Skip to main content

California bill over encryption backdoors could prevent Apple from selling iPhones on its home turf

iphone-6-iphone-6s-plus (2)

California is now presenting a new bill that, if passed into law, would stop Apple from selling iPhones on its home turf, via ZDNet. The bill requires smartphone manufacturers to sell devices that have backdoors to allow them to be decrypted. Naturally, this affects iPhones which use high-strength security methods and make it practically impossible for anyone including Apple to gain access without the passcode. If this proposed bill sounds familiar, there’s a reason for that. A nearly identical proposition was made in New York state earlier in the month.

Although the bill is only being proposed and isn’t law at this time, it poses a big issue for Apple which is facing pressure from politicians across the US to relax its stance on privacy in favor of security. The California case is especially problematic given the location of Apple’s HQ. It would be very awkward if Apple was barred from selling iPhones in the state where they’re designed.

If the bill came into effect as written, anyone caught buying an iPhone past January 1st, 2017 would be fined $2,500 per device. Naturally, there’s a reasonable chance this will not be instated, or at least delayed for further review. It is nonetheless a worrying trend for users interested in controlling their own information.

Tim Cook and Apple has repeatedly taken a hard-line stance on privacy. Most recently, Cook met with White House officials to encourage them to back Apple. Cook wants government to plainly state that there should be a ‘no backdoors’ ruling regarding consumer electronics. These proposed bills in California and New York fly in the face of that policy.

Along similar lines, the UK is also considering anti-encryption legislation. The Investigatory Powers Bill would require Apple to make ways for iOS devices to be unlockable, letting governments freely access user data with a warrant. For now, the conflict between technology companies and government oversight continues.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. cdm283813 - 8 years ago

    Like I said. The government is going to drive Apple into submission. Be it with sale bans or heavy fines.

    • twelve01 - 8 years ago

      No it won’t

    • Seems like a lot of politico idiots want the iPhone to be as insecure as a Blackberry. Not sure why anyone anywhere, including people in office, would want the Chinese (and/or anyone else) to have clear and unfettered access to all their otherwise-encrypted data. Seems kind of asinine.

    • At this point it is easier to stop selling iPhones in California to make people get angry with the stupid politicians.

      • shareef777 - 8 years ago

        Exactly. Tell everyone the same feature they offered forever is now illegal and people will vote out the politicians that allowed that to happen.

    • Joey Ci - 8 years ago

      I hope Apple says F U and just pulls phones from CA and NY. People will still be able to buy just not in those liberal ass states.

  2. This is black and white, not sure why everyone doesn’t see it. You either have strong encryption where no one but the owner has access, or you have no encryption at all. There’s no middle ground. Once you have a third-party key, for all intents and purposes, there’s no longer a door.

    • Jay Wong - 8 years ago

      I think millions of people will protest an occupy the Gov building of California. Free country after all. Really sad that the states is more and more like a communist country!!!

      • PMZanetti - 8 years ago

        And to be clear, this is not misunderstood by the Gov. They know damn well the implications of what they ask, and they don’t care. For them it is all about getting control, and access, and intrusion. They need to be able to frame celebrities and whistleblowers as they have always been able to do, but can’t these days when all sensitive data is encrypted on an iPhone.

      • Clark Brown - 8 years ago

        What makes you think we live in a free country? Particularly New York and California.

  3. carmenia83 - 8 years ago

    “If the bill came into effect as written, anyone caught buying an iPhone as it exists today would be fined $2,500 per device. In fact, the bill actually backdates to sales made since July 2015.”

    So in theory, your plan is to fine people $2,500 for buying something that was legal, when it was legal? Good luck with that. I can’t believe how backwards this country is. It should be illegal to sell devices that are NOT encrypted!

    I would love to see Apple pack up and move its business elsewhere so California isn’t burdened any longer by the hundreds of millions of tax dollars they collected from Apple while they were selling their evil terrorist devices.

    • iSRS - 8 years ago

      It’s not just this country. Look at what the EU is doing with Apple in Ireland. Just like this, it is going to retroactively make something illegal.

      The golden age is over. Everyone that keeps looking voting in these big government politicians is going to kill us all, financially if not literally.

    • Robert Chudek - 8 years ago

      “So in theory, your plan is to fine people $2,500 for buying something that was legal, when it was legal? Good luck with that.”

