The FBI has reportedly acknowledged that in a majority of cases it investigates, the agency is able to unlock and access user data on computers and phones.
The FBI is able to unlock or access data on most of the phones and computers it encounters during its investigations, as well as those of local and state cops, according to the bureau’s General Counsel Jim Baker.
So far in the fiscal year 2016 (from Oct. 1, 2015 until Sept. 30, 2016), the FBI has encountered passwords or passcodes—that is locked phones or laptops—in 2,095 out of 6,814 (31 percent) mobile devices analyzed by its forensic labs, Baker said according to attendants at a public meeting on encryption and the challenges it poses to law enforcement, celebrated in Washington DC on Friday. And even for those 2,095 devices that were locked, the fed’s investigators were able to break in in 1,210 cases, and couldn’t unlock around 880 devices, Baker reportedly said.
In other words, in the vast majority of cases (87%), the FBI was able to access the data it needed. Earlier this year, the FBI and Apple squabbled in court over the fed’s request for help breaking into the iPhone of an alleged terrorist who killed 14 people in a shooting in December of 2015. The case became the most public battle in the FBI’s ongoing war on encryption, a problem that the FBI calls “Going Dark.”
The fed’s argument is that unbreakable encryption is stumping criminal investigations, making them harder,if not impossible, to sometimes access important evidence on a suspect or a victim’s phone or computer. The numbers disclosed by Baker on Friday, which have never been published before, seem to indicate that the reality, however, is a little different.
“These numbers demonstrate that even with encryption turned on by default on all newer iPhones and some Android phones, it is posing a problem in a relatively small number of cases—while that same encryption is presumably preventing a wide range of crimes,” Kevin Bankston, the director of the New America Foundation's Open Technology Institute, who was at the meeting, told in an online chat.
An FBI spokesperson could not confirm nor deny the numbers as today was a national holiday. “885 or 886 devices the FBI was not able to access in [Fiscal Year 2016] does sound about right,” the spokesperson said in an email. “I would suggest that is hardly an insignificant number.”
In any case. There are some caveats to be made here. According to what Baker said, those are the devices sent to the FBI’s computer analysis response teams (CASRs) and regional computer forensic laboratories (RCFLs) by state and local cops, or federal investigators. They do not include devices that local and state cops were able to deal with on their own.The numbers apparently included both cellphones and laptops, and it’s unclear if the 885 or 886 figure includes damaged devices as well.
As surveillance expert and blogger Marcy Wheeler noted, the FBI’s claims that it can’t get into 13% of phones is “bogus” and is a “false claim about encryption,” as these numbers aren’t just about crypto.