Why can’t the Secret Service turn over its SMS communications from the day the Capitol was stormed? This question is currently occupying the investigators in Washington. The reasons are either criminal or negligent.

It is one of the most politically explosive investigations in US history: Washington has been working on the events of the storming of the Capitol on January 6, 2021 for almost 19 months. In the end, ex-President Donald Trump could be indicted. But there is no evidence from his immediate surroundings, of all things: the Secret Service has deleted almost all text messages from the affected period. The statement is highly controversial among experts.

Strictly speaking, one should speak of explanations. Because the information from the Secret Service on how exactly all messages were lost has changed several times, the chief investigator for the Department of Homeland Security (DHS) reported on Friday to a committee of the US Congress. Once it was a software update, later a hardware replacement. However, the core of the problem remains the same: According to the Secret Service, it is not possible to restore lost messages due to an Apple security measure.

The protective measure as a problem

The reason should lie in Apple’s news app. Originally launched as an SMS app, Apple expanded it to include an online chat service in 2011. This service, called iMessage, is used whenever the sender and recipient use iPhones and have an Internet connection. This is easy for users to recognize: blue messages were sent via iMessage, green via classic SMS. The greatest advantage of the online service now presents the Secret Service with problems: Unlike SMS, iMessages are encrypted. And can therefore no longer be saved after deletion without a backup.

That’s exactly what happened, the secret service explains. Although Congress first requested the messages from Secret Service smartphones as evidence ten days after the storming of the Capitol, i.e. on January 16, 2021, a planned exchange of devices among the agents had continued there. The procedure is largely the same as that known from companies: the data is backed up, transferred to a new device and after the exchange the old device is deleted.

Stunned reactions

However, what is said to have happened at the Secret Service should cause headaches in IT departments worldwide. Because the simplest type of backup – Apple’s iCloud cloud offering – was disabled for security reasons, the agents had to use a tool to transfer the data to a hard drive. Because of the encryption, however, this did not support the transmission of iMessages. So the responsibility for transmitting the important chat messages was apparently left to the agents themselves. The consequence is known.

The reactions are correspondingly stunned. “It is absolutely insane” that the Secret Service would delete anything on one of the most infamous days in US history. “Especially data pertaining to the Secret Service itself,” Republican Congressman Adam Kinzinger told CBS. Several experts cited by the Washington Post were similarly clear in their choice of words. It was “highly unusual,” “completely absurd,” a “management failure,” according to the cyber security professionals. “No organization in the world would do it that way.” The fact that the Secret Service is not only responsible for protecting the President, but also controls numerous cyber security measures in the USA makes the statement particularly embarrassing.

Accidentally or not?

No wonder, then, that there is also the question of whether it is actually an accident. After all, on the day the Capitol was stormed, the Secret Service was very close to President Donald Trump. The chief investigator responsible for DHS, Joseph Cuffari, was also appointed under the Trump administration. If intent could actually be proven, this could have major legal consequences.

How important the news would actually be for the investigation is another matter. If you believe Donald Mihalek, a former agent of the Secret Service, there is hardly anything spectacular to be found in it. “Nobody sends a situation report or protective measures in a text message,” Mihalek told the Daily Mail. “An agent either uses radio for operations or e-mail for official matters.” Texting or iMessage would be used for something else entirely: “It’s more like, Hey, do you want some coffee. Or, Where are we meeting?” In his opinion, the lost messages should therefore be of little help for the investigation.

The Secret Service still wants to avoid a repeat of the chaos surrounding the news. DHS spokesman Anthony Guglielmi confirmed to “Politico” that they are currently considering simply switching off the iMessage function. Earlier this week, DHS Director James Murray ordered “a study to be conducted to see if the service could simply be shut down and what the impact would be.” The Secret Service generally follows the parent DHS for such requirements. There is a role model: According to the former head of cyber security in the USA, Chris Krebs, who was fired by Donald Trump, the White House has already banned Apple’s chat service.

Sources: Washington Post, CBS, Politico, Guardian, Daily Mail, Chris Krebs on Twitter