DOJ points out that Apple’s own law enforcement guidelines notes that it can access data on devices using iOS 7 or earlier. But the DOJ is (shocker!) not being entirely accurate. Here’s the way the DOJ explains it:

Apple states in its Legal Process Guidelines, which Apple makes publicly available online and provides to law enforcement to this day, that ?for iOS devices running iOS versions earlier than iOS 8.0, upon receipt of a valid search warrant issued upon a showing of probable cause, Apple can extract certain categories of active data from passcode locked iOS devices.? See ?Extracting Data from Passcode Locked iOS Devices,? Apple Legal Process Guidelines § III(I) (last accessed Mar. 2016), http://www.apple.com/privacy/docs/legal-process-guidelines-us.pdf, attached hereto as Exhibit D. Apple?s guidelines also express a preference for specific language to be included in the order directed to it and how such an order should be served. Id. Apple states in its guidelines: ?Once law enforcement has obtained a search warrant containing this language, it may be served on Apple by email . . . . After the data extraction process has been completed, a copy of the user generated content on the device will be provided.?

That sounds kind of damning… until you actually click the link the DOJ provides and read what Apple actually says. Because it’s not what the DOJ claims. In fact, the Apple law enforcement guidelines makes it clear that while, yes, it can access some data on versions of iOS before iOS 8 that does not include information encrypted via a passcode. Here’s the full paragraph which the DOJ carefully quoted above, and we’ll highlight the relevant section that the DOJ conveniently left out:

For iOS devices running iOS versions earlier than iOS 8.0, upon receipt of a valid search warrant issued upon a showing of probable cause, Apple can extract certain categories of active data from passcode locked iOS devices. Specifically, the user generated active files on an iOS device that are contained in Apple?s native apps and for which the data is not encrypted using the passcode (?user generated active files?), can be extracted and provided to law enforcement on external media. Apple can perform this data extraction process on iOS devices running iOS 4 through iOS 7. Please note the only categories of user generated active files that can be provided to law enforcement, pursuant to a valid search warrant, are: SMS, iMessage, MMS, photos, videos, contacts, audio recording, and call history. Apple cannot provide: email, calendar entries, or any third-party app data.

Notice the section I’ve bolded? Apple says it can’t extract information that is encrypted using a passcode. Seems notable that the DOJ left that part out. Of course, from the rest of the paragraph, it’s possible to read that to mean that there’s a lot of information that is not encrypted by the passcode — including SMS, iMessage, MMS, photos, call history and more. So, the DOJ’s claim on that kind of information may be much more valid.

On the whole, though, the DOJ does have a point that, given the version of the iOS on this phone, the “burden” placed on Apple is likely quite different in this case, rather than in other cases, where the security features are more advanced. And it may be more accurate that this case is a lot more like previous cases where Apple willingly complied with warrants and All Writs Act orders. Of course, just because it has complied in the past, that does not mean those orders are legal. And Apple’s response will likely highlight that fact. Apple, of course, has the right to do what it’s done in past cases, and then later decide that the All Writs Act is inappropriate in such cases — and then to ask a judge to rule on that.

Even then, however, the DOJ’s arguments seem… questionable. As EFF lawyer Kurt Opsahl points out, early on in the filing, the DOJ cites a Florida district court’s order on a motion to quash in a case called United States v. David Zaragoza, claiming that it shows that courts can force Apple to help via the All Writs Act. However, if you actually read that ruling, it rejects Zaragoza’s attempt to toss out an All Writs Act claim, but says that Apple has standing to object to such a demand:

In this case, the party bestpositioned to oppose, or to choose to not oppose, the AWA Order is Apple, because Apple bears the burden to comply with that order. Furthermore, Apple is the only party that can inform the court of highly-relevant facts?such as the amount of effort that is required to unlock and obtain information from the iPhone and the extent to which complying with the order would interfere with Apple?s daily operations.

That seems like an… odd case to argue says that Apple has to comply with All Writs Act demands, doesn’t it? It’s almost as if the DOJ expects that no one will read any of the stuff it cites.

Still, given the situation (a phone using iOS 7), this case is a lot less of a slam dunk than it might be on a more modern iPhone. And, of course, there’s an argument that that’s what the DOJ is banking on. If it can get the order here, it can then leverage that into other cases, such as the one in San Bernardino, where it can just turn around and say “well, if the order is valid for iOS 7, why isn’t it valid for iOS 8?” Apple, of course, would then have a response concerning the “burden” on iOS being much greater due to the different security framework, but by then you’re already arguing it at the level the DOJ prefers — on the question of burden, rather than the question of whether or not the All Writs Act itself is applicable in these scenarios.

The DOJ goes on to claim that, contrary to Judge Orenstein’s ruling last week, other laws do not cover this situation, and that the wiretapping statute CALEA and the electronic communications privacy law ECPA discuss different scenarios altogether, meaning that the All Writs Act can apply, as “filling the gap.” This rebuts Orenstein’s argument that this kind of remedy is not allowed by CALEA and ECPA. It also generally attacks the key points of Orenstein’s ruling, claiming that he’s misreading the case law, some of which may be on point. Some of which, on the other hand, are a bit crazy.

Take, for example, the question of whether or not Apple is “too far removed” for the All Writs Act to apply. In his ruling, Orenstein noted that Feng was using his own property, not Apple’s: “To the extent that Feng used his iPhone in committing crimes, he used his own property, not Apple’s.” Incredibly, the DOJ hits back on that claim by saying that because Apple licenses rather than sells its software, Feng was actually using Apple’s property, and thus it is not too far removed:

To the contrary, Feng used Apple’s property ? the software on the phone ? to commit and conceal his crimes…. Indeed, Apple?s property ? the software features including the passcode feature, auto-erase feature (if enabled), and remote wipe feature ? continues to obstruct the investigation. Given that Apple manufactured, sold, and continues to exercise control over a phone used in a criminal enterprise, where it designed and has exclusive expertise about the software used to further that criminal enterprise, where that very software now thwarts the execution of the search warrant, and where Apple provides ongoing services to phone owners, including control over what software may run on the device and the ability to wipe the phone remotely, compulsion of Apple is permissible

In fact, the DOJ — somewhat incredibly — cites Apple’s own filing in the infamous triennial review for copyright exemptions. Back in 2009, Apple opposed rules that would exempt phone jailbreaking, and in the process discussed “ownership” based on licensing. The DOJ appears to be using Apple’s claims about copyright related issues, to bite back at Apple and claim that because it claims ownership of the software, it can’t also claim that it’s too far removed to be excused from obligations under the All Writs Act.

Man, those copyright issues sure have a way of showing up in strange places, huh?

Given all that and more, the DOJ asks the court to basically have another judge overrule Judge Orenstein. This isn’t a huge surprise. Everyone knows that this case (and the San Bernardino case) will go through the full appeals process before it’s finally over. This is just the next step on that long road. To be honest, the DOJ’s argument here is much stronger than in the San Bernardino case at a first read, but the fact that it deliberately misrepresented what Apple’s law enforcement guidelines say suggest that some of its other arguments may not be fully above board either.

Filed Under: all writs act, doj, encryption, ios 7, james orenstein, jun feng
Companies: apple