On Thursday, Apple filed a legal brief against a court order requiring it to develop a custom version of its iOS operating system so the FBI can hack into an iPhone that belonged to one of the San Bernardino terrorists. Apple makes some good arguments based on the federal statute that authorizes courts to issue orders of this type. But unfortunately, in a case with important privacy implications, Apple also makes a very dangerous legal argument that could lead to less privacy.
Apple claims that the Constitution’s First Amendment, which protects freedom of speech, prevents the government from requiring the corporation to write software code. But this twists the First Amendment. The First Amendment evokes the image of a controversial speaker, whose right to express herself is protected no matter how unpopular her views. It wasn’t designed to shield corporations from following the law just because that might require writing code.
Consider the Clean Water Act. Polluters can be required to “install, use, and maintain … monitoring equipment or methods” to measure their water pollution, and then “make reports” available to the EPA and the public. (The Clean Air Act says the same for air pollution.) Now imagine that a company objects because, in order to comply with the law, it would have to write some computer code to integrate the monitoring equipment with its production equipment. And — perish the thought — the “reports” might require making an Excel spreadsheet, which is, in fact, a form of computer code. Surely the First Amendment can’t give corporations a “no writing code” exception to environmental laws.
But even worse, this type of corporate First Amendment claim can harm the very value that Apple claims to protect: individual privacy. In recent years, “Big Data” corporations have begun using novel First Amendment theories to fight privacy-protection laws. And they’ve been winning.
For example, several states passed “prescription confidentiality” laws to stop pharmacies from selling doctors’ prescription records to pharmaceutical corporations and sales middlemen. But in the 2011 Sorrell v. IMS Health Inc. decision, the Supreme Court struck down Vermont’s prescription confidentiality law, holding that restrictions on sale and use of private prescription records violated Big Pharma’s “freedom of speech.”
Surveillance corporations are already using the Sorrell decision to bolster even more aggressive corporate anti-privacy claims. Consider digital license plate readers. These are small, high-quality cameras which, when mounted on top of trucks, can photograph every passing car, scan their license plates (at a rate of up to 60 plates per second), and record each vehicle’s exact GPS location at a given date and time. The companies that run these networks mine and sell the data to banks, insurance companies, credit agencies, and “repo” agencies.
Take Utah, where the legislature passed a law to limit collection, use, and dissemination of captured license plate data. The American Civil Liberties Union praised the law as protecting privacy.
But then the corporate First Amendment came to town. License plate reader companies filed a First Amendment lawsuit, citing the Sorrell decision treating the collection and sale of doctors’ prescription data as “free speech.” Unfortunately, this question never even reached the courts; facing massively expensive federal litigation, lawmakers backed down and repealed most of the law. The corporate First Amendment won, and privacy lost.
The prescription and license plate reader stories should give pause to privacy advocates who are cheering for Apple. Apple’s fight against the FBI might put it on the side of privacy, for now. But in the long run, its dangerous corporate “free speech” theory threatens privacy for everyone, not just iPhone customers.