
Apple’s dangerous game, part 3: Where do you draw the line? - bradleyjg
http://www.washingtonpost.com/news/volokh-conspiracy/wp/2014/09/22/apples-dangerous-game-part-3-where-do-you-draw-the-line-and-whats-the-privacy-tradeoff/
======
patrickmay
Kerr's claim that "The Supreme Court tries to roughly maintain the balance of
Fourth Amendment protection over time as technology shifts, so that
technological change doesn’t give the government too much power (which would
lead to abuses) or take too much power away from the government (which would
make it too easy to commit crimes undetected)." demonstrates a
misunderstanding of the purpose of the Constitution. The Bill of Rights are
strict checks on government power, not guidelines on how much infringement on
individuals is acceptable.

The Fourth Amendment reads "The right of the people to be secure in their
persons, houses, papers, and effects, against unreasonable searches and
seizures, shall not be violated, and no warrants shall issue, but upon
probable cause, supported by oath or affirmation, and particularly describing
the place to be searched, and the persons or things to be seized." There's no
exception in there that can be read as "unless it makes the job of the
government really hard."

No individual criminals or groups of terrorists pose the kind of threat that
an overreaching government does. Encrypt it all.

~~~
hackuser
> There's no exception in there that can be read as "unless it makes the job
> of the government really hard."

Law is not like code, an algorithm that is followed literally and logically.
The U.S. Constitution's First Amendment is equally clear, but you can't yell
fire in a dark, crowded movie theater. The Second Amendment does not
differentiate cruise missiles from handguns, but you cannot own a cruise
missile. I would not want it otherwise.

The laws never will be written perfectly, so we need a system to deal with
those flaws. Another way to think of it is that there are edge cases, many of
which were not anticipated by people who wrote the code, some over 200 years
ago.

EDIT: Another way to think about it: If the law permits something horrible
(e.g., 'sale of first-born children') because it was written poorly or
unclearly, should the courts allow first-borns to be sold until Congress fixes
it? What if the law explicitly allows something, such as denial of voting
rights to an ethnic group?

~~~
anonymoushn
In the SF bay area, I can "keep" but not "bear," and in many other locations
in the U.S. it is illegal to possess the means of self-defense at all. The
ability of policymakers to completely disregard the Constitution lets us enact
policies preventing the ownership of cruise missiles, but it also lets them
disarm citizens entirely, require people to verbally invoke the right to
remain silent, and so on.

We could do these things without disregarding the constitution. For instance,
we could hold a constitutional convention and ban private ownership of cruise
missiles, grenades, rocket launchers, SAMs, nuclear weapons, most 9mm handgun
magazines used by police ("High capacity magazines"), and rifles that look
scary but kill almost nobody. We could also repeal the 5th amendment. Instead
of doing these things, we make them policy in contradiction of the law.

~~~
hackuser
> For instance, we could hold a constitutional convention ... Instead of doing
> these things, we make them policy in contradiction of the law.

I agree with the principle ... but: Imagine if updates to your software
project required consensus of over 300 million people, sometimes about very
heated questions. I think you would only do updates in extremis and otherwise
use other mechanisms to resolve issues.

Practically, how do we address this problem?

------
npsimons
This article quite wrongly assumes that the government is always justified in
issuing warrants, not to mention the current excesses in the form of rubber
stamp, overbroad, secret warrants that you can't even be informed of. This
alarming attitude seems to be taking hold more and more, which is even more
distressing considering that this is the country founded on distrust of the
government.

Add to this that many people now treat their digital devices as extensions of
their mind which leads in to fifth amendment territory, and there is
absolutely _no_ reason anyone but the person to whom the data is most
dangerous should be allowed access.

The government, like IT departments, should not exist to serve itself: it is
there to serve others, and so called "thinking of the children" or any other
reason cannot excuse the invasions of privacy that occur on a regular basis.
I'm no fan of Apple, but if they've made it so that even they can't unlock an
iPhone due to court order, they are doing something right.

The government also gets many advantages from technology, and still has the
advantages of extremely powerful and time tested techniques that have not
become outdated merely due to advances in technology. Just because some LEO
agents want to take shortcuts to be "tough on crime" doesn't justify harming
innocent bystanders in the process, otherwise we'd allow them to shoot first
and ask questions later.

~~~
IBM
What percent of warrants do you believe are issued without justification? I
keep reading this comment here but no one has shown that most (or even a large
amount of warrants) are unjustified.

~~~
hawleyal
Does it matter? If it's possible to abuse, it's a problem.

In a security-centric view, if the door is unlocked, you are inviting people
in. Or at least should not be suprised by it.

