The Mistakes The Government Made In Trying To Get Info From Twitter
from the not-this-again dept
Over the last month or so, we spent a lot of time going over the huge number of mistakes that the US government made in seizing a variety of domain names, supposedly for copyright infringement. Now, with the government seeking all sorts of info to build their legal case against Julian Assange and Wikileaks, it’s time to look at the mistakes the government is making there as well. Following up on the news that came out late last week of the government seeking info from Twitter, Christopher Soghoian has done a nice job highlighting some of the details and problems with the court order, some of which seem reminiscent of the problems with the domain seizures — meaning technical and legal errors, and a filing prepared by a rather surprisingly inexperienced government representative.
The 2703(d) order misspelled the names of one of the targets, Rop Gonggrijp. It also requested credit card and bank account numbers of several Twitter users, even though Twitter is a free service and so doesn’t have such information (presumably someone at DOJ knows a little about Twitter, since the agency has 350,000 followers of its official Twitter account).
The Department of Justice prosecutor named in the order, Tracy Doherty-McCormick, was prosecuting online child exploitation cases just five months before the Twitter order was issued. Given that the wikileaks investigation is the most high-profile national security investigation of the decade, and that the court order seeks records associated with an Icelandic member of parliament, you would think that DOJ would assign this case to someone more senior.
He also notes that the government must realize that three of the individuals named are computer security experts who probably used pretty strong encryption, so it’s unlikely this info will turn up much. Soghoian also points out the oddity of using this process to try to get info, as it would seem that there are much more reasonable ways that the government could request and get the same info.
I do wonder how much of these errors and sloppiness are due to basic rushing to try to get stuff done, or due to incompetence. Perhaps the government knows that it will get these kinds of things approved almost no matter what, so it doesn’t even try. That might be the scariest scenario of all.
Comments on “The Mistakes The Government Made In Trying To Get Info From Twitter”
Credit card information all depends. Did any of these people pay twitter to have a “sponsored” hot topic? Twitter does actually sell things, you know?
As for the “someone more senior”, that is sort of misleading. Someone who has reached that level of work should be able to do the work without issue. This isn’t rocket science. Oh and yes, many of use misspell Icelandic names. You might also misspell the name Reykjanesb?r,one of the largest cities / towns in the country.
In the end, all the protesting makes me think they have something to hide. Grand supporters of transparency shouldn’t be upset when people want them to be just as transparent.
iceland is cool ...
The cool thing about this is that the US governmnet is requesting information on a member of the Icelandic parliament. Did they do any research what so ever into who they were targeting? This makes them seem very incompetent and will more than likely backfire on the DOJ in a huge way.
When the choice is between malice and incompetence I would vote for incompetence 90% of the time.
The DOJ seems to be on the way to screwing up enough to make this case as un-prosecutable as the prisoners are in Gitmo.
Re:
“Grand supporters of transparency shouldn’t be upset when people want them to be just as transparent.”
Supporters of transparency in government, Supporters of privacy for individuals, and supporter of an individuals freedom. Your comment on transparency doesn’t hold water.
Re:
Any sufficiently advanced act of stupidity is indistinguishable from any act of malice.
(At least, in terms of the damage it can cause, hence the concern)
Re:
Umm, she is a government member, and potentially these people were doing work for the government.
Welcome to transparency city, those who cry the most should be the first to be open, not the first to hire lawyers.
Re:
“Oh and yes, many of use misspell Icelandic names.”
…Hell, some of us even misspell “us”.
I know what you’re sayin’ man…
CBMHB
Re:
Two thumbs up.
CBMHB
Re:
Thats actually a fail logically. She was working for wikileaks as a private citizen not as member of the icelandic government. There is a distinction.
Re:
This transparency thing may work if one side isn’t grandstanding and threatening to kill the other.
(e.g. Elected US officials calling for the death-penalty for individuals associated with the Wikileaks affair.)
Re:
Dude nice rework of clarkes law!!!!
Re:
“…those who cry the most should be the first to be open…”
The government goes first. Full disclosure, no exceptions! Until they do that, they can demand nothing.
“Oh and yes, many of use misspell Icelandic names.”
Iceland != Netherlands
Re:
Well, you don’t know that. Is Wikileaks in fact a secret part of the Icelandic government, used to embarrass the countries that hold all the debt from Iceland? Until we have proof otherwise, I have to assume that there is some conspiracy that involves a government official, some security hacker types, Manning, and Julian Assange.
See, this is why they need transparency, and why they don’t want to do it.
I want add this to the discussion as well, because it really irks me.
