Posts

Monday Morning: Calm, You Need It

Another manic Monday? Then you need some of Morcheeba’s Big Calm combining Skye Edward’s mellow voice with the Godfrey brothers’ mellifluous artistry.

Apple’s Friday-filed response to USDOJ: Nah, son
You can read here Apple’s response to the government’s brief filed after Judge James Orenstein’s order regarding drug dealer Jun Feng’s iPhone. In a nutshell, Apple tells the government they failed to exhaust all their available resources, good luck, have a nice life. A particularly choice excerpt from the preliminary statement:

As a preliminary matter, the government has utterly failed to satisfy its burden to demonstrate that Apple’s assistance in this case is necessary—a prerequisite to compelling third party assistance under the All Writs Act. See United States v. N.Y. Tel. Co. (“New York Telephone”), 434 U.S. 159, 175 (1977). The government has made no showing that it has exhausted alternative means for extracting data from the iPhone at issue here, either by making a serious attempt to obtain the passcode from the individual defendant who set it in the first place—nor to obtain passcode hints or other helpful information from the defendant—or by consulting other government agencies and third parties known to the government. Indeed, the government has gone so far as to claim that it has no obligation to do so, see DE 21 at 8, notwithstanding media reports that suggest that companies already offer commercial solutions capable of accessing data from phones running iOS 7, which is nearly three years old. See Ex. B [Kim Zetter, How the Feds Could Get into iPhones Without Apple’s Help, Wired (Mar. 2, 2016) (discussing technology that might be used to break into phones running iOS 7)]. Further undermining the government’s argument that Apple’s assistance is necessary in these proceedings is the fact that only two and a half weeks ago, in a case in which the government first insisted that it needed Apple to write new software to enable the government to bypass security features on an iPhone running iOS 9, the government ultimately abandoned its request after claiming that a third party could bypass those features without Apple’s assistance. See Ex. C [In the Matter of the Search of an Apple iPhone Seized During the Execution of a Search Warrant on a Black Lexus IS300, Cal. License Plate #5KGD203 (“In the Matter of the Search of an Apple iPhone” or the “San Bernardino Matter”), No. 16-cm-10, DE 209 (C.D. Cal. Mar. 28, 2016)]. In response to those developments, the government filed a perfunctory letter in this case stating only that it would not modify its application. DE 39. The letter does not state that the government attempted the method that worked on the iPhone running iOS 9, consulted the third party that assisted with that phone, or consulted other third parties before baldly asserting that Apple’s assistance remains necessary in these proceedings. See id. The government’s failure to substantiate the need for Apple’s assistance, alone, provides more than sufficient grounds to deny the government’s application.

Mm-hmm. That.

Dieselgate: Volkswagen racing toward deadline

  • Thursday, April 21 is the extended deadline for VW to propose a technical solution for ~500,000 passenger diesel cars in the U.S. (Intl Business Times) — The initial deadline was 24-MAR, establishing a 30-day window of opportunity for VW to create a skunkworks team to develop a fix. But if a team couldn’t this inside 5-7 years since the cars were first sold in the U.S., another 30 days wouldn’t be enough. Will 60 days prove the magical number? Let’s see.
  • VW may have used copyrighted hybrid technology without paying licensing (Detroit News) — What the heck was going on in VW’s culture that this suit might be legitimate?
  • After last month’s drop-off in sales, VW steps up discounting (Reuters) — Trust in VW is blamed for lackluster sales; discounts aren’t likely to fix that.

Once around the kitchen

  • California’s winter rains not enough to offset long-term continued drought (Los Angeles Times) — Op-ed by Jay Famiglietti, senior water scientist at the NASA Jet Propulsion Laboratory–Pasadena and UC-Irvine’s professor of Earth system science. Famiglietti also wrote last year’s gangbuster warning about California’s drought and incompatible water usage.
  • Western scientists meet with North Korean scientists on joint study of Korean-Chinese volcano (Christian Science Monitor) — This seems quite odd, that NK would work in any way with the west on science. But there you have it, they are meeting over a once-dormant nearly-supervolcano at the Korea-china border.
  • BTW: Deadline today for bids on Yahoo.

There you are, your week off to a solid start. Catch you tomorrow morning!

