Professionalism/Apple, the FBI, Personal Data

From December 2015 to March 2016, the Federal Bureau of Investigation (FBI) investigated a terrorist attack in San Bernardino, California that resulted in 14 deaths and 22 injuries. As part of their investigation, federal agents recovered a locked iPhone 5C that belonged to one of the suspects. Believing the phone could contain evidence relevant to the case, the FBI was eager to unlock it so that they could access its contents. However, the phone was programmed to automatically delete all stored data after repeated failed passcode attempts, which prevented the FBI from cracking the passcode on their own. In an effort to access the phone’s contents, the FBI obtained a court order compelling Apple to assist them in bypassing the phone’s built-in security features. Apple refused to comply, arguing that doing so would threaten user privacy and device security. This refusal resulted in a months-long debate in the public sphere over national security vs. personal privacy. Eventually, the FBI was able to use a third-party tool to unlock the phone and dropped its case against Apple, though the investigation and resulting debate remain a major event in privacy and security circles.

On December 2, 2015, 14 people were killed and 22 were injured during a terrorist attack at the Inland Regional Center in San Bernardino, California.^[1] Federal agents recovered Syed Rizwan Farook's work iPhone 5C intact. Agents believed that the data stored on the device could be used as evidence when investigating the 2015 San Bernardino shooting. A four-digit passcode locked the iPhone, preventing the FBI from accessing its contents. The iPhone was also programmed to delete all of its data after ten incorrect password attempts. FBI agents attempted to bypass this security feature through iCloud data syncs.^[2] iCloud account password differences between Farook's iPhone and his iCloud rendered the data sync unsuccessful.^[3] On February 9, 2016, the FBI announced it was unable to break into the iPhone. Agents asked Apple to unlock the phone. Apple claims the FBI wanted to create a new operating system, dubbed GovtOS.^[4]

United States (U.S.) magistrate judge Sherri Pym issued a court order in the U.S. District Court for the Central District of California "compelling Apple, inc. in assisting [federal] agents in [searching]" the San Bernardino shooter's iPhone 5C on February 16, 2016. Apple was specifically ordered to provide reasonable technical assistance in:

1. Bypassing or disabling the iPhone's auto-erase function
2. Enabling FBI agents to submit iPhone passcodes electronically
3. Preventing additional delays between passcode attempts

The court order requested Apple meet FBI demands by writing new iPhone software for Farook's iPhone. Apple was given five days to apply for relief if they believed "that compliance with this Order would be unreasonably burdensome."^[5]

The court order was issued under the All Writs Act of 1789.^[7] This act states that any courts established by Congress may issue all necessary or appropriate writs to aid their respective jurisdictions.^[8] The American Civil Liberties Union found that the government has been trying to use the All Writs Act to force companies to help crack customer phones since 2008.^[9]

Apple released a public letter, written by CEO Tim Cook, opposing the court order. The letter was directed at Apple customers and stated that the "United States government has demanded that Apple take an unprecedented step which threatens the security of our customers." Cook maintained that compromising information security puts personal security at risk and he felt they "must speak up in the face of what we see as an overreach by the U.S. government."^[10] According to Apple, building "a version of iOS that bypasses security" would create a dangerous backdoor that could be exploited to threaten security when in the wrong hands.^[10]

Apple stated that there is no precedent for "an American company being forced to expose its customers to a greater risk of attack" and feared that compliance with the court order would set a dangerous legal precedent. Cook wrote, "if the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data." While Apple stated that the FBI's intentions were good, the company felt it was "wrong for the government to force [us] to build a backdoor into [our] products" and that they feared that the demand "would undermine the very freedoms and liberty our government is meant to protect."^[10]

On March 28, 2016, the FBI announced that a third-party helped unlock the subject iPhone. The U.S. Department of Justice (DOJ) withdrew the court order requesting Apple's compliance on the same day.^[11] FBI Director James Comey confirmed that FBI purchased a third-party hacker's tool to unlock iPhones. Comey suggested the tool is worth over $1.3 million. This purchase didn't cover rights to the tool's technical details.^[12] The tool can only be used on older iPhone models lacking a Touch ID sensor.^[13] The Israeli company Cellebrite is rumored to have built the hack.^[14]

Apple's engineers and managers face an ethical crossroad. On one hand, they have a duty to user privacy product integrity. However, they must weigh this against their duty to the national security. Resolving this issue is an important one for engineers, especially in light of programs which ask corporations to aid the government's surveillance efforts.

