The FBI wasn't that interested in Hacking Team's spying tools after all, and let its contract with the controversial Italian surveillance technology contractor expire at the end of last month, according to leaked emails.
The massive breach of Hacking Team helped expose many of the company's most guarded secrets, including its long list of customers, its technology, and its shady network of resellers. The leaked documents also revealed that the Drug Enforcement Administration wasn't the only customer in the United States. The FBI also purchased spyware that allowed them to monitor a target's communications such as emails, Skype calls or even unmask Tor users, from Hacking Team, through a $775,000 contract.
But a series of internal emails, which have not been reported on before, reveal that the FBI chose not to renew the contract, which was set to expire on June 30, despite the fact that Hacking Team lobbied to have them continue use the service.
"The FBI were reluctant to take us up on an offer to continue using without a contract."
"The FBI were reluctant to take us up on an offer to continue using without a contract," the company's spokesperson and chief marketing officer Eric Rabe said in an email.
Hacking Team vice president of business development Philippe Vinci explained that in a meeting, representatives of the bureau "told us that they cannot continue using a system if it is not covered by a [maintenance & support contract]."
Yet Hacking Team tried hard to keep the FBI using the system. "We proposed them to leave the license working until they get more fundings…It was seen as a legal risk for them," Vinci added.
It's unclear what "legal risk" Vinci is referring to, but it's possible that the FBI thought it wasn't legal to accept what was essentially a free extension of a service.
Joshua Schwartz, a law professor at The George Washington University and an expert in government contracts told Motherboard that "it is illegal for the federal government to accept 'free' anything—goods or services from a contractor, or for an employee to work for free." So it makes sense that the FBI was worried about accepting Hacking Team's proposa, he explained in an email.
In any case, the FBI wasn't using Hacking Team's tool that much.
As Rabe explained in the June 30 email, the FBI only saw Hacking Teams Remote Control System (RCS) spyware as a "back-up or secondary to some other (undisclosed) investigative tools […] they are not convinced that RCS is 'must-have,'" and it was used only by a "small unit within the FBI."
For the FBI, Hacking Team's spyware is a "nice-to-have" tool used for "low-level" investigations
For the FBI, Hacking Team's spyware is a "nice-to-have" tool used for "low-level" investigations, as Vinci put it in a May 7 email.
In fact, in an email from early June, a company employee comments in Italian that an FBI support ticket is currently on a to-do list, but it doesn't have a high priority because "the customer is at a standstill."
The FBI declined to answer questions regarding the status of the contract with Hacking Team, sending instead a boilerplate statement saying that the bureau "does not comment on specific tools or techniques utilized in criminal investigations. However, the FBI routinely identifies, evaluates, and tests potential exploits in the interest of cyber security."
Rabe did not answer to Motherboard's request for comment.
This story has been updated to add Schwartz's comments.