Encrypted freedom – Apple’s struggle for data protection between idealism and self-interest

At the least since the seriousness of state attempts to access large American tech companies was made public with the Edward Snowden leaks, even giant companies like Apple have found themselves in an extremely uncomfortable position. Data protection awareness is also growing with normal end-users, who are asking themselves more and more whether their personal information is still in good hands in the operating systems and cloud services of the US-based companies Apple, Google or Microsoft. Even though the resulting losses are hard to fathom, it is currently estimated that the Snowden affair caused the loss of up to 35 billion dollars through the loss of confidence of non-American customers.

Against this backdrop, the sensitive nature of the current debate between the FBI / the US government and Apple becomes quite clear: after 14 people were murdered in an Islamic terror attack in San Bernadino, California, the investigators acquired the perpetrators’ iPhone. Due to the PIN encryption used with iOS 9, it was not possible for the FBI technicians to extract information which was considered important for the investigation. Since a counter which erases the memory after more than ten unsuccessful login attempts has been added as an additional safety mechanism, the FBI technicians stopped all attempts to crack the assailant’s phone and demanded that Apple compromise their own safety mechanism.

Apple, however, refused to cooperate with the FBI on the grounds that creating a back door to the entire safety concept for all Apple users would come into question, and this led to an escalation in the argument. While the minister of justice is attempting to legally compel Apple to create a means of access for the FBI investigators, more and more of the significant American technology companies are taking the side of the iPhone manufacturers: alongside Google and Whatsapp, Facebook and Twitter have since joined. According to Google’s Sundar Pichai, the greatest danger of a cooperation between Apple and the FBI is the setting of a precedent. If this boundary is crossed, authorities and courts could point to this collaboration in all similar situations and thus demand a back door for practically every security concept. In stark contrast to the abolition of data security, the two-step authentication gradually implemented by Apple for Apple ID should significantly strengthen the protection of personal photos and documents. With this authentication, at the first log in with a user’s Apple-ID on a new device, a 6-digit code is sent separately to the user’s phone number, which must then be entered in addition to the Apple ID and password. This new function of iOS is optional. This method of One Time Password (OTP) is controversial because it is not safe enough. Since the user receives an SMS with the code on his cellphone, it is possible for hackers to intercept this SMS and subsequently to gain access to the user’s device with the code. Generally the second factor of two-factor authentication should not be used on the same end device, but should always be external to the device.

Since the start of the fight against terrorism as a consequence of the September attacks of 2011, finding a healthy balance between safety and freedom has become one of the biggest social challenges. As the NSA scandal demonstrated, the US authorities have lost the healthy balance when it comes to invasion of privacy and the curtailment of the fundamental rights of their citizens. Even though the FBI’s wish to find out more about the perpetrators’ other contacts and thus to be able to stop future attacks is completely understandable, a line has to be drawn somewhere so as not to undermine the value of the control and security needs which constitute democratic society.

Of course for Apple’s CEO this is about more than just an idealistic defence of the principles of data protection. It also has to do with winning back the lost confidence of customers inside and outside the USA. Thus it can also be understood why the competition joined Apple’s side so quickly. For America’s tech giants this debate is the chance to show the whole world that they are capable of defying the NSA’s control mania.

We at CosmoKey also support Apple in this debate. For us, data security has the highest priority, whether on your cellphone or on your PC / laptop. For this reason, two-factor authorisation is an important issue these days, to be able to protect your private and business-related information adequately. Hardly anything is worse than when confidential information gets into the wrong hands. Thuse we should also understand Apple, who want to and should protect the private information of their users. It is not without good reason that Apple implemented a security counter which automatically erases the memory after more than ten failed login attempts.

Bitte um den ersten Kommentar.

You must be logged in to post a comment.