Trust and confidence form the foundation of any market. They are, to put it grandly, the vault upon which the cathedral of capitalism rests. In some markets, the value of the asset being
exchanged is virtually inseparable from the confidence of the actors in that market.
Currency is one example. You and I can both be confident that 20 U.S. dollars will buy in a week what
it can buy today; people holding Argentine pesos, Russian rubles, or even Chinese yuan do not feel the same.
Digital advertising offers
another example. In this market, the asset being purchased by advertisers is user attention -- an asset which, under the right conditions, can be transformed into brand revenue and (hopefully,
one day) enduring brand love. This, in a nutshell, is the logic fueling much of the $570
billion in global advertising spend. Over time, as the delivery of such media has shifted from atoms (print) to wavelengths (TV, radio) to bits (digital), the delivery platform itself has
become both highly technical and an intrinsic part of the end user experience.
Today, frictionless interactivity has become an assumed part of the consumer media experience. The foundation of
that experience, now and for the foreseeable future, is the smartphone, and all that we implicitly or explicitly trust it with.
The dispute between Apple and the FBI / Department of
Justice is not about unlocking the iPhone of one dead terrorist. It is, as many have reported,
about setting precedents. For Apple, precedent in this case is a Gordian knot of legal questions (how many similar requests will follow this one?), economic issues (how will this impact sales in
China?), and technical concerns.
Ostensibly, government officials have asked Apple to build new firmware giving them exceptional access to a specific iPhone, not all
iPhones, thus qualifying this request as a firmware change, not an open backdoor.
This nuance will be lost on the broader public. Even it were possible to guarantee that one firmware change
will not end up undermining the overall security of iOS devices in general (as many think it
will), it doesn’t really matter.
That’s because the fundamental issue here is trust. The value of advertising is based partly on its ability to capture and engage user
attention. Insecurity at the platform level means that consumers will take that attention to trusted, scaled environments beyond the reach of advertising -- for example, Telegram a secure
messaging app, that, according to the company’s FAQ page, “is free and will stay free — no ads, no subscription fees, forever.” Mobile is not a neutral platform, and
advertising is not guaranteed.
Companies that really care about trust take pains to protect their customers’ private data. In the smartphone space, no one does this better than Apple. As
a cybersecurity friend recently shared with me, there is a reason no one asks Google for permission to hack into an Android device -- Android devices are already quite hackable.
Remember ad fraud? It’s still with us. According to a detailed study by the ANA and cybersecurity firm White Ops,
advertisers lost $6.3 billion to global ad fraud in 2015. In 2016, that number is expected to be around $7.2 billion.
To date, the vast majority of that fraud has occurred on desktops and
laptops, but in 2016 we can look forward to much more fraud originating on mobile devices. This is partly due to the increased power and connectivity intrinsic to the smartphone development cycle
(making smartphones more attractive to fraudsters), but also due to extrinsic factors like weaker encryption and increased OS vulnerability. The FBiOS affair does not help us here.
But it does
help us in one way: it drags the debate around end-to-end cryptography out of the crypto alleyways and into the public forum, where it belongs.For further evidence that the topic deserves wide
and robust debate, consider this: We are staring down the road at a near future in which billions of potentially hackable IoT devices -- our cars, homes, TVs, baby monitors -- will connect to
the Internet. Insert scary Skynet joke here.
The words “confidence” and “confidential” are both derived from the same single Latin root, confidere, meaning
“to have full trust.”
There is a reason for that.