I agree with your concerns. I also agree that there should be another, better way. And there is — the private company retains the information and the private keys.

Only upon being served with a valid warrant does the private company itself, not the government, use the private key to decrypt the information and then only the decrypted information, not the private key, is delivered by the private company in response to that specific warrant.

The mechanism is explained in more detail in my article: Here’s How Apple CAN Make iPhones That Are BOTH Secure And Accessible By Search Warrant, And Why It Should Do That

Graduate of Stanford University & U.C. Berkeley Law School. Author of 17 novels and over 200 Medium columns on Economics, Politics, Law, Humor & Satire.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store