FBI Recommends Against Notifying Apple of Security Gap in San Bernardino iPhone

The FBI paid more than $1 million to access Syed Farook's iPhone.

ByABC News
April 26, 2016, 5:27 PM

— -- The U.S. government is unlikely to notify Apple about how it was able to break into an iPhone left behind by one of the San Bernardino shooters, according to sources familiar with the matter.

The FBI is expected to recommend to the White House that it decline an inter-agency review of the matter, sources said. The FBI has little specific, technical information about how a third party found a vulnerability in the phone and developed a so-called "tool" to exploit it, so the U.S. government doesn't have much information to even consider sharing with Apple, sources added.

Even though the FBI paid more than $1 million to use the tool, that type of specific information is still owned by the third party, sources said.

Speaking in Washington earlier today, FBI Director James Comey said his agency was "very close" to making a recommendation on the matter, though he didn’t offer any details.

"[It] involves answering a key question, which is: What do we know about the vulnerability, and -- given that -- is the [review] process implicated?" Comey said at a cybersecurity-related event at Georgetown University. "The threshold is: Are we aware of a vulnerability, or did we just buy a tool and don’t have sufficient knowledge of the vulnerability that it would implicate the process? We’re really close to sorting it out."

Earlier this month, an Apple executive told reporters the tech giant is "confident that the vulnerability the government alleges to have found will have a short shelf life," especially as Apple continues to improve its devices and implement fixes.

Around the same time, Comey expressed concern that notifying Apple about the flaw could potentially hamper efforts to access certain iPhones in future cases.

"We’re having discussions within the government now about, 'OK, so should we tell Apple what the flaw is that was found?' That's an interesting conversation because if we tell Apple, they fix it, and then we’re back where we started from," Comey said nearly three weeks ago. "We may end up there, we just haven’t decided yet."

It seems a decision by FBI has now been made, even as Comey today continued to call for a national discussion about the "collision going on between values we all share between privacy and security."

"There has never been a time in the 240 years of our country where privacy was absolute," Comey said today. "In our houses, in our cars, in our conversations, we have reasonable expectation of privacy, [but] all those expectations can be overcome with appropriate predication and oversight. We are moving to a place in American life ... we’ve never lived before. And my only request is that we talk about the costs of that. We should not drift to a place where wide swaths of American life become off-limits to judicial process without a serious, adult conversation."

Last month, federal prosecutors abandoned efforts to compel Apple to help them unlock the iPhone 5c left behind by Syed Farook, who along with his wife, Tashfeen Malik, launched a deadly assault on Dec. 2, 2015, killing 14 of Farook's coworkers at a holiday party in San Bernardino, California. The Justice Department dropped the case after a private company found what Comey has called "a solution" and "a tool" for cracking into the phone.

"In a very, very important way, I’m very glad that the litigation between the FBI and Apple over San Bernardino has ended, because it really was about getting access to that phone," Comey said today. "It’s good that we’ve now found a way into that device."

The expected recommendation to the White House was first reported by The Wall Street Journal.

ABC News' Zaki Zunaira contributed to this report.