The FBI does not have to disclose the name of or how much it paid a private firm to crack Apple’s iPhone security, U.S. District Court Judge Tanya Chutkan ruled on Saturday.
Per Politico, USA Today, the Associated Press and Vice Media were all suing the FBI to force it to reveal more details about the company under the Freedom of Information Act. The FBI turned to the anonymous firm in 2016 after Apple refused its requests to help it bypass the security on an iPhone 5C belonging to one of the perpetrators of the 2015 mass shooting in San Bernardino, California; the massacre resulted in the deaths of 14 victims and two shooters, as well as 22 injuries.
Judge Chutkan ruled the government does not have to disclose any further details about the hack, saying they were security secrets and thus exempt from FOIA access:
In her ruling, released Saturday night, Chutkan said the name of the firm that managed to crack the iPhone and the price paid to do so are properly classified national security secrets and constitute intelligence sources or methods that can also be withheld on that basis. She also ruled that the amount paid for the hack reflects a confidential law enforcement technique or procedure that is exempt from disclosure under FOIA.
While the FBI will not be showing its receipts, Sen. Dianne Feinstein might have accidentally revealed a $900,000 price tag for the break-in earlier this year (though former FBI Director James Comey hinted at a total in the millions).
The FBI insisted Apple was the only party capable of cracking iPhone security, fighting the tech giant in court before abruptly deciding to pursue another option. Some reports have suggested the firm in question was actually a group of hackers who identified a zero-day exploit, though all that is really known is the FBI received bids from at least three companies which lacked the “ability to come up with a solution fast enough for the FBI” before turning to an anonymous vendor with which it signed a non-disclosure agreement.