Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple privacy exec lauds company initiatives, defends stance on encryption

Jane Horvath participates in privacy roundtable at CES 2020. | Source: Parker Ortolani via Twitter

Last updated

Jane Horvath, Apple's senior director of global privacy, took part in a privacy-centric panel at CES in Las Vegas on Tuesday, where she lauded the company's initiatives to protect customer data and defended its stance on hardware encryption.

Apple's staunch belief that customer data should remain obfuscated — even from Apple itself — was questioned during the roundtable, as Horvath was asked about recent revelations regarding a Federal Bureau of Investigation request for assistance in an ongoing investigation.

On Monday, the FBI sent a letter to Apple asking for help in the extraction of data from two iPhones believed to have been used by Mohammed Saeed Alshamrani. Alshamrani is suspected of killing three people in a shooting at the Naval Air Station in Pensacola, Fla, in December.

Horvath toed the company line, defending Apple's implementation of strong hardware encryption, reports CNBC.

As she explained, iPhone's encryption mechanism is designed to keep personal information safe from prying eyes.

Once a device is locked, data stored within cannot be accessed without successful entry of a predetermined passcode or password. While Apple can with a proper warrant delve into data stored offsite, such as its iCloud cloud storage service, the company is unable to break into an iPhone without writing custom software, also known as a backdoor.

Apple vehemently argued against the creation of backdoors when the FBI requested assistance in accessing an iPhone tied to the San Bernardino terror attack in 2016. Horvath repeated those vows on Tuesday, saying strong encryption is an effective method of ensuring sensitive information stays private.

"Our phones are relatively small and they get lost and stolen," Horvath said. "If we're going to be able to rely on our health data and finance data on our devices, we need to make sure that if you misplace that device, you're not losing your sensitive data."

While Apple offers assistance to law enforcement agencies, and fields a team to specifically handle such requests, Horvath does not support the creation of backdoors.

"Building back doors into encryption is not the way we are going to solve those issues," she said.

Horvath went on to tout Apple technologies like differential privacy, user randomization for first-party services like Maps, and minimal data retrieval for Siri.

Facebook VP of Public Policy and Chief Privacy Offer for Policy Erin Egan, Procter & Gamble Company Global Privacy Officer Susan Shook and Federal Trade Commission Commissioner Rebecca Slaughter were also on stage during the discussion moderated by Rajeev Chand, Partner and Head of Research at Wing Venture Capital.

Horvath began work as Apple's privacy czar in September 2011 and entered the public eye when she attended a so-called "spy summit" to discuss data privacy and mass surveillance issues in 2015. It was around that time that Apple began to ratchet up its rhetoric on privacy in consumer tech. Prior to Apple, Horvath acted as Google's Global Privacy Counsel.



3 Comments

fred stein 11 Years · 78 comments

Just a reminder: When the FBI asked Apple to crack the iPhone used by the terrorist in the San Bernardino massacre, the FBI said, "just this one iPhone". In fact the FBI had a couple dozen cases at that time using the same legal precedent to open SmartPhones.

The bigger point is "Pandora's Box'. Once opened there are no limits. While some may trust our FBI (I don't), how does one say, "FBI yes, everyone else no."? How do we tell foreign governments that they cannot do what we allow our government to do? Same for state and local law enforcement, especially those who could not possibly afford world class security.

Finally, in the San Bernardino case, the FBI paid a $!M to crack the phone and found nothing. Of course, the perps were careful planners. Anyone who wants to use a SmartPhone for illegal purposes will get a burner which can be easily jail-broken to access the dark web and use cryptocurrencies for evil purpose. Then literally burn the phone.

This is a rookie debate at best. At worst a malicious baiting scheme.

seanismorris 8 Years · 1624 comments

Who else was there presenting...Facebook VP of Public Policy and Chief Privacy Officer

Erin Egan

The fact one person holds both roles, and the fact they’re paired together tells you everything you need to know about Facebooks stance on privacy.


Would it shock you that Erin Egan is a lawyer?  So, is Jane Horvath.  But, Jane has some more meat on her resume...

Jane is the Senior Director of Global Privacy at Apple. She has been with the company since September of 2011, and brings more than a decade of information privacy and legal experience to the role.  She is responsible for overseeing Apple's compliance with global privacy laws as well as working internally and externally on developing issues related to privacy. Prior to Apple, Jane was Global Privacy Counsel at Google.   Before that, Ms. Horvath served as the DOJ’s first Chief Privacy Counsel and Civil Liberties Officer. At the DOJ, she was a member of the High Level Contact Group and leader of the U.S. delegation of experts tasked with exploring common ground between the European Union’s Third Pillar data protection principles and U.S. federal privacy laws. Prior to the DOJ, she also was the General Counsel of Digital City Inc., an America Online, Inc. (AOL) subsidiary, and Assistant General Counsel at AOL, where she helped draft the company’s first privacy policies.  Jane holds a Bachelor of Science from the College of William and Mary and a Juris Doctorate from the University of Virginia.

......
 Erin Egan was a partner and co-chair of Covington & Burling's Global Privacy and Data Security practice group, and has been recognized by both Chambers USA and Legal 500 US as a leading Privacy and Data Security lawyer. Legal 500 US writes that Ms. Egan, "'stands out for combining deep substantive knowledge, a practical understanding of clients’ real world needs, and wise and mature judgment’. ‘One of the most able lawyers in the market.’" Ms. Egan was named as one of The American Lawyer's "45 Under 45." She was also honored by The National Law Journal's "40 under 40" and recognized for "laying the groundwork for a cutting-edge practice."

netrox 12 Years · 1510 comments

Just a reminder: When the FBI asked Apple to crack the iPhone used by the terrorist in the San Bernardino massacre, the FBI said, "just this one iPhone". In fact the FBI had a couple dozen cases at that time using the same legal precedent to open SmartPhones.

The bigger point is "Pandora's Box'. Once opened there are no limits. While some may trust our FBI (I don't), how does one say, "FBI yes, everyone else no."? How do we tell foreign governments that they cannot do what we allow our government to do? Same for state and local law enforcement, especially those who could not possibly afford world class security.

Finally, in the San Bernardino case, the FBI paid a $!M to crack the phone and found nothing. Of course, the perps were careful planners. Anyone who wants to use a SmartPhone for illegal purposes will get a burner which can be easily jail-broken to access the dark web and use cryptocurrencies for evil purpose. Then literally burn the phone.

This is a rookie debate at best. At worst a malicious baiting scheme.

No person, including a corporation as a person, shall be compelled to create or engineer to do something for government if they don't want to do it especially when they have no role in illegal activity. iPhone is designed to be secure for all of us and that comes with a fact that even criminals can get their content encrypted and there's nothing they can do short of brute force but it will self destruct anyway. 

You CANNOT expect Apple to magically "unlock" a single iPhone. It does not work that way. If iPhone is to be resold, it has to be "reset" and that means all sensitive data is gone as well.