Apple vs. The FBI: What It Means For Privacy and Security - Knowledge@Wharton

Apple vs.
the FBI: What It Means for Privacy and Security - Knowledge@Wharton
10/12/16, 5)42 PM
Wharton, University of Pennsylvania

The K@W Network:
English
TECHNOLOGY
Apple vs. the FBI: What It Means for Privacy

and Security
Espaol
Portugus
Log In
Mar 09, 2016
" Global Focus, North America
! Business Radio, Law and Public Policy, Podcasts, Research
Register
The federal governments demand that Apple create new software to hack into the phone of one
dead terrorist speaks to the complex and countervailing forces of privacy and national security.
The subject of corporate constitutional rights is of great interest to professors Eric Orts and Amy
Sepinwall from Whartons legal studies and business ethics department. Perhaps presciently,
they recently penned the article, Privacy and Organizational Persons, in the Minnesota Law
Review that foreshadowed this debate.
Sepinwall and Orts joined the Knowledge@Wharton show on Wharton Business Radio on
SiriusXM channel 111, to discuss the juxtaposition of privacy and security in the digital and
social media age.
http://knowledge.wharton.upenn.edu/article/apple-vs-the-fbi-what-it-means-for-privacy-and-security/
Page 1 of 10
Apple vs. the FBI: What It Means for Privacy and Security - Knowledge@Wharton
10/12/16, 5)42 PM
An edited transcript of the conversation appears below.

Knowledge@Wharton: Lets just start with your reaction to the case itself Apple against the
government, just a case of two sides butting heads, trying to figure this out.
Amy Sepinwall: The issues are really complicated. Because of some security concerns, we dont
have a full sense of just whats at stake.
In much of the media, this has been portrayed as a kind of dichotomy between, on the one
hand, security interests, which are obviously very important to us, but privacy interests as well.
There is something a little misleading about that, though, because in fact, privacy is a
countervailing force against our concerns for security. Its also the case that there are security
concerns on Apples side as well as on the government side, and Apple security concerns have
reason to be of moment for all of us.
Apples concern is that if it develops this technology, which it doesnt currently have, that will
allow it to unlock this phone, and thats not technology thats going to be specific to that
particular phone. Once that technology exists, it could get into the wrong hands, which could
lead to cyber-attacks or hacking that essentially puts all of us at risk. So again, there are
security concerns on both sides of this debate, and its important to take those seriously.
Our interest in the issue comes from a larger-scale interest in corporate constitutional rights,
and those rights themselves are a source of some anxiety. To take us away from the Apple issue
for just a moment, when you think about a case like Citizens United, whats at stake there is a
corporate constitutional right to political speech. And again, some of us have concerns about
whether corporations should be engaging in politics in that way, or if you think about Hobby
Lobby, whats at stake there is a corporate constitutional right to freedom of religion.
Once that technology exists, it could get into the

wrong hands, which could lead to cyber-attacks or
hacking that essentially puts all of us at risk.
Amy Sepinwall
Page 2 of 10
10/12/16, 5)42 PM
Here, we have a case of a corporations invoking its asserted rights to privacy. One important
distinction perhaps is that it is doing so, not on its own behalf, but on behalf of its users. So its
seeking to protect its users in ways that they really couldnt protect themselves, both because
they obviously dont have the power that Apple has, but also because, if, for example, the United
States government wanted to be spying on me through my iPhone, I wouldnt know about it, so
I wouldnt be able to assert my privacy rights. So its incumbent upon Apple, given that it is in
this privileged position, to seek to protect the privacy of its users.
Knowledge@Wharton: Tim Cook did an interview yesterday with ABC News David Muir, and he
talked about a lot of what you just spoke about, and I wanted to play a clip from it.
Tim Cook: What is at stake here is, can the government compel Apple to write software that
we believe would make hundreds of millions of customers vulnerable, around the world,
including the U.S., and also trample civil liberties that are at the basic foundation of what
this country was made on?
David Muir: And you would have to write that system in order to unlock that phone.
Cook: Yes, the only way we know would be to write a piece of software that we view as
sort of the software equivalent of cancer. We think its bad news to write, we would never
write it, we have never written it. And that is what is at stake here.
Knowledge@Wharton: Whats your reaction to what Cook said?
Sepinwall: I dont think you could put it in starker terms than likening the software to cancer.
That isnt the way that Ive been thinking about it. Ive been thinking about it more like the
development of a master key, but of course, a master key has power of its own. One of the
interesting pieces here is that Tim Cook, and Apple as a whole, seem to be motivated not even
by concerns about their bottom line, but on the basis of principle.
What if someone has a cell phone the FBI needs

