FBI Claims It Has No Record Of Why It Deleted Its Recommendation To Encrypt Phones

from the maybe-it-was-encrypted dept

A couple of years ago, I wrote about how -- just as the FBI was whining about encryption and "going dark" -- it was, at the same time, urging people to encrypt their mobile phones to protect against crime:
Then, last year, I noticed that the page had been deleted. Seemed curious, so I sent in a Freedom of Information Act (FOIA) to the FBI to better understand why that page had magically been deleted, just at the time it seemed to contradict the FBI Director's statements about encryption.

It, of course, took much longer than the legally mandated 20-day response time, but the FBI has finally "responded" to tell me that it can't find anything. So sorry, too bad.
If you can't read that, it says:
Based on the information you provided, we conducted a search of the locations or entities where records responsive to your request would reasonably be found. We were unable to locate records responsive to your request. If you have additional information that may assist in locating records concerning the subject of your request, please provide us the details and we will conduct an additional search.
It is, of course, entirely possible that my request was not clear enough -- though I specifically pointed them to where the URL used to be and what was on it. So I'm not entirely sure what other information to provide in response. And that's part of the problem with the FOIA process. It's something of a guessing game, where if you don't guess exactly the proper way to phrase what you want, they'll just come back with a no responsive documents response. Of course, perhaps they just encrypted the information on an iPhone and they won't be able to get it for me unless they win their fight against Apple... right?

Help us keep covering stories like these!

Reader Comments (rss)

(Flattened / Threaded)

  1. icon
    That One Guy (profile), Feb 29th, 2016 @ 5:45am

    Much more likely...

    FBI Agent 1: "I just realized something. Given we are currently trying to demonize and undermine encryption, spinning it as something that only criminals use, having a page up telling people how encryption should be employed as it makes them safer from criminals kinda makes us look like gigantic hypocrites."

    FBI Agent 2: "Good point. Yeah, I'll go and have a chat with the techies, have that page removed."

    FBI 1: "Do we need to notify anyone? Fill out any forms or anything? We are talking about changing the site by removing something after all."

    FBI 2: "Nah, no need to write this up, it's a minor change, should have been done before now anyway."

    FBI 1: "True enough. Also means if someone tries to ask us why the page is no longer there we can play the standard 'How long can we force them to wait?' game before telling them there's no documents with regards to their requests."

    FBI 2: "Heh, yeah, that never gets old."

    reply to this | link to this | view in thread ]

  2. identicon
    Anonymous Coward, Feb 29th, 2016 @ 6:36am

    Huh. So they were mysteriously deleted? Well then, time to put them back in then, right?

    reply to this | link to this | view in thread ]

  3. identicon
    Anonymous Coward, Feb 29th, 2016 @ 6:37am

    The real problem with he FOI process is that people have to request records that should be made public by default. Such records should be available so that the public can scrutinize what public servants are doing on their behalf.

    reply to this | link to this | view in thread ]

  4. icon
    Oblate (profile), Feb 29th, 2016 @ 6:56am

    It's the same reason they can't find anything else...

    They can't find any responsive documents because they are encrypted, using the FBI's own SBO2 (Security By Obscurity v2.0) algorithm.

    It has a two letter key, an "F" followed by a "U".

    reply to this | link to this | view in thread ]

  5. icon
    MarcAnthony (profile), Feb 29th, 2016 @ 6:56am

    It's always in the last place you look

    ...we conducted a search of the locations or entities where records responsive to your request would reasonably be found.

    If the information exists at all, it may have been put somewhere it would not reasonably be found. Whenever I lose something, that's typically where I find it.

    reply to this | link to this | view in thread ]

  6. identicon
    Anonymous Coward, Feb 29th, 2016 @ 7:06am

    You'll still find that list here
    https://www.ic3.gov/media/2012/121012.aspx

    reply to this | link to this | view in thread ]

  7. icon
    ChurchHatesTucker (profile), Feb 29th, 2016 @ 7:10am

    Re:

    Start the timer!

    reply to this | link to this | view in thread ]

  8. identicon
    Anonymous Coward, Feb 29th, 2016 @ 7:13am

    Sounds to me like someone got their butt chewed, likes their job, and now has amnesia.

    reply to this | link to this | view in thread ]

  9. identicon
    Anonymous Coward, Feb 29th, 2016 @ 7:27am

    It is good to understand how the real criminals operate. Thank goodness the Chinese and the Russians understand how to keep my financial and medical information safe. Krebs 2016

    reply to this | link to this | view in thread ]

  10. identicon
    Anonymous Coward, Feb 29th, 2016 @ 7:36am

    Re:

    You know, we don't know where to send you the cigar if you're anonymous, right?

    reply to this | link to this | view in thread ]

  11. identicon
    Anonymous Coward, Feb 29th, 2016 @ 7:41am

    The FBI have gone into business for themselves. They do not work for you anymore, you are the enemy by trying to hold their actions accountable.

    reply to this | link to this | view in thread ]

  12. icon
    orbitalinsertion (profile), Feb 29th, 2016 @ 7:52am

    Re:

    Oh, so they went back to their previous business model.

    reply to this | link to this | view in thread ]

  13. icon
    ArkieGuy (profile), Feb 29th, 2016 @ 8:00am

    Not Specific Enough

    though I specifically pointed them to where the URL used to be and what was on it. So I'm not entirely sure what other information to provide in response


    You didn't specifically tell them the from, to, date and time of the e-mail requesting the removal. How could they possibly find it without this critical information.

    reply to this | link to this | view in thread ]

  14. icon
    derekcohen (profile), Feb 29th, 2016 @ 8:13am

    wayback machine to the rescue

    reply to this | link to this | view in thread ]

  15. identicon
    Anonymous Coward, Feb 29th, 2016 @ 8:16am

    So it has no record of why it has no record.

    reply to this | link to this | view in thread ]

  16. icon
    Coyne Tibbets (profile), Feb 29th, 2016 @ 8:16am

    It could be worse

    They could have revised it to this (borrowed from the copyright warning screens) statement:

    "Depending on the type of phone, the operating system may have encryption available. Criminal encryption use including encryption use without monetary gain, is investigated by the FBI and is punishable by up to 5 years in federal prison and a fine of $250,000."

    reply to this | link to this | view in thread ]

  17. icon
    Groaker (profile), Feb 29th, 2016 @ 8:28am

    Perhaps they are back to the old purposefully looking on only C: drives when all the information they would rather keep quiet is stored on D: +.

    Or if stored on a mainframe, perhaps in reverse EBSDIC where it would never be found with a search tool only using EBSDIC.

    reply to this | link to this | view in thread ]

  18. identicon
    Anonymous Coward, Feb 29th, 2016 @ 8:58am

    Re: It's the same reason they can't find anything else...

    And here I thought it was security by deletion

    reply to this | link to this | view in thread ]

  19. identicon
    Anonymous Coward, Feb 29th, 2016 @ 10:13am

    Re: Re: Re:

    EBSDIC
    Extended Binary S????? Decimal Interchange Code
    CRC
    E2 does have the same even parity as C3.

    reply to this | link to this | view in thread ]

  20. identicon
    Anonymous Coward, Feb 29th, 2016 @ 12:58pm

    Re: Re:

    Never left it..well not if the hundreds of murdered informants are anything to go by.

    reply to this | link to this | view in thread ]

  21. identicon
    Anonymous Coward, Feb 29th, 2016 @ 12:59pm

    Re:

    Actually it has no record of why it has no record of why it has no

    reply to this | link to this | view in thread ]

  22. identicon
    Anonymous Coward, Feb 29th, 2016 @ 1:00pm

    FBI wants to outlaw encryption eh?

    All we have to do is speak logical common sense..that's something they'll NEVER decrypt.

    reply to this | link to this | view in thread ]

  23. identicon
    Personanongrata, Feb 29th, 2016 @ 1:19pm

    Fat-Fingers at FBI

    FBI Claims It Has No Record Of Why It Deleted Its Recommendation To Encrypt Phones

    The terrorists must have Deleted the FBI's Recommendation To Encrypt Phones.

    reply to this | link to this | view in thread ]

  24. icon
    Whatever (profile), Feb 29th, 2016 @ 4:21pm

    What I find interesting is how you try to paint the FBI as a single, monolithic thing. Rather than being a collection of people, offices, and operating groups, you portray it as a single unified entity where everything it does is immediately known and understood at every other levels by every other people at every time.

    It's sort of like an organizational strawman: Find the contradictory document from X years ago, and prove that the single entity FBI (or CIA, or other organization) is some how full of sh-t.

    This whole story is a great example: The "FBI says encrypt" document that you point to part of tips to avoid being a victim of malware or ransomware. It does give the tip to encrypt personal data, and seems to be more aimed at individual data and not the full phone.

    Oh. and it's from four years ago, before many had considered the implications of encryption and the criminal element. It's certainly before any of this headed to court on any meaningful level.

    So if you expanded coverage is mostly going to be "caught you!" stories, well... I guess the sheep got sheared!

    reply to this | link to this | view in thread ]

  25. identicon
    Anonymous Coward, Feb 29th, 2016 @ 4:56pm

    Re:

    If you insist on throwing stones, don't be too surprised when people point out your glass house breaking.

    reply to this | link to this | view in thread ]

  26. identicon
    Anonymous Coward, Mar 1st, 2016 @ 6:55am

    Re:

    So you are saying we should be lenient with a group that has proven they have no intention of holding those members of their organization accountable for when they screw up in these sorts of cases?

    So they can ruin your life if they want to, we should give them the benefit of the doubt because there are rogue elements in their organization they refuse to hold accountable. But it's ok because they can't be expected to know what everyone is doing.

    reply to this | link to this | view in thread ]

  27. identicon
    nick, Mar 1st, 2016 @ 5:23pm

    reply to this | link to this | view in thread ]

  28. identicon
    Anonymous Coward, Mar 5th, 2016 @ 7:26am

    Re:

    Most things in large organizations are done based on policies. For example I bet it is their policy to encrypt their information internally.

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.