This article is written by Gitika Wadhwani from Jagran Lakecity University. This article deals with the FBI and Public Law about the San Bernardino case.
The Federal Bureau of Investigation (FBI), the U.S intelligence agency that has worked for protecting the security of the state and civil liberties of its people whenever it’s been threatened by any criminal or terrorist act, has been in controversy with Apple Inc. owing to the San Bernardino case, a shooter attack in which fourteen people were killed. The FBI seized the phone belonging to San Bernardino (the shooter) and a search was to be conducted which was not possible due to security features and encryption features on the iPhone. FBI issued a warrant ordering Apple to assist the FBI by reducing its security feature and removing auto-erasing data function after several manual attempts. However, Apple refused to assist, saying it will threaten the security of its customers. The FBI hired a third party to hack the device and completed the search.
The Federal Bureau of Investigation is a federal agency responsible for the investigation of the violation of federal civil rights and for long has helped the people in the U.S to protect their civil rights. The agency deals with the investigation of hate crimes, the color of law violations, and Freedom of Access to Clinic Entrances (FACE) Act violations. The Public Law of the United States comprises its Constitution which prescribes the civil liberties of people and the foundation of the federal government. To function effectively, the federal agency deals with various aspects of Public Law and protects the civil liberties of people. The FBI, being the federal agency, looks after the security of the United States and protects its people and country from any criminal or terrorist act. The Public Law provides power to the FBI to investigate crimes against the state and authorizes the funds for carrying out the functions; the Federal Bureau of Investigation receives its authority from the provisions of Public Law.
The federal law under the U.S. Code authorizes the attorney to appoint officials to detect crimes against the United States. The FBI has special powers to make arrests, carry firearms, and serve warrants. Also, the FBI agents are empowered to make seizures under the warrant if there is a violation of federal statutes. The authority and functions of the FBI can be refereed from various statutes. These are as follows:
- Authority to investigate criminal violations;
- Power to investigate violations of state law on request by an appropriate state official in limited circumstances such as felony killings of state law enforcement officials, violent crimes against interstate travelers, and serial killers;
- Investigative and other responsibilities of the FBI;
- Authority to investigate threats to national security.
This wide range of powers given to the FBI makes it unique to address the issues related to both national security and criminal threats and using its intelligence tools to collect the information. The FBI can work flexibly by collecting data through its intelligence covering all the aspects of the subject matter and using this information to carry out its search, seizure, and arrest if it appears that there is an imminent danger to the state or innocent person. FBI and Public Law can be said to be the long-found friends as it carries out the function of Public Law to protect the state and its constitution and in absence of any statute, large powers are bestowed upon the FBI to act for the national security of the country.
Before understanding ethical hacking, let’s understand ethics and hacking separately. Ethics in normal terms is something that is not wrong, that is authorized and not against the moral and sometimes legal principles, and hacking in simple words is gaining access to someone’s data that might be authorized or unauthorized.
Ethical hacking is an intrusion into a network or system to identify the threats or security vulnerabilities that an attacker or a black hat hacker may try to exploit to benefit themselves or cause loss to the person whose data is hacked. Any device, such as a smartphone, computer, network, etc. containing data or documents can be stolen and misused by the hacker. To prevent this loss or threat, a proactive approach is taken by ethical hackers to test and ensure network security and find the potential holes that can be corrected timely to prevent the system from malicious hackers.
What to do before and after a cybersecurity breach?
Before cybersecurity breach
- Try to identify the uncovered spots that the hacker could target and all other risks.
- Prone and the attack surface try to minimize it by protecting the known vulnerabilities that can be targeted.
- Mitigate your risk by engaging teams who have capabilities to detect the risk, use control measures such as encryption, intrusion detection, or hardware or software.
- Try to create strong passwords that are difficult to crack using upper case, lower case, symbols, and numbers.
- Try to create different passwords for different accounts so that in case one account is hacked the other remains protected.
- Be careful when you fill out your details on any random site.
After cybersecurity breach
In case an intruder can get unauthorized access to your device by breaking all the security passcodes, the following steps must be taken:
- If the breach could result in any access to your financial accounts and data, communicate with your financial institutions about the breach.