unlocked, and its a nuclear threat of some kind?
Then what?
Eric Orts
Page 3 of 10
10/12/16, 5)42 PM
So just a very deep commitment to privacy, which Tim Cook in other contexts has called a civic
duty, motivates them. In fact, at a meeting with shareholders sometime within the last year,
Tim Cook e!ectively said to them, Look, if what you care about is the bottom line, at the
expense of our commitment to privacy, then you really should go elsewhere. So he has been
very forthright about the fact that this is commitment that deserves weight on its own,
independent of whatever e!ect it may have on the companys stock value.
Knowledge@Wharton: In the article that you and Eric Orts did for the Minnesota Law Review,
you talk about how the term privacy is kind of fluid right now. And its changing even as we
speak.
Sepinwall: Thats right. Its inevitable, given how quickly technology itself is developing. I teach
undergraduate students at Wharton, and they have a completely di!erent conception of
informational privacy than I might have, just because so much of their lives are now made
available to the world at large through various social media.
Knowledge@Wharton: What do you think the resolution will be of this particular case with
Apple and the FBI?
Sepinwall: Its really complicated. If Apple [finds] itself to be in a bargaining position, it could
seek to negotiate terms, such that the technology it developed would be destroyed immediately
afterward. And that it wouldnt feel subject to having now established this precedent, whereby
the government can compel it to create technology for purposes of breaching users privacy.
If Apple could specify, Look, well do this, but only because we have really good reason to
know that the person whose phone [it is] is someone who [committed] a series of murders. But
for other cases, for lower level crimes, for example, dont come to us. Were just not going to be
your handmaidens when it comes to developing that technology.
Knowledge@Wharton: Later in that interview, Tim Cook alludes to that as well. If the
government hadnt taken the tack that they did in making this such a public issue, you get the
sense that Apple might have worked with them. So it makes you think: Well, maybe Apple does
have the ability to do this, but now they just dont want to do this.
Page 4 of 10
10/12/16, 5)42 PM
Sepinwall: That could be. I think one of the issues here is, why did the government come out? I
think the government thought it had this very sympathetic case. Everyone wants to see what
might have been on the San Bernardino shooters phone, and as it happens, Apple has been
subject to something like 11,000 requests in the last year. And it says it has complied with about
7,000 of them, so its largely been cooperative. But of course, this is an especially polarizing
case, given whats at stake. This isnt a low-level criminal.
The idea that you use all that effort to create the
backdoor, and then somehow can erase that
knowledge, I think is the problem.
Eric Orts
At the same time, the Manhattan [district attorney] has said, Well, we need to have access to
the phones of low-level criminals too, because some of what were going to find there is going
to lead us to bigger criminals. So you have a slippery slope, and its really hard to know
whether you should embark upon it, and if so, whether youre going to be able to stop that train
to mix metaphors once it gets going.
Knowledge@Wharton: Eric Orts joins us. Im sure this has been an interesting week for you as
well, watching this all play out along the lines of what you and Amy wrote about a few months
ago.
Eric Orts: Its always helpful when you think youre writing something that is rather
theoretical, and then suddenly its on the front pages of all of the papers, and we get invited on
to your show, etc. But it is a very important issue the whole question of the right of
organizations to assert privacy rights, whether on their own behalf or for their customers and
users.
Knowledge@Wharton: Is a company like Apple asserting this on behalf of its consumers a
relatively new concept? And is it one that we will see develop as we go further?
Orts: Thats one of the things that we talk about in our article, but there is a theoretical
question: Is Apple only responsible for advancing the interests of its users? In many of Tim
Cooks pronouncements, that is the argument. Encryption is created for users. We respect the
Page 5 of 10
10/12/16, 5)42 PM
privacy of our users, and were not going to make a big backdoor to that. And the reason is that
we are protecting the privacy of our users.
But there are times including at one point in the ABC interview when Tim Cook was asked,
Well, what would Steve Jobs have done? And he says, I think about that every day. In fact, I
think about him every day. And one thing that he said about [Jobs] is that he always did the
right thing, at least according to how he thinks about it.
So then, the question is, Does Tim Cook, as CEO of Apple, have responsibility from a business
ethics point of view, to actually take a position on what the right thing to do is? And I think a lot
of this argument, too, is whats the best thing for the future of making everybody safe?
Protecting privacy on millions, billions of phones? I think you do have to take a public
perspective on that.
At that point, its not just about business interests. Its not just about your customers, or whats
going to make money for you. Its about a higher principle. And I think you have Google,
Facebook, Twitter, some of the other companies weighing in, and they have to think about
similar kinds of questions. To what extent can these new technologies be used by terrorists, or
to hurt many people? Not just San Bernardino, but what if someone has a cell phone the FBI
needs unlocked, and its a nuclear threat of some kind? Then what?
Even if they could manage to erase the new

