The Chinese government asked Apple for its source code within the past two years, and the company turned them away, the tech giant’s general counsel Bruce Sewell told a congressional hearing on Tuesday.
“We have been asked by the Chinese government. We refused,” Sewell said.
That rebuffed request came “within the past two years,” Sewell said.
This isn’t the first time Apple has pushed back against the idea that it has given other countries special access to its software, as it and other tech companies clash with governments around the world for control over information.
“Apple has never made user data, whether stored on the iPhone or in iCloud, more technologically accessible to any country's government," Apple software chief Craig Federighi said in a March declaration filed in the case over the iPhone used by San Bernardino terrorist Syed Farook. "Apple has also not provided any government with its proprietary iOS source code."
U.S. law enforcement officials at Tuesday's hearing said they need help from the technology industry to combat what they describe as a growing number of criminals who are hiding under the cover of encryption built into common devices and applications.
“Evidence that once would have been stored in a file cabinet or a notebook is now archived in an email or a text message,” said Thomas Galati, chief of intelligence for the New York City Police Department, at the hearing's first panel.
“The same exact information that would solve a murder, catch a rapist, or prevent a mass shooting is now stored in that device.”
Galati said that the NYPD seized 67 Apple devices between last October and March in 44 criminal investigations, including 10 homicides, two rapes and the shooting of two police officers.
“In every case, we have the ‘file cabinet,’ as it were, and the legal authority to open it, but we lack the technical ability to do so because encryption protects the contents of those 67 Apple devices,” Galati said.
For years, even as computer technology took off, encryption remained difficult to use, and mostly remained in the hands of cryptographers and government agencies. Relaxed export controls in the early 2000s and advances in technology have made encryption a protection that is increasingly taken for granted, as people buy updated iPhones and use messaging services like WhatsApp that have built-in encryption to manage who can access data.
The debate gained new life after the FBI sought a court order in February to compel Apple to bypass security features on an iPhone 5C used by San Bernardino shooter Farook, who along with his wife killed 14 people in December. Apple resisted the order, and the government ultimately dropped the case, saying that it had bought a product from a third party that helped it get data off the device.
Amy Hess, executive assistant director for the FBI’s science and technology branch, and other law enforcement witnesses said they need assistance from the technology companies to figure out a way around the challenges posed by encryption. But experts in security and cryptography have pushed back, saying the access that the FBI and police want would endanger the security of many other devices.
“The state of computer and network security today can really only be characterized as a national crisis,” said security research Matt Blaze, who testified on the hearing’s second panel. “We need all the help we can get to secure our national infrastructure across the board.”
Blaze, now a professor at the University of Pennsylvania, played a key role in the “crypto wars” of the late 1990s when he exposed a flaw in the NSA-designed “Clipper chip,” which the government had wanted to use to provide law enforcement access to encrypted communications.
Popular messaging service WhatsApp, which has over 1 billion users, and its parent company Facebook declined an invitation to testify at Tuesday’s hearing. WhatsApp uses encryption so that even the company cannot tell what’s being said in messages sent over the service.
“We respect the important role the committee plays in examining these issues and their impact on privacy and security,” a spokesperson for WhatsApp and Facebook said. “While we are unable to participate in this hearing, we will continue to be engaged on this important issue.”
Sen. Dianne Feinstein and Sen. Richard Burr last week released a draft version of legislation that would require technology companies to provide “technical assistance” to investigators who have a warrant to get data off a device.
The draft bill was widely condemned by privacy and security advocates who say the law’s demands are not technically workable. New York City Police Commissioner Bill Bratton and Manhattan District Attorney Cy Vance are among the officials who have come out in support of Feinstein and Burr’s proposal.
Apple released a transparency report on Monday showing that it still works with law enforcement agencies in thousands of cases, many of which involve requests around lost or stolen devices. The company helped investigators in 80 percent of the requests it received regarding devices between July and the end of December 2015.
“Not a day goes by when someone on my team is not working with law enforcement,” Apple general counsel Sewell said at Tuesday’s hearing.