US Secretly Acting Like China Does in Public

As this ZDNet article notes, some of the Snowden disclosures revealed that NSA had asked for the source code of various tech companies (though it links to a Jake Appelbaum article that I believe to be sourced to someone else). What is new in its report of US government demands for source code, however, is how the government is getting it: through secret civil or FISA orders.

The government has demanded source code in civil cases filed under seal but also by seeking clandestine rulings authorized under the secretive Foreign Intelligence Surveillance Act (FISA), a person with direct knowledge of these demands told ZDNet. We’re not naming the person as they relayed information that is likely classified.

With these hearings held in secret and away from the public gaze, the person said that the tech companies hit by these demands are losing “most of the time.”

When asked, a spokesperson for the Justice Dept. acknowledged that the department has demanded source code and private encryption keys before.

That is, at a time when we condemn public Chinese demands to be able to review source code of companies doing business in China, the US has been doing the same thing, albeit without the reputational hit of doing so publicly.

All of which makes the point I made here — that the government is fairly explicitly threatening to demand source code from Apple — all the more significant, in part for an issue I’ve been meaning to return to.

Contrary to popular belief, the FISA Court does not operate in complete isolation from traditional courts. On several known issues — notably, the access to location data and the collection of Post Cut Through Direct Dial numbers — FISC has taken notice of public magistrate’s opinions and used that to inform, though not necessary dictate, FISC practice. As I have noted, at least until 2014, the FISC used the highest common denominator from criminal case law with respect to location data, meaning it requires the equivalent of a probable cause warrant for prospective (though not historic) data. And FISC first seemed to start tracking such orders during the magistrate’s revolt of 2005-6. That’s an area where FISC seems to have followed criminal case law. By contrast, FISC permits the government to collect, then minimize, PCTDD, though it appears to have revisited whether the government’s current minimization procedures meet the law, the most recent known moment of which was 2009.

In other words, this Apple fight (as well as magistrate James Orenstein’s order) may affect what FISC will approve — or has already approved in secret — for other tech companies (or even for Apple), something the tech companies that submitted amicus briefs likely know. That makes FBI’s decision to hold this fight in public, which Apple preferred not to do, all the more significant. Because if Apple prevails, it will make it a lot harder to secretly jurisdiction shop anywhere in the US, whether in a secret magistrate’s proceeding or an even more secret FISC one.

James Orenstein’s Order Sets Up Congressional Hearing

As Rayne noted this morning, yesterday James Orenstein released his order stating that the government can’t use the All Writs Act to force Apple to unlock the phone of a meth dealer, Jun Feng, who has already pled guilty. My favorite part of the order comes in the middle where he argues that those who passed the All Writs Act in 1789 were substantially the same people who wrote the Constitution guaranteeing Congress the right to legislate. He argued it would be unlikely that those same men would so quickly hand off that authority to the courts.

It is wholly implausible to suppose that with so many of the newly-adopted Constitution’s drafters and ratifiers in the legislature, the First Congress would so thoroughly trample on that document’s very first substantive mandate: “All legislative Powers herein granted shall be vested in a Congress of the United States[.]” U.S. Const. Art. I, § 1. And yet that is precisely the reading the government proposes when it insists that a court may empower the executive to exercise power that the legislature has considered yet declined to allow.

I’m sad that that argument, which is probably the first in a series of court rulings that will end up at SCOTUS, won’t have Scalia there to enjoy it.

Ultimately, though, Orenstein makes the very same argument he made back in October when he asked Apple to weigh in on this issue, updated with the point that I made — the same day the government asked for this order Jim Comey told Congress they don’t need legislation to get the same result.

It is also clear that the government has made the considered decision that it is better off securing such crypto-legislative authority from the courts (in proceedings that had always been, at thetime it filed the instant Application, shielded from public scrutiny) rather than taking the chance thatopen legislative debate might produce a result less to its liking. Indeed, on the very same day that thegovernment filed the ex parte Application in this case (as well as a similar application in the SouthernDistrict of New York, see DE 27 at 2), it made a public announcement that after months of discussionabout the need to update CALEA to provide the kind of authority it seeks here, it would not seek suchlegislation. See James B. Comey, “Statement Before the Senate Committee on Homeland Security andGovernmental Affairs,” (Oct. 8, 2015), https://www.fbi.gov/news/testimony/threats-to-the-homeland (“The United States government is actively engaged with private companies to ensure theyunderstand the public safety and national security risks that result from malicious actors’ use of theirencrypted products and services. However, the administration is not seeking legislation at this time.”).

Whether because it knew it would lose (and had lost), or because it wanted to pretend it respected encryption when in fact it did not, the Obama Administration adopted a strategy by which it told Congress it didn’t need new legislation, all while asking the courts to rewrite CALEA in secret.

Whether accidentally or not (I suspect it is no accident), Orenstein’s order comes at a particularly useful time, hours before the House Judiciary Committee will have what will be one of the more important hearings on this debate, featuring Jim Comey first, and then NY District Attorney Cy Vance, Apple’s General Counsel Bruce Sewell, and rock star academic Susan Landau. It is likely to be the one hearing to which Apple will willingly provide a witness, and the committee is made up of a mix of former US Attorneys, shills for law enforcement, but also defenders of privacy and online security.

In his testimony for the hearing, Sewell said much the same thing Orenstein did:

The American people deserve an honest conversation around the important questions stemming from the FBI’s current demand:

Do we want to put a limit on the technology that protects our data, and therefore our privacy and our safety, in the face of increasingly sophisticated cyber attacks? Should the FBI be allowed to stop Apple, or any company, from offering the American people the safest and most secure product it can make?

Should the FBI have the right to compel a company to produce a product it doesn’t already make, to the FBI’s exact specifications and for the FBI’s use?

We believe that each of these questions deserves a healthy discussion, and any decision should be made after a thoughtful and honest consideration of the facts.

Most importantly, the decisions should be made by you and your colleagues as representatives of the people, rather than through a warrant request based on a 220 year old-statute.

For years, the government has stopped short of demanding legislation, presumably because they knew they wouldn’t get what they wanted. They’re finally being called on it.

Tuesday Morning: Guidance to Be True

Now an oldie but goodie, this Fiona Apple ditty. The subtle undertow of irony seems fitting today.

Speaking of guidance…

Google’s self-driving car went boom
Oops. Autonomous vehicles still not a thing when they can’t avoid something the size of a bus. Thank goodness nobody was hurt. Granted, until now Google’s self-driving test cars were not the cause of accidents — human drivers have been at fault far more often. In this particular accident, both the car and the human test driver may have been at fault.

VW’s CEO Mueller spins the (PR) wheels on agreement with U.S.
This is now a habit: before every major international automotive show, VW’s Matthias Mueller grants an interview to offer upbeat commentary on the emissions standards cheating scandal, this time ahead of the 2016 Geneva International Auto Show. Not certain if this is helping at all; there’s not much PR can do when no truly effective technical fix exists while potential liability to the U.S. alone may approach $46 billion. Probably a better use of my time to skip Mueller’s spin and spend my time slobbering over the Bugatti Chiron. ~fanning self~

Apple all the time

#YearInSpace ends this evening for astronaut Scott Kelly
Undocking begins at 7:45 p.m. EST with landing expected at 11:25 p.m. EST, barring any unforeseen wrinkles like negative weather conditions. NASA-TV will cover the event live. Can’t wait to hear results of comparison testing between Scott and his earth-bound twin Mark after Scott’s year in space.

Department of No

That’s enough for now. I’m off to be a bad, bad girl. Stay safe.

Why Did Apple “Object” to All Pending All Writs Orders on December 9?

As I noted the other day, a document unsealed last week revealed that DOJ has been asking for similar such orders in other jurisdictions: two in Cincinnati, four in Chicago, two in Manhattan, one in Northern California (covering three phones), another one in Brooklyn (covering two phones), one in San Diego, and one in Boston.

According to Apple, it objected to at least five of these orders (covering eight phones) all on the same day: December 9 (note, FBI applied for two AWAs on October 8, the day in which Comey suggested the Administration didn’t need legislation, the other one being the Brooklyn docket in which this list was produced).

Screen Shot 2016-02-24 at 7.23.53 PM

The government disputes this timeline.

In its letter, Apple stated that it had “objected” to some of the orders. That is misleading. Apple did not file objections to any of the orders, seek an opportunity to be heard from the court, or otherwise seek judicial relief. The orders therefore remain in force and are not currently subject to litigation.

Whatever objection Apple made was — according to the government, anyway — made outside of the legal process.

