At Automattic, we’re very mindful of the trust our users place in us to keep their information private and secure, and we work hard to build systems, software, and legal policies to safeguard that information. We’re also very mindful of threats to user trust and security, and we believe that the recent federal court order, issued against Apple in the San Bernardino case, poses just such a threat.
The order requires Apple to write code to deliberately weaken standard security measures on an iPhone, in furtherance of the federal criminal investigation. Though the investigation is very important, the court’s order could pose a great threat to the security of all digitally stored information, and undermine the trust that users have placed in companies, like Automattic or Apple, to keep their sensitive personal information and data safe.
Apple has challenged the order, and today, Automattic has joined many leading Internet and technology companies in filing an amicus brief in support of Apple’s legal challenge.
Weaker Security Hurts Everyone
Like Apple, we respect the rule of law, and honor the valid government orders we receive to furnish data in connection with criminal investigations. But deliberately weakening information security, as Apple has been asked to do here, is a step too far that makes everyone less safe.
Undermining security measures – even in situations where there appear to be good intentions – will inevitably have unintended consequences for regular people. As Apple said in a letter to its customers, intentionally weakening security at the government’s request “would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data.” The fact is that if a security flaw exists, there is no way to ensure that only trusted governments, investigating a crime, can exploit that vulnerability. Improving security for everyone means aggressively finding and closing holes, not creating new ones.
Dangerous Legal Precedent
This case is not simply about access to one iPhone. It’s a decision that will serve as a (possibly global) precedent for what software, and the companies that build it, can and can’t do to protect user information. These protections exist to thwart anyone that seeks unauthorized access to user information (like hackers), and they need to be as strong and sophisticated as possible. If the San Bernadino order stands, the precedent it sets – that companies can be forced to weaken their own security – will be a dangerous one. Future orders could apply to not just smartphones and other hardware, but also to Internet services like those provided by Automattic.
Standing With Apple
Automattic takes great pride in building software that is not only free and open, but also secure. We stand with Apple in both condemning terrorism and defending the privacy and security of our users. If Automattic was faced with a government order like the one issued in San Bernadino, we, like Apple, would do everything within the law to challenge it. That’s why we’re joining with a sizable group of leading tech companies today to support Apple in this case.
You can read our full legal brief below.