      Ahhhh…. let’s see, the government has already forced you to purchase insurance, whether you want it or not, or face a fine! The precedent has already been established.

    • saeedg1377 - 8 years ago

      “So in theory, your plan is to fine people $2,500 for buying something that was legal, when it was legal? ”

      Ex Post Facto lol

  4. Doug Aalseth - 8 years ago

    Apple should call their bluff. The bill passes, poof, no iPhones in any store in California. Pull everything out. The public backlash would be huge. The bill would be repealed within hours.

    [quote] to relax its stance on privacy in favor of security. [/quote]
    Ite irony is if you give ground on privacy you will have neither.

    • iSRS - 8 years ago

      I wish it would make sense for Apple to pull out of California all together. Google, too. Say, fine, you feel that way? We will find a state that won’t impose such oppressive laws.

      • telecastle - 8 years ago

        Really, after they spent billions and billions of dollars on building a new campus in Cupertino? And what about the engineers working for Apple? Are they going to take the engineers to Arizona or Alabama? If the latter, they would have to let 1/3 of their workforce go due to the sexual orientation.

      • iSRS - 8 years ago

        @telecastle – did you read the first 8 words of my comment?

        “I wish it would make sense for Apple”

        It clearly DOES NOT make sense for them to. Hence the “I wish it would make sense” part. Because that would stop this bill dead in it’s tracks.

  5. viciosodiego - 8 years ago

    Jesus, what has the US government become?
    What infuriates me is that the public is doing nothing about this.
    Another american revolution is long do.

    • Jay Wong - 8 years ago

      Please don’t tell me that all Americans are now cowards?!

      • Doug Aalseth - 8 years ago

        To be brutally honest, when I saw what they allowed after 9/11 I realized that “Land of the Free and Home of the Brave” was a lie. A marketing slogan and nothing more.

    • Michael Weisberg - 8 years ago

      The reason why the public has done nothing about this is because no one has done any PR on it. Also, people have too many other things that are more important right now. If Apple were to actually call their bluff and stop selling their devices then people would actually care.

      • Joey Ci - 8 years ago

        Not to mention how lazy we are, I am including myself. We all protest this move by these asshole politicians but it would take Apple to stop selling devices for people to get off their asses instead of being hashtag activists…. If I were Tim I would just say okay, fine… We will sell in other states and not in CA or NY. People would still be able to get them via online but would also make a huge stink about it….. As much as I want to be safe, I would not trade any of my freedom for it.

    • standardpull - 8 years ago

      This is what happens when idiots without brains are elected to congress to create laws.

      People want to elect “tough rebels” into office.

      Ban the IRS? Then how exactly does the government pay the bills? Who knows and who cares, says the idiot voter who doesn’t quite get that roads, the military, and their bonds depend on money.

      • Doug Aalseth - 8 years ago

        Unfortunately, what passes for Democracy now is not good at finding qualified people to serve. It’s only good at finding people that have a talent for running for office. Look at the current presidential race. You have a woman that half the country hates, an old guy who’s ideas will never come to pass, and a bunch of white guys that scare the s*** out of me. Some choice.

  6. God forbid any corporation have any control or power greater than the government. How can they put up with that? This has absolutely nothing to do with our safety or security. There’s little left of the constitution for us at this point.

    • rdemsick - 8 years ago

      But apple doesn’t even have the power. That’s what is so awesome about Apple in this fight, it’s not in their best interest it’s in ours. Apple is fighting for freedom of government oppression on principal and we are doing nothing to help.

  7. littlebokchoy - 8 years ago

    They should just relocate out of CA then see what the politicians say

  8. Greg Buser - 8 years ago

    Presumably, Apple pays a lot in taxes in California, maybe they should threaten to move their business elsewhere if the state insists on forcing them to disable the security of their devices.

  9. John Smith - 8 years ago

    Great majority of tech/communication firms provide controlled disclosure from their products or services for law enforcement, without giving a free for all or compromising security.

    Apple claims they can’t do what other firms clearly can do: I call that BS.

    I’m NOT talking about any cop being able to randomly access our phones at the roadside. The other firms don’t support that.