But Apple maintains that it objected to everything already in the system on one day, December 9.

Why December 9? Why object — in whatever form they did object — all on the same day, effectively closing off cooperation under AWAs in all circumstances?

There are two possibilities I can think of, though they are both just guesses. The first is that Apple got an order, probably in an unrelated case or circumstance, in a surveillance context that raised the stakes of any cooperation on individual phones in a criminal context. I’ll review this at more length in a later post, but for now, recall that on a number of occasions, the FISA Court has taken notice of something magistrates or other Title III courts have done. For location data, FISC has adopted the standard of the highest common denominator, meaning it has adopted the warrant standard for location even though not all states or federal districts have done so. So the decisions that James Orenstein in Brooklyn and Sheri Pym in Riverside make may limit what FISC can do. It’s possible that Apple got a FISA request that raised the stakes on the magistrate requests we know about. By objecting across the board — and thereby objecting to requests pertaining to iOS 8 phones — Apple raised the odds that a magistrate ruling might help them out at FISA. And if there’s one lawyer in the country who probably knows that, it’s Apple lawyer Marc Zwillinger.

Aside the obvious reasons to wonder whether Apple got some kind of FISA request, in his interview with ABC the other day, Tim Cook described “other parts of government” asking for more and more cases (though that might refer to state and city governments asking, rather than FBI in a FISA context).

The software key — and of course, with other parts of the government asking for more and more cases and more and more cases, that software would stay living. And it would be turning the crank.

The other possibility is that by December 9, Apple had figured out that — a full day after Apple had started to help FBI access information related to the San Bernardino investigation, on December 6 — FBI took a step (changing Farook’s iCloud password) that would make it a lot harder to access the content on the phone without Apple’s help. Indeed, I’m particularly interested in what advice Apple gave the FBI in the November 16 case (involving two iOS 8 phones), given that it’s possible Apple was successfully recommending FBI pursue alternatives in that case which FBI then foreclosed in the San Bernardino case. In other words, it’s possible Apple recognized by December 9 that FBI was going to use the event of a terrorist attack to force Apple to back door its products, after which Apple started making a stronger legal stand than they might otherwise have done pursuant to secret discussions.

That action — FBI asking San Bernardino to change the password — is something Tim Cook mentioned several times in his interview with ABC the other night, at length here:

We gave significant advice to them, as a matter of fact one of the things that we suggested was “take the phone to a network that it would be familiar with, which is generally the home. Plug it in. Power it on. Leave it overnight–so that it would back-up, so that you’d have a current back-up. … You can think of it as making of making a picture of almost everything on the phone, not everything, but almost everything.

Did they do that?

Unfortunately, in the days, the early days of the investigation, an FBI–FBI directed the county to reset the iCloud password. When that is done, the phone will no longer back up to the Cloud. And so I wish they would have contacted us earlier so that that would not have been the case.

How crucial was that missed opportunity?

Assuming the cloud backup was still on — and there’s no reason to believe that it wasn’t — then it is very crucial.

And it’s something they harped on in their motion yesterday.

Unfortunately, the FBI, without consulting Apple or reviewing its public guidance regarding iOS, changed the iCloud password associated with one of the attacker’s accounts, foreclosing the possibility of the phone initiating an automatic iCloud back-up of its data to a known Wi-Fi network, see Hanna Decl. Ex. X [Apple Inc., iCloud: Back up your iOS device to iCloud], which could have obviated the need to unlock the phone and thus for the extraordinary order the government now seeks.21 Had the FBI consulted Apple first, this litigation may not have been necessary.

Plus, consider the oddness around this iCloud information. FBI would have gotten the most recent backup (dating to October 19) directly off Farook’s iCloud account on December 6.

But 47 days later, on January 22, they obtained a warrant for that same information. While they might get earlier backups, they would have received substantially the same information they had accessed directly back in December, all as they were prepping going after Apple to back door their product. It’s not clear why they would do this, especially since there’s little likelihood of this information being submitted at trial (and therefore requiring a parallel constructed certified Apple copy for evidentiary purposes).

There’s one last detail of note. Cook also suggested in that interview that things would have worked out differently — Apple might not have made the big principled stand they are making — if FBI had never gone public.

