Consumer electronics manufacturer Apple Inc and the United States' Federal Bureau of Investigation (FBI) are locked in a legal face-off. Hearings continue in a case with huge ramifications in terms of balancing privacy rights against the need for authorities to access information on crimes and terrorism. On December 2, 2015, Syed Rizwan Farook and his wife, Tashfeen Malik, killed 14 people at the San Bernardino Department of Public Health in the United States, where Farook was employed. Farook's work iPhone may have valuable information. But the phone's password is unknown, and it is set to erase all data if a wrong password is entered more than 10 times. The FBI wants Apple to write a code to bypass the "10 tries" setting. Apple is refusing to do so saying this sets a bad precedent. Indeed, Apple has insinuated that the FBI deliberately prevented attempts to back up data to the company's cloud server in order to pressure Apple into writing this bypass code.
The FBI wants Apple to, in effect, write a new operating system (named "FBI-OS" by information technology industry wags), which can be loaded as an automatic system update. This "FBI-OS" will disable the 10 tries default setting. The FBI then proposes to break the four-character password by force. If Apple does comply with this request, it will set disturbing precedents. Apple, Blackberry, Google and other technology players claim nobody, including the manufacturer, can easily access private data on an encrypted smartphone without the password. Thus far, requests to extract such data have been dodged by manufacturers, claiming they lack the technical ability to do this. But if Apple is forced to write this, and the sidestep works, it would demonstrate that personal encryption can in fact, be bypassed. Authorities everywhere will begin demanding that a "magic key", as Apple CEO Tim Cook termed it, be created to unlock data on their citizens' personal devices. Such requests are especially likely to proliferate from undemocratic regimes, where there is little or no legal protection of privacy. China is the largest global market for iPhones; strong encryption is very much a unique selling proposition for personal digital devices in that country. Russia has also recently amended its laws to demand private data be stored locally and provided to Russian authorities on demand. As a result, Russian smartphone users also place increasing emphasis on encryption. India is another big market for smartphones and it has no privacy law whatsoever.
Citizens have a right to expect privacy. Good encryption is required to prevent data theft at the very minimum if a phone is stolen. On the other hand, law enforcement agencies have legitimate needs. In practice, this has turned into a race between sophisticated encryption techniques and efficient surveillance and decryption systems. But as the technology evolves, the world's legislative systems must re-examine basic premises and re-interpret constitutional rights to ensure that the right to privacy is balanced against the legitimate need to tap timely information about crimes. In India, this task could be started by simply putting a privacy law on the books.