A first ethical analysis of this case uses the ACM Code of Ethics.^[15] The Association for Computing Machinery (ACM), the professional organization for computer scientists, developed this code to guide members in ethical decision-making.^[16] One relevant section of the code relates to a software engineer's obligation to preserve the privacy of a software's users:

...It is the responsibility of professionals to maintain the privacy and integrity of data describing individuals. This includes taking precautions to ensure the accuracy of data, as well as protecting it from unauthorized access or accidental disclosure to inappropriate individuals... User data observed during the normal duties of system operation and maintenance must be treated with strictest confidentiality, except in cases where it is evidence for the violation of law, organizational regulations, or this Code...^[15]

The problem is reiterated rather than solved; the Code says that data must be confidential, except when it's evidence for legal violation. Unfortunately, later text in the Code adds confusion:

ACM members must obey existing local, state,province, national, and international laws unless there is a compelling ethical basis not to do so. Policies and procedures of the organizations in which one participates must also be obeyed. But compliance must be balanced with the recognition that sometimes existing laws and rules may be immoral or inappropriate and, therefore, must be challenged. Violation of a law or regulation may be ethical when that law or rule has inadequate moral basis or when it conflicts with another law judged to be more important...^[15]

Here, the Code appeals to the doctrine of civil disobedience; while obeying laws is important, there exist "higher laws" that may be more important. This concept of a "higher law" is precisely where the core ethical conflict for software engineers lies. The ACM Code explicitly mandates that professionals must "ensure that their products and related modifications meet the highest professional standards possible."^[15]

The FBI's demand was not for existing data, but to compel Apple to write new, custom software dubbed "GovtOS" that would bypass essential security features like the auto-erase function. From an engineering perspective, creating this code is equivalent to designing a "Backdoor."^[4] The professional consensus is that once a security flaw is deliberately introduced and signed by the manufacturer, there is no way to guarantee its control.

This tool intended for one phone would have threatened the security of millions of users globally if stolen or leaked, violating the engineer's fundamental duty to avoid harm and protect the public interest.^[15] Therefore, Apple's refusal was an act of ethical resistance, prioritizing the long-term integrity of the product over the specific investigative demands.

Tim Cook, in the Apple Customer Letter, makes an implicit appeal to a "higher law" at the letter's close. He says: "While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect."^[10] The letter's text implies this higher law is the "right to privacy."

The Right to Privacy is a relatively modern concept, although some trace its roots to Aristotle's division of the political (polis) and family (oikos) spheres. It was first introduced to the U.S. legal system by Louis Brandeis and Samuel Warren in their 1890 article, The Right to Privacy, in the Harvard Law Review.^[17] They contend that, in light of "instantaneous photographs and newspaper enterprise," the "right to be let alone" should protect a person's privacy and physical being.

As a U.S. Supreme Court Justice, Brandeis set a legal precedent on the right to privacy by writing a dissenting opinion for Olmstead v. United States. The Court was determining the legality of wiretaps used to convict a suspected bootlegger. While the Court ruled the wiretaps legal, Brandeis concurred with the defense that the wiretaps violated the Fourth and Fifth Amendments. His dissent stated that "[The makers of our Constitution] conferred, as against the Government, the right to be let alone -- the most comprehensive of rights, and the right most valued by civilized men."^[18] This supports Cook's appeal to privacy as a "higher law" than that of the FBI's request to open the iPhone.

Generally, Apple products such as Macs and iPhones have been known for their technological innovations as they compete with IBM products.^[19] However, in 2024, the DOJ filed a lawsuit against Apple regarding the Right to Repair, which can be exploited to pressure users to continue using Apple products.^[20] Apple has also “weaponized interoperability” in services such as iMessage to prevent competition from other companies like Samsung.^[21] These issues contradict Cook’s statement against the FBI’s backdoor solution, as Apple appears to already limit the freedom of their users in choosing what technology to adopt, suggesting Cook’s stance is less tangible.

Despite this, concerns about governmental overreach into private technology are found in other cases. In February 2025, U.S. Senator Ron Wyden sought to reform the CLOUD Act, which required American companies to comply with data warrants regardless of the data’s country of origin.^[22] Wyden and U.S. Representative Andy Biggs wrote a letter stating: “If Apple is forced to build a backdoor in its products, that backdoor will end up in Americans’ phones, tablets, and computers, undermining the security of Americans’ data, as well as of the countless federal, state and local government agencies that entrust sensitive data to Apple products.”^[22] With Ryden taking this view without a corporate lens, this provides credibility to Cook’s view against the FBI.

