News Stay informed about the latest enterprise technology news and product updates.

Apple-FBI case: IT execs brace for privacy, security fallout

The Apple-FBI case is igniting an enterprise-wide discussion on privacy versus security. What CIOs need to know. Also in Searchlight: Facebook's population map; Intel's latest diversity push.

This case is not about one phone. Most experts can agree on that.

The public clash between Apple and the FBI is sparking a global debate on the issue of privacy versus security, forcing companies to look inward at their own consumer privacy policies while waiting nervously on the sidelines for a precedent-setting ruling. What should CIOs be bracing for?

By now, most of us are familiar with the basics of the Apple-FBI case: Apple is being asked to write new software that will allow the government to unlock the iPhone of one of the shooters in the San Bernardino, Calif., terrorist attack late last year, and Apple has refused on the grounds that doing so would compromise worldwide consumer privacy and security. On Thursday, Apple filed a motion to dismiss the FBI's court order, calling it unconstitutional.

"The precedent is the primary concerning outcome should Apple unsuccessfully challenge the judicial order," Forrester Research analyst Jeff Pollard told me in an email. "This is an order viewed at a micro level impacting a single phone, but broadly this touches on the ability of the government to access data across devices and software in the future."

Mobile device management implications

If the federal government can force Apple to undermine the company's own encryption and alter its security framework, why couldn't it force other companies to do so as well? According to Pollard, a boardroom conversation is in order to address the concerns raised by the Apple-FBI case and make sure IT executives have control over their company's security. That's especially important for those building privacy and security features into hardware and software systems, he said.

"Could you be forced by law enforcement agencies to 'red team' your products? Do you have to design them with methodologies to circumvent the same security controls you initially integrated into the products? Do you take steps similar to what Apple has done with Secure Enclave to completely remove the possibility of accessing customer data if they use certain product features?" he noted.

Consumers are making decisions based on their trust in a brand, and that trust is heavily influenced by the companies' focus on privacy and security.
Jeff Pollardanalyst, Forrester Research

The case has big implications for not only IoT and mobile technologies but also cloud providers storing customer or business data, Pollard said.

There also will be challenges should Apple triumph, said Forrester analyst Chris McClean.

"One of the biggest challenges if Apple prevails here will be the repercussions for technology managers who are trying to enforce policies for devices they provision," McClean told me in an email. "Companies often need to support investigations or conduct their own -- for fraud, corruption, harassment, et cetera -- but if that device happens to be an Apple product, they can't actually carry out that investigation without employee cooperation."

Privacy is every company's brand?

Whatever the aftermath of the Apple-FBI case, companies will be paying more attention to the issue of consumer privacy, believe McClean and Pollard.

"Companies must begin to understand, implement, and enable customer privacy. It is a fundamental consumer concern. Consumers are making decisions based on their trust in a brand, and that trust is heavily influenced by the companies' focus on privacy and security," Pollard said.

Apple's decision to enable privacy on the iPhone with software and hardware mechanisms solved a problem consumers faced as they conducted more of their business digitally: Could they trust their digital devices not to expose them?

"Privacy was hard for two reasons: First, the choice wasn't given in terms of the data collected, where it went, and how it was used," Pollard said. "It's also important to note that if a user did want privacy, by definition it was more complicated, requiring specific software or hardware that had to be purchased, downloaded, installed, configured, and used properly. By making this simple, it removes the technical barrier to entry for a consumer."

Once that barrier is removed, privacy becomes an expected feature factoring into customer choice, instead of something difficult, Pollard said.

The U.S. Department of Justice has labeled Apple's defiance as a "public brand marketing strategy," but if enough people choose Apple because of its security and privacy features, those features will necessarily become part of many brand strategies.

"[Companies] have to pay attention to it no matter what side of the argument they fall on," McClean said. "If they don't protect consumer privacy, they will see a lot of customers choosing to take their business elsewhere."

On the issue of whether national security takes precedence over personal privacy, 60% of CIOs think Apple should refuse to provide the FBI with software to unlock the phone, according to research by The Wall Street Journal. As for where customers stand on this front, that's not as clear-cut.

"Companies will have to look at how customers react to Apple's stance over the long term," McClean said. "So far, there are mixed reactions about whether national security takes precedence over privacy."

CIO news roundup for week of Feb. 22

The Apple-FBI case dominated, but other news grabbed headlines this week:

  • Current population maps aren't good enough for Facebook, so it's making its own. In an effort to connect every person on the planet, Facebook is using AI technology to build the world's most detailed population map ever. The company is taking high-resolution satellite photos and using machine learning techniques to map every instance of human settlement. There's a lot to "like" about that. Speaking of, Facebook made news again this week when it launched its new emoji "reactions." Now, instead of just "liking" a post, users can react with anger, sadness, and shock, among others.
  • After showing unparalleled transparency in its annual diversity report, Intel is further proving its commitment to increasing diversity by announcing a new partnership and $1.3 million investment in CODE2040, a non-profit organization that helps get black and Latino/a students interested and involved in tech. The money will go towards CODE2040's Fellows program that places students in career-building workshops and internships at top tech companies and prep programs. Intel will host 60 student interns from the program this year and next year.
  • We may soon be seeing a lot more drones overhead. This week the Federal Aviation Administration announced that it would develop regulations that would allow unmanned aerial vehicles to fly over people, much to the delight of the tech, agriculture and real estate industries. A task force of private and public stakeholders has been assembled and it will produce a full report by April 1st. This authorization to fly over people would permit the drone delivery services that Amazon and Alphabet are planning.
  • The Dell-EMC deal is still alive, for now. This week, U.S. regulators approved Dell's $67 million purchase of EMC, with Europe and EMC shareholders set to make their decision soon. For now, though, everything appears to be on track, despite there still being a lot of stock turbulence and unanswered questions. Should the deal close, it will be the largest tech merger in history.

Check out our previous Searchlight roundups on the encryption implications of the Apple-FBI case and Intel's efforts on President Barack Obama's national cybersecurity plan.

Next Steps

More on the privacy and security implications of Apple's fight

No U.S. encryption laws or precedents in Apple-FBI case

What life would be like under a new encryption law

Dig Deeper on Enterprise data privacy management