One of the more compelling institutional cage-matches in the last few years, Apple vs. the FBI, ended in an anti-climax March 28. As denouements go it wasn’t particularly dramatic. It’s hard to tell who even won.
The FBI had been asking for Apple’s help accessing data on an iPhone belonging to one of the shooters in the San Bernardino terrorist attack. Apple had been asking the FBI to kindly back the hell up, because they felt (with some justification) that developing a tool to get into an iPhone would compromise the security on all iPhones. And, moreover, that the legal guidelines as to when the government can and can’t ask for encrypted data on your iPhone needed to be clarified.
The situation was supposed to come to a boil in court Tuesday March 22, but didn’t because the FBI announced that it was working with an outside firm to get into the phone without Apple’s help. Yesterday the agency announced that it had succeeded.
It’s hard to call this one for either side. The FBI got its data, whatever it was, we still don’t know. Apple got to stick to its principles—I spoke to Cook for a TIME cover story two weeks ago, when it was abundantly clear that there was no way Cook was going to give an inch on this one, unless the law compelled him to. Apple would’ve liked to take this issue to Congress and get the legal landscape clarified; it didn’t get that. The FBI didn’t get to set the legal precedents it sought either.
The FBI did salvage an angstrom of pride by opening the phone without Apple’s help. The whole saga had served as an extended advertisement for the strength of the iPhone’s security, and conversely it was making the FBI look technologically weak. (Following the saga, you couldn’t help thinking that the NSA would’ve dipped into some secret stash of zero-day vulnerabilities and cracked the phone on day one.) The FBI still doesn’t have premium bragging rights, since it had to turn to an outside firm for help—the rumor mill names an Israeli mobile data firm called Cellebrite. A federal database does show a contract between the FBI and Cellebrite, for unspecified services, for which Cellebrite billed the government $15,278.02. Apple is undoubtedly smarting at the news that that’s all it costs to crack an iPhone.
(It’s worth noting that the ACLU has been arguing for weeks that the FBI never needed Apple’s help in the first place, that there is a known path to decrypting the data, and that the FBI’s whole legal onslaught was an opportunistic attempt to set a legal precedent using a case, domestic terrorism, that would draw a lot of public sympathy. There’s an alternative story here, in which the FBI read the tea leaves and didn’t like its chances in court, so it backed off and went for the technological solution.)
The Justice Department has made it clear, in a statement, that this isn’t over, that this was just round one, and that the next time it gets stuck with a phone full of evidence it’ll be right back on Apple’s doorstep. Apple made it clear in a statement that its position remained unchanged; it’s likely that sooner or later it will get its day in court. Even though Apple’s products wound up looking that less secure, the outcome does strengthen Apple’s reputation as a defender of privacy, and its claim that strong encryption isn’t a security disaster. At the end of the day it’s rare for mobile data to be completely and totally inaccessible.
Terrorists worldwide declined to issue a statement, but they were undoubtedly watching this all unfold. Hopefully they feel a little less safe, so at least we can agree who lost.