DOJ, FBI Issuing Corrections To Statements, Testimony Containing Bogus Uncracked Device Numbers

from the cleanup-on-aisle-7800 dept

The FBI's push for encryption backdoors relied on ever-skyrocketing numbers of uncracked devices the agency's best and brightest just couldn't seem to access. "Look!" DOJ and FBI officials said, pointing lawmakers at charts showing an explosion in the number of locked devices over the last couple of years. Unsustainable, it seemed to say. But it was all a lie. Not a deliberate lie, maybe, but a lie nonetheless. A convenient misrepresentation of the problem caused by a software error.

How does an agency with the technical capabilities the FBI has miscount physical items? Apparently, you let software do the counting and hope for the best.

“The FBI’s initial assessment is that programming errors resulted in significant over-counting of mobile devices reported,’’ the FBI said in a statement Tuesday. The bureau said the problem stemmed from the use of three distinct databases that led to repeated counting of phones. Tests of the methodology conducted in April 2016 failed to detect the flaw, according to people familiar with the work.

This inflated the count from somewhere between 1,000-2,000 to nearly 8,000. That was the number used by Director Christopher Wray and AG Jeff Sessions in testimony to Congress and speeches to law enforcement. That was the center of the narrative: a number that kept growing exponentially with no end in sight.

You'd think the agency would track devices better, what with officials constantly claiming each and every phone was "tied to a threat to the American people." Something that important shouldn't be carelessly handled. But the phones "tied to threats" were overcounted, suggesting a severe problem in the FBI's tracking system that might make it difficult to figure out which "threats" each phone is "tied" to if and when it ever gets around to cracking the devices.

Now, the DOJ is in damage control mode. Robyn Greene was the first to notice the corrections made to officials' statements using the FBI's bullshit ~8,000 number. Edits to AG Sessions' recent comments at a law enforcement conference have replaced this:

Last year the FBI was unable to access investigation-related content on more than 7,700 devices…

With this:

Last year the FBI was unable to access investigation-related content on more than ** devices…

The footnote reads:

** Due to an error in the FBI's methodology, an earlier version of this speech incorrectly stated that the FBI had been unable to access 7,800 devices. The correct number will be substantially lower.

The FBI's been doing a bit of cleanup at its own site. Here's one from May 3, 2017 that has since been corrected.

In just the first half of this fiscal year, the FBI was unable to access the content of more than 3,000* mobile devices...

The FBI's footnote is far more concise and vague.

* Due to an error in methodology, this number is incorrect. A review is ongoing to determine an updated number.

It helpfully doesn't mention the FBI screwed up its own count. Nor does it state the new estimate will be "substantially lower." Cowards.

Here's another one, from September 27, 2017:

In the first 10 months of this fiscal year, the FBI was unable to access the content of more than 6,000* mobile devices…

How did this jump -- 3,000 phones in five months -- escape notice? As of November 2016, the number was only around 880 devices. Then it jumped to 3,000 six months later. Then it doubled to 6,000 in less than five months. By the end of that fiscal year four months later, the FBI had supposedly added another 1,775 uncrackable devices.

In fiscal year 2017, we were unable to access the content of 7,775* devices…

Even if the count had been accurate (which it wasn't), the numbers were delivered dishonestly. What appears to be a cumulative total of all devices the FBI had collected over the years is presented in testimony as being the total number of devices the FBI couldn't unlock during a single fiscal year. This vastly misconstrues the severity of the issue and while FBI officials may have been unaware the FBI's software was delivering bogus counts, it didn't stop them from overstating the problem by presenting historical cumulative numbers as a single year's total.

Whatever number the FBI finally delivers will be decidedly underwhelming. Considering it still hasn't provided Congress with details of its attempts to access supposedly uncrackable devices, the FBI has managed to decimate its own forces in the new War on Encryption. It overplayed its hand -- perhaps inadvertently -- and weakened its argument severely. Something this important to the FBI was handled carelessly -- not because the FBI doesn't really want weakened encryption, but because the FBI will not do anything to weaken its anti-encryption position. It never bothered to check the phone count because the number given to officials was sufficiently impressive. That mattered far more than accuracy or honesty. "Fidelity, Bravery, Integrity" my ass.

Filed Under: chris wray, corrections, doj, encrypted phones, errors, fbi, going dark, jeff sessions

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Anonymous Hero, 29 May 2018 @ 10:11am

    Re: Maybe they were counting clones of the phones

    They were counting duplicates because they used three databases and some phones appeared in more than one database. They probably just dumped the number of entries in each of the three databases and summed them together without realizing there might be duplicates (and clearly there were). But the 7,775 number sounded so juicy that they got too excited and just rolled with it instead of double checking.

    At least the FBI did come clean after someone noticed the problem (though did so as quietly as possible). ICE (or was it CBP?) still thinks that 7 people throwing sticks/bottles/rocks at 6 officers constituted 126 individual assaults and they are happy to admit they are fudging the numbers.

    At the end of the day, any talk about how Law Enforcement agencies are not political entities is bullshit.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.