click to enlarge
Lawrence Jackson/The New York Times
Christopher Wray, the FBI director, at an intelligence hearing on Capitol Hill in Washington, Feb. 13, 2018. The FBI is under fire from electronic privacy and security advocates after acknowledging that it had repeatedly exaggerated the number of locked smartphones and other mobile devices it has been unable to access because of encryption.
By CHARLIE SAVAGE
© 2018 New York Times News Service
WASHINGTON — The FBI came under fire from electronic privacy and security advocates Wednesday after acknowledging it has repeatedly exaggerated the number of locked smartphones and other mobile electronic devices it has been unable to access because of encryption, including in congressional testimony and public speeches.
The miscount, which the bureau said was because of a programming error in a system that gathered statistics from FBI databases, was a significant embarrassment at a time when the bureau has been pushing for a legal mandate that tech companies build unlocking tools into such devices for law-enforcement access to potential evidence.
Among those who seized on the disclosure to rain criticism down upon the bureau was Greg Nojeim, director of the Center for Democracy and Technology’s Freedom, Security and Technology Project.
“The factual basis of the FBI’s arguments to weaken encryption has been called into doubt,” Nojeim said, calling for an investigation by the Justice Department’s internal watchdog.
The FBI said it was conducting its own “in-depth review of how this overcounting previously occurred, and how the methodology can be corrected to capture future data accurately.”
Specifically, top law enforcement officials — including the FBI director, Christopher A. Wray, and the deputy attorney general, Rod Rosenstein — have touted a talking point that in the fiscal year that ended in September, encryption prevented the FBI from unlocking about 7,800 smartphones and other devices despite having legal authority to access them for evidence.
FBI officials refused to provide an estimate for the real number of such devices, saying it was still conducting a review to both figure that out and determine what methodology to use in the future. The Washington Post, which first disclosed the miscount, cited unnamed officials as saying said the real number was probably between 1,000 and 2,000.
The FBI has been pushing for legal changes that would require tech companies to help it gain access to secured data. That fight last peaked in 2016, when the Justice Department obtained a court order requiring Apple to design a specialized operating system that would help the FBI unlock an iPhone recovered after the mass shooting in San Bernardino, California.
Apple fought the order. The issue was eventually defused when prosecutors disclosed that the FBI had unlocked the phone using a method developed by another company. (No significant evidence was found on the phone.)