Why the heck are we up in arms about spelling errors? This sort of thing smells horribly of “gotcha” politics, the type of crap that the Limbaughs and O’Reilly’s of the world use to try to re-direct people’s attention or to stir up anger.
It would seem that this entire post isn’t to really inform or add anything to the discussion, but rather to inflame people, to point the virtual finger and go “haw-haw”. It is a disappointing dip in the discourse here I have seen a few times in the last month.
iceland is cool ...
I’m not a lawyer, but given that the target of the investigation is a member of a foreign government, wouldn’t their communications be protected by diplomatic immunity? Diplomats typically get immunity even when acting in a non-official capacity, don’t they?
Re:
Conspiracy theory much?
The gov’t doesn’t need proof of anything since no crime was committed by Wikileaks. Take the witch hunt elsewhere.
As for transparency – the gov’t works for me – not the other way around. As an employer I want answers – as the employee the gov’t needs to STFU and do as it’s told instead of doing as it wishes and trying to hide those activities. Be thankful you (the gov’t) have a job – for now.
Re:
Let’s say your name is Billy McNorton. A completely unrelated man named Billy McHorton killed three sheriff’s deputies in a neighboring county and fled towards the area where you live. Police have orders to bring him in dead or alive. Would you be so blas? about spelling errors if a tiny slip of the finger between the H and N keys meant the difference between the police catching the killer or a SWAT team breaking down your door and shooting anything that moves?
Legal niceties are there for a reason. They force the authorities to ensure they are acting within the letter of the law, even when they believe that ignoring the law is in the best interest of the public (i.e., granting the best of intentions to the authorities). It means (in theory) that the courts act as a check on the unrestrained use of power. In practice, the courts way too often rubber-stamp government requests, but that’s a discussion for another day.
Re:
this is not ‘gotcha politics’, its simply pointing out flaws, some glaring, some subtle, in various cases that are being tried for various reasons.
If we cannot trust government officials to spell our Names right on the documents they are using to seize personal information (and property) how can we trust them to correctly follow any law?
If there are incorrect, glaringly incorrect assumptions being made about services and their providers, how can we expect those services to defend themselves, and us?
neatness Does count.
Re:
Go home, take your meds, get some rest, make yourself a new tin foil hat …
Re:
You are correct, but they don’t change the underlying situation. McHorton isn’t any less guilty of his crimes.
The legal niceties are there for a reason, but at the same time, they don’t change the underlying situation. Point out this sort of issue is a Titanic / Deck chair thing, it ignores the very real situation going on.
Re:
Neatness counts. But it is absolutely utterly “gotcha” mentality at work. It isn’t about if the subpoena is worthy, or if there is a reason to have it, it is about poking at a spelling error.
It is the magician’s flash paper of discourse, and sparkly event to try to distract us from what is really going on.
Spelling counts especially on legal stuff!
The reason spelling counts – especially on legal documents, is for instance: John Robinson and John Robins are probably two entirely different people! If you don’t even know who the hell you’re chasing then you probably have it wrong in the first place. Clueless government officials rarely follow the law in the first place, but Jesus Christ on a cracker you need to know who you are trying to accuse/subpoena/get information from.
anonops
Looks like anonymous found the next target.
The true point of the request...
… is to intimidate people into dissociating themselves from Wikileaks and whistleblowers in general. The chilling effect of the request and the publicity attending it are the bigger-picture goal.
As such, the request itself is offensive, even if it won’t yield much useful information.
government trying to see who leaked private
conversations by looking at other private conversations.
This was just a small mistake....
I was expecting more like in terms.
ALL information on ALL individuals which follow them, and all individuals they are connected that twitter has saved.
Printed in 3 copies.
Then someone prints billion pages. Without index to search whats where.
Re:
You you went really suddenly from rational-with-slightly-questionable-logic to batshit-crazy
iceland is cool ...
Well that’s the whole thing – a tonne of accepted legal standards of privacy, from the fourth amendment to diplomatic agreements to various confidentiality laws, are thrown out of whack now that so much communication data is stored on external servers owned by private companies.
I agree that these standards should hold nonetheless, but it’s a grey area, and a grey area in the law means a lot of complex wrangling on both sides…
Re:
I think it is in danger of becoming that, perhaps, but I think it is significant too. If it happens at such a scale that it exposes an underlying culture of haste and inattentiveness that surrounds proceedings as important as these, then it’s more than just gotchas – it becomes a very concerning indicator.
