Crime & Justice

What the FBI might be looking for on San Bernardino shooter's iPhone

Robyn Beck/AFP/Getty Images

Listen to story

00:48
Download this story 1.0MB

As the FBI and Apple continue to wage a public battle over unlocking the iPhone of San Bernardino shooter Syed Rizwan Farook, some cybersecurity experts are questioning whether such moves are necessary. 

Kate Westmoreland, an attorney and fellow at Stanford University's Center for Internet and Society, said there's a "whole tool kit" of digital information investigators can frequently obtain in crime investigations.

Smart phone activity is captured in a number of places: cell phone towers intercept people’s locations, emails are stockpiled on servers and contacts, call and text histories often live in archives held by wireless companies, pictures and recordings are often uploaded to the cloud.

The specifics of what the FBI has been able to obtain so far are unclear, but, Westmoreland said, generally law enforcement has a lot of options at their disposal.

"It's not like there is only one way to go about it," Westmoreland said. "You can find some of those same pieces in a couple of different locations. So whether some information you found particularly by unlocking the phone was the key to [the investigation] that's difficult to say." 

The FBI said Farook's phone, which was owned by his employer, San Bernardino County, backed up to Apple's iCloud in October 19, leaving a six-week window before the December 2 attack where some of the phone's contents are unknown.  

Last week, a judge ordered Apple to help the FBI open the phone by making a new version of the device's operating system. The tech giant refused citing concerns about compromising the security of all its phones. The feud has become a flashpoint in a national dialog weighing privacy concerns with that of security. 

The FBI says it's focused on finding and following any leads it can.

"Maybe the phone holds the clue to finding more terrorists. Maybe it doesn’t," FBI Director James Comey said in a statement released Sunday night.

While much of the phone's data likely exists in the ether, there are some things that may just live on a phone, said Rick Forno, a cyber security expert with the University of Maryland, Baltimore County. 

Investigators could be after browsing data and encrypted communications, he said. 

"Maybe any websites that [Farook] surfed on the phone that might point to a jihadi forum somewhere on the dark net or maybe some text files with names or information," he said.

But, Forno said, the FBI's request for the terrorist case should be closely examined for its ability to set a precedent for future breaches of privacy, as executives at Apple fear.

"A phone is a almost a digital archive of our entire lives,"Forno said.