    With minor changes to IOS crypto Apple themselves could unlock iPhones/iPads sent directly to Apple, with a warrant, by law enforcement. Apple knows how to design secure crypto with a back-up key – they do it for file vault – and they could easily implement that in IOS. If the taxpayer has to pay more money for judges to examine the warrant requests, or even pay a fee to Apple for the unlocking, so be it.

    Following cosy chats with presidents and repeated warnings they have been given by a wide range of people, I can only see Apple as having chosen an irresponsible and greedy strategy to obstruct law enforcement for profit.

    If they don’t want to be part of the solution, may be it’s time to start seeing them as part of the problem.

    • irockapple - 8 years ago

      If only it was that easy. Once they implement a backdoor then it’s only a matter of time before a hacker figures out how to access it. Now you have millions of phones that will be potentially accessible, and giving away a sorts of personal/financial information. Once that happens then it will be a “free for all” for litigation against Apple for them not doing enough to secure the device. I’m not even going to go into detail about how this could give governments the ability to spy on one another, like the NSA was doing. The common sense course of action would be to change the law to where if a person refuses to unlock a phone, after being presented with a warrant, then that said person is in contempt of the court and will be detained in a maximum security prison until that person complies.

    • Markus (@jokey2k) - 8 years ago

      The point is if you use FileVault, you keep the key and the backup key. You are still the one controlling access. If you give that key away, basically anyone could access your data, because you’re not the only one controlling controlling access to the data you own. More than one means anyone.

      • John Smith - 8 years ago

        Markus – If you use FileVault in a corporate environment then the IT dept keep the recovery key. If you want, there is an option to upload it to apple as a private user.

        To say ‘more than one is anyone’ doesn’t stand up.

        Don’t forget, I’m saying apple holds the keys and apple unlocks the devices (on warrant). If it really is the case that apple is totally incapable of holding encryption keys securely then that is very worrying – they have our personal data, credit card data, even health data for some users – encrypted with encryption keys we trust them to hold secure.

        If you really think apple can’t hold encryption keys securely, you need to stop using their products right now.

    • Daniel Kim - 8 years ago

      You really don’t understand encryption huh? So you’re saying we should leave keys under our mat. Just don’t tell bad guys and only let the cops know so when they need to get in, they can? Yeah, and what if the bad guys find the key? Who’s responsible then? There’s no “secure key” if someone other than the rightful owner has access to it. And how often does law enforcement need access to our phones that their trying to push this so hard? Cops have clearly solved crimes before the invention of smartphones. So why are they being lazy and forcing everyone to have an insecure device for the sake of catching a very minute population of criminals? People like you are part of the problem – the “I have nothing to hide therefore, don’t care of privacy” mentality (hint: you do care about privacy, everyone does).

      • rdemsick - 8 years ago

        And they already have access to a lot of information in criminal investigations. They can pinpoint locations and tap calls through cell towers. That is more than enough!

      • Jay Wong - 8 years ago

        Yeah, I’m totally with you. Come on! I mean the US Gov cannot even protect their encrypted data from the Chinese hackers! Who are they kidding?! They just want more power to control and abuse. Now I really worry about the US becoming another communist country where people will have no say one day.

      • John Smith - 8 years ago

        I understand encryption fine well – recovery keys are cryptographically secure and well understood.

        I don’t know anyone who is saying leave keys under your mat.

        I say the keys be held with apple. If you think you can’t trust Apple then you need to stop using their products right now.

      • @John Smith: “Keys under the mat” is a reference to a paper by crypto experts Rivest, Diffie, Schneier and others that argue against key disclosure laws.

        Decrypting encrypted data requires a key. Let’s call these laws what they are… a requirement to escrow keys with a third-party (wether that is with the government, Apple or someone else). The question is not wether Apple can do this… it’s wether ANYONE can do this effectively. The fiasco with the clipper chipper chip is a good example.

        I don’t think we should require device manufacturers or software developers be responsible for key escrow. I also don’t think we should require users to have to register devices or encryption keys with someone else.

        By the way, the bill only hi lights smartphones. Tablets, laptops, desktops or other handheld devices are out of scope.

