Did the FBI engineer its iPhone encryption court showdown with Apple to force a precedent? Yes and no, say DoJ auditors

Official report blows lid on behind-the-scenes

46 Reg comments Got Tips?

The 'poster child' case for going dark

The ROU finally got onboard with cracking Farook's iPhone, its officials say, when they saw FBI director James Comey testifying in Congress about how the FBI could not access the phone and was doing everything in its power to do so.

ROU approached Cellebrite (the company is not named in the report) and asked it to focus on the iOS 8 crack – which it subsequently did. According to the report, Cellebrite told the FBI it had a solution on March 16, 2016.

It then demonstrated the crack to FBI leadership four days later, on March 20, and the FBI notified the court the very next day. One week later – March 28 - it formally filed in court to drop the case against Apple. We later learned that the FBI had paid approximately $1m for the crack – and found nothing of interest.

So that's the explanation: poor communication between departments, followed by a scramble, followed by the FBI doing the right thing.


Except this part of the report: "After the outside vendor successfully demonstrated its technique to the FBI in late March, EAD Hess learned of an alleged disagreement between the CEAU and ROU Chiefs over the use of this technique to exploit the Farook iPhone."

What was the disagreement? "The ROU Chief wanted to use capabilities available to national security programs, and the CEAU Chief did not. She became concerned that the CEAU Chief did not seem to want to find a technical solution, and that perhaps he knew of a solution but remained silent in order to pursue his own agenda of obtaining a favorable court ruling against Apple."

In an interview that Hess gave with the DoJ investigators she told them that the Farook phone had become "the 'poster child' case for the Going Dark challenge."


The investigators dug into that concern and found that "CEAU did not pursue all possible avenues in the search for a solution." What's more, the person in question, the CEAU Chief – who is not named in the report – told investigators that he was "frustrated that the case against Apple could no longer go forward, and he vented his frustration to the ROU Chief."

Presumably because he knew the ROU Chief would relay his version of the conversation, the CEAU Chief also "acknowledged that during this conversation between the two, he expressed disappointment that the ROU Chief had engaged an outside vendor to assist with the Farook iPhone, asking the ROU Chief, 'Why did you do that for?'"

Further: "According to the CEAU Chief, his unit did not ask CEAU's partners to check with their outside vendors. CEAU was only interested in knowing what their partners had in hand – indicating that checking with 'everybody' did not include OTD's trusted vendors, at least in the CEAU Chief's mind."

It is here that the DoJ report inserts a rare piece of opinion – the rest of the report is largely an objective report of what people said – when it says: "We believe CEAU should have checked with OTD's trusted vendors for possible solutions before advising OTD management, FBI leadership, or the USAO that there was no other technical alternative and that compelling Apple's assistance was necessary to search the Farook iPhone."

And in an unusual addition, given the fact that the rest of the report directly quotes and sources all its information, the DoJ report then quotes anonymous "other information" that points to the CEAU going out of its way not to find a crack.

"We obtained other information suggesting that not everyone within OTD was on the same page in the search for a technical solution to the Farook iPhone problem, including varying testimony from OTD managers on whether there was a dividing line discouraging collaboration between the units that predominately do criminal and national security work in OTD," the report notes.


In summary: did the FBI lie about its capabilities in an effort to try to force Apple into an impossible situation so it could gain a legal precedent for accessing all digital devices? No, it did not.

But did some elements within the FBI try to make the most of a bad situation, including not looking hard enough for a possible solution, in order to push the issue in the courts? Yes, they did.

Let's be honest, we all knew that's what was happening. But it is gratifying to read it in an official report, and it is good to see that FBI leadership was sufficiently concerned about having potentially lied to Congress that it subjected itself to an investigation to clear things up. That level of integrity appears to be in dangerously short supply in Washington right now.

It should be noted, however, that the FBI has not given up its efforts to be granted access to every phone. It appears to be simply biding its time until the next San Bernardino tragedy. ®


Biting the hand that feeds IT © 1998–2020