Blog Ipsa Loquitur

Remember the San Bernardino shooters? The husband and wife team that walked into his office holiday party and opened fire with a pair of assault rifles, and were then shot to death by police after a brief car chase? Detectives recovered the husband’s work phone, an iPhone with full-disk encryption enabled.

At the time, the FBI had a whole song and dance routine about how dangerous encryption was, and how companies like Apple needed to build the FBI a system to get keys to unlock any device at any time. But the FBI mishandled the phone in that investigation and made their own jobs a whole lot harder.

As I wrote about it back then:

Look, if local police in a tiny town in the middle of nowhere had screwed up this badly, we’d wonder why the FBI wasn’t entrusted with this. But the FBI made their jobs a lot harder; this can’t be their first time at the iPhone Evidence Rodeo, so how could they have locked themselves out of the phone? […] Sure is funny how the FBI was hilariously inept in their investigation, and now the only way they can get into the phone is by having Apple build a tool to circumvent its own security measures, right?

After all, if you were the FBI, and you wanted a test case, this whole “real live radicalized Muslim terrorist committing an act of war on American soil with pipe bombs and assault rifles before dying in a glorious shootout with the police” thing would be, like, the perfect test case. It sure would be a shame if the traditional investigation went awry, and the only way to get access to the phone was filing a completely novel test case.

That’s a pretty cynical take, I’ll admit. I more or less tiptoed up to the precipice of accusing certain members of the FBI of sabotaging their own investigation; it didn’t seem out of the question that the FBI was using that phone as ammunition in a broader war on encryption. Fortunately, cooler heads prevailed and the only backdoors in my phone are planted by the NSA. Ha ha(?).

Well, earlier this year, the FBI’s Inspector General issued a report on the San Bernardino iPhone investigation. That report is not much kinder to the FBI than my blog post from 2016. Susan Landau, law professor at Tufts University and one of the preeminent experts on this topic, breaks it down for folks like you and I:

For the FBI, the IG report brings some good news: No one deliberately withheld knowledge to prevent opening the locked iPhone. But that’s about the only positive revelation. The IG report chronicles foot dragging during the efforts to open the locked device and, in a critical instance, an aversion to finding a technological resolution of the issue outside of the court case. Above all, the IG report casts doubt on the argument that locked phones are “warrant-proof” devices preventing law enforcement from doing its job.

The FBI’s failure to open the iPhone was a result of bureaucracy and slowdown. Two units of the FBI’s Operational Technology Division (OTD) were key to eventually unlocking the iPhone: the Cryptologic and Electronic Analysis Unit (CEAU), which examines data on digital devices, working largely on criminal cases, and the Remote Operations Unit (ROU), which uses network exploitation techniques and appears to work largely in classified cases. […]

The CEAU and ROU weren’t communicating about this matter, but once they did, things moved pretty quickly:

The ROU chief reached out to his vendors, and on March 16, 2016, discovered that one of them was already 90 percent of the way toward a solution. At the FBI’s request, the vendor reallocated resources, moving work on opening the iPhone “to the ‘front burner.’” A month later, a vendor demonstrated a solution to the FBI, and the court conflict between Apple and the FBI was over.

Opening the locked iPhone should have been a good within the FBI. But that was not the view held by the CEAU chief; he apparently asked the ROU chief, “Why did you do that for?” The CEAU chief told the Inspector General “after the outside vendor came forward, the CEAU chief became frustrated that the case against Apple could no longer go forward.”

That’s a striking story. We have the FBI director testifying—and U.S. attorneys submitting a motion operating of of the same premise—that only Apple could unlock this terrorist’s phone. But it seems that what was really going on, at least on the part of some FBI investigators, was an unwillingness to really try.

Boy, that sure sounds like what privacy experts were publicly worried about back in 2016, doesn’t it?