A thought has been fomenting about my mind the past few weeks since the FBI had a court order to force Apple to create a backdoor to the encryption on San Bernardino terror attacker, Syed Rizwan Farook’s iPhone. Between Apple CEO, Tim Cook’s open letter to Apple customers, presenting the view why Apple should not break its own encryption software, and the contrary perspective from the likes of Susan Hennessey and Benjamin Wittes, detailing why Apple has no business refusing the request.
Both perspectives resonated with me.
I laud Apple’s stance at upholding the right of individual’s to keep the content of their phones private. Mind you, lord only knows that is one of the few things kept private anymore; data, by and large, is freely shared with nary a thought to the potential consequences of what might happen to that data. Whether it is companies like FitBit collecting biometrics, or Facebook creating a very intimate and personal snapshot (and more) of each of its users, personal, sensitive information flows more fluidly than the annual Nile flood. The internet of things aside, it is still the prerogative of each individual of how much, or how little, information about themselves is shared publicly or with corporations.
Similarly, the ability to lock one’s phone (or computing device) is, and should always remain, the choice of the individual. That privacy is very important to many people (just as many people don’t care…anecdotally, most people I know choose not to lock their phones).
I recall a case a few years ago here in BC, whereby the police had tried to force an alleged suspect to unlock the suspect’s phone, believing there to be incriminating evidence on the phone. I don’t recall the specifics of the case anymore, but the long and short of it was that the judge ruled that if the phone was locked, the police could not request anyone to unlock that phone without a warrant, as that was the same premise as entering a home to search it without a warrant (pun not intended). Conversely, had the phone been unlocked, then there was no reasonable expectation of privacy and the phone could have been searched by police lawfully. I bear this in mind, and, being more of the privacy-mindset, lock my phone all the time as a matter of habit, as such.
Yet, there is the very real expectation that all corporations should participate in self-policing for the public good. We demand that the internet giants – Facebook, Twitter, Reddit etc… – police their pages and delete accounts where terrorism, racism, bullying, and any like criminal behaviours, take place.
Twitter announced the closure of over 125,000 terrorist-related accounts last month; Facebook has ramped up its anti-terrorism activities by actively combing for terrorism-related profiles and deleting them. This sort of activity comes on the heels of pleas from the likes of British Prime Minister, David Cameron, requesting that the Twitters and Facebooks of the world “to accept they have a social responsibility to help fight terrorism by allowing Britain’s intelligence agencies access to the data and content of online communications between terror suspects.” (from the Guardian)
I see this as essentially giving these internet and hardware companies mixed messaging that we need to protect consumer privacy yet demand that these companies police that privacy on everyone’s behalf. The problem with both is that not a single one of these companies is regulated and they are only held to whatever the moral and ethical compass that their CEO brings to the organization. We have faith that the Tim Cooks and Mark Zuckerbergs of the world will always do right by their clients (and remember, we are only their clients….nothing more, nothing less).
There is something inherently problematic with giving that much social, nay, governmental, responsibility to private, for-profit, companies. I don’t know that there is necessarily a better model of corporate governance for things such as social media and smart phones at the moment, but we should be very careful of relying on any organization that is responsible only to itself and its shareholders.