FBI 'Grossly Inflated' Statistics on Investigations Stymied by Encrypted Smartphones
The United States Federal Bureau of Investigation provided Congress with "grossly inflated" statistics on the number of electronic devices it has been been unable to access due to encryption, reports The Washington Post.
Last year, the FBI claimed to have been locked out of close to 7,800 devices that were connected to crimes, but the actual number of devices that were inaccessible is smaller, closer in scope to between 1,000 and 2,000. The FBI discovered an error in the method used for counting encrypted smartphones last month, and has not yet completed a full internal audit to determine the correct number.
"The FBI's initial assessment is that programming errors resulted in significant over-counting of mobile devices reported," the FBI said in a statement Tuesday. The bureau said the problem stemmed from the use of three distinct databases that led to repeated counting of the same phones. Tests of the methodology conducted in April 2016 failed to detect the flaw, according to people familiar with the work.
The FBI's inflated numbers are a problem because FBI director Christopher Wray has, at several points in time, used those statistics to warn of the dangers criminals using encryption to "go dark" and evade law enforcement oversight.
Back in October, for example, Wray said the inability to access such a large number of encrypted smartphones was a major problem. "To put it mildly, this is a huge, huge problem," said Wray. "It impacts investigations across the board - narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation."
In another such speech in January, Wray used the inflated figure to describe encryption as an "urgent public safety issue."
"While the FBI and law enforcement happen to be on the front lines of this problem, this is an urgent public safety issue for all of us. Because as horrifying as 7,800 in one year sounds, it's going to be a lot worse in just a couple of years if we don't find a responsible solution."
These kinds of statistics have also been used by the FBI to advocate for backdoors into encrypted devices like the iPhone.
In 2016, for example, Apple and the FBI had now-famous dispute over the iPhone 5c used by San Bernardino shooter Syed Farook. The FBI demanded that Apple create a tool to allow law enforcement officials to disable passcode security features so they could hack into the device, effectively weakening its protection.
Apple staunchly refused and argued that such a request could set a "dangerous precedent," a position the company has maintained since then as law enforcement officials have continued to advocate for backdoor device access.
Apple, as part of the Reform Government Surveillance coalition, recently released a statement condemning proposals for backdoors into electronic devices, and in March, Apple engineering chief Craig Federighi said that backdoor access would "inject new and dangerous weaknesses into product security."
"Weakening security makes no sense when you consider that customers rely on our products to keep their personal information safe, run their businesses or even manage vital infrastructure like power grids and transportation systems," Federighi said.
Despite the FBI's error counting the number of encrypted devices it has been unable to access during criminal investigations, the agency maintained that encryption is a "serious problem" in a statement to The Washington Post.
"Going Dark remains a serious problem for the FBI, as well as other federal, state, local and international law enforcement partners. ... The FBI will continue pursuing a solution that ensures law enforcement can access evidence of criminal activity with appropriate legal authority."
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.