In February 2016, the FBI obtained a court order requiring Apple to help unlock an iPhone that had been used by one of the attackers in the December 2015 San Bernardino shooting. The order asked Apple to develop a custom version of iOS that would disable the security features preventing brute-force password attempts on the phone. Apple refused publicly and committed to fighting the order in court.
The case crystallised a debate that had been theoretical for years. Strong encryption had become a default feature of consumer devices over the previous several years. Apple had moved iPhone storage encryption to a model where even Apple itself could not decrypt user data without the user’s passcode. Privacy advocates had supported this trajectory. Law enforcement agencies had been raising concerns about going dark, the situation where evidence in criminal investigations became inaccessible because of strong encryption.
The San Bernardino case forced the debate to become specific. The phone in question had been used by an attacker in a serious terrorism case. The FBI argued that helping unlock this specific phone was a narrow, exceptional request. Apple argued that creating a tool that could weaken iPhone security in this case would create a precedent that would be used in many subsequent cases, and that the existence of such a tool would itself be a security risk regardless of how carefully it was held.
The legal argument moved through filings and counter-filings that were widely reported. The FBI eventually announced that a third-party tool had been used to access the phone, which made the immediate legal case moot. The underlying policy question was not resolved.
What the episode demonstrated was that the encryption debate was not going to be settled through one court case. The fundamental tension between strong consumer encryption and law enforcement access to specific devices in specific cases had no clean technical solution. Any backdoor that could be used legitimately could also be misused or stolen. Any encryption strong enough to be effective would also block legitimate investigations.
The conversation continued in different forms in the years that followed. The technical positions on both sides remained largely stable. The political positions shifted with administrations and specific incidents. The consumer expectation that personal devices would be encrypted by default became established in a way that would be politically difficult to reverse, even when specific cases produced public sympathy for the law enforcement position.