        I’m unsure what law enforcement need that they don’t already have access to. They can intercept phone communications, they can subpeona emails from my ISP and possibly even intercept network traffic from the ISP. Are they concerned with access to intercept FaceTime communications? Or iMessages? If so, regulate those services. Need to know what apps I’ve installed on my phone, subpoena my App store records. The bad guys will just install third-party software on their devices to encrypt whatever data they wish

    • rdemsick - 8 years ago

      They aren’t making any profit from this. Are you really so naive that you don’t understand the evolution of government bodies towards corruption and abuse of power? Our forefathers understood it and created checks and balances because they knew every government grows bigger and more corrupt over time. They wrote in rights of the people to over throw the government because it was such a real concern. Now you naively want to give them more power to control and abuse? This is the Information Age, information is the most powerful weapon, and if we don’t protect it our government will turn into a dictatorship that is political science 101 that history has taught us again and again:

    • Jess Mee - 8 years ago

      As Cook has said, if you put a key under the doormat for the good guys, the bad guys WILL find it and use it. We went through this whole thing 20 years ago with the Clipper Chip debacle, and it went down for the same reasons that this should go down.

  10. telecastle - 8 years ago

    No reason to move Apple out of California. All Apple needs to do is to threaten to stop selling Apple’s products in California. Californians would have to take a trip to Vegas to buy Apple products.

  11. chrisl84 - 8 years ago

    Those damn republicans! Oh, its California and New York better keep the comments hush hush.

  12. Jonathan Brusco - 8 years ago

    FYI idiotic liberal politicians… I’d rather compromise my safety in order to keep my liberty. If the path that we are on is one that has no right to privacy from my government, then what the hell are you protecting, because it isn’t my freedom.

    • hodar0 - 8 years ago

      Benjamin Franklin once said: “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.”

      • Michael Weisberg - 8 years ago

        Please stop butchering that quote. That is not what he actually said. Here is actually what the context of that quote meant: http://techcrunch.com/2014/02/14/how-the-world-butchered-benjamin-franklins-quote-on-liberty-vs-security/

      • Joey Ci - 8 years ago

        So because one article says it meant X instead of X we take that for truth? Given the war that was going on at the time, it could go a few ways. Point is, whatever he meant, a HUGE portion of Americans would not sacrifice freedom for security. I would love to be safe and not have to worry about ISIS or any crap like that but I would not be willing to give up any God given freedoms for it… You give them an inch they will take a mile.

      • Doug Aalseth - 8 years ago

        @Joey Ci “Point is, whatever he meant, a HUGE portion of Americans would not sacrifice freedom for security.”
        Have you been to an airport in the last few years? Marginally illiterate rent a cops feeling your junk, and “inspecting” things, meaning stealing, all in the name of “security” while accomplishing nothing and Americans happily put up with it. I used to fly a lot around the world and people from other countries laugh at American “airport security”. It is exhibit #1 of why sacrificing freedom for security accomplishes doesn’t work. Yet a HUGE portion of Americans are just fine with it.

    • Jay Wong - 8 years ago

      Those Gov agencies cannot protect their encrypted data from the Chinese hackers and now they want us to run naked?! This is nonsense! We cannot trust the politicians. Apple is doing the good thing protecting our privacy. Now it is time people and other tech companies get really united and stand up stop kneeling down to them any more!

  13. rdemsick - 8 years ago

    This is insane! Why are people not defending their privacy? There is 0% chance that the government won’t misuse this and hackers won’t take advantage of it.

  14. Matt Miller - 8 years ago

    Wasn’t it the government in the first place that wanted to make devices more secure when iPhone thefts were a big thing in San Fran and NY? And now they are backpedaling on that in order to achieve what exactly? Whats the end game from the perspective of the Government?

  15. chrish1961 - 8 years ago

    Somebody should camp out on public property in front of Assemblyman Jim Cooper’s house and stream his family’s comings and goings 24 hours a day to see how he likes his privacy.

  16. Jirka Stejskal - 8 years ago

    If they stop selling it in CA, it will make more harm to CA government, than to Apple. All these guys will just go buy it elswehre.

  17. Jirka Stejskal - 8 years ago

    Whoever compromise his liberty because of his safety, is likely to loose both. That is still valid even in these days.

  18. telecastle - 8 years ago

    The confidentiality of the communication in iMessages and FaceTime is handled by the endpoints without any participation by the Apple servers, and it should stay the same way so that the government cannot acquire a back door to decrypting the communication. However, the establishment of the iMessage and FaceTime communication is proxied by Apple’s servers.

