Sun Sentinel Palm Beach Edition
FBI overcounted encrypted phones
Bureau has claimed it couldn’t break into 7,800 devices
The FBI has repeatedly provided grossly inflated statistics to Congress and the public about the extent of problems posed by encrypted cellphones, claiming investigators were locked out of nearly 7,800 devices connected to crimes last year when the true number was much smaller, probably 1,000 to 2,000, The Washington Post has learned.
Over a period of seven months, FBI Director Christopher Wray cited the inflated figure as compelling evidence for the need to address what the FBI calls “Going Dark” — the spread of encrypted software that can block investigators’ access to digital data even with a court order.
The FBI first became aware of their phonecounting problem about a month ago, and still does not have an accurate count of how many encrypted phones they received as part of criminal investigations last year, officials said. Last week, one internal estimate put the correct number of locked phones at 1,200, though officials expect that number to change as they launch a new audit, which could take weeks to complete, according to people familiar with the work.
“The FBI’s initial assessment is that programming errors resulted in significant over-counting of mobile devices reported,” the FBI said Tuesday. The bureau said the problem stemmed from the use of three distinct databases that led to repeated counting of the same phones.
The acknowledgment comes at a perilous time for the FBI, whose credibility is being challenged by President Donald Trump and his supporters over the ongoing investigation into whether any Trump associates helped Russia interfere with the 2016 election. The bureau has also been under pressure for other mistakes, including its failure to act on a tip that a Florida teen was likely to carry out a school shooting which he did weeks later, killing 17.
The FBI said that despite the phone-counting errors, “Going Dark remains a serious problem for the FBI, as well as other federal, state, local and international law enforcement partners . ... . ”
Wray first referenced the inflated figure in an October speech, saying the bureau had found nearly 7,000 locked phones in just 11 months. In December, he told Congress that, in the 2017 budget year, his agency “was unable to access the content of approximately 7,800 mobile devices using appropriate and available technical tools.”
Wray has said the precise number of locked phones that year was 7,775, pairing that figure with forceful language to argue for changes, for technology company practices or with the law, that would make all phones accessible to investigators with a valid court order.
Since then, Wray has repeated the claim about 7,800 locked phones, including in a March speech. Those remarks were echoed earlier this month by Attorney General Jeff Sessions.
“Last year, the FBI was unable to access investigation-related content on more than 7,700 devices — even though they had the legal authority to do so. Each of those devices was tied to a threat to the American people,” Sessions said, adding that the “stakes are high.”
Officials now admit none of those statements are true.
The bureau has long argued that encrypting data in a way that makes it impossible for investigators to unlock a phone or computer, even with a signed order from a judge, leaves the country and its citizens less safe. Privacy groups such as the Electronic Frontier Foundation argue that encryption prevents crime by protecting people’s data from hackers.
The FBI fought a bruising court fight in 2016 seeking to force Apple to help agents access the iPhone that had belonged to a dead gunman in San Bernardino, Calif. At first, the FBI said it had no ability to access the phone, though the government later dropped its case when a contracting firm came forward with a solution.
The FBI’s conduct in the San Bernardino case also called into question the accuracy of officials’ statements on the encryption issue. Then-FBI Director James Comey overstated what the phone-hacking solution cost the bureau, according to people familiar with the matter, and a senior FBI official asked for an internal investigation to determine if her subordinates were lying about technical capabilities.
A Justice Department Inspector General report concluded in March that, while officials did not make false statements in connection with that case, there were “misunderstandings and incorrect assumptions” among key players in the FBI’s technology wing.
The FBI’s assertion that 7,775 phones could not be opened by investigators last year has always struck a discordant note with critics and privacy advocates, who noted that just a year earlier, the FBI had claimed the figure was 880. Such a giant leap in locked phones could not be explained, those critics reasoned.
It is unclear if the 880 figure is still accurate.