Over at Macworld, Jeffery Battersby asks something I’d been wondering: how come the iPhone at the center of this ordeal—which was owned by the San Bernardino county government—wasn’t managed by the department? Had that been the case, the IT department could have just changed the passcode, which would have forestalled this entire debacle:
The simple act of enrolling devices adds the legal backdoor to those devices and allows an administrative user to temporarily wipe a device’s passcode, if necessary.
No legal intervention required.
Once enrolled, you can wrangle over the who, what, how, and why of security policies. You can even let departments make their own decisions! But while the wrangling or lack thereof takes place, you will have control of all your devices.
It is in some ways astounding that an entity like the government wouldn’t have proper device management set up for the phones issued to its employees.
This should have been a lucky break, that the phone in question was owned by a municipal government. In fact, part of the problem seems to have been caused by the FBI/county having access to a connected—presumably government-provided email account—which is what seems to have been used to change the password on the associated iCloud account. Which, in turn, potentially prevented them from retrieving more recent iCloud backups.
Really, this should have been a gimme, technology-wise. Every other scenario after this where the FBI wants to get into a device is going to be a lot harder.