I can’t talk about the tactics of the FBI, they’ve chosen to do what they’ve done, they’ve chosen to do this out in public, for whatever reasons that they have.What we think at this point, given it is out in the public, is that we need to stand tall and stand tall on principle. Our job is to protect our customers.

Again, that suggests they might have taken a different tack with all the other AWA orders if they only could have done it quietly (which also suggests FBI is taking this approach to make it easier for other jurisdictions to get Apple content). But why would they have decided on December 9 that this thing was going to go public?

Update: This language, from the Motion to Compel, may explain why they both accessed the iCloud and obtained a warrant.

The FBI has been able to obtain several iCloud backups for the SUBJECT DEVICE, and executed a warrant to obtain all saved iCloud data associated with the SUBJECT DEVICE. Evidence in the iCloud account indicates that Farook was in communication with victims who were later killed during the shootings perpetrated by Farook on December 2, 2015, and toll records show that Farook communicated with Malik using the SUBJECT DEVICE. (17)

This passage suggests it obtained both “iCloud backups” and “all saved iCloud data,” which are actually the same thing (but would describe the two different ways the FBI obtained this information). Then, without noting a source, it says that “evidence in the iCloud account” shows Farook was communicating with his victims and “toll records” show he communicated with Malik. Remember too that the FBI got subscriber information from a bunch of accounts using (vaguely defined) “legal process,” which could include things like USA Freedom Act.

The “evidence in the iCloud account” would presumably be iMessages or Facetime. But the “toll records” could be too, given that Apple would have those (and could have turned them over in the earlier “legal process” step. That is, FBI may have done this to obscure what it can get at each stage (and, possibly, what kinds of other “legal process” it now serves on Apple).


October 8: Comey testifies that the government is not seeking legislation; FBI submits requests for two All Writs Act, one in Brooklyn, one in Manhattan; in former case, Magistrate Judge James Orenstein invites Apple response

October 30: FBI obtains another AWA in Manhattan

November 16: FBI obtains another AWA in Brooklyn pertaining to two phones, but running iOS 8.

November 18: FBI obtains AWA in Chicago

December 2: Syed Rezwan Farook and his wife killed 14 of Farook’s colleagues at holiday party

December 3: FBI seizes Farook’s iPhone from Lexus sitting in their garage

December 4: FBI obtains AWA in Northern California covering 3 phones, one running iOS 8 or higher

December 5, 2:46 AM: FBI first asks Apple for help, beginning period during which Apple provided 24/7 assistance to investigation from 3 staffers; FBI initially submits “legal process” for information regarding customer or subscriber name for three names and nine specific accounts; Apple responds same day

December 6: FBI works with San Bernardino county to reset iCloud password for Farook’s account; FBI submits warrant to Apple for account information, emails, and messages pertaining to three accounts; Apple responds same day

December 9: Apple “objects” to the pending AWA orders

December 10: Intelligence Community briefs Intelligence Committee members and does not affirmatively indicate any encryption is thwarting investigation

December 16: FBI submits “legal process” for customer or subscriber information regarding one name and seven specific accounts; Apple responds same day

January 22: FBI submits warrant for iCloud data pertaining to Farook’s work phone

January 29: FBI obtains extension on warrant for content for phone

February 14: US Attorney contacts Stephen Larson asking him to file brief representing victims in support of AWA request

February 16: After first alerting the press it will happen, FBI obtains AWA for Farook’s phone and only then informs Apple

James Orenstein Calls Out Jim Comey on His Prevarications about Democracy

At a 10 AM Senate Homeland Security hearing on October 8, Jim Comey read prepared testimony that reiterated his claim that encrypted devices are causing FBI problems, but stated that the Administration is not seeking legislation to do anything about it.

Unfortunately, changing forms of Internet communication and the use of encryption are posing real challenges to the FBI’s ability to fulfill its public safety and national security missions.. This real and growing gap, to which the FBI refers as “Going Dark,” is an area of continuing focus for the FBI; we believe it must be addressed given the resulting risks are grave both in both traditional criminal matters as well as in national security matters. The United States Government is actively engaged with private companies to ensure they understand the public safety and national security risks that result from malicious actors’ use of their encrypted products and services. However, the Administration is not seeking legislation at this time.

