Apple CEO defends privacy, encryption amidst terrorist concerns
In an interview with Charlie Rose on CBS This Morning that aired Friday, Cook said the supposed tradeoff between privacy and security is "only a simplistic view—we can have both."
Cook repeated Apple's stance that it complies specifically with court-ordered warrants to produce information as required by law enforcement, but said of encrypted data on iPhones, "We don't have it to give." That's because Apple's iPhones running versions after iOS 4 keep decryption keys on a user's iPhone and not on a server or some other place, as Apple has pointed out many times before.
Apple's reason for protecting a user's data with encryption technology, Cook said, is to offer privacy for all kinds of personal data, such as health information, "intimate conversations with family," and more. Opening up that encrypted data in some way would make the information widely available, he said.
"The reality is that a back door is for everybody-- good and bad," he said.
Some U.S. lawmakers back creating legislation that would force U.S. tech companies to turn over encrypted data on smartphones when ordered by a judge.
The chairman of the Senate Intelligence Committee, Sen. Richard Burr (R-N.C.) is working on encryption legislation, which has not been introduced, Hill staffers said Thursday. Details were not available.
Some experts want a revision to a the 1994 Communications Assistance for Law Enforcement Act (CALEA) to include encrypted data in legal wiretaps ordered by a judge. One of them, Darren Hayes, director of cybersecurity at Pace University, said this week that companies like Apple and Google might be willing to turn over access to encrypted data files with financial incentives.
FBI Director James Comey has testified about concerns that terrorists can use encrypted apps to plan attacks, but he also told senators 10 days ago that the government shouldn't tell industry how to operate their systems.
The Obama Administration currently doesn't have a legislative proposal addressing encryption policy.