One could argue that the FBI was not fully transparent in this case. According to FBI Director Comey, "[This] isn’t about trying to set a precedent or send any kind of message... this case is about the innocents attacked in San Bernardino."^[23] While this is a plausible stance, it wasn't convincing to personal security advocates.

Steps taken by the FBI to unlock the phone suggest that they had a deeper motive than solving the case at hand:

1. The FBI "instructed a county worker to change the password for the phone's iCloud account."^[2] This prevented the phone from backing up its contents over Wi-Fi. Therefore, the FBI couldn't get data via iCloud. This is an odd mistake for a well-equipped agency to make.
2. While it wasn't the first time Apple encountered the All Writs Act^[6], Cook's letter to Apple customers claimed that the FBI's use of the law was "unprecedented."^[10] One would not expect such a stretch in an ordinary shooting investigation.
3. Less than two months after Apple refused to comply, the agency found a third party to help unlock the phone and immediately dropped their suit against Apple.

These events suggest a few possibilities:

• The FBI was unaware of third party hacks into the iPhone at case outset. Once they discovered one, Apple's help was no longer needed and they withdrew their suit.
• The FBI was aware of third party hacks, but tried to conscript Apple to unlock the phone, hoping that they would do it faster. Upon realizing Apple wasn't complying, they went to a third party for time's sake.
• The FBI was aware of third party hacks and knew that they could bypass Apple at any time, but continued to push their suit. Even though setting a legal precedent was not their manifest function of the investigation, it may have been a latent function.

The resolution of the case, where the FBI withdrew the court order after finding an external method to hack the phone, highlights a critical conflict over the definition of transparency. This conflict exists because technology companies define transparency in a way that conflicts with advocate-driven standards of accountability.^[24]

Apple CEO Tim Cook made a point of publicly disclosing the court order in an open letter.^[10] This act aligns with the advocate's view of transparency, which demands substantive, verifiable accountability.^[24] By inviting public scrutiny, Apple forced a national debate on legislative policy, rather than letting a technical precedent be set in a closed court.

On the other hand, the FBI's final actions exemplified a failure of governmental transparency. After hiring a third-party vendor (rumored to be Cellebrite) to unlock the phone, the agency fought in court to withhold key details, including the price paid and the technical exploit details.^[11][12][14] The FBI successfully argued that disclosing this information would reveal "intelligence sources or methods", thus preserving the public vulnerability for future use.^[13][23]

The Apple-FBI case should be generalized as a high-profile demonstration of the transparency-trust paradox.^[25] This paradox, where increased disclosures fail to rebuild user confidence , is a logical outcome of the conflict over transparency's definition^[25]: corporations treat it as a performative disclosure tool for brand management, while advocates demand it as a tool for verifiable accountability.^[24] This tension leads to user cynicism and "privacy fatigue," where 73% of Americans feel they have "little to no control" over their data.^[26] This public verdict is expressed through market action, such as the mass migration to alternatives like the privacy-focused messaging app Signal, whose structural model rejects the surveillance business model entirely.^[27]

In high profile investigations, governments and companies should consider both the rights of individuals and the security implications of the case at hand. Future research could study public opinion on these matters, or the many similar lower-profile cases across the country.^[28] In particular, further investigation on the other invocations of the All-Writs act on phone companies, uses of National Security Letters, and other instances of court-orders requiring software companies to divulge customer information.

