Inspector General: FBI Lost Six Months Of Important Text Messages Because Its Retention System Sucks
from the all-the-smart-people-at-the-agency-etc dept
It’s great to know the FBI wants encryption broken so it can forensically molest any devices in its possession to find the mother lode of culpatory evidence these devices always contain. (“Always,” you ask? The FBI irritatedly taps the word “always” repeatedly in response.)
The reason this is such good news is that the FBI can’t even manage to reliably extract content from phones it issues to agents and other personnel. If you can’t expertly handle data migration/storage from phones in your control at all times, how badly are you going to bungle forensic evidence extraction at scale if the government ever green lights encryption backdoors?
The DOJ Inspector General has just released a report [PDF] detailing its investigation of missing text messages sent by two agents at the center of a Congressional hearing about supposed biased behavior during the FBI investigation of Hillary Clinton and Mueller’s investigation of Donald Trump. Agents Peter Strzok and Lisa Page exchanged text messages expressing their dislike of Trump and made some comments suggesting they would do something to harm his presidential chances. Critics believed this showed these agents — if not the agency itself — were guided by political bias when investigating Trump’s ties with Russia.
Maybe there was more to this than there first appeared to be. Thousands of text messages from the agents’ devices went missing — a gap that stretched from December 2016 to May 2017. The Inspector General’s office used forensic tools to recover roughly 19,000 text messages from the two phones. The culprit appears to be standard operating procedure rather than a deliberate attempt to destroy evidence.
Strzok and Page had each returned their DOJ-issued iPhones six months earlier when their assignments to the SCO (Special Counsel’s Office) had ended. The OIG was told that the DOJ issued iPhone previously assigned to Strzok had been re-issued to another FBI agent… CYBER obtained a forensic extraction of the iPhone previously assigned to Strzok; however, this iPhone had been reset to factory settings and was reconfigured for the new user...
The same thing happened to Page’s phone. It was reset in July 2017 by personnel at the DOJ’s Justice Management Decision. It hadn’t been issued to another agent but it had been restored in preparation for reassignment.
Resetting phones just makes sense. Nothing about the FBI’s handling of records its supposed to be retaining does. Text messages are official communications. They’re subject to public records requests and they’re often responsive to subpoenas in criminal cases. Wiping a phone without ensuring existing communications have been backed up is monumentally stupid and possibly illegal.
To the agency’s credit, it does try to retain these communications before resetting issued devices. The problem is its tool works poorly. As does its management:
FBI Assistant General Counsel [redacted for some fucking reason] informed OIG that there does not appear to be a directive for preservation of texts by ESOC [Enterprise Security Operations Center], but that ESOC retains text messages as a matter of practice.
Define “retain” and “matter of practice” in the context of a six-month gap of non-retention of Strzok/Page text messages. I guess it’s the thought that counts?
[E]SOC could not provide a specific explanation for the failure in the FBI’s text message collection relating to Strzok’s and Page’s S5 phones…
ESOC did offer up a set of possible explanations for the failure, none of which are reassuring. First, it could have been a bug reported by the vendor in 2016 but not fixed until March 2017. The application itself could have been misconfigured. The application may not have been compatible with device software updates.
Efforts were made to mitigate the issue. But those failed as well. The FBI phased out Samsung S5s and replaced them with S7s. Nothing changed but the phone model.
[A]ccording to FBI’s Information and Technology Branch, as of November 15, 2018, the data collection tool utilized by FBI was still not reliably collecting text messages from approximately 10 percent of FBI issued mobile devices…
That the OIG was able to recover thousands of messages from forensic extraction and scouring the FBI’s enterprise database isn’t really good news. It’s unlikely the FBI will make the same effort when hit with discovery demands and it already won’t thoroughly search databases it has full access to when responding to FOIA requests. So, records are going to go missing and it won’t be until the OIG steps in that any effort will be made to find the missing records, much less take a good look at the broken processes that caused them to go missing in the first place.
Filed Under: data retention, fbi, inspector general, lisa page, peter strzok, public records, text messages
Comments on “Inspector General: FBI Lost Six Months Of Important Text Messages Because Its Retention System Sucks”
Amazing what goes missing
I would like to believe that the FBI has failed to uphold its end up the legally required data retention accidentally, but the nature of the discussion between these two leads to it more likely being destroyed to prevent its contents from being used against the agency. Either way though, heads should roll and this should be prevented from ever happening again. Remember you want to be able to audit the government records when the party you trust least is in control of all aspects of the government, whether you expect that to happen or not.
Re: Amazing what goes missing
Re: Re: Amazing what goes missing
Started wearing a yellow vest to and from work. This is far beyond unacceptable. The Big Club We’re Not Part Of has a voice. They have immunity from oversight or justice. Their thugs in place curtail these from everybody else.
Re: Amazing what goes missing
Perhaps they’re thinking they want to be above accountability whenever they’re in power, so aren’t too interested in holding the other party accountable when they’re not.
This is normal.
The FBI needs to, every once in a while, demonstrate that despite its hyperconservative MIBby appearance, it is as bumbling and incompetent as the rest of law enforcement.
Well at least they are consistent in their inability to retain and retrieve information.
Not a problem
No worries, I’m sure that if they manage to cripple encryption and get a leprechaun golden key they’ll be much more careful with that, and would never lose it inside a few months.
Found the problem
Those Samsung S5 iPhones have notoriously glitchy operating systems.
Just send them on a trip!
As a benefit for ending a task/job, DOJ members with official phones should be sent out of the country as a reward. DHS will image their phones and never delete the data, so it will be available for the foreseeable future!
Not that it really matters, but were they Samsung or Apple phones?
Wonder if anyone has bothered to contact the FBI IT folks? Not the managers but the low level folks that actually do the backups and store the tapes. IT folks performing backups often have “off the books” backups just in case or even for CYA reasons. I seem to recall similar “We can’t find the records” responses from IRS officials a few years back and that many of the records magically appeared when the IT folks were contacted directly.
A. The Special Council fired Strzok for improper texts
B. SC resets his iPhone destroying the texts
C. The texts were evidence destroyed by the SC.
How is this not obstruction of justice?