If you’ve watched the news in recent days you’ve probably heard something about the FBI’s attempts to access the iPhone of a suspect in the San Bernardino shootings and Tim Cook’s response on behalf of Apple.
There are a lot of different angles to this story. At least some bear some theological reflection and could impact the Church around the world.
What’s the story?
For those unfamiliar with the situation, here’s what's happening. The FBI is in possession of an iPhone belonging to one of the suspects in the San Bernardino shootings. Because of security features on the phone, they have been unable to access the data on it to see if it could help them apprehend the suspects or learn details about any future acts of violence the suspects might plan to commit.
All iPhones have software that digitally encrypts the data they contain. Think of it as a sort of lock protecting your contacts, email, text messages, and photos from prying eyes.
When an authorized person wants to use the phone or access the information, they input a passcode (the “key” in our metaphor) to decrypt the data. If an unauthorized passcode is entered, the device will eventually lock itself down for a time before allowing further attempts. If the wrong code is entered too many times, the phone will erase all of its data, destroying that data forever.
Because the phone in this case belongs to someone with potential connections to others who would seek to do great harm, the FBI has a compelling interest in looking at his contacts, email, texts, and other information. Without his passcode, however, they’re out of luck.
Apple uses the encryption standard AES-256. Further complicated by hardware-specific identification code, this encryption makes it next to impossible to decode the data without accessing the phone itself. It’s a strong setup, and deliberately so. Apple themselves cannot decrypt the data without using the information built into the device itself.
In order to access the information without the passcode, the FBI has requested (and been given) an order from a federal magistrate for Apple to create a version of the iPhone (iOS) software that doesn’t require a passcode before decrypting the data. Tim Cook (CEO of Apple) has issued a public letter refusing to comply.
He writes, “The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks—from restaurants and banks to stores and homes.”
And, at least as of this writing, we’re at a stalemate.
So, what’s this got to do with faith and ministry?
The Importance of Information Security
First, churches need to be aware of the importance of information security. Many congregations I’ve worked with have databases of member information (and these usually include children’s information, too), and security standards vary widely from church to church.
We need to educate ourselves on the potentials for abuse of the systems we rely on and some of the ways we can protect the private information entrusted to us. Encryption is one piece of that solution. As Mr. Cook notes, a system as described, once created, could be used by anyone to decrypt the contents of any iOS device (iPhone, iPad, etc).
Because vulnerabilities exist (and new ones are created every day) we need a multi-layered approach to security, one that safeguards the privacy of our members and their families. Elsewhere in the world this is even more critical. The existence of a tool such as the FBI is seeking could be used by governments who oppose the spread of the Christian faith to persecute or even execute our brothers and sisters around the world.
A Moral Imperative
On the other side of the coin, though, it’s possible the information contained in this particular iPhone could reference plans to commit further acts of violence. As those who bear the name of Christ, we have a moral imperative to always seek to lift up the cause of the downtrodden and vulnerable. Whenever we are able, we work to prevent great evil and injustice in our world. Whether that evil is perpetrated by a government, an organization, or an individual, we should seek to see it prevented, hopefully creating a safe and secure world for the spread of the Gospel.
Which is why we have governments. Take a moment and read up on Romans 13:1–7.
Conscience vs. Law
Governments are appointed by God to create a safe and secure world. They are appointed to ensure that wrongdoing is punished. Sometimes they’re more successful than others. In some cases, the legitimate government can go so far afield that a Christian is compelled by conscience and God’s word to disobey the law. As Martin Luther himself wrote, “The law exists for the sake of the conscience, not the conscience for the sake of the law. If one cannot help both at the same time, then help the conscience and oppose the law.” (Vol 46, p 318)
Because the order in this case comes from the legitimate authorities of the United States via a federal magistrate, we are compelled to obey unless a case can be made that doing so would violate our conscience or God’s Word in some substantial way.
So what’s a faithful Christian to do?
It’s easy to see how a Christian might feel conflicted about this particular situation. We don’t, after all, have a commandment that directly guides us here. The Scripture never says, “Thou shalt not design decryption tools.” It doesn’t even say “You shall protect the privacy of others.” Without direct commands from God, though, we’re left to consider what clear commands we have that might have bearing.
We are our brothers’ keepers. We owe it to ourselves and our brothers and sisters around the world to see to it that every effort is made to prevent further death and violence in the least invasive ways possible. There is a balance to be struck in caring for our brother’s privacy and protecting him from harm.
My Take on the Matter
While I recognize there will be a lot of different opinions about this situation, I’d like to offer mine for your consideration.
In the San Bernardino case, the potential for harm is great and possibly urgent. Decrypting the phone is the only method of determining whether its contents can help prevent further violence. It’s not an ideal answer, and I still have serious misgivings about the creation of a tool that has such obvious potential for abuse, but we cannot judge the moral value of a technology based solely on how it might be abused by a sinful world. We can, however, seek to minimize that abuse.
Apple must and should decrypt the data as ordered. After having done so and providing the decrypted data to the FBI for analysis, the decryption software should be destroyed in all forms, including source code. That’s not foolproof, of course. Half of programming is figuring out how to do something. The programmers at Apple will still know how they accomplished it, but by not releasing a functioning copy to the government (or into the wild), the potential for misuse will be minimized.
I’m definitely open to better solutions that are faithful to obeying the government God has placed over us, caring for our neighbor’s safety, and, at the same time, working to ensure the safety and privacy of our brothers and sisters around the world.
Subscribe to this blog, Technology & Your Ministry, to receive notifications about future content like this!
{{cta('35e945a3-57b9-4426-b284-53c61bf91951')}}