1. ↑ The Los Angeles Times (2015, December 9). San Bernardino Shooting Updates. http://www.latimes.com/local/lanow/la-me-ln-san-bernardino-shooting-live-updates-htmlstory.html
2. ↑ ^{a b} Zetter, K. (2016, March 11). New Documents Solve a Few Mysteries in the Apple-FBI Saga. https://www.wired.com/2016/03/new-documents-solve-mysteries-apple-fbi-saga/
3. ↑ Kang, C. and Lichtblau, E. (2016, March 1). F.B.I. Error Locked San Bernardino Attacker's iPhone. The New York Times, pp. B1
4. ↑ ^{a b} Burgess, M. (2016, February 26). Why Apple won't unlock iPhones for the FBI. http://www.wired.co.uk/article/why-apple-refuse-help-fbi-iphone
5. ↑ Order Compelling Apple, Inc. to Assist Agents in Search. United States District Court for Central District of California. (2016).
6. ↑ ^{a b} Pagliery, J. (2016, March 30). "Here are the places feds are using a controversial law to unlock phones". CNN. Time Warner. Retrieved April 30, 2016. {{cite web}}: Check date values in: |date= (help)
7. ↑ Order Compelling Apple, Inc. to Assist Agents in Search. United States District Court for Central District of California. (2016).
8. ↑ All Writs Act of 1789, 28 U.S.C. §§ 1651 (1948).
9. ↑ Sweren-Becker, E. (2016, March 30). This map Shows How the Apple-FBI Fight Was About Much More Than One Phone. https://www.aclu.org/blog/speak-freely/map-shows-how-apple-fbi-fight-was-about-much-more-one-phone
10. ↑ ^{a b c d e f} Cook, T. (2016, February 16). A Message to Our Customers. https://www.apple.com/customer-letter/
11. ↑ ^{a b} Segall, L., Pagliery, J., and Wattles, J. (2016, March 29). FBI says it has cracked terrorist's iPhone without Apple's help. http://money.cnn.com/2016/03/28/news/companies/fbi-apple-iphone-case-cracked/
12. ↑ ^{a b} Lichtbau, E. and Benner, K. (2016, April 21). F.B.I. Director Suggests Bill for iPhone Hacking Topped $1.3 Million. The New York Times, pp. B3
13. ↑ ^{a b} Gibbs, S. (2016, April 7). San Bernardino iPhone hack won’t work on newer models, says FBI. https://www.theguardian.com/technology/2016/apr/07/san-bernardino-iphone-hack-work-newer-models-fbi-james-comey
14. ↑ ^{a b} Pandey, R. (2016, March 26). This Is How Much FBI Is Paying to Cellebrite to Unlock San Bernardino Shooter’s iPhone. http://www.iphonehacks.com/2016/03/this-is-how-much-fbi-is-paying-to-cellebrite-to-unlock-san-bernardino-shooters-iphone.html
15. ↑ ^{a b c d e} ACM. (1992). The ACM Code of Ethics. Retrieved from https://ethics.acm.org/code-of-ethics
16. ↑ ACM. Using the Code. Retrieved from https://ethics.acm.org/code-of-ethics/using-the-code/
17. ↑ Warren, S. D. & Brandeis, L. D. (Dec. 15, 1890). The Right to Privacy. Harvard Law Review, Vol. 4 (No. 5). Retrieved from http://www.cs.cornell.edu/~shmat/courses/cs5436/warren-brandeis.pdf
18. ↑ Olmstead v. United States. (June 4, 1928). FindLaw. Retrieved from http://caselaw.findlaw.com/us-supreme-court/277/438.html
19. ↑ Khillar, Sagar (May 8, 2019). "Difference Between IBM and Apple".
20. ↑ Sellinger, Phillip (June 11, 2024). "IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEW JERSEY" (PDF).
21. ↑ Monahan, Jack (April 4, 2024). "The Dark Side of Apple's Interoperability".
22. ↑ ^{a b} Graham, Edward; DiMolfetta, David (February 14, 2025). "Lawmaker looks to strengthen security of U.S. communications following UK's Apple backdoor order".
23. ↑ ^{a b} Comey, J. (2016, February 21). FBI Director Comments on San Bernardino Matter https://www.fbi.gov/news/pressrel/press-releases/fbi-director-comments-on-san-bernardino-matter
24. ↑ ^{a b c} Patel, Nilay (2022-04-26). "Government surveillance, Elon Musk, and free speech, with EFF executive director Cindy Cohn". The Verge. Retrieved 2025-12-15.
25. ↑ ^{a b} Williams, Dr Jocelyn (2020-01-01). "Online Customer Trust in the Context of the General Data Protection Regulation (GDPR)". Pacific Asia Journal for the Association of Information Systems. doi:10.17705/1PAIS.12104.
26. ↑ Park, Colleen McClain, Michelle Faverio, Monica Anderson and Eugenie (2023-10-18). "How Americans View Data Privacy". Pew Research Center. Retrieved 2025-12-15.{{cite web}}: CS1 maint: multiple names: authors list (link)
27. ↑ Statt, Nick (2021-01-07). "Signal sees surge in new signups after boost from Elon Musk and WhatsApp controversy". The Verge. Retrieved 2025-12-15.
28. ↑ Johnson, K. & Weise, E. 1,000 locked devices in limbo after FBI quits iPhone case. https://www.usatoday.com/story/tech/news/2016/03/29/fbi-withdrawal-apple-iphone-farook-brooklyn-locked-encryption-case-san-bernardino/82378416/

This page or section is an undeveloped draft or outline. You can help to develop the work, or you can ask for assistance in the project room.