Hide Techdirt is off for the long weekend! We'll be back with our regular posts tomorrow.

Inspector General: FBI Lost Six Months Of Important Text Messages Because Its Retention System Sucks

from the all-the-smart-people-at-the-agency-etc dept

It’s great to know the FBI wants encryption broken so it can forensically molest any devices in its possession to find the mother lode of culpatory evidence these devices always contain. (“Always,” you ask? The FBI irritatedly taps the word “always” repeatedly in response.)

The reason this is such good news is that the FBI can’t even manage to reliably extract content from phones it issues to agents and other personnel. If you can’t expertly handle data migration/storage from phones in your control at all times, how badly are you going to bungle forensic evidence extraction at scale if the government ever green lights encryption backdoors?

The DOJ Inspector General has just released a report [PDF] detailing its investigation of missing text messages sent by two agents at the center of a Congressional hearing about supposed biased behavior during the FBI investigation of Hillary Clinton and Mueller’s investigation of Donald Trump. Agents Peter Strzok and Lisa Page exchanged text messages expressing their dislike of Trump and made some comments suggesting they would do something to harm his presidential chances. Critics believed this showed these agents — if not the agency itself — were guided by political bias when investigating Trump’s ties with Russia.

Maybe there was more to this than there first appeared to be. Thousands of text messages from the agents’ devices went missing — a gap that stretched from December 2016 to May 2017. The Inspector General’s office used forensic tools to recover roughly 19,000 text messages from the two phones. The culprit appears to be standard operating procedure rather than a deliberate attempt to destroy evidence.

Strzok and Page had each returned their DOJ-issued iPhones six months earlier when their assignments to the SCO (Special Counsel’s Office) had ended. The OIG was told that the DOJ issued iPhone previously assigned to Strzok had been re-issued to another FBI agent… CYBER obtained a forensic extraction of the iPhone previously assigned to Strzok; however, this iPhone had been reset to factory settings and was reconfigured for the new user...

The same thing happened to Page’s phone. It was reset in July 2017 by personnel at the DOJ’s Justice Management Decision. It hadn’t been issued to another agent but it had been restored in preparation for reassignment.

Resetting phones just makes sense. Nothing about the FBI’s handling of records its supposed to be retaining does. Text messages are official communications. They’re subject to public records requests and they’re often responsive to subpoenas in criminal cases. Wiping a phone without ensuring existing communications have been backed up is monumentally stupid and possibly illegal.

To the agency’s credit, it does try to retain these communications before resetting issued devices. The problem is its tool works poorly. As does its management:

FBI Assistant General Counsel [redacted for some fucking reason] informed OIG that there does not appear to be a directive for preservation of texts by ESOC [Enterprise Security Operations Center], but that ESOC retains text messages as a matter of practice.

Define “retain” and “matter of practice” in the context of a six-month gap of non-retention of Strzok/Page text messages. I guess it’s the thought that counts?

[E]SOC could not provide a specific explanation for the failure in the FBI’s text message collection relating to Strzok’s and Page’s S5 phones…

ESOC did offer up a set of possible explanations for the failure, none of which are reassuring. First, it could have been a bug reported by the vendor in 2016 but not fixed until March 2017. The application itself could have been misconfigured. The application may not have been compatible with device software updates.

Efforts were made to mitigate the issue. But those failed as well. The FBI phased out Samsung S5s and replaced them with S7s. Nothing changed but the phone model.

[A]ccording to FBI’s Information and Technology Branch, as of November 15, 2018, the data collection tool utilized by FBI was still not reliably collecting text messages from approximately 10 percent of FBI issued mobile devices…

That the OIG was able to recover thousands of messages from forensic extraction and scouring the FBI’s enterprise database isn’t really good news. It’s unlikely the FBI will make the same effort when hit with discovery demands and it already won’t thoroughly search databases it has full access to when responding to FOIA requests. So, records are going to go missing and it won’t be until the OIG steps in that any effort will be made to find the missing records, much less take a good look at the broken processes that caused them to go missing in the first place.

Filed Under: , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Inspector General: FBI Lost Six Months Of Important Text Messages Because Its Retention System Sucks”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Amazing what goes missing

I would like to believe that the FBI has failed to uphold its end up the legally required data retention accidentally, but the nature of the discussion between these two leads to it more likely being destroyed to prevent its contents from being used against the agency. Either way though, heads should roll and this should be prevented from ever happening again. Remember you want to be able to audit the government records when the party you trust least is in control of all aspects of the government, whether you expect that to happen or not.

Anonymous Coward says:

Re: Amazing what goes missing

” heads should roll and this should be prevented from ever happening again.”

Isn’t that what people were saying over and over, year after year, administration after administration? Thinking of that classic Ian Fleming quote, it’s hard to believe that there was ever any serious attempt to fix the government’s chronic “lost email” problem — nor will there likely ever be.

nasch (profile) says:

Re: Amazing what goes missing

Remember you want to be able to audit the government records when the party you trust least is in control of all aspects of the government, whether you expect that to happen or not.

Perhaps they’re thinking they want to be above accountability whenever they’re in power, so aren’t too interested in holding the other party accountable when they’re not.

tom (profile) says:

Wonder if anyone has bothered to contact the FBI IT folks? Not the managers but the low level folks that actually do the backups and store the tapes. IT folks performing backups often have “off the books” backups just in case or even for CYA reasons. I seem to recall similar “We can’t find the records” responses from IRS officials a few years back and that many of the records magically appeared when the IT folks were contacted directly.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...