FBI Director James Comey said on Tuesday that his agency was still assessing whether a vulnerability used to unlock an iPhone linked to one of the San Bernardino killers would go through a government review to determine if it should be disclosed to Apple or the public.
"We are in the midst of trying to sort that out," Comey said. "The threshold (for disclosure) is, are we aware of the vulnerability, or did we just buy a tool and don't have sufficient knowledge of the vulnerability to implicate the process?"
"We are close to a resolution," he added at a cybersecurity event at Georgetown University in Washington, D.C.
The White House has a procedure for reviewing technology security flaws and deciding which ones should be made public.
Comey suggested the audit may not apply in this high-profile circumstance.
Although officials say the process leans toward disclosure, it is not set up to handle or reveal flaws that are discovered and owned by private companies, sources have told Reuters, raising questions about the effectiveness of the so-called Vulnerabilities Equities Process.
The method instead belongs to a still-unidentified third party that the FBI said came forward due to the attention received from its public pursuit of a court order to compel Apple's assistance in unlocking the phone.