×

Can Apple really beat the Feds on privacy?

Whether Apple trusts the government or not, it may have no choice but to give access to iPhones, an expert told CNBC on Wednesday.

"I don't know that there's really any middle ground here," Chris Swecker, former assistant director of the FBI, told CNBC's "Squawk Alley." "There should be no safe havens for bad guys — for terrorists, for kidnappers, for organized crime."

In an FBI investigation into the terrorist attack in San Bernardino, California, the government has made attempts to break into shooter Syed Rizwan Farook's iPhone but was thwarted by the security settings. In a letter to customers, Apple CEO Tim Cook pledged to fight a federal order to unlock the phone, arguing the court ruling would force a loophole into the encryption of iPhones that could breach Apple users' privacy around the world.

It is a "significant risk" to deliberately introduce vulnerabilities into computer codes that secure communications, banking health records and even school security, said Aaron Brantly, a Cyber Policy Fellow at the Army Cyber Institute and Cyber Fellow at the Combating Terrorism Center at West Point.

"In this particular instance, modifying the firmware that underpins the iOS software would then become a universal potential exploit, should it leak, should it become publicly available," Brantly told CNBC's "Power Lunch."

But Swecker said there isn't sufficient legal justification for Cook to maintain his stance.

"If the court says you have to do it, you have to do it," Swecker said.

Though Cook's slippery slope argument may have far-reaching implications in the world of encryption, the court will focus on the passwords demanded in the case at hand: When a phone was used by a known terrorist and people were killed, a law expert told CNBC.

The law provides courts plenty of room to force companies like Apple to comply with investigations, as long as they are not unreasonably burdensome or don't cost too much, said Jamil Jaffer, director of the Homeland and National Security Law Program at the George Mason University School of Law.

Right now, both sides — industry and government— are locked in unsustainable positions rather than working together. But what the court ultimately decides depends on how they weigh a range of conflicting interests, Jaffer told "Squawk Alley" Wednesday.

"You've got to balance the questions of privacy and security on both hands, and you've got to also juxtapose the issue of whether these companies are able to protect the privacy of their own customers," Jaffer said. "Apple is right to say that encryption is at the core of how we protect our economy and banking transactions. At the same time, we've got to have a way for law enforcement to have access to this critical data."

What Apple can do is appeal the order through district judges all the way to the Supreme Court, Jaffer said. There may also be an opportunity for Congress to step in and make laws that strike a more precise balance between privacy and national security, he said.

"At the end of the day, you don't want to have to legislate in a crisis," Jaffer said. "The worst case scenario is an attack happens and Congress is called upon to resolve this issue. You want people to figure this out now, when things are calm and it's still relatively quiet."

If Congress intervenes, it might be a "little more blunt" in its approach and weaken all encryption across the board, James Dempsey, executive director of the Berkeley Center for Law & Technology, told "Power Lunch."

And even if security agencies have access to mobile phone data, it's far from a silver bullet in the complex process of preventing crime — especially with many other private companies devising their own encryption on top of those available by phone makers.

"It should not be legislated lightly," Brantly said.