    Apple can make one compromise with the government in that it can enable the ability of the government to collect metadata for iMessages and FaceTime by retaining the initial “INVITE” requests, w which are proxied by the Apple servers. This will not compromise the confidentiality of the contents of the messages themselves but will provide the law-enforcing agencies the metadata, which would only contain information about who contacted whom at what time and on what date. This is similar to the data that the government already collected on all phone calls and email exchanges. On the other hand, by not allowing the back door to the encryption algorithms by staying away from the endpoint encryption altogether, Apple will ensure that the confidentiality of private communication when using Apple’s protocols is intact.

  19. Gregg Palmer - 8 years ago

    It would be helpful if you would post the name of the legislator proposing the bill and their sacramento office number. Also, suggest to your readers that when they call to be polite, courteous and helpful. You might also consider giving them reasons for your opposition. As a conservative libertarian, I am adamantly opposed to any government surveillance on its citizens without proper cause and due process.

  20. This is ridiculous, why does the government think privacy is some sort of fucking luxury?

  21. Jake Becker - 8 years ago

    I like it here, you guys aren’t like the bootlickers over at MR.

  22. crichton007 - 8 years ago

    Weakening encryption does nothing to improve security; it only makes spying easier.

  23. PhilBoogie - 8 years ago

    “For a stupid government, they sure do dumb things.”

  24. Grayson Mixon - 8 years ago

    Technically, they can’t fine people retroactively. Article 1 section 9 and 10 prevent ex post facto laws, specifically to prevent penalizing someone for doing something that was legal when they did it and was later criminalized.

  25. Jim Hassinger - 8 years ago

    I am actually friendly to the idea, if a: such peeking is only allowable with a judge’s warrant on probable cause, and b, after a crash program to make it 100% secure against any other threat of hacking. After all, the 4th Amendment is not a suicide pact.

  26. Jim Hassinger - 8 years ago

    At the beginning of telephones, law enforcement realized how trivial it was to tap a phone. They did it without warrant for years and years. They interpreted the constitution as forbidding the search of “persons, houses, papers and effects” literally. Of course people objected, but it doesn’t say, “telephone calls,” does it. Conservatives and originalists, see? Only later did the wiretap finally become illegal except under a warrant. In an era of much improved cryptography and global communication, we now have what seems to be crowd-sourced terrorism. Mass surveillance is definitely impossible unless you have an East-German-type internal spying system, and that definitely is unconstitutional. But is it really true that there is no possible way of installing a second door using the same technology as the any other secure encryption, unlockable only when a court gives assent– a third key? I suggest tabling this bill and all others like it, and offering an X-prize for somebody to develop a system that would make it impossible for the police or anybody else to casually eavesdrop, but possible for a warrant to provide that secret key. What’s the best outcome? That your privacy is respected, but that once probable cause is found to exist, law enforcement can inspect what a suspect is communicating to others and that it can be used as evidence in a court of law. (And by the way, if a technical means cannot do that, I wouldn’t ever forbid the great mass of people from having their own protection against snoopers of any kind.

  27. Shawn Newell (@CVS1726) - 8 years ago

    Ha! Imagine the public outcry if an entire country of people addicted to their iPhones suddenly had to give their iPhone up and/or could not purchase the latest iteration! Have governments learned nothing from the prohibition age?

  28. charismatron - 8 years ago

    How much would a black market iPhone cost in California, I wonder?

  29. Randy March - 8 years ago

    Time for Apple to spend some ad money at educating the electorate? Some for-profits spend some money for humanitarian goals, and freedom of privacy and encryption is clearly one.

  30. Don Wise (@doncwise) - 8 years ago

    Good luck enforcing this one through law enforcement; they can’t even enforce people to use their turn signals on their cars.

  31. No one should have access except for the device user, if you have a backdoor, that leaves a backdoor for criminals. And if this law passes, why can’t people just go to another state to purchase their phone, that’s what I would do. I don’t want to have an iPhone that’s just as insecure as a Blackberry or Android, we all know that those hones get hacked way too often!

Author

Avatar for Benjamin Mayo Benjamin Mayo

Benjamin develops iOS apps professionally and covers Apple news and rumors for 9to5Mac. Listen to Benjamin, every week, on the Happy Hour podcast. Check out his personal blog. Message Benjamin over email or Twitter.