This is part of an ongoing Motherboard series on the proliferation of phone cracking technology, the people behind it, and who is buying it. Follow along here.Motherboard has been reporting on issues around GrayKey, a small, relatively cheap device that is capable of unlocking fully up-to-date iPhones. Some of that work has relied on leaked emails from law enforcement and mobile forensic email groups. Following that work and in an attempt to obtain more emails through different means, Motherboard recently filed public record requests with various law enforcement agencies to access messages from the private forensic groups.
Now, members of those communities are actively trying to find ways to avoid having to produce the records, despite them likely being legally obligated to under relevant public records law. Motherboard has learned of the request dodging through more leaked emails.“Just a heads up, my department received two public records request[s] from a Joseph Cox at Motherboard.com requesting 2 years of my emails,” a law enforcement official wrote in an email obtained by Motherboard to other forensic experts.The emails in these forensic groups that come from official accounts likely qualify for public release under laws such as the Freedom of Information Act.According to one source, some members were trying to find ways to make the cost of gathering the emails too high, so the government agency would not provide the documents to Motherboard. Motherboard confirmed the emails’ existence with multiple sources, and granted them anonymity to share details of internal discussions.
These email groups are made up of police officers, technical specialists, and private forensic experts who may help authorities on investigations. In them they trade advice and often news about upcoming iPhone changes that may impact their work. Leaked emails from one of these communities showed how some members were confident that Grayshift, the company behind the GrayKey product, had already found a workaround to a new security feature from Apple called USB Restricted Mode.“I am not sure how they got my information to even make such a request, but I suspect from the mole related to GrayKey story,” the law enforcement official continues. “Our legal advisers will look at it, but what I am being told that since it is from a media organization, will more than likely be approved. So fyi.”That message spurred on a flurry of others from more group members, according to portions of them that were shared with Motherboard.“Unfortunately for most government entities all communications via official email is considered public [records],” one group member wrote. “You should all become familiar with your states [sic] public record laws or if you are with a federal agency then FOIA,” another wrote.Motherboard’s public record access requests remain ongoing.
Got a tip? You can contact this reporter securely on Signal on +44 20 8133 5190, OTR chat on firstname.lastname@example.org, or email email@example.com.