U.S. Invokes 18th Century Law to Compel Apple to Hand Over Customer Data

iPhone 6 Plus
Can U.S. courts order tech companies to target customers with spyware? Flickr/William Hook

Immediately following Apple and Google's September announcement that they were making devices encrypted by default (rendering it technically impossible for the companies to extract customers' data for police), law enforcement officials of all stripes were up in arms. FBI Director James Comey called devices with this added security comparable to "a closet that can't be opened" and would threaten law enforcement's ability to investigate cases ranging "from homicides and car crashes to drug trafficking, domestic abuse, and child exploitation." But documents recently published by Ars Technica show that within weeks of the announcement the U.S. Department of Justice was pursuing a curious legal strategy to get the companies to crack devices for investigators despite their protestations.

The documents come from two federal cases—one in New York and another in California—in which prosecutors invoked the All Writs Act, a law with origins that go back to the 18th century, which allows courts to order a person or company to carry out an action. And in both cases, the federal judges agreed that the companies should aid the government.

But if these companies are actually unable to extract information from encrypted devices, as they claim is the case, how would they be able to help?

"Then that's pretty much the end of it," Hanni Fakhoury, a staff attorney at the Electronic Frontier Foundation, told Ars Technica. "The writ doesn't require Apple to do something that is impossible for it to do."

But not everyone is convinced that is the case. Matt Blaze, an associate professor of computer and information science at the University of Pennsylvania tweeted today that while the All Writs Act can't force companies to decrypt devices for law enforcement if it is unable to do so, it could possibly compel them to do something like push out targeted and even untargeted spyware to their customers. This could provide some, if not all of the same information that installing backdoor access could.

It is unclear how an 18th century law would apply to a 21st century problem, but the released documents have sounded the alarm and technologists are sure to be watching.