operating system itself, the developers now have
the knowledge of how to do this in their heads
and it ends up in the wrong hands.
Amy Sepinwall
And against that issue, you have to [strike a] balance: Do you really make people safer if you
have backdoors in your encryption, that criminals or maybe even terrorists could then use, and
then they use that against you? So its not an easy question, but I think that, inevitably, the
companies are correct in that they have to stand up, and step up, and take a position one way or
another on these issues.
Page 6 of 10
10/12/16, 5)42 PM
Knowledge@Wharton: The idea that Washington could say, Listen, we have 14 people who
were killed and there is potentially this [valuable] information on this one phone. Could you
unlock this? And then destroy the process of doing it? I think a lot of people would want that,
but the problem is, somehow, some way, most likely, that information is going to get out.
Where do you fall on that question?
Orts: Im not a technology expert, so Im relying, to some extent, on what Cook and other Apple
executives are saying. But my understanding is, that what they would have to do technically is
that they basically create a new operating system that replaces the phones OS. Then, with the
new operating system, you can crack the password by running high-level computers on that.
Now, the idea is that you would create that whole operating system, have a bunch of people
working on that who would have to use Apple confidential information, maybe, to create that.
But the idea that you use all that e!ort to create the backdoor, and then somehow can erase that
knowledge, I think is the problem. At least from Apples perspective, you create that new
software, and then its like creating a new Frankenstein monster out there.
But then once you create that, there are going to be other demands for that, and then whats
the stopping point? What happens when the Chinese government comes to Apple, and says,
We need you to create a backdoor to stop this terrorist. You can see that there is something to
the slippery slope argument that Apple is making here.
Sepinwall: So let me add something that gets back to your earlier question about whether this is
a new frontier, whether we are just now seeing corporations trying to protect their users. The
precedent that the government is invoking here is a 1977 case involving phone companies,
where the phone companies were resisting government e!orts to track the phone numbers that
suspected individuals were calling, and the phone companies were forced to relent, and to hand
over that information. But of course, that is a much smaller-scale infringement on privacy,
relative to all of the content that is currently on a persons iPhone. Their photos, their notes,
their calendar, their location.
Orts: Credit card info.
Sepinwall: Right. Some very sensitive financial information, some potentially intimate
information. So what is at stake here is much larger to say nothing of the concerns that Eric
rightly raises about this technology getting into the wrong hands.
Page 7 of 10
10/12/16, 5)42 PM
Again, even if they could manage to erase the new operating system itself, the developers now
have the knowledge of how to do this in their heads, and you dont want to have a situation
where someone becomes disgruntled, or someone gets bought for a high enough price such that
they are willing to recreate this technology that we thought was destroyed, and it ends up in the
wrong hands.
Knowledge@Wharton: The other interesting thing is the fact that we are talking about an issue
of privacy in an era where technology advances so quickly, yet privacy law, in some respects, is
going back to the founding of our country, back in the 1700s.
Its only Apple that really has the firepower to

