• United States




Privacy at what cost? Apple vs the US government

News Analysis
Feb 25, 20166 mins
AppleMobile SecuritySecurity

It’s now more than two months after Tashfeen Malik and Syed Rizwan Farook shot and killed 14 people and injured 21 others at the Inland Regional Center in San Bernardino, Calif., before being shot to death by police. Farook was a 28-year-old restaurant inspector born in the US to a Pakistani family. Malik, 29, was an immigrant from Pakistan, who entered the US on a Fiancé visa.

+ MORE: What would be the economic impact of a backdoor +

Flash back to 2007, On Jan. 9, 2007 Steve Jobs announced the iPhone at the Macworld convention, receiving substantial media attention. On June 29, 2007 the first iPhone was released.

Apple introduced Activation Lock as part of the Find My iPhone feature in iOS 7 to prevent others from using an iOS 7 device that they had found or stolen. Devices with Activation Lock enabled require the correct Apple ID and password to be entered before a person can turn off Find My iPhone, erase the device, or reactivate and use it.

Prior to Activation Lock, the only option users had if they lost a device was to change their Apple ID password to prevent others from accessing services and accounts, such as iTunes, that were linked to the device. How ironic that police in the US lauded Apple for the additional feature in iOS 7, which helped cut rates of iPhone theft in London and New York by around 30 percent

A serious crime has been committed, 14 people are dead and 21 injured at the hands of a terrorist shooter. Normally police investigators could always access crime scene evidence or any evidence could be sought with court orders to help solve a serious crime. Not now that Apple has made a great design that helps assure privacy. But could the original designer ever imagine that it would come to this? A feature that works as intended 99 percent of the time but this 1 percent scenario was never considered? Technology rather than law is dictating whether a crime can be fully investigated or not.

The federal government and the FBI need access to the phone as in any shooting to help solve the crime, to look for links to other possible shooters. But Apple CEO Tim Cook says we can’t do that, to do so jeopardizes the technology’s security. Really? Tim Cook is assuming the single software upgrade needed to unlock this single government-owned phone would be released to the world? It’s a back door! Not so, it’s a single request to update this phone’s iOS to disable the 10 tries and its erased feature.

Apple could unlock the phone and provide the evidence to the FBI and then destroy the secrets of how it accomplished it or put the secret in a vault and only allow access via dual control the way international banking transactions transfer millions of dollars every day.

[ ALSO: Many unanswered questions in Apple-FBI controversy ]

We live in a world where social media and the news media shapes public opinion minute by minute, never before has technology had so much impact on so many. Apple wants to assure all of us that they value your privacy so much they will allow a terrorist crime to go unsolved. The reality is that this phone is super secure if you physically have it in your hands. If it were in use, it suffers the same fate as all electronic devices on the Internet, they can all be compromised via a phishing email or a malicious application sold in the app store.

What’s interesting is that since Edward Snowden’s news flash that our government was collecting bulk data of all US cell phones, the media has promoted this as a story of our bad government collecting all of our calls. Really? They are listening to and reading all 200 million plus calls and emails of all of us? It’s not possible even if they wanted to.

Just what do we have in our phones that is so private? Financial data that was compromised in one of the many data breaches? Medical records they were compromised too. Between Target, Home Depot, Sony, Anthem, and the US government’s OPM breach about two-thirds of us have suffered a loss of our personally identifiable information (PII).

So what is it that we can now hide from anyone even if we are charged with a mass murder? Something that would prove we did it or an affair or something more embarrassing? Don’t forget how many millions of people now use social media to post every minute detail of everything they do and a picture with who they did it with. We are posting on Facebook, twitter and Pinterest and use selfie sticks, Privacy really?

Data brokers know all and sell it, according to CBS News. They track us more than the NSA and profit from it. “Data brokers collect, analyze, and package some of our most sensitive personal information and sell it as a commodity to each other, to advertisers, even to the government– often without our direct knowledge.”

The fact is our government with court oversight, was looking at metadata, data about data; looking at calls to and from known terrorists. Snowden accessed files that he was not authorized to access. He stole information from the NSA and carried it to China and eventually wound up in Russia. He was so concerned about the USA, its terrible record of persecuting and abusing people that he ran to China and Russia the protectors of freedom and Democracy?

Wake up Snowden, we are not a perfect country but our track record for freedom and individual rights is second to none. We have separation of powers in the Executive, Legislative and Judicial branches of government. We have due process, we even have the ACLU who some say is a group that exists exclusively to protect criminals. We are a nation of laws and a nation of freedom.

We are not locking up people for no reason, or if they have something bad to say about our government. On the contrary, we will give that same person a book deal, a movie deal or their own TV show. I fully expect that if Snowden does ever come back to the US, he will get a fair trial, he will secure a good lawyer that wants international recognition, that lawyer will reduce his sentence and he will be a famous highly paid privacy consultant.

So Tim Cook, if your family was murdered and an electronic device was found at the crime scene, a device that might hold the secrets of who committed the crime, would you say that privacy is more important than security — privacy that ultimately protects murders and criminals? We simply can’t let technology determine the laws of the land or let technology companies determine what is right when we know better.


A senior security and compliance specialist, George Grachis has over 25 years’ experience in the tech sector. Some of his experience includes over a decade supporting the Space Shuttle program for Computer Sciences Corporation & Grumman Aerospace, security management for CFE Federal Credit Union, IT auditing & consulting for Deloitte and serving as Chief Security Officer for Satcom Direct.

George holds both the CISSP, and CISA certifications. George received the ISSA fellow Designation in 2016 and is currently an active senior board member of ISSA. George has been interviewed by WFTV ABC TV and Fortune Magazine. When not working he enjoys spending time with family & friends, Big Brothers Big Sisters, Playing the Drums, motorcycling, fitness, and writing articles for his blog, Virtual CISO.

The opinions expressed in this blog are those of George Grachis and do not necessarily represent those of IDG Communications Inc. or its parent, subsidiary or affiliated companies.