Miscommunication, Not Dishonesty, Marked FBI Handling of San Bernardino Shooter’s iPhone

FBI Director James Comey is sworn in Dec. 9, 2015, prior to testifying before the Senate Judiciary Committee about the San Bernardino terrorist attack. FBI Director James Comey is sworn in Dec. 9, 2015, prior to testifying before the Senate Judiciary Committee about the San Bernardino terrorist attack. Susan Walsh/AP

In the aftermath of the deadly December 2015 domestic terrorist attack on an office in San Bernardino, Calif., the FBI found itself internally divided over whether it had the capability—and the legal right under privacy laws—to unlock the iPhone of the deceased shooter.

There were communications lapses between key offices, the Justice Department inspector general said on Tuesday in releasing results of an 18-month examination of the bureau’s handling of the investigation that became a controversial legal admixture of national security, technological and privacy rights issues.

» Get the best federal news and ideas delivered right to your inbox. Sign up here.

During and after their investigation into the pre-attack preparations of shooter Syed Rizwan Farook, FBI officials were accused of making inaccurate statements to Congress and possibly causing flawed statements to be made in court after the bureau filed suit to force Apple to cooperate in cracking open data from the secured iPhone.

In August 2016, the watchdog heard from a senior FBI official who “expressed concerns that 1) a unit within the FBI’s Operational Technology Division may have had techniques available to access the iPhone that it did not employ, and 2) the unit was indifferent to the fact that FBI leadership and others were testifying to Congress, and filing affidavits in court, that the FBI had no such capability.”

The IG found no evidence that the FBI had the capability to access data on the iPhone at the time of then-Director James Comey’s February and March 2016 congressional testimony or the February 16, 2016, initial court filing requesting involuntary assistance from Apple. “Therefore, we determined that the testimony and initial court filing were not inaccurate when made,” the report said.

The investigation, led by IG Michael Horowitz, concluded that within the FBI, “there were misunderstandings and incorrect assumptions that people and units in OTD were effectively communicating and coordinating from the outset to achieve a technical solution to access the iPhone data, and that all possible technical solutions had been researched prior to the testimony and court filings.”

The chief of the technology division’s Remote Operations Unit, which focuses on mobile devices, was not tasked with assisting with Comey’s testimony in February 2016—even though it is the unit that eventually unlocked the iPhone data after Apple resisted cooperation on proprietary grounds. “The ROU chief had only just begun the process of looking for a possible solution to the problem on the eve of the application for a court order being filed,” the IG wrote, “a filing predicated in part on the notion that technical assistance from Apple was necessary to search the contents of the device.”

In another miscommunication, the bureau’s Cryptographic and Electronic Analysis Unit, whose staff includes forensic examiners, may not have fully apprised the ROU and did not reach out to outside vendors for possible solutions, though the head of that unit could not recall every relevant conversation. In addition, the report said, the “CEAU chief may not have been interested in researching all possible solutions and instead focused only on unclassified techniques that could readily be disclosed in court and that OTD and its partner agencies already had in-hand.”

The FBI’s delays in arriving at the its own technical solution caused the government to withdraw its court filing, saying it couldn’t pursue the goal in the San Bernardino or future cases without cooperation from the manufacturer.

The FBI has already reorganized its units to create written protocols to ease future communication on investigations involving computers and mobile devices, which is what the IG recommended, the report said. It will monitor results in 90 days.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec