AP, USA Today, Vice Sue FBI Over Refusal To Release Information About Contractor Who Cracked iPhone For It
from the exemption-(b)ecause-shut-up dept
USA Today, the Associated Press, and Vice News have joined forces to sue the FBI over its refusal to release even the most minimal amount of information on the hack it purchased to crack open the iPhone seized during its San Bernardino shooting investigation.
The DOJ certainly seemed adamant that Apple disclose all sorts of inside info to the government during the heated litigation. It turned down offers of assistance from hackers and security researchers before finally shelling out an unknown amount of money to an Israeli firm to gain access to the phone's contents. It also ensured it would never have to discuss the technical details of the hacking by not demanding this information be included in the purchase price.
Now, it refuses to even discuss the purchase price. Educated guesses that put it north of $1 million are based on a James Comey comment in which he said it was several times his annual salary. Somehow, the actual amount paid -- if revealed -- would somehow prevent the FBI's investigation from reaching its conclusion.
This FOIA lawsuit [PDF] targets other innocuous information the FBI refuses to release: contractor info on the party used to open up the seized iPhone (and discover nothing of investigative use on it).
This action is brought pursuant to the Freedom of Information Act (“FOIA”), 5 U.S.C. §§ 552, et seq., for basic contracting information from the Federal Bureau of Investigation (“FBI”) regarding one of its most publicly-discussed and controversial acquisitions: a technological tool openly purchased from a third-party vendor that was used to circumvent the need for a court order to access the locked iPhone of Syed Rizwan Farook, one of the perpetrators of the mass killings in San Bernardino, California.
As the lawsuit cleverly points out by using FBI director James Comey's own words against him, the public's interest in this information should easily outweigh the FBI's stated reasons for withholding it.
[T]he News Organizations seek to compel the FBI to provide records of the publicly-acknowledged business transaction that resulted in the purchase this March of the so-called iPhone access tool. The public interest in receiving this information is significant. The FBI’s purchase of this tool allowed government access to Mr. Farook’s phone, providing new information about one of the deadliest attacks on American soil in recent years, but also apparently failing to reveal any evidence of links between Mr. Farook and foreign terrorists or terrorist organizations...
FBI Director James Comey has himself stressed the essential importance of a nationwide “adult conversation” about whether and when law enforcement should be able to access encrypted devices because, “‘We’ve got to get to a point where we can reach [wrongdoers] as easily as they can reach us and change behavior by that reach-out.’” Mr. Comey also noted the need for increased information sharing with the public, an acknowledgment particularly critical given the potential of future legislative action on this issue, noting, “‘We need to understand in the FBI, how is this exactly affecting our work, and then share that with folks.’”
Moreover, the FBI’s purchase of the technology – and its subsequent verification that it had successfully obtained the data it was seeking thanks to that technology – confirmed that a serious undisclosed security vulnerability existed (and likely still exists) in one of the most popular consumer products in the world. And in order to exploit that vulnerability, the FBI contracted with an unidentified third-party vendor, effectively sanctioning that party to retain this potentially dangerous technology without any public assurance about what that vendor represents, whether the vendor has adequate security measures, whether the vendor is a proper recipient of government funds, or whether it will act only in the public interest.
The complaint points out the FBI has offered up zero information on this mysterious contractor, leaving several questions unanswered. The agency has refused to turn over anything on the vetting process used to select this vendor, raising the possibility that the FBI's chosen hacking entity may also be aiding blacklisted governments, terrorist groups, or criminals with accessing communications and data.
The news agencies participating in the lawsuit have been seeking this info since the All Writs Order was vacated back in March. Every request has been denied. The lawsuit seeks an order compelling the release of this information.
The DOJ will obviously fight this but it should be an interesting case to watch… if there's anything to be seen from the outside. Despite the hack being specific to one iPhone make running one specific version of iOS -- and there being nothing of interest found on the cracked phone -- the DOJ is sure to claim that any disclosure, however minimal, will do serious damage to national security and law enforcement means and methods.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cracked, doj, encryption, fbi, foia, going dark, iphone, san bernardino, transparency
Companies: ap, usa today, vice
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
C'mon guys... it's the Israelis. Certainly we can trust them right?
[ link to this | view in thread ]
It's a Lie!
[ link to this | view in thread ]
[ link to this | view in thread ]
It appears
News flash... It's supposed to be a hindrance to keep you from overstepping your bounds.
[ link to this | view in thread ]
[ link to this | view in thread ]
The FBI won't be able to provide the information because there was no third party who cracked the phone. They said it just to save face as they dropped the case against Apple.
[ link to this | view in thread ]
can't release info when there is none.
When the FBI realized they would lose the case and get a bad precedent they instead made up a story that they were able to get into the phone so they could claim the case wasn't in vain. Really they just gave up because they knew nothing of significance was on it and if they admitted that publicly it would make them look bad because they had just wasted the world's time and the US's money screaming it was super necessary.
[ link to this | view in thread ]
Otherwise, they would've been saying "see? we told you how necessary this was..." over and over again, trying to sway public opinion in their favor, and justifying this staggering taxpayer expense.
Their silence on the matter speaks volumes.
[ link to this | view in thread ]
"The dog ate my homew- the paperwork."
You can't force the disclosure of information that doesn't exist, so it will be interesting to watch the FBI/DOJ flail about in an attempt to have the case dropped, or assuming it goes against them scramble about to avoid having to admit that they lied just to get out of a case going south.
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
...Nothing up my sleeve...
We need to make the American Public and a lot of companies that are not on the payroll, think we don't know how to unlock all their phones at will.
Lets raise a public stink about how Apple won't help us open their phone. That will prove we do not know how to do it ourselves, even though we've already opened the thing and found it empty.
To end the phony "stink" we made, we'll publicly acknowledge the opening of the phone by a third party - that should completely remove any thoughts that we already have the tech to open Apples' phones, (and any other encrypted electronic communications devise made anywhere on earth in the last three months, or older.)
Its just damage control. Or more precisely, the best possible method of insuring that the "enemy", or "adversary" (the US Public) is kept in the dark about the USG's capabilities of global surveillance as long as possible.
Because, its always easier to defeat an enemy that believes what you want them to believe, compared to those who know the truth.
Once again folks, you've been played.
---
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]