stand up against the FBI on this issue. Its not
going to be every individual iPhone user.
Eric Orts
Orts: There is a lot of law that is developing to protect privacy rights, whether its in the context
of the Fourth Amendment protection against unreasonable searches and seizures, or other areas
of privacy. Amy and I have written about the di!erent areas of privacy, and were following
other people. But I think youre right.
It is somewhat ironic that in the United States, where I think we have a general sense that our
privacy is very heavily protected, in fact, we are a little bit behind some other parts of the world,
notably Europe, where they take privacy interests very strongly. There are fairly large
controversies between businesses in the United States that want to mine a lot of data, etc.,
versus Europes sense that you should protect privacy more. So Apple gets thrown right into
that, as well as the other big companies.
You even have, in the example of this case, just an illustration of how old the law is here: You
have the All Writs Act that is being relied on it was a 1789 act. I dont think anybody was
thinking about, Lets get all of your information on an iPhone when that was written, so its
probably time to update the law a little bit on privacy. Then you have a democratic
determination of what the law of privacy should be in this age, rather than these court fights.
But that doesnt mean that were not going to have this court fight. It looks like its inevitable.
Page 8 of 10
10/12/16, 5)42 PM
Knowledge@Wharton: So we need to update our philosophy and laws on privacy. But in the
meantime, potentially, if were talking about one company deciding what their level of privacy
is, other companies could view privacy in a di!erent manner, correct?
Orts: Thats correct. Youre going to have a division between the di!erent companies involved.
One of the other interesting features here is and this is something that Amy and I write about
in our article their traditional idea was that you would have big government, and then
individual people would oppose the government trying to get into their business, invade their
privacy.
But in a modern world, the idea that one person is going to stand up against the NSA, for
example, or one person in China is going to stand up against their government, is unrealistic.
We make the argument that organizations like Apple, like the big companies of the world, that
are engaged in providing this technology, which ostensibly is providing privacy by encryption
and other means they actually have a responsibility to step up. And in some ways, if youre
an advocate of privacy as I think we are you want companies to do that, because they are
the players. Its only Apple that really has the firepower to stand up against the FBI on this
issue. Its not going to be every individual iPhone user.
Some of these tech companies, even while they

are asserting rights to privacy on behalf of their
users, engage in a fair amount of data mining on
their own.
Amy Sepinwall
Sepinwall: On the other side of the issue, one of the interesting dynamics here is that some of
these tech companies, even while they are asserting rights to privacy on behalf of their users,
engage in a fair amount of data mining on their own. So their analytics and their business
model depends on their tracking what kind of searches individuals are doing.
Apple has presented itself as operating with a di!erent model, so it sees itself as providing
hardware, not software. It sees itself as disabled from seeing what is on an individuals phone,
and that is supposed to be a key virtue of an Apple device. Apple itself is not participating in this
Page 9 of 10
10/12/16, 5)42 PM
double-sided game, where on the one hand its trying to stave o! the government, and on the
other hand its engaging in perhaps its own privacy violations. But some of the other tech
companies could be said to be playing both sides of this fence.
Orts: It is interesting that, in some respects, it sounds like Apple is kind of playing two sides
here, because, obviously, they are a company out to make a profit, and they are providing
services for hundreds of millions of people around the globe, yet they do also have the
technology aspect of this as well.
Sepinwall: They do, and I think the cynical take is, Apple is just putting up a good front. Its
going to resist for as long as it can, and then the government will compel it, and it will have to
turn over the information, or it will have to develop the technology. But of course, we wont be
able to blame it because it put up a very good fight. I am not necessarily prepared to be that
cynical about it. I think that this is a longstanding commitment of Apples that it is not always
focused first on what is going to enhance its profits. And the commitment is real, as far as I can
tell, anyway.
Orts: Yeah, I think thats right. We had an interesting debate in my MBA class [recently] about
this case, where some students presented this issue. The opinion of the class, I think, was
roughly divided half and half, because I think its not easy to tell what the motivations are of a
company of this sort. When Ive seen Tim Cook actually in these interviews for what its
worth, Im not an expert in judging demeanor particularly but it looks to me like he is
seriously grappling with the ethical principles involved here. That its not just window dressing,
and the company trying to make as much profits as possible.
So Amy is right to also mention that there are other companies that have di!erent interests,
di!erent profiles, and views of privacy. Just as companies can defend privacy, as Apple seems to
be doing right now, you can have companies going the other way, and not being so protective.
All materials copyright of the Wharton School (http://www.wharton.upenn.edu/) of the University of

Pennsylvania (http://www.upenn.edu/).
Page 10 of 10

Apple vs. The FBI: What It Means For Privacy and Security - Knowledge@Wharton

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Apple vs. The FBI: What It Means For Privacy and Security - Knowledge@Wharton

Uploaded by

Copyright:

Available Formats

Apple vs.

the FBI: What It Means for Privacy and Security - Knowledge@Wharton

Wharton, University of Pennsylvania

Apple vs. the FBI: What It Means for Privacy

Mar 09, 2016

" Global Focus, North America

! Business Radio, Law and Public Policy, Podcasts, Research

An edited transcript of the conversation appears below.

Once that technology exists, it could get into the

What if someone has a cell phone the FBI needs

Even if they could manage to erase the new

Its only Apple that really has the firepower to

Some of these tech companies, even while they

All materials copyright of the Wharton School (http://www.wharton.upenn.edu/) of the University of

You might also like