~~~
modfodder
I would say it does matter. If its 1%, that seems well in the realm of natural
error and probably impossible (or too expensive) to solve. If its 99%, then
that is a problem with the enforcement or interpretation of that law that
point directly to abues and seems very fixable.

~~~
hawleyal
What I mean is, it doesn't matter if a warrant is justified or not. If the
device is less secure to allow warrants to be carried out, it's less secure in
general.

------
zaroth
A crime which is entirely inevident save for the ability to decrypt a file,
is, ipso facto, a thought crime, and therefore IMO not a crime at all. The
state needs to find its _evidence_ somewhere which doesn't require the accused
to testify against themselves.

This concept Kerr puts forward that criminals will become unstoppable given
too powerful crypto is so laughable to anyone who understands cryptography as
to be a complete waste of time. For a government built on _balance of power_
and a long history of pushing the limits of that balance, the need for strong
crypto is inherently obvious.

You can't issue a warrant for someone's private thoughts, no more than you can
issue a warrant for my encrypted diary. It's not actually a 4th amendment
issue, it's really an issue for the 5th.

What Apple has done, is take themselves out of the legal loop, where they
shouldn't have been in the loop in the first place. Proper crypto is a win-win
where I don't have to trust Apple, and Apple doesn't have to trust me. I doubt
Apple is actually 100% there, but maybe close enough to stop the government
from co-opting them into their investigatory responsibility.

It's perfectly obvious and reasonable that the manufacturer of a diary, e.g.
Moleskin, should not be on-the-hook to reveal to authorities everything you
write using their product. Similarly, before the Internet and cloud-era, it
was perfectly reasonable that the manufacturer of a computer was not on-the-
hook to reveal everything produced with that machine.

It's just a quirk of technology that these systems are easier to implement in
a 'centralized clear-text' manor, exposing the data to 3rd parties, and
therefore government warrants against those 3rd party copies. They never used
to be centrally accessible, we've seen the damage a clear-text central store
inflicts, and if we've learned anything from it, we won't ever return to this
broken model again. Over time crypto will enable many of the 'easier to do
centrally' type of services, performed over ciphertext, and without
compromising individual privacy.

At this point I think Kerr is just trolling for the page views, since he
doesn't seem to have learned anything from the extensive and thoughtful
comments his first post elicited.

~~~
slg
Why do you consider anything encrypted as an extension of oneself? The 5th
amendment protects you from being forced to testify against yourself. It does
not protect you from being forced to turn over evidence. That is where
obstruction of justice charges come into play. In your example of refusing to
turn over a key to a diary is no different to the government than you burning
that diary. You are actively preventing the government from accessing
preexisting evidence.

~~~
humanrebar
One could argue that governments can take possession of a computer with a
search warrant, but even if they did, it violates the right against self-
incrimination to have to give up your passwords and encryption keys. That's
where the fifth amendment comes into play. It's my understanding that this is
not settled law, and I'm not a lawyer, but that's the general idea.

[http://en.wikipedia.org/wiki/Fifth_Amendment_to_the_United_S...](http://en.wikipedia.org/wiki/Fifth_Amendment_to_the_United_States_Constitution#Computer_passwords)

------
joeblau
This guy keeps using the same arguments that fail in the pre-mobile security
world.

> Maybe the crime is child molestation offenses involving child pornography,
> or maybe it’s a conspiracy to commit murder or to inflict violence.

First, I think that situation is terrible and should definitely be
investigated lawfully. The challenge is that if a person molests a child and
there is evidence in a car, the Authorities do not serve the auto
manufacturers with a warrant saying "Give me a copy of the key to this persons
vehicle so we can inspect it." The Authorities serve the individual. That is
the point of crypto in this case. The consumer of the property owns the
product instead of giving ownership to the corporation who makes the product.

Automobile manufactures don't give authorities back door keys to your cars.
Lock manufactures don't give authorities back door keys to your home. So why
should Apple give them back door keys to your phone?

~~~
wmf
Car and door locks aren't infinitely strong, so maybe that's not a good
analogy.

~~~
cjslep
Crypto is only finitely strong (even if very large).

~~~
ufo
Its effectively infinite if you need the whole energy output of the sun to
crack it.

~~~
JetSpiegel
And what deployable algorithm does that?

~~~
ufo
I was thinking about the cost to brute force a long private key.

[http://security.stackexchange.com/a/25392/36414](http://security.stackexchange.com/a/25392/36414)

------
lotsofmangos
He doesn't seem to get that his less crypto version = no effective crypto. It
is a false choice.