That statement got the Administration a lot of good press, with the WaPo declaring “Obama administration opts not to force firms to decrypt data — for now” and the NYT, even after this ruling had been unsealed, reporting, “Obama Won’t Seek Access to Encrypted User Data.” In the actual hearing, Comey was more clear that he did intend to keep asking providers for data and that the government was having “increasingly productive conversations with industry” to get them to do so, inspired in part by government claims about the ISIS threat. Part of that cooperation, per Comey, was “how can we get you to comply with a court order.”

Sometime that same day, on October 8, government lawyers submitted a request to a federal magistrate in Brooklyn to obligate Apple to help unlock a device law enforcement had been unable to unlock on their own.

In a sealed application filed on October 8, 2015, the government asks the court to issue an order pursuant to the All Writs Act, 28 U.S.C. § 1651, directing Apple, Inc. (“Apple”) to assist in the execution of a federal search warrant by disabling the security of an Apple device that the government has lawfully seized pursuant to a warrant issued by this court. Law enforcement agents have discovered the device to be locked, and have tried and failed to bypass that lock. As a result, they cannot gain access to any data stored on the device notwithstanding the authority to do so conferred by this court’s warrant.

The next day the judge, James Orenstein, deferred ruling on whether the All Writs Act is applicable in this case (though he did suggest it probably wasn’t) pending briefing from Apple on how burdensome it would find the request. Orenstein released his memo after giving the government opportunity to review his order.

This is not the first time the government has tried to use the All Writs Act to force providers (Apple, in at least one of the known cases) to help unlock a phone. EFF described two instances from last year in a December post. It also reviewed a 2005 ruling where Orenstein refused to allow the government to use All Writs Act to force telecoms to provide cell site location in real time.

Of course, as Lawfare seems to suggest, it has taken a decade for the decision Orenstein made in that earlier ruling — that the government needs a warrant to get cell tracking from a phone — to finally get fully developed into a debate and some Supreme Court (US v. Jones) and circuit rulings. That’s because in the interim, plenty of magistrates continued to compel providers to give such information to the government.

It’s quite possible the same is true here: that this is not just the third attempt to get a court to issue an All Writs Act to get Apple to provide data, but that instead, a number of magistrates who are more compliant with government wishes have agreed to do so as well. Indeed, as Orenstein noted, that’s a suggestion the government made in its application when it claimed “in other cases, courts have ordered Apple to assist in effectuating search warrants under the authority of the All Writs Act [and that] Apple has complied with such orders.”

What Orenstein did, then, was to make it clear this continues to go on, that even as Jim Comey and others were making public claims (and getting public acclaim) for not seeking legislation that would compel production of encrypted data the government — including, presumably, the FBI — was seeking court orders that would compel production secretly. The key rhetorical move in Orenstein’s order came when Orenstein compared Comey’s public statements claiming to support debate on this issue to the attempt to claim the government had to rely on the All Writs Act because no law existed. In a long footnote, Orenstein quoted from Comey’s Lawfare post,

Democracies resolve such tensions through robust debate …. It may be that, as a people, we decide the benefits here outweigh the costs and that there is no sensible, technically feasible way to optimize privacy and safety in this particular context, or that public safety folks will be able to do their job well enough in a world of universal strong encryption. Those are decisions Americans should make, but I think part of my job is [to] make sure the debate is informed by a reasonable understanding of the costs.

Then Orenstein pointed out that relying on the All Writs Act would undercut precisely the democratic debate Comey claimed to want to have.

Director Comey’s view about how such policy matters should be resolved is in tension, if not entirely at odds, with the robust application of the All Writs Act the government now advocates. Even if CALEA and the Congressional determination not to mandate “back door” access for law enforcement to encrypted devices does not foreclose reliance on the All Writs Act to grant the instant motion, using an aggressive interpretation of that statute’s scope to short-circuit public debate on this controversy seems fundamentally inconsistent with the proposition that such important policy issues should be determined in the first instance by the legislative branch after public debate – as opposed to having them decided by the judiciary in sealed, ex parte proceedings.

To be fair, even as the government was submitting its secret request to Orenstein, Comey was disavowing his former pro-democratic stance, and instead making it clear the government would try to find some other way to get orders forcing providers to comply.

But, given Orenstein’s invitation for Apple to lay out how onerous this is on it, Comey might get the democratic debate he once embraced.

Update: When I wrote this in the middle of the night I misspelled Judge Orenstein’s name. My apologies!