Oversight

DOJ IG focuses on FBI text collection problems

businessman texting (TATSIANAMA/Shutterstock.com)

The FBI should formally designate someone to be responsible for accurately collecting and preserving all text messages sent by its employees and address longstanding incompatibility issues with its automated collection system and certain phones, according to a watchdog report released Feb. 12.

The Department of Justice Office of the Inspector General first discovered issues with the FBI's collection and storage of text messages while investigating two employees -- Peter Strzok and Lisa Page -- who worked in Robert Mueller's Special Counsel Office and exchanged texts disparaging then-presidential candidate Donald Trump and other political figures in 2016 and 2017.

Auditors conducted a forensic examination of the agents' phones and discovered a database containing a plain-text repository with a substantial number of text messages sent and received by the devices that weren't included in the initial batch of texts handed over by the FBI.

According to the new report, "neither the [FBI Enterprise Security Operations Center] nor the vendor of the application was aware of the existence, origin or purpose of this database."

Auditors made five recommendations to the FBI:

  1. put a person or office directly in charge of managing text message collection, retention policy and outcomes;
  2. conduct additional research and testing of the current collection tool "with a goal of 100 percent" collection and preservation in the future;
  3. give similar scrutiny to any newly purchased system and application designed to collect agency texts;
  4. coordinate better with the application vendor;
  5. and verify and address security vulnerabilities identified by a subject matter expert that OIG used during its investigation

While the missing texts were seized on by critics of the Mueller investigation to assert a cover up, the IG has never claimed the messages were intentionally omitted, and the collection application vendor told auditors it was unlikely anyone could have circumvented the system to not capture certain messages. Rather, auditors and IT analysts at the FBI believe a combination of factors, from hardware problems and unpatched software to incompatibility between Samsung phones and the automated system used by the FBI to wirelessly capture and store texts, are to blame for the issues.

Both Strzok and Page each used at least three phones over the time period scrutinized by investigators -- a Samsung Galaxy S5 (and later an S7) for their regular FBI work as well as a special iPhone they were issued while working for Mueller’s investigation.

Text messages for all of those phones were supposed to be automatically collected and stored by an off-the-shelf automated application used by the Bureau, but forensic examinations of the recovered phones found thousands of text messages that weren't initially identified and turned over "because of software and other issues that prevented the data collection tool from reliably capturing text messages," mostly from Samsung S5 phones.

The FBI said it has been dealing with the inconsistent collection and storage of text messages as far back as 2014, and in 2017 it began phasing out the S5 model in favor of newer S7 and S9 models. However, the problem has persisted, and the Bureau reported in November 2018 that it still cannot reliably collect texts from about 10 percent of its more than 31,000 phones, including later Samsung models.

The report did not include a written response or comment from the FBI. In an unsigned written response attached to a December 2018 IG report on the matter, the FBI said it is working to improve collection issues through device upgrades and has implemented a number of corrective actions.

"The FBI … continues to work to drive down the number of devices not properly reporting or collecting by investigating new or additional software and processes, and by working with vendors, device manufactures, and carriers to develop solutions and backstops to device-based collection," the Bureau wrote.

In addition, the FBI said it was also taking action to address "the less technical factors" that might impact collection rates, including additional trainings to executive personnel, technical teams to address collection gaps and "implementing a device monitoring process to provide alerts and corrective measures when a device is not connecting or reporting properly."

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.