September 29, 2014
Apple and Google recently took action making it more difficult for law enforcement authorities to search the content of smartphones. By giving up their own access to iPhone and Android device content, the companies made it impossible for government authorities to require them to surrender that content, even when a court order has been obtained.
In its new operating system for iPhones and iPads, iOS8, Apple altered the system engineering to provide device users with total control over access security for their devices. Previously, Apple structured the system so that all device access codes created by individual users were automatically shared with Apple.
The automatic sharing of local access codes ensured that Apple could, at any time, circumvent those codes and gain access to all device content. By retaining the access code information, Apple became a target for law enforcement and national security authorities. Those authorities could compel Apple to provide device access code information, thus making all device content accessible.
Its decision to avoid collecting local device access codes means that Apple will no longer have access to the device content of its customers. In this way, Apple protects itself from being compelled to share access code information, and thus access to device content, with government authorities.
The current generation of Android devices also offers this local control over device access security as an option for users. It has been reported that the next generation of Android devices will provide local control as the default setting for device security.
It is important to recognize that local control over device access does not protect content stored in Apple or Android cloud computing systems. Once content has been shared with the cloud, local control over device access can no longer protect the content from disclosure.
Government agents continue to have the authority and ability to compel disclosure of content stored in Apple, Android, and other cloud computing systems. The new device access engineering protocols established for Apple and Android devices protect the privacy of content stored on those devices but do not make content stored in the cloud more secure.
These engineering adjustments for the iPhone and Android systems illustrate a new approach increasingly popular among information technology and communications companies. Those companies now recognize that governments can not force them to disclose material that they are unable to access. It seems that the most effective approach to safeguarding the privacy of customer content is to avoid access to that content.
Previously, businesses and organizations generally believed that preserving their own access to customer information and content offered substantial potential economic benefits. Today however, many of those same parties understand that those potential benefits come at a substantial cost.
Organizations that retain access to customer materials make themselves targets for governments and malicious parties who seek access to those materials. Those organizations are now aware that the costs associated with protecting customer materials can be substantial. Accordingly Apple, Google, and other companies now seem to be increasingly willing to relinquish their own access to some customer materials in order to avoid the cost of fighting to protect the security of those materials.