On December 2nd, 2015 Syed Rizwan Farook committed one of the worst terrorist attacks in the history of California, shooting 14 people and seriously injuring 22 other people. After Farook died in a shootout with law enforcement, the FBI seized Farook’s iPhone 5c. During the investigation into the terrorist attack, the FBI was unable to decrypt Farook’s iPhone. The FBI had asked the NSA to help unlock the phone, but the NSA claimed they were unable to. At this point the FBI asked a judge to issue a writ to require Apple to help create software that would decrypt the iPhone, but Apple declined to undermine their product’s security. Before the hearing to determine if Apple would be forced to produce the decryption software for the FBI, the FBI announced that it had found another way of accessing the information on the encrypted iPhone, and no longer needed Apple’s assistance.
A federal court in Washington DC recently ruled that the FBI did not have to disclose information about its iPhone hacking software and hardware, which was used to decrypt the San Bernadino terrorist’s phone. The FBI was taken to court by three media companies, which include the Associated Press, Vice Media, and USA Today (Gannett Company). Between March and April of last year the Associated Press, Vice News, and USA Today all separately filed Freedom of Information Act requests with the FBI to obtain documents about the FBI’s phone hacking tool. All three of those Freedom of Information Act requests were denied by the government. Together, the three media companies jointly sued the FBI late last year for not disclosing information about the iPhone hacking tool through their requests filed under the Freedom of Information Act.
Former FBI Director James Comey revealed in two separate interviews with the press last year that the FBI had paid over 1.2 million dollars to obtain the software it needed to decrypt Farook’s iPhone, but did not reveal an exact dollar figure. Comey only revealed that the bureau paid more than what his remaining salary with the FBI was worth at the time, which came out to $1.2 million. The former FBI Director also revealed in an interview that the hacking tool the FBI purchased only worked on iPhone 5c devices running iOS 9. After the FBI obtained the hacking tools necessary to decrypt Farook’s iPhone, it was speculated that the company responsible for creating the hacking tool was Israeli company Cellebrite. The FBI has contracted with Cellebrite since 2009, and other law enforcement agencies in the United States also have contracts with the Israeli phone hacking company. The Drug Enforcement Agency (DEA), the Secret Service, and the Department of Homeland Security, as well as state and local law enforcement agencies, and even some branches of the Department of Defense have relied upon Cellebrite to hack phones for them. The DEA has recently been in talks with another Israeli iPhone hacking company called the NSO Group.
According to a report from The Washington Post that was published in April of last year, the FBI did not utilize its contract with Cellebrite to decrypt Farook’s iPhone. Instead, the FBI likely made a one-time payment to another company or hacker for a zero day exploit and a piece of specialized hardware to crack a 4-digit PIN that protected the contents of Farook’s iPhone. During the Freedom of Information Act lawsuit against the FBI, the three media companies narrowed their information requests, and were now seeking only two pieces of information from the FBI. The two things the three media companies wanted information on included the identity of the vendor that supplied the FBI with its iPhone hacking tool, and exactly how much the FBI paid for that hacking tool. US District Judge Tanya S. Chutkan ruled in favor of the FBI, which had argued that the information the media companies were seeking was exempt from disclosure under the Freedom of Information Act due to national security exemptions and exemptions from disclosing the vendor’s trade secrets.