Apple's next big encryption battle with the federal government appears to be unfolding in a largely secret court case in Massachusetts involving an FBI bust of a gang called the Columbia Point Dawgz.
Thursday, the American Civil Liberties Union filed a motion to unseal a list of documents in the case (embedded below), in which the government appears to be trying to use the controversial All Writs Act of 1789 to force Apple to help it decrypt what is believed to be an iPhone 6 Plus running iOS 9.1.
We now know there are at least 63 occasions where the US government has used the All Writs Act, thanks to unsealed court documents compiled by the ACLU. The most interesting of those cases is this one in Boston, which seems likely to become another skirmish of the recent battle which sought to force Apple to help hack an iPhone belonging to Syed Farook, one of the San Bernardino shooters.
Unlike in other All Writs Act cases, it might not be possible to crack the device using the mysterious new technique the government obtained from a still-unidentified "outside party," which allowed the FBI to access the San Bernardino iPhone 5C without Apple's help.
The phone in question was recovered last November from Desmond Crawford, an alleged member of a Boston and Dorchester, Massachusetts-based street gang called the Columbia Point Dawgz. Upon arresting Crawford the FBI seized both an iPhone and an AT&T flip phone, and has requested a court order "requiring Apple, Inc. to assist in the execution of the search warrant by bypassing the lock screen of the iOS device," according to an affidavit written by FBI Special Agent Matthew C. Knight.
The affidavit mysteriously doesn't mention the iPhone's exact model, and the warrant itself is still under seal. But according to multiple online databases that track mobile device identifiers, the listed IMEI serial number belongs to an iPhone 6 Plus. This matches with a list of pending All Writs cases previously identified by Apple, which includes a case in Massachusetts involving an iPhone 6 Plus running iOS 9.1. Apple said in that filing that it formally objected to the case.
"My instinct is that the FBI isn't eager to go to the mat with Apple on the same issue yet again"
The affidavit was unsealed at the request of the government after it had been successfully used to perform a search on a flip phone that was also seized at the time of Crawford's arrest.
All iPhones running iOS 8 or greater have device encryption enabled by default. But unlike the San Bernardino shooter's iPhone 5c, the iPhone 6 and other newer iPhone models have a hardware security feature called Secure Enclave, which makes cracking the device's passcode significantly harder. Ostensibly, that would once again put Apple in the hot seat as the only one capable of helping unlock the phone.
Thursday, the ACLU of Massachusetts filed a Motion to Unseal the docket from that case, meaning it would be possible to at least see what types of documents are being filed in the case.
"Public access to All Writs Act cases is vitally important to an ongoing and nationwide debate regarding whether the government can use the Act to conscript private actors to break into mobile electronic devices, such as mobile phones," the ACLU wrote in the motion. "ACLUM respectfully requests that this Court unseal any docket sheets relating to the government's apparent request for an All Writs Act order directing Apple to unlock the Crawford iPhone referenced in [unsealed parts of the docket]. In the alternative, if no such docket sheets exist, ACLUM respectfully requests that this motion be denied as moot so that members of the public will know that they are not being kept in the dark about this crucially important matter."
"We don't really even know whether Apple could provide the kind of help here that FBI wanted in the California case"
There are a lot of unknown factors that could determine whether or not this becomes Apple's next big case. For one, it's still unclear whether the new technique the FBI used to successfully bypass the San Bernardino iPhone's tamper protection would work on Crawford's iPhone 6 Plus; law enforcement officials have so far only confirmed that it works on any iPhone 5c running iOS 9.
It's also uncertain whether the FBI would even want to use that exploit in this instance, though the FBI apparently agreed to help an Arkansas prosecutor unlock an iPhone and iPod in a murder case there (it's unknown if the FBI plans to use the same exploit). Based on the affidavit, the FBI has already caught many Columbia Point Dawgz members using wiretaps and other means, so it could have other means of prosecution.
Another question, says Andrew Crocker, a lawyer with the Electronic Frontier Foundation, would be whether Apple is even technically capable of helping to hack the newer device.
"We don't really even know whether Apple could provide the kind of help here that FBI wanted in the California case, since the Secure Enclave hardware allegedly makes bypassing some of the security features in iOS 9 harder," Crocker told Motherboard. "It might be that Apple is even less able to help, even if it were compelled by a court to do so."
Apple contested a court order compelling it to assist in unlocking Crawford's phone on February 11th. But unlike the San Bernardino order that went public a few days later, much less information is available for the Massachusetts case because the warrant and other court documents remain under seal.
When reached by Motherboard, an Apple spokesperson would not confirm any details of the case because the company said it does not comment on pending legal cases, which is a bit odd considering the company did plenty of talking during its high-profile case in San Bernardino (that the case is under seal may have something to do with it). The ACLU also said that it can't confirm specifics "because of a lack of publicly available information."
That the case is under seal makes it a much less public battle than an ongoing case in the Eastern District of New York, where the government seeks help unlocking an older iPhone 4S running iOS 7. In the midst of Apple's big PR fight with the FBI, judge James Orenstein, who is presiding over the New York case, issued a scathing 50-page opinion excoriating the government's demand. And yet, the government pushed forward in the New York case shortly after it pulled out of the San Bernardino fight—a puzzling move, considering that it hacked Farook's seemingly more secure iPhone 5c without Apple's help.
"We are taking this action in order to better understand how government authorities have attempted to use the All Writs Act of 1789 to defeat 21st-century technology," Matthew Segal, legal director of the ACLU of Massachusetts, said in a statement. "We hope this case will inform the ongoing public debate about digital security taking place in Massachusetts and across the country."
The Massachusetts case is unique in that it's the only one we know of involving a newer device running iOS 9, which makes it much more secure than the ones in New York and San Bernardino. Crocker believes that the government might not be ready to jump into another protracted legal battle so soon after the San Bernardino case.
"My instinct is that the FBI isn't eager to go to the mat with Apple on the same issue yet again—the San Bernardino case didn't go how they expected it to, and that was a very charged and sympathetic case for the government," Crocker said.
"This appears to be a drug trafficking and gang case, so while the crimes are serious, I don't know that it would have the same resonance as a test case."
Jason Koebler contributed reporting to this piece.