June 4, 2018
Today, New America’s Open Technology Institute and a coalition of 20 other civil society organizations wrote to the Justice Department Inspector General (IG) urging him to investigate the failures that led the FBI to massively overstate the number of encrypted devices it was unable to unlock. The FBI and the Justice department repeatedly relied on the erroneous figure in support of their claims that the FBI is “going dark” and needs a mechanism to ensure it can access encrypted information.
The coalition also urged the IG to investigate why Justice Department officials, including Attorney General Jeff Sessions, continued to use the flawed statistics after the FBI discovered the miscalculation.
On May 22, the Washington Post reported that although the FBI repeatedly claimed that it could not unlock 7,775 encrypted devices in 2017, the number was significantly inflated due to a programming error. The accurate count is likely closer to 1,200 devices. Despite learning of this miscalculation in April, Attorney General Sessions and at least one other Justice Department official continued using the flawed data point in public remarks and when speaking to the press as recently as May 8.
The FBI’s miscalculation and the Justice Department’s continued use of the inflated number after it knew or should have known that it was flawed raise serious questions about their credibility in the debate about encryption backdoors. The coalition noted that this “investigation would be an appropriate follow-up to [the IG’s] recent report regarding the FBI’s conduct in connection with the encrypted phone in the San Bernardino shooting investigation” which “concluded that the FBI chose ‘not [to] pursue all possible avenues in the search for a solution’ when trying to unlock the San Bernardino shooter’s iPhone.” In the letter, the coalition urges the IG to investigate:
“1. The causes that led the FBI to make such a significant error, how it was identified, and why it took so long to identify;
“2. Why Justice Department officials, including the Attorney General, used the data point when it was known to be false, and whether, after learning of the error, the Attorney General, other Justice Department, or FBI officials continued improperly using it in public remarks, conversations, or meetings (internal and external); and
“3. What measures the Justice Department and the FBI have taken to ensure that they inform lawmakers and the public of this significant miscalculation, both prior and subsequent to the publication of the Washington Post story, and whether those steps were sufficient.”
The full text of the letter is available here.
The following statement can be attributed to Robyn Greene, policy counsel and government affairs lead at New America’s Open Technology Institute:
“It is imperative that the Inspector General investigate the circumstances around the FBI’s massive failure in calculating the number of encrypted devices it couldn’t unlock, and the Justice Department’s conduct after it knew or should have known the number was false. The FBI has spent years claiming it is “going dark” and needs an encryption backdoor, in spite of nearly universal warnings by privacy advocates, security experts, and industry that such a “solution” would severely threaten privacy, cybersecurity and the U.S. economy. Now we know that the only proof that the FBI has ever offered to substantiate its demands—that it couldn’t unlock 7,775 devices in 2017—was inflated by about 550%. This latest misstep, combined with the Inspector General’s conclusion that the FBI intentionally slow-rolled its efforts to unlock the San Bernardino shooter’s encrypted iPhone, makes clear that everyone should be seriously questioning the FBI’s credibility and reliability in the encryption debate.”