FBI reportedly inflated statistics on encrypted cellphone threat

While an accurate tally has yet to be determined, the bureau likely encountered between 1,000 and 2,000 encrypted devices linked to criminal activity in 2017, The Washington Post reports.

In a statement issued on Tuesday, the FBI said an error in internal accounting methods led to repeated counting of phones listed on three separate databases. The issue, discovered about a month ago, resulted in repeated counting of encrypted devices tied to criminal investigations, the report said.

"The FBI's initial assessment is that programming errors resulted in significant over-counting of mobile devices reported,'' the FBI said in a statement.

A recalculation following the discovery put the correct number of encrypted devices at 1,200, but that figure is expected to change as the bureau undertakes a new internal audit.

Dubbed "Going Dark" by law enforcement and intelligence community officials, the implementation of strong smartphone encryption has become a particularly odious hindrance to law enforcement duties. The situation leaves agencies like the FBI with legal standing to unlock and access data within a phone, but without the technical capabilities to do so.

FBI director Christopher Wray often cites Going Dark as impetus for coaxing technology companies into building back doors into encryption systems for law enforcement agencies, or pressing Congress to enact laws that would mandate the same.

"To put it mildly, this is a huge, huge problem," Wray said last October. "It impacts investigations across the board narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation."

At the time, Wray said the FBI was unable to pull data from more than 6,900 devices. In a congressional hearing in December, he repeated the call for action, saying the bureau "was unable to access the content of approximately 7,800 mobile devices using appropriate and available technical tools, even though there was legal authority to do so."

The 7,800 phone figure came up again in a speech Wray delivered at the International Conference on Cyber Security in January, when the FBI head revealed the exact number of locked devices stood at 7,775. He repeated the inflated statistics in a series of public appearances, including a speech at Boston College in March.

"Each one of those nearly 7,800 devices is tied to a specific subject, a specific defendant, a specific victim, a specific threat," Wray said, shaping the inability to access stored data as a "major public safety issue."

Wray was in April asked by a congressional panel to explain the FBI's reasoning for taking Apple to court in 2016 as part of an investigation involving San Bernardino terror suspect Syed Rizwan Farook's iPhone 5c. Specifically, an inquiry carried out by the Office of the Inspector General found the agency failed to exhaust all options before demanding Apple's assistance.

Apple opposed the demands, arguing that a backdoor into one phone inherently weakens iOS as a platform. The company prepared to fight what was expected to be a precedent-setting legal battle until the FBI dropped the case after a third party approached the agency with an unlocking solution.

Since then, privacy advocates and tech companies, including Apple, have fought proposals that would force smartphone makers to build backdoors into their products. In March, for example, Apple SVP of software engineering Craig Federighi argued against a renewed push for backdoor access, saying, "Proposals that involve giving the keys to customers' device data to anyone but the customer inject new and dangerous weaknesses into product security."

As for the FBI's flawed phone counting practices, the agency says that while the numbers were incorrect, public safety is still at risk by the Going Dark threat.

"Going Dark remains a serious problem for the FBI, as well as other federal, state, local and international law enforcement partners," the bureau said in a statement. "The FBI will continue pursuing a solution that ensures law enforcement can access evidence of criminal activity with appropriate legal authority."