US has asked Apple, Google to help unlock devices in more than 70 cases

About 30 of the cases are as recent as 2015, according to the ACLU

U.S. government agencies have filed more than 70 orders requiring Apple or Google to help law enforcement agencies unlock mobile devices since 2008, despite the agency insisting its fight with Apple in a recent terrorism case was limited in scope.

The Department of Justice dropped its California case against Apple after the FBI found a way to break into one of the San Bernardino shooters' iPhone without assistance.

But the American Civil Liberties Union has identified 64 cases where representatives of the DOJ have filed All Writs Act orders seeking assistance from Apple or Google to unlock mobile devices. The ACLU's numbers are on top of 12 cases identified by Apple lawyer Marc Zwillinger in mid-February, the group said. 

The DOJ and FBI insisted their efforts to require Apple to help them break into an iPhone in the San Bernardino shootings was "just about that one case," ACLU lawyer Eliza Sweren-Becker wrote in a blog post. "Even though the FBI no longer needs Apple's help in that case, the FBI’s request was part of a sustained government effort to exercise novel law enforcement power."

The All Writs Act, from 1789, allows courts, with some limits, to "issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law."

The FBI has insisted its request in the Apple California case was "narrow."

"The San Bernardino litigation isn't about trying to set a precedent or send any kind of message," FBI Director James Comey wrote in February. "The relief we seek is limited and its value increasingly obsolete because the technology continues to evolve. We don't want to break anyone's encryption or set a master key loose on the land."

Asked for comment on the more than 70 cases, an FBI spokesman referred back to that Comey blog post. Many of the cases identified by the ACLU involve the Drug Enforcement Administration, like the FBI a part of the DOJ, or the Department of Homeland Security, a separate agency.

Nine of the cases identified by the ACLU are targeted at Google. But the company has not received any order "like the one Apple recently fought that demands we build new tools that actively compromise our products' security," a Google spokesman said by email. "We would strongly object to such an order."

In seven of those nine Google cases, the DOJ has requested the company's help with password resets, a different type of assistance than the recent California case in which the FBI wanted Apple to rewrite the iPhone operating system as a way to defeat password protections. In the other two Google cases, the type of assistance is unspecified.

Although one case dates back to 2008 and a handful back to 2010 and 2011, about 30 of the cases identified by the ACLU are from 2015 or 2016. Many of the cases involve illegal drugs and not terrorism, the group said.

Apple has resisted the All Writs Orders in many of the recent cases, according to information from Zwillinger. Beyond the California case, the most active case is in Brooklyn, New York, where the FBI has appealed an order from Magistrate Judge James Orenstein, who ruled that Apple isn't required to assist the agency in a drug case.

The ACLU published a map and a list of the All Writs Act cases on Wednesday.

The DOJ has said it still plans to use courts to force smartphone makers to help law enforcement agencies unlock devices. The agency filed a warrant in Sacremento on March 1 asking smartphone makers to help break into a terrorism suspect's phones, Forbes reported.

Join the CSO newsletter!

Error: Please check your email address.

Tags applefbi

More about AppleDepartment of JusticeDOJFBIGoogle

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place