The FBI is no longer a law enforcement agency even though it has the power to arrest and prosecute. The recent Inspector General (OIG) report combined with massive foul-ups of top level FBI agents makes it very clear that the bureau is a force dedicated to its own agenda – not fighting crime.
The fact is the FBI fouled up the investigation of a major terrorist event. On Dec. 2, 2015, Syed Rizwan Farook and Tashfeen Malik staged a terror attack in San Bernardino, California killing 14 people. Farook was a food inspector for the San Bernardino County Department of Public Health and he was issued a county owned Apple iPhone for work use.
The FBI investigation team immediately tried to obtain data from Farook’s government issued cell phone but failed due to their incompetence. The FBI team made the mistake of resetting the iCloud password for the cell phone. The team thought they could get access to information stored on the iPhone after the password was reset. However, the change locked the FBI out of the iPhone.
This foul-up by the FBI ranks as one of the dumbest law enforcement actions in recent history. It was directly counter to all academic theory and investigative practice employed by information security professionals. In one fell swoop, the FBI locked itself out of evidence and thus brought the terror attack investigation to a grinding halt.
Having gotten off to a bad start, the FBI foul up at the investigator level quickly surged all the way to the top of the food chain to Director Comey. Comey testified before Congress in February 2016 and later in March 2016, stating that the bureau was unable to obtain access to data stored on Farook’s iPhone. Thus, the agency sought a court order to force Apple to give the FBI all its source code and find a way to break into the phone. The court order, served under an obscure federal law from 1789 called the All Writs Act, basically drafted any and all Apple resources, employees and property into the immediate service of the Federal government. If Apple or its employees failed to comply they would face fines and possible jail time.
However, the Office of the Inspector General report on the San Bernardino terror attack shows the FBI was not really interested in solving a crime. Instead, according to the investigation, the FBI appeared to be following an “agenda of obtaining a favorable court ruling against Apple” instead of attempting to break into the iPhone.
One would think that good law enforcement work would include exhausting all possible internal and contract resources to obtain forensic evidence such as data from a cell phone. Yet, the FBI internal documents show that no such effort was made at the outset of the investigation after the FBI locked itself out of the iPhone. Instead, the top level staff immediately pursued a course of seeking the All Writs Act case against Apple.
According to the OIG report, then FBI Executive Assistant Director (EAD) Amy Hess became aware that the FBI technical staff was either not working on the Farook investigation, had not been asked to work on the investigation or refused to work on the investigation due to a concern that using national security tools on a criminal matter might violate policy.
According to the OIG report, most of the FBI technical staff was not mobilized to even a cursory review of the iPhone problem, “in fact, not all relevant personnel had been engaged at the outset”.
One would think that a major terror event linked to sources outside the U.S. would qualify as a “national security” investigation. However, according the OIG report, FBI leaders refused to use secret spy technology because of a long-standing policy that created a “line in the sand” against using national security tools in criminal cases. The FBI refusal to use national security methods on the Farook case was clearly inconsistent with other investigations. The “line in the sand” did not seem to hinder FBI investigations into much lesser crimes including gambling and child pornography.
In fact, the OIG report reveals that an internal turf war between two different high-tech divisions of the FBI led to delays and miscommunications. One section leader said that he did not remember receiving an inquiry about his division’s capabilities, explaining that “at the onset, [the Farook iPhone] was being handled exclusively by DFAS (Digital Forensics and Analysis Section) because that is their mandate” but, later on, his supervisors “tried to pull out all stops and [asked] does anybody have the capability?”
So, while Tweedle Dumb and Tweedle Dee were debating over policy and whether anyone had any idea of what was going on, Comey and the legal teams were appearing before Congress and the Courts swearing that there was no solution other than making Apple a FBI sub division. The OIG report noted that neither Comey nor the legal teams were lying when they stated they knew of no way of breaking into the iPhone short of drafting Apple. The problem is Comey and his staff never bothered to ask.
Now we get to the real heart of the entire case; the why. According to the OIG report, Assistant Director Hess suspected that no one in the FBI really wanted to find a way of breaking into Farook’s iPhone for a reason.
“She became concerned that the CEAU (Cryptographic and Electronic Analysis Unit) Chief did not seem to want to find a technical solution, and that perhaps he knew of a solution but remained silent in order to pursue his own agenda of obtaining a favorable court ruling against Apple. According to EAD Hess, the problem with the Farook iPhone encryption was the ‘poster child’ case for the Going Dark challenge.”
For those who do not understand “going dark” – it was Director Comey’s buzz phrase that encryption was locking them out of legitimate investigations. This buzz phrase is neither an accurate nor a legitimate reference to reality but it made for good PR in front of the cameras.
Here is where the story gets worse: The OIG report noted that even after a vendor was found who could access Farook’s iPhone data, the leadership inside the FBI objected.
“Our inquiry suggests that CEAU (Cryptographic and Electronic Analysis Unit) did not pursue all possible avenues in the search for a solution. The CEAU Chief told the OIG that, after the outside vendor came forward, he became frustrated that the case against Apple could no longer go forward, and he vented his frustration to the ROU (Remote Operations Unit) Chief. He acknowledged that during this conversation between the two, he expressed disappointment that the ROU Chief had engaged an outside vendor to assist with the Farook iPhone, asking the ROU Chief, ‘Why did you do that for?'”
“The ROU Chief’s testimony is consistent with the testimony of his supervisor, the TSS (Technical Surveillance Section) Chief, that the ROU Chief had asked this vendor for assistance a month before the vendor came forward with the solution, as well as the testimony of the CEAU Chief that he had expressed frustration that the ROU Chief had accelerated the development of a technical solution before the conclusion of the legal proceeding against Apple.”
The FBI withdrew the All Writs Act case against Apple once it became clear that there was an openly documented way to obtain the iPhone data. The reason why I note “openly documented” is because as long as it was secret or not found – the leadership had the ability to deny a solution existed. Once the solution was physically in a paper trail; they could no longer stall to get the case through the courts.
The legacy Director Comey left us is a FBI in turmoil and a former law enforcement agency that is a bastion of little dark empires and secret agendas. It is an awful statement to make that Comey was simply bad and often a politically motivated Director. It is the worst possible statement to make that he was also a rotten cop who neglected his duty, failed to lead his agents and ignored the very Constitution he swore to protect.
The sad reality of the FBI investigation into the San Bernardino terror attack was the bureau used 14 dead bodies to push an agenda in the Courts and main stream media. This agenda, if successful, would have circumvented Congress and elected officials from enacting any policy on privacy or security. Instead, it would have left the entire subject matter in the hands of un-elected and nameless officials inside an agency that operated as a “Shadow Government”.
CHARLES R. SMITH
CEO FOUNDER OF SOFTWAR INC.