We’re not criminal experts, but after binge-watching enough crime dramas it’s clear why people committing illegal acts often use cheap, pay-as-you-go phones: they can be discarded quickly to prevent investigators from extracting data that could incriminate them or their associates.
That said, not every suspect is so careful. Many offenders have been caught because incriminating evidence remained on their high-end smartphones they were unwilling to part with. While some major operating system providers can assist law enforcement in extracting device data when presented with a valid warrant, Apple took a different approach with iOS 8.
Released to widespread attention, iOS 8 introduced numerous features—alongside a stronger focus on user privacy. Apple implemented device-level encryption tied to the user’s passcode, meaning that when a passcode is set, data on the device cannot be decrypted by Apple even if authorities present a search warrant. The only notable exception is data stored in iCloud, where content remains accessible to the company and can be obtained through legal requests—an issue that has led to high-profile breaches of private cloud data.
In a statement about government information requests, Apple explained that on devices running iOS 8, personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes, and reminders are protected by the user’s passcode. The company added that, unlike some competitors, it cannot bypass a user’s passcode and therefore cannot access this locally stored data. As a result, Apple said it is not technically capable of complying with government warrants seeking extraction of such data from devices running iOS 8.
Apple framed the change as a response to public demand for stronger privacy protections. Security advocates applauded the move: for example, Chris Soghoian, principal technologist at the American Civil Liberties Union (ACLU), praised Apple for prioritizing user privacy and urged other companies to follow suit. Soghoian suggested that Google—home to a large security team and deep technical expertise—could adopt similar measures to build more surveillance-resistant products.
The legal and policy implications remain unsettled. By designing systems that technically prevent the company from accessing encrypted device data, Apple has removed its ability to comply with certain types of law enforcement requests. That raises questions about how courts and legislators will respond, whether through new legal standards, demands for alternative investigative tools, or other measures.
Observers have also speculated that Apple’s stronger encryption may have affected regulatory negotiations in some markets. For example, delays in approving certain iPhone models for sale in specific countries have led to discussion about whether the company’s inability to provide access to encrypted devices played a role, particularly in jurisdictions that require local data storage or easier government access to information.
The debate about device encryption pits two important public interests against each other: the privacy and security of everyday users, and law enforcement’s need to access evidence in criminal investigations. Apple’s decision to make device encryption inaccessible to the company itself shifts this balance in favor of user privacy and forces a broader conversation about how society wants to handle encrypted data.
Do you think companies should be able to bypass their devices when presented with a valid warrant? Share your thoughts in the comments.