Written bySean Lyngaas
A bipartisan group of House lawmakers wrote to FBI Director Christopher Wray Friday slamming the FBI’s handling of the San Bernardino shooter’s locked iPhone, adding that the bureau’s claim that it couldn’t bypass encryption on some 7,800 devices last year seems “highly questionable.”
The lawmakers said a recent Justice Department inspector general report on the subject “undermines statements that the FBI made during the San Bernardino litigation and consistently since then, that only the device manufacturer could provide a solution.”
The IG report found that some bureau officials didn’t want to find a solution because it could undercut FBI efforts to legally compel Apple to break the device’s encryption. “Perhaps most disturbingly, statements made by the chief of the Cryptographic and Electronic Analysis Unit appear to indicate that the FBI was more interested in forcing Apple to comply than getting into the device,” the letter states.
The letter could further inflame the debate over the “going dark” issue, which posits that criminal investigations are often thwarted due to law enforcement’s inability to bypass encryption. The December 2015 terrorist attack in San Bernardino, Calif., in which Syed Rizwan Farook and Tashfeen Malik killed 14 people, brought the encryption debate to a boil. Though a California judge ordered Apple to help the FBI unlock Farook’s iPhone, the bureau reportedly paid a vendor $900,000 to crack the device.
CyberScoop recently reported that a Senate panel could be drawing up a new bill on the subject.
Signatories of the letter include Republican Reps. Matt Gaetz, Fla., Darrell Issa, Calif., Jim Jordan, Ohio, James Sensenbrenner, Wisc., and Ted Poe, Texas; and Democratic Reps. Suzan DelBene, Wash., Ted Lieu and Zoe Lofgren of California, Jerrold Nadler, N.Y., and Jared Polis, Colo.
Politico was first to report on the letter.
The lawmakers asked Wray whether he’s consulted with third-party vendors on breaking into devices. They also want to know how many of the 7,800 inaccessible devices use biometrics or run data on cloud services, “which would provide additional means to access data or unlock phones.”
You can read the letter below.