Apple is ‘arrogant’ and encryption is ‘oversold’, ex-NSA lawyer tells SXSW


Stewart Baker claims the tech company has cooperated with the Chinese government and compares Tim Cook to Doris Day in the Apple v FBI debate

In one of the more unusual analyses of the Apple v FBI debate, former NSA general counsel Stewart Baker has compared Tim Cook to 1940s Hollywood star Doris Day.

Addressing an audience at SXSW young enough to have no idea who Doris Day was, Baker quoted Hollywood musician and actor Oscar Levant, who said: I remember her before she was a virgin.

He then said Apple had only recently changed its strategy in handling law enforcement requests for access.

Who remembers Tim Cook before he was a virgin? Look at his record in China, Baker said. When China asked, [Apple] didnt even tell us they were doing it. Other countries are going to request access, and companies are going to give it to them once they demonstrate that they really need it.

Doris Day (shes a film star). Photograph: Ronald Grant Archive

Europe and the rest of the world hates Silicon Valley, he said, giving the example of the recent vote by the French assembly on an anti-terrorism bill that expanded powers to search and detain.

Baker, now a private lawyer and a regular on the conference circuit, was speaking on a SXSW panel about the attempt by the FBI to order Apple to help access data on a phone used by one of the San Bernardino shooters. The issue has reignited discussion about whether the government should have access to backdoors in encryption software, following a similar situation in the 1990s the damaging effects of which are still being felt. Baker was general counsel at the NSA from 1992 to 1994.

Baker repeatedly laid into Apple, claiming encryption was the single most oversold technology in the public sphere and that Apple would accommodate requests by the Chinese government because China is now its biggest market. He said that Apple had previously cooperated with intelligence requests from the Chinese government and called the tech industry arrogant.

How about this: if you refuse to provide access to the government, the government is entitled to get every disclosure you have ever made for every other country. Because Apple is not telling us about China, he said. And if Apple is assuming the benefits of the privacy it is selling, how about it takes on some of the costs of crime? How about letting victims of crimes that have not been solved because of encryption sue Apple for damages?

He said that Apple had spent money proving its social responsibility by making sure minors were no longer employed on its third-party production lines. So for them to turn around and say that if you take pictures of kids while you are molesting them, we are going to protect you as well? Thats not socially responsible. They need to take into account the misuse of their technology and ask how to fix it.

Slightly bemused fellow panelist Matt Blaze, associate professor of computer and information science at the University of Pennsylvania, said that it was irrelevant to focus on Apples reputation or corporate responsibility. Thats like asking if Al Gore is a nice guy relevant to climate change, he said. Its a sideshow.

This could charitably be described as a crisis.

Three days earlier, Barack Obama spoke at SXSW, urging both sides of the debate not to be absolutist and to work for a constructive solution. Baker suggested that the president had taken a more moderate line than others in the White House.

It was a surprise, because many people around him would come out differently, he said. The FBI had enormous trouble pushing its agenda through the White House so for him to come out in this direction means he clearly believes it, because plenty of people told him not to come out and say that.

Amit Yoran, president of the computer security company RSA, cautioned against oversimplifying the debate as security v privacy, or Washington v Silicon Valley. We have heard resoundingly from the [intelligence community] that it does not favour weakening security or encryption, so this is not really a national security issue, he said. This is a law enforcement issue.

From a business and internet perspective, were on a shaky world stage post-Snowden. The corporate world doesnt have lots of trust in the US government and our own citizens have all-time low trust [the FBI order] would be a dangerous move against US economic interests.

Blaze said the technology industry relies on consumers updating hardware regularly so that security fixes can be rolled out, and that trust in those updates could be jeopardized.

So far the choice has been law enforcement shutting down v weakening encryption I dont think anybody wants either of those things, he said. What alternatives are there? They could explore hacking techniques of their own, or existing weaknesses in the product, or use hardware reverse engineering law enforcement has been largely reactive on a case-by-case basis.

These things require a healthy debate that we just havent had, and over the course of two crypto-wars, weve made remarkably little progress.

Last week, Apples general counsel, Bruce Sewell, defended the companys business in China against claims made in the FBIs legal case, including that the company had provided data in response to 74% of 4,000 state requests.

The ridiculous section on China where an AUSA, an officer of the court, uses unidentified internet sources to raise the spectre that Apple has a different and sinister relationship with China. Of course that is not true, and the speculation is based on no substance at all. To do this in a brief before a magistrate judge just shows the desperation that the Department of Justice now feels.

Read more:


Please enter your comment!
Please enter your name here