Officials including Attorney General Jeff Sessions and FBI Director Christopher A. Wray have systematically repeated in speeches that the FBI was unable to unlock some 7,800 encrypted smartphones that were connected to crimes last year.
That number has been greatly exaggerated, it turns out, and it may be a lot closer to 1,000 or 2,000 devices.
The FBI and other law enforcement agencies have long had a dual stance on encryption. They oppose encryption when it comes to collecting evidence from encrypted devices or online services, but also support the need of strong encryption that would prevent hackers and other states to spy on the US.
Back in 2016, FBI got into a legal fight with Apple, looking to force the iPhone maker to unlock a handset belonging to one of the San Bernardino shooters. Apple refused, and the FBI ultimately backed down, after discovering a different means of accessing the data. Since then, we’ve learned of highly sophisticated machines that can break into encrypted smartphones.
Building backdoors into hardware and software is something the FBI and DOJ would support, as long as those backdoors aren’t built into devices originating from potential enemies. Earlier this year, intelligence agencies warned against the wide use of Huawei and ZTE equipment in the US for fear that China could use its technology for spying purposes.
Wray made a point to repeat that figure above multiple times over a period of seven months as evidence that “Going Dark” — using encryption — is spreading. The Washington Post learned that the number isn’t accurate and that the FBI realized the miscount about a month ago.
It still doesn’t have an accurate count, and an internal estimate puts the number at 1,200. “The FBI’s initial assessment is that programming errors resulted in significant over-counting of mobile devices reported,’’ the FBI said in a statement on Tuesday.
Apparently, the agency has been using three distinct databases, which would explain the high count. Tests of the methodology did not detect the flaw in April 2016, and a new audit will be conducted.
FBI critics said that the massive jump in encrypted devices in criminal investigations — from 880 a year before to the repeated 7,800 claim — could not be backed up by changes in tech or criminal behavior. It’s unclear if the 880 figure is accurate, but the massive increase could have been a red flag that something went wrong.
That’s not to say that the FBI’s claim that encryption can help criminals isn’t warranted. As before, this remains a tough topic for law enforcement and tech companies. But exaggerating the issue repeatedly isn’t the way to go towards potentially forcing any backdoor-related legislation.