In a stinging rebuke to Apple, federal prosecutors contended Friday that the tech giant is “not above the law” and could easily help the government unlock a terrorist’s iPhone without undermining anyone else’s privacy.
“Rather than assist the effort to fully investigate a deadly terrorist attack,” government lawyers said, Apple “has responded by publicly repudiating” a court order demanding the company’s help.
The court filing portrayed the conflict as a battle between FBI agents working to obtain key information about a terrorist plot that killed 14 people and injured 22 in San Bernardino in December and a private company wishing to protect its reputation and brand.
In a motion to compel Apple’s help, prosecutors also accused the company of making misleading statements.
“The order does not, as Apple’s public statement alleges, require Apple to create or provide a ‘back door’ to every iPhone,” the filing said. “It does not provide ‘hackers and criminals’ access to iPhones … and it does not give the government ‘the power to reach into anyone’s device’ without a warrant or court authorization.”
Prosecutors said the software that law enforcement wants Apple to write could be kept in the custody of Apple and would not have to be shared with others.
“No one outside Apple would have access to the software required by the order unless Apple itself chose to share it,” the government said.
Prosecutors also insisted that the order seeking Apple’s assistance reflected a central principle in American law that citizens can be called upon to help law enforcement. Indeed, the motion argued, some technology companies have been required to write some amount of software to comply with subpoenas in other cases.
“Apple’s current refusal to comply with the court order’s order, despite the technical feasibility of doing so, instead appears to be based on its concern for its business model and public brand marketing strategy,” prosecutors wrote.
The government also argued that the law can compel someone to provide something that didn’t previously exist. Prosecutors cited the case of a defendant whose computer was encrypted. He was ordered to help the government produce a copy of the unencrypted contents of the computer, the motion said.
In response, senior Apple executives, speaking on the condition of anonymity, said Friday's government motion was redundant and aimed at applying more public pressure on the company so that it would give in.
The executives said they had no intention of backing down, reiterating that their position was in the best interest of its customers and the country.
One of the executives, also speaking on condition of anonymity, said Friday that the government’s request for software to change the iPhone’s operating system would take the company several weeks or months to develop and validate. It would not involve a mere matter of hours or days, he said.
The executive also disputed the government’s argument that only the terrorist’s iPhone would be affected by the court order.
If Apple complied with the order, prosecutors around the country would ask for the same technology, the executive said.
So far, only the U.S. has asked Apple to undertake such an endeavor, the executive added, but other countries would surely follow if federal prosecutors succceed in this case.
The phone that needs to be unlocked may contain critical communications that the FBI has been unable to recover elsewhere, the government filing said.
The FBI wants to hack into that Apple iPhone 5C, which was issued to shooter Syed Rizwan Farook by his employer, the San Bernardino County Department of Health. Farook and his wife, Tashfeen Malik, died in a firefight with police hours after the attack.
Computer forensics analysts fear the precedent of Apple complying with the order. Once Apple does this in this case, the government will request it again and again, they said.
Prosecutors sought to downplay the issue of encryption technology in the terror case, arguing that the software it’s seeking from Apple amounts to an innocuous update.
It would make it easier for the FBI to guess Farook’s passcode by ensuring a couple of settings are turned off, including one that would wipe the phone’s contents in the event of 10 incorrect unlock attempts. The company regularly issues updates that modify settings, the court filing said.
With Farook dead and his employer, which owns the iPhone, consenting to the search, the requested software would not invade anyone’s privacy and wouldn’t undermine encryption, prosecutors contend.
“This court should not entertain an argument that fulfilling basic civic responsibilities of any American citizen or company -- complying with a lawful court order -- could be obviated because that company prefers to market itself as providing privacy protections that make it infeasible to comply with court-issued warrants,” prosecutors said.
The Justice Department also reiterated its stance that Apple has the means to fulfill the court order. As of Wednesday, the company was still weighing how complicated it would be to develop a tool for the FBI.
“At no point has Apple ever said that it does not have the technical ability to comply with the order, or that the order asks Apple to undertake an unreasonable challenging software development task,” prosecutors wrote Friday. “On this point, Apple’s silence speaks volumes.”
Meanwhile, prosecutors and senior Apple executives disclosed Friday that the company in early January provided four alternatives to access data from the iPhone.
But one of the most encouraging options was ruled out because the phone’s owner, presumably the San Bernardino County Department of Health, reset the password to Farook’s iCloud account within 24 hours of the attack to access data from the backup. The iCloud password on the iPhone itself is now wrong, and it won’t back up unless someone can get past the phone’s passcode and change it.
The issue was discovered after Apple engineers sent to Southern California to work with the FBI struggled to trigger an automatic backup. When iCloud is enabled, iPhones automatically sync with the cloud if charging and connected to a familiar Wi-Fi network.
Prosecutors still contend that unlocking the iPhone is critical because some data doesn’t sync to iCloud. The FBI has retrieved Farook’s iCloud backups up to Oct. 19, about six weeks before the attack, and have suggested that he deliberately disabled the feature.
Apple executives and Jonathan Zdziarski, one of the top experts on iPhone security, said other issues could have cropped up and that the FBI’s assertion may not be true. An iPhone operating system update on Oct. 21 could have disrupted iCloud settings, the iCloud storage space could have been full or Farook may never have returned to a location where the auto-backup would have been activated.
Zdziarski said Apple may be able to reset the iCloud password so that it matches the one saved on the iPhone; Apple didn’t immediately comment.
Dolan reported from San Francisco and Dave from Los Angeles.
Times staff writer David Pierson contributed to this report.