- Change all the passwords linked to the accounts that can be at the risk.
- You can use the credit freeze option so that no one can borrow anything using your identity.
- Identity the information or stolen data to understand the severity of the situation.
- Contact the company or a cybersecurity help desk to track the hacker.
- Do not take help from random companies that can be a social engineering attack.
In 2015, Syed Rizwan Farook and Tashfeen Malik perpetrated an attack on a holiday party at Farook’s office in San Bernardino. Fourteen people were killed, to conceal information from law enforcement agencies, they erased all the information from phones and smashed all the devices. Only one iPhone was found undestroyed, the phone was seized and the FBI attempted to get into the phone but was not able to get access to it because of the iOS 9 feature that would erase the data after a certain number of attempts.
The FBI tried to take help from Apple by asking to build a passcode bypass system for the bureau but Apple refused by saying that it would decrease the security feature of iPhones. Despite several attempts and orders by the court, Apple denied assisting the FBI as it would create a threat to the security of customers.
The debate between the FBI and Apple was mainly around privacy, security, and encryption. The FBI, on one hand, needed the assistance of Apple to investigate the phone of the suspect in the San Bernardino case. Whereas, Apple denied removing the security features of the iPhone operating system stating that it will threaten the privacy of customers.
The motion of Apple seeking the court to reverse the order to assist the FBI in search created a controversy. The argument that removing the security features would threaten the privacy and security of people is not true. The FBI did not want Apple to give any new operating system that could be copied but only to install it on the suspecting phone which would make it easy for the FBI to crack the encryption. In no way, it would affect normal people or customers of Apple. The FBI was not going to use it for every single person to keep a check on them but only one who is a suspect and there is a probable reason that there is a threat or information related to a criminal act. So, to protect the country and its security the company must assist the FBI.
The FBI had hired a third party to gain access to an iPhone that was linked to the San Bernardino shooting and was able to hack the phone which raised concern to Apple that it would result in a security compromise.
Many big tech giants supported Apple including Facebook, Twitter, Yahoo, Google, and eBay, and also academicians, activists stood by the company. There was a huge debate over the matter of whether the company is legally bound to forsake its security and can be compelled to create a backdoor for its encryption policy.
All Writs Act
All Writs Act is the federal statute of the United States which gives authority to the federal courts to issue all writs in absence of any specific statute whenever necessary and consistent with principles of law.
Following the FBI versus Apple controversy, the USA government approached the court to issue an order to Apple Inc. to provide written passcode for non-encryption barriers and auto-erase function after several wrong attempts for assisting the search of an iPhone that was found in the San Bernardino shooting. Apple’s assistance will help the government to determine the passcode without non-encryption features that have been coded into its operating system.
The FBI seeks software image files that will help them disable the auto-erase function if enabled, and it will also be able to submit passcodes for testing electronically the subject device. This residual authority of the court can be inferred from the All Writs Act which provides power to the court to issue orders whenever necessary to protect the principles of law and when there is no other statute.
The government, by using a search warrant under Provisions of federal Rules of Criminal Procedure, can collect the evidence but in this case, the evidence could not be collected because of the encryption and security features of the phone. The only way is if Apple removes the security feature and there is no specific statute under which a warrant can be issued therefore, the court is justified in using the All Writs Act. This statute has been used by the courts several times to gain access to devices to protect security and prevent criminal acts.
Individual rights and privacy are essential features of democracy, but when it comes to national security the role of intelligence agencies becomes crucial. They must gather information by collecting data and conducting a search as it deems appropriate. When only certain people who are suspected or are a threat to national security are targeted and their devices are being hacked or asked to be unlocked it is no violation of the privacy of customers.
FBI being the central agency is empowered to carry out its investigation with the help of other functionaries to protect the people and state against violation of various areas of Public Law. The authority given to the FBI makes it unique to address national security and criminal threats. Therefore, it can conduct the investigation, use its intelligence tools as well as arrest and prosecute the ones who are a threat to the people and state.
Students of Lawsikho courses regularly produce writing assignments and work on practical exercises as a part of their coursework and develop themselves in real-life practical skills.
LawSikho has created a telegram group for exchanging legal knowledge, referrals, and various opportunities. You can click on this link and join: