DOJ appeals New York court order in favor of Apple

DOJ says it cannot try to unlock a seized iPhone without risking erasing data

The U.S. Department of Justice has appealed an order by a court in New York that turned down its request that Apple should be compelled to extract data from the iPhone 5s of an alleged drug dealer.

The case in New York is seen as having a bearing on another high-profile case in California where Apple is contesting an order that would require the company to assist the FBI, including by providing new software, in its attempts at cracking by brute force the passcode of an iPhone 5c running iOS 9. The phone was used by one of the two terrorists in the San Bernardino killings on Dec. 2 and the FBI wants Apple to disable the auto-erase feature on the phone, which would erase all data after 10 unsuccessful tries of the passcode, if the feature was activated by the terrorist.

The DOJ argues in the New York case as well that it is unable to access the data on the phone running iOS 7, because it is locked with a passcode. By trying repeated passcodes, the government risks permanently losing all access to the contents of the phone because when an iPhone is locked it is not apparent if the auto-erase feature is enabled, according to the filing Monday.

But Apple can help extract the data from the iPhone 5s, which it has done dozens of times in the past for similar iPhone versions at the request of the government, the DOJ argues. For versions of the operating system that predate iOS 8, Apple has the capability to bypass the passcode feature and access the contents of the phone that were unencrypted, it wrote in the filing.

Invoking user privacy and safety, Apple has said that its previous acquiescence to similar judicial orders does not mean it consents to the process. But the government, which has a warrant, claims that Apple made an U-turn in the particular instance, having first agreed to extract the data, when it responded that "Upon receipt of a valid search warrant pursuant to the instructions laid out in [the legal process guidelines], we can schedule the extraction date within a 1-2 week time frame." At no time during the communications ahead of the government seeking an order did Apple object to the propriety of the proposed order directing its assistance, according to the DOJ filing Monday.

Magistrate Judge James Orenstein of the U.S. District Court for the Eastern District of New York ruled recently that Apple can’t be forced to extract the data from the iPhone. The government's reading of the All Writs Act, a statute enacted in 1789 and commonly invoked by law enforcement agencies to get assistance from tech companies on similar matters, would change the purpose of the law “from a limited gap-filing statute that ensures the smooth functioning of the judiciary itself into a mechanism for upending the separation of powers by delegating to the judiciary a legislative power bounded only by Congress's superior ability to prohibit or preempt.”

But the government argues that the residual authority of the court under the All Writs Act is particularly important where legislation lags behind technology or risks obsolescence.

The government argues that courts have relied on the All Writs Act to mandate third-party assistance with search warrants even in circumstances far more burdensome that what is requested in the New York case. An unreasonable burden on the third-party is a key criterion when a Judge considers an order under the Act. Apple has argued that a burden on the company would be the impact on its ability to protect customer information, which could threaten the trust customers have in the company and tarnish the Apple brand.

The DOJ is now asking the court to review the decision by the Magistrate Judge.

"Judge Orenstein ruled the FBI’s request would 'thoroughly undermine fundamental principles of the Constitution’ and we agree,” Apple said in a statement on the new filing by the DOJ. The company said it shared the Judge’s concern “that misuse of the All Writs Act would start us down a slippery slope that threatens everyone’s safety and privacy."

Join the CSO newsletter!

Error: Please check your email address.

Tags applefbi

More about AppleDepartment of JusticeDOJFBI

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John Ribeiro

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts