ICE enters $384K contract with company capable of unlocking iPhones

U.S. Immigration and Customs Enforcement has spent nearly $400,000 on a contract with GrayShift, a security vendor that sells technology designed to access data stored on locked Apple iPhones.

ICE cut a deal with GrayShift for $384,000 on Sept. 7, according to publicly available contract information first reported Tuesday by Forbes.

Compared with previous contracts reached involving GrayShift and federal agencies including the Drug Enforcement Administration, Department of State, Coast Guard and Internal Revenue Service, among others, the ICE agreements constitutes the largest single order ever placed by the U.S. government from the Atlanta-based company, Forbes reported.

Launched by a former Apple engineer and a fellow cybersecurity researcher in 2016, GrayShift gained attention earlier this year after the company claimed that one of its products, GrayKey, is capable of letting customers access data stored on passcode-protected iPhones, effectively circumventing recently introduced security features widely opposed by law enforcement.

Altogether ICE has spent millions of dollars on surveillance technology during the past year alone, Forbes reported, including the hefty ICE contract in addition to deals with similar vendors of hacking tools, ranging from a Virginia-based company founded by Russians, to competing firms headquartered in Canada and Israel, Forbes reported.

“It’s very concerning to learn that the government continues to bulk up on spying tools — which can violate privacy rights and chill free speech — for use in immigration enforcement and border entry surveillance,” a spokesperson for the Electronic Frontier Foundation, a California-based digital rights group, told Forbes.

“These tools can sweep up information about legal U.S. immigrants and innocent Americans, and give ICE access to personal information with little oversight or transparency,” the spokesperson said. “ICE should be getting a warrant before using these technologies to search electronic devices, including at the U.S. border.”

Representatives for GrayShift and ICE did not immediately return messages seeking comment.

GrayShift claimed in June that GrayKey defeats USB Restricted Mode, a security feature recently introduced by Apple intended to prevent accessing data from the USB port of enabled iOS devices that have been locked for an hour or longer. The company has since signed deals with agencies including the Food and Drug Administration, Federal Law Enforcement Training Center, Bureau of the Fiscal Service, IRS, DEA and Bureau of Prisons, albeit each one valued at a fraction of the cost of the contract with ICE, according to online records.

State and federal law enforcement officials have complained in the past about security features that make it difficult for criminal investigators to access data stored on lawfully seized devices, and President Trump previously called for boycotting Apple products after federal authorities were unable at first to access evidence from an iPhone recovered from a slain terrorism suspect in late 2015.