Skip to Content

FBI to Recommend Keeping iPhone Hack Secret, Report Says

House Judiciary Committee Hearing With FBI Director James Comey And Apple Inc.House Judiciary Committee Hearing With FBI Director James Comey And Apple Inc.
James Comey, director of the Federal Bureau of Investigation arrives to a House Judiciary Committee hearing.Andrew Harrer—Bloomberg via Getty Images

Everyone wants to know how the Federal Bureau of Investigation managed to access data stored on an iPhone used by one of the San Bernardino killers. Now it seems no one may ever know, including…the FBI?

The agency reportedly plans to recommend not submitting the hacking tool used to unlock the phone for government review, the Wall Street Journal reports, citing sources. That assessment, known as an equities review, would involve a group of administration officials determining if details about the security hole should be released to Apple (AAPL) or the public.

Get Data Sheet, Fortune’s technology newsletter.

According to the agency’s reported reasoning, a review would be pointless since the FBI doesn’t know enough about the exploit for the government to give it a proper evaluation. The agency intends to notify the White House “in the coming days” of its recommendation not to proceed with a review, the Journal reports.

The FBI has said that it paid an unnamed third party, possibly more than $1 million, to break into an iPhone used by Syed Farook, who along with his wife murdered 14 people and injured 22 others in San Bernardino, Calif. last year. The purchase put an end to the agency’s heated fight with Apple in which it tried to use the courts to compel the device maker to create software that would bypass its security features.

For more on the FBI, watch:

Shortly before the Journal’s report appeared on Tuesday, FBI Director James Comey had said that the agency was trying to decide if the vulnerability that unlocked the handset should undergo a government review.

“We are in the midst of trying to sort that out,” Comey told an audience at a cybersecurity event at Georgetown University. “The threshold (for disclosure) is, are we aware of the vulnerability, or did we just buy a tool and don’t have sufficient knowledge of the vulnerability to implicate the process?”

That equivocation may belie the agency’s already made up mind.