Also, it is a bit late to suddenly notice the existence of this stuff. To
suddenly want to rewrite the US constitution because iphones change how their
key gets stored seems a little bit mental.

~~~
JetSpiegel
Particularly after the whole hoopla about exporting RSA crypto counting as
"munitions".

~~~
lotsofmangos
Perhaps Steve Job's reality distortion field is still around somewhere making
people think that decades old technologies have only just recently come into
being when Apple does a press release about them. I think he'd have liked
that.

------
sauce71
Have not read all three parts of this, but Kerr obviously is unaware that
Apple actually sell a lot more in foreign countries than in the USA. (He is
probably unaware that most of the world now have access to mobile phones). Now
if Apple got banned from selling Apple products in the US it would hardly make
a dent in their profits ...

------
r00fus
Arguments and discussion with a statist. His credentials don't hide his poor
technical solutions. In fact, given his background and claims of expertise, I
would have expected far more understanding.

------
hawleyal
Kerr forgets that the internet is global. This device has super large threat
models. There should be little concession for any specific government with
regard to encryption.

------
higherpurpose
Here's the the _one and only_ question he should be asking himself: Why does
Apple need to provide the key to the user's stuff? You want to charge a user?
How about getting _his keys_? If the 5th amendment stops you from doing that -
well, tough.

The Constitution is there for a reason, and it seems to me law enforcement
have found this "cloud computing" loophole, where they can say that the data
you host on other people's servers is _not yours_ , and therefore they can get
access to it.

The user seems to have much weaker protection in this case, and it's also very
easy for law enforcement to just go to a one-stop shop. So they've gotten very
used to that. And they'd very much like that to continue. I bet if there were
no more warrants for say a decade, they'd be getting used to that, too, and
they'd fight tooth and nail against reinstating the warrants.

------
snowwrestler
In this post Kerr continues his exploration of the legal issues related to
Apple's iOS 8 encryption changes. See previous conversations:

Part 1:
[https://news.ycombinator.com/item?id=8349006](https://news.ycombinator.com/item?id=8349006)

Part 2:
[https://news.ycombinator.com/item?id=8349568](https://news.ycombinator.com/item?id=8349568)

Kerr asks two questions in this latest post:

> [1] In your view, can there ever a point when there can be too much
> encryption — and if so, what is that point? In other words, do you think
> there could ever be a point at which crypto is so widely used in so many
> contexts to protect so much data so strongly, that you would think that the
> marginal costs of more and better crypto begin to cause more harm than good?

It seems to me that in general any given person is much more likely to suffer
a digital crime than to commit a crime. And it seems to me that it is
generally better to prevent crime than to solve a crime already committed.
Therefore better consumer data encryption should tend to have a net positive
effect.

And I think that as long as there is a court mechanism to compel decryption--
via a warrant, for example--then many "bad guys" can still be kept off the
streets. They won't decrypt their data? Cite for contempt and lock them up.

Will this make it harder for police to solve some crimes? Of course, but we
accept those trade-offs all the time. It's inherent in our culture and system
of government. The cops could solve a lot more crime if they had cameras in
all our houses too. Doesn't mean that is a good idea or net positive.

> [2] If the government can’t get access to contents, even with a warrant, and
> that ends up substantially shifting the privacy-security balance, the
> Supreme Court will respond by expanding government power in other ways to
> counteract that shift and restore the prior balance of power. We’ll get more
> privacy in some ways from more technological protection, but less privacy in
> other ways from having less constitutional protection. So here’s the
> question: What privacy tradeoffs might the Supreme Court make in response to
> strong encryption that would more-or-less restore the prior balance of
> constitutional protection?

In this question, I think Kerr is not thinking through the implications of
what Snowden revealed. It appears to me that we have _already_ suffered a
dramatic reduction in our legal protections of privacy, due to laws, executive
orders, secret court authorizations, NSA/GCHQ overseas hacks, etc. since 9/11.

From this perspective, Apple's encryption change is actually adjusting the
equilibrium back toward where it should be, not knocking it out of balance.

edit: formatting

------
fleitz
Crypto is a two way street, it allows gov't to hide it's crimes and people to
hide theirs.

Given the number of people killed by gov't vs private action in the 20th
century, I'm not overly concerned about the crimes of people as a first course
of action to reduce human suffering.

------
DennisP
Restricting the argument to only those cases where the government gets a
warrant seems a bit beside the point now that Snowden has revealed mass
warrantless secret surveillance.

------
nashequilibrium
Doesn't Jeff Bezos own the Washington Post?

