FBI does not have to reveal details on iPhone hacking tool used in San Bernardino case, judge rules
The FBI was sued by three news organisations over its refusal to identify the vendor, purchase price or details of the hacking tool.
The FBI does not have to disclose details of the hacking tool used to unlock the iPhone of the terrorist behind the San Bernardino shooting that killed 14 people, a US federal judge ruled on Saturday (30 September). Last year, the Justice Department engaged in much-publicized legal battle with Apple to force the tech firm to help unlock the iPhone 5c, arguing that accessing the data on it was key to the investigation into the 2015 shooting.
Apple refused the court order for months, warning that it would set a dangerous precedent in the trade-off between national security and user privacy. In March 2016, the FBI dropped the suit and revealed it had obtained a method to unlock the phone with the help of a third-party firm.
The FBI, however, refused to identify the vendor, how much it was paid or details of the hacking tool. In April last year, then-FBI Director James Comey suggested that the agency paid over $1.3m (£900,000) for the mysterious tool used to unlock the device.
The Associated Press, USA Today and Vice Media sued the FBI under the Freedom of Information Act in a bid to force the agency to reveal the name of the company that managed to crack the iPhone and how much taxpayers paid for the hacking technique. The news organisations also argued that the existence of a potential secret flaw in the iPhone was dangerous for users.
Over the weekend, US District Court Judge Tanya Chutkan ruled that the information is exempt from mandatory disclosure under the government transparency statute. The judge said the name of the vendor and price paid for the hacking technique are classified national security secrets.
She also agreed with the government that naming the vendor could put the company and its tools at risk of being hacked itself.
"It is logical and plausible that the vendor may be less capable than the FBI of protecting its proprietary information in the face of a cyberattack," the judge wrote. "The FBI's conclusion that releasing the name of the vendor to the general public could put the vendor's systems, and thereby crucial information about the technology, at risk of incursion is a reasonable one."
Despite Comey and Senator Dianne Feinstein's public disclosures regarding the cost of the hacking tool, the court denied the request to divulge the price paid by the government for it.
"Releasing the purchase price would designate a finite value for the technology and help adversaries determine whether the FBI can broadly utilize the technology to access their encrypted devices," Chutkan ruled. "Since release of this information might 'reduce the effectiveness of a critical classified source and method', it is reasonable to expect that disclosure could endanger national security."
© Copyright IBTimes 2024. All rights reserved.