How Existing Wiretapping Laws Could Save Apple From FBI's Broad Demands

from the calea-to-the-rescue? dept

Put simply, CALEA is entirely inapplicable to the present dispute [because] Apple is not acting as a telecommunications carrier, and the Order concerns access to stored data rather than real time interceptions and call-identifying information

A telecommunications carrier shall not be responsible for decrypting, or ensuring the government’s ability to decrypt, any communication encrypted by a subscriber or customer, unless the encryption was provided by the carrier and the carrier possesses the information necessary to decrypt the communication.

(1) Design of features and systems configurations. This subchapter does not authorize any law enforcement agency or office (a) to require any specific design of equipment, facilities, services, features, or system configurations to be adopted by any provider of a wire or electronic communication service, any manufacturer of telecommunications equipment, or any provider of telecommunications support services;



(b) to prohibit the adoption of any equipment, facility, service, or feature by any provider of a wire or electronic communication service, any manufacturer of telecommunications equipment, or any provider of telecommunications support services.

Indeed, Congress outright rejected the government’s initial CALEA proposal to actually prevent deployment of new technologies that didn’t have a wiretap back door. As Congress noted, “[t]his is the exact opposite of the original versions of the legislation, which would have barred introduction of services or features that could not be tapped.” In other words, Congress accepted the fact that some new technologies would put some evidence that law enforcement wanted, needed, and may have had access to in the past, beyond its reach in some cases.



Congress also determined that carriers would have no responsibility to decrypt encrypted communications unless the carrier provided the encryption and could in fact decrypt it. CALEA did not prohibit a carrier from deploying an encryption service for which it did not retain the ability to decrypt communications for law enforcement access, period. Here again, CALEA recognized that some evidence that may be necessary to an investigation will not be available to the government because it is encrypted and the provider lacks the key to access it.



So while CALEA provided law enforcement with some surveillance capabilities on phone networks (which the Federal Communications Commission later extended to broadband Internet access and two-way Voice over IP), it precluded the government from requiring “any specific design of equipment, facilities, services, features, or system configurations to be adopted by any manufacturer of telecommunications equipment.” Requiring Apple by court order to create and implement a work-around for the iPhone’s security features is, in fact, doing what CALEA prohibited.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

There are all sorts of interesting (and frustrating and challenging) legal questions raised by the FBI's use of the All Writs Act to try to force Apple to build a system to allow the FBI to hack Apple's customers. But there's one interesting one raised by Albert Gidari that may cut through a lot of the "bigger" questions (especially the Constitutional ones that everyone leaps to) and just makes a pretty simple point: the DOJ is simply wrong that the All Writs Act applies here, rather than the existing wiretapping statute, the Communications Assistance for Law Enforcement Act, or 47 USC 1002 , better known by basically everyone as CALEA. CALEA is the law that some (including the DOJ) have wanted "updated" in ways that might force internet companies and mobile phone companies to make their devices more wiretap-ready. But that hasn't happened.And, as Gidari points out, it seems clear that CALEA preempts the All Writs Act and explicitly forbids what the FBI is requesting here. The DOJ is claiming that CALEA doesn't apply to Apple:But Gidari notes that's misrepresenting CALEA, which also does apply to "manufacturers and providers of telecommunications support services" and Apple could be seen as qualifying, since it's providing the "equipment" here. And then if CALEA, rather than the All Writs Act applies, the DOJ's argument is basically dead on arrival. As many have noted, CALEA already says that you can't force a provider to decrypt encrypted communications:Now, some may argue that in this case Apple "possesses the information necessary," but that's not actually the case. Apple doesn't possess the information necessary to decrypt. It's being asked to build a system that would let the FBI then hack the system to decrypt. And that's different. And on that point, there's this in CALEA as well:In a follow up post, Gidari looks at the legislative history of CALEA as well , and notes that it was a compromise between law enforcement (who wanted access to everything) and telcos (who didn't want to give that much access). And the end result was that CALEA was designed to be clear that, no, law enforcement can't always get anything, and certainly can't force companies to build new tools:While a big Constitutional battle may be more interesting (and more long lasting), it's possible that an argument like this one might win the actual lawsuit.Of course, then the battle will shift back to Congress to try to update CALEA...

Filed Under: backdoors, calea, doj, encryption, fbi, hacking, iphone

Companies: apple