Archive for January 2016

Why Apple Defends Encryption

Why Apple Takes a Stance Where Others Don’t — Apple is far from the first company to find itself in government crosshairs. BlackBerry, for example, was forced to decrypt communications for the Indian government in 2010 or shut down operations in the country. Those same tools have since expanded and are used in other countries to monitor BlackBerry devices.

Let’s go back to Gruber’s list: Google, Microsoft, Facebook, and Twitter. I’ll add Amazon and Samsung. In each case, these companies’ business models don’t put them in nearly the same position as Apple.

Google is fundamentally an advertising company that collects data on its users. That information can’t be encrypted so only the user can see it, since that would prevent Google from accessing it and using it for targeted advertising. Even removing the ad issue, some of Google’s services fundamentally won’t work without Google having access to the underlying data. Google is taking a stronger stance with Android encryption, at least on the technology side (slowly, because Google doesn’t control most Android hardware). But Google isn’t vocal about this since all its data is accessible with a warrant. It isn’t in the company’s interest to call attention to this fact. However, I do know that Google does whatever it can to prevent spying and other monitoring, such as encrypting all communications between its data centers.

Microsoft is fundamentally a software company. The firm already offers strong encryption for PCs (Bitlocker), but it isn’t consumer friendly and Microsoft owns only a tiny fraction of the mobile market. Its biggest customers, corporations and governments, are long used to monitoring Microsoft platforms for legitimate enterprise security reasons. Of all the companies here, Microsoft is in the best position to back up Apple, but Microsoft has such a long history of working with, and selling to, government that the company shies away from public conflict on this issue. Outside of the public eye, Microsoft is currently being held in contempt of court as the company battles the Department of Justice to protect user data stored overseas in a case that could define the future of cloud computing.

Facebook and Twitter? All data in social networks is accessible via lawful access (heck, most of it is effectively public anyway). Like Google, these companies are essentially ad platforms that need access to our data. While Facebook CEO Mark Zuckerberg and Twitter CEO Jack Dorsey may support strong encryption as individuals, there isn’t anything their companies can do about it on a practical level. Amazon? It doesn’t sell the hardware that matters, and as primarily a retailer, it isn’t in a position to do or say anything that will make a difference. (The exception is in Amazon Web Services, which makes extensive use of encryption, including government-proof options.) Samsung? Samsung is a foreign company that the U.S. government would be unlikely to take seriously.

Massive tech companies like Cisco, IBM, Oracle, and even HP simply aren’t in the right part of the market to advocate on behalf of consumers.

All these companies place a high priority on the security of their products and services, but, for the most part, they can’t build things that allow us to control our information and keep it private.

And again, to be perfectly clear, any time you enable monitoring, you reduce privacy and security. All back doors are security vulnerabilities. These are the equivalent to the laws of physics, not technical problems we haven’t solved yet.

Apple is nearly unique among technology leaders in that it’s high profile, has revenue lines that don’t rely on compromising privacy, and sells products that are squarely in the crosshairs of the encryption debate. Because of this, Apple comes from a far more defensible position, especially now that the company is dropping its iAd App Network.

Source: Why Apple Defends Encryption