CNET también está disponible en español.

Ir a español

Don't show this again

HolidayBuyer's Guide
Security

FBI doesn't have to reveal iPhone hack details, judge rules

Agency doesn't have to name the vendor that helped hack iPhone from San Bernardino attack, judge rules.

CNET

The FBI doesn't have to identify the company it contracted with to hack an iPhone used by one of the terrorists involved in the 2015 mass shooting in San Bernardino, California, a federal judge ruled Saturday.

Three news organizations sued the FBI a year ago under the Freedom of Information Act to learn the name of the company it hired to hack into the iPhone 5C or how much it paid that vendor. But US District Court Judge Tanya Chutkan ruled Saturday that information is exempt from mandatory disclosure under the government transparency law.

The iPhone was at the center of a legal back-and-forth between the government and Apple last year after the December 2015 attack that left 14 people dead. The government wanted Apple to write new software that would unlock the phone and make its data readable. Apple refused, saying that weakening the encryption would potentially leave other iPhone users at risk.

Now Playing: Watch this: FBI's iPhone hack raises troubling questions
2:44

The lawsuit against the FBI was filed by the Associated Press, Vice and Gannett, the parent of national newspaper USA Today. The three news organizations sought details about the hacker the FBI used and associated costs. The FBI reportedly refused to provide that information to the organizations under the Freedom of Information Act.

In the lawsuit complaint, the news organizations argued the public has a right to know how the government spent taxpayer funds to obtain the hacking technique. They also argued that the existence of a secret flaw in the iPhone could leave the public in danger.

Chutkan said the the vendor's networks are not as sophisticated as the FBI's and releasing its name could put the company at greater risk of being hacked itself.

"It is logical and plausible that the vendor may be less capable than the FBI of protecting its proprietary information in the face of a cyberattack. The FBI's conclusion that releasing the name of the vendor to the general public could put the vendor's systems, and thereby crucial information about the technology, at risk of incursion is a reasonable one," the judge wrote.

Solving for XX: The industry seeks to overcome outdated ideas about "women in tech."

Special Reports: All of CNET's most in-depth features in one easy spot.