The FBI Pushed For Anti-Encryption Legislation Using False Data

Cristopher Wray, FBI Director

Over the past few years the FBI has used all sorts of tactics to push its war on encrypted devices. The latest one seems to be to give Congress false information about how many devices the agency can't unlock.

The FBI’s War On Encrypted Smartphones

The NSA lost its own war against encryption in the late '90s, when it tried to get all manufacturers to add a “Clipper chip” to their devices so it could have access to users’ encrypted communications.

The Clipper chip was later found to be vulnerable to multiple bugs, and if malicious parties had found them, they would likely have been able to access those encrypted communications. That means most users of such compromised devices would have potentially been at risk of getting hacked.

This is why virtually all cryptography and security experts have argued against encryption backdoors. However, despite backdoors posing such a high risk to most users once they are implemented, the FBI has launched its own war on encryption. It seems the agency is willing to using every trick in the book to get Congress to pass an anti-encryption law, too, even if it means committing potential felonies to do so.

First, the agency tried to set a precedent in court so that it could use a 200-year-old law to force companies to disable their devices’ security. The case in question involved an iPhone owned by one of the San Bernardino shooters. While the lawsuit was happening, the FBI did its best to avoid searching for alternative solutions to access the iPhone it wanted unlocked, despite the seeming urgency with which it needed that access.

FBI Gives Congress False Data

Recently, the FBI told Congress that there were 7,775 devices it couldn’t unlock in 2017 because of their encryption features. The FBI has used this fact to further advance its “Going Dark” campaign, which was an effort to teach the public and Congress that the agency can see less and less information about criminals as they increase their usage of encryption. However, this campaign has some issues of its own, such as the fact that we now live in a Golden Age of Surveillance. The Golden Age of Surveillance theory states that as people use more and more internet-connected (and insecure) devices, more data about them becomes available to law enforcement. Encryption helps combat that trend.

It turns out that the FBI wasn’t telling the truth about the number of locked devices. A report from The Washington Post revealed that the number of devices the FBI can’t unlock is significantly smaller than the agency told Congress, in the range of 1,000-2,000:

The FBI has repeatedly provided grossly inflated statistics to Congress and the public about the extent of problems posed by encrypted cellphones, claiming investigators were locked out of nearly 7,800 devices connected to crimes last year when the correct number was much smaller, probably between 1,000 and 2,000.

The EFF has also submitted its own FOIA request to learn whether or not the FBI is telling the truth on this matter. If the FOIA request reveals that The Washington Post was correct and the FBI was not, then the law enforcement agency could suffer yet another hit to hits credibility in its war on encryption.

Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.