A key thing to note is that these gotchas on things like spelling rarely stand alone – they are usually next to signs of similar lack of thoroughness on the much-more-important legal aspects or just understanding of the situation itself, such as this document calling for nonexistent credit card records or the domain seizure affidavit naming examples of infringement that were all faulty.
The true point of the request...
100% Agreed. This is why they send out requests like this. It has little to do with finding evidence.
Re:
I would bet that the credit card thing is boilerplate text used in these sorts of situations with hosts of all sorts, and basically maybe nothing more than a coverall in case they would otherwise miss information. I don’t think it implies that they specifically think a credit card was used (but could have been to buy a sponsors hot topic).
As for the rest, the problem with the gotcha mentality is when you see a spelling error, you have been trained to assume there is more wrong. In reality, there is little if anything wrong here (except a typo on a fairly difficult name) and some boilerplate text. I see a molehill with a “Mount Wiki” sign next to it. Cry wolf when there is a wolf, constantly crying wolf isn’t helping anyone.
Re:
Wow what happened?
You stopped to think and forgot to start again?
It would be nice if the reason for the inexperienced agents handling this (and the domain name seizures) would be because of internal resistance to making this a high priority effort. I’d like to think many people respect disclosure or realize the secrets being exposed weren’t all that much of a threat to this nation and to society and there are more important matters that could use their attention.
iceland is cool ...
You are correct. Not only is it a grey area, it is easily argued that the presence in the communication of a third party (who can easily read the material) makes it almost totally insecure. There is little expectation of privacy, otherwise you wouldn’t give this data in the clear to a third party, who can retain it forever (and likely has multiple backup copies of it).
It is a pretty easy legal argument to make. I am sure it is one that will be addressed somewhere along the line.
Re:
It wasn’t an Islandic name that was misspelled, but a Dutch name. The name Gonggrijp is 100% dutch, made of two words “Gong” and “Grijp”. “Gong” is the same as the English word and “Grijp” has multiple meanings, like “grip” or “catch”, but in this context, it’s most likely to mean “handle”
So basically, his name is the handle of a gong. 🙂 It’s not rocket-science! 🙂
It wasn’t a serious misspelling either. They used one “g” less than required: “Gongrijp”. Split that up in two and you get “Gong” and “Rijp”, the later translates to “Ripe”. Makes less sense… 😉
But it’s a logical spelling error since that double G tends to be a bit silent. The “ng” has a bit of an “n” sound, but the second “g” is pronounced.
Importance of subpoena section 6: Asking for payment info
Section 6 of the Subpoena is quite important as it demonstrates this is a proforma subpoena used against other entities at the same time. e.g. Google? Amazon? Facebook? Mastercard? Paypal? Visa?
Why does it matter?
Only twitter had the gumption to ask for this to be unsealed. The others have probably rolled over and complied meaning vast swathes of your information from you linking to these people and organisations (if you ever did so) has already been gathered.
Re:
Ron, here’s the thing. When police are investigating a crime, everything is possible. Clearly on the surface, there are connections between the Icelandic Government, Wikileaks, Manning, and the three hacker type “security” guys (one of which was part of distributing the helicopter video). Without going any further, I could see where each of these people could be working in concert. Also, it is clear that the Icelandic government doesn’t mind that one of their ministers is also involved with Wikileaks.
The rest of your post is a rant. You would want to hamper the good operation of government and foreign policy by making them spend their lives reporting to you, rather than getting the job done. You would prefer that everything is in the open, such that there is no simple way to allow outwardly belligerent countries a chance to quietly agree to help others, even if this is against their stances in public?
Sorry, your logic is terrible.
Re:
In reality, there is little if anything wrong here
The U.S. government circumventing privacy standards by subpoenaing a third-party to reveal the private communications of a member of a foreign parliament – you don’t see any potential problems there?
I’m not saying it’s clear cut, but this case is a pretty big deal. It’s hardly a “molehill”
This was just a small mistake....
Read the subpoena. part B on attachment A.
“All records and other information relating to accounts and time period in part A, including
1)records of user activity made to or from the account, including time, date, length, method of connections data transfer volume, username, and source and destination IP addresses
2) Non content info […] (emails, IP addresses, etc.)
3) correspondence and notes of records related to the accounts”
In other words, everyone who received a tweet from one of the accounts named, (including Wikileaks), ALSO has most of their information taken, simply by receiving a tweet.
Wikileaks has what, 637k followers? Lot of info to ask for.
Re:
My logic isn’t terrible nor is that of a previous commenter who, probably for misplaced decency’s sake did not say it explicitly, Take you order and stuff it up your ass.
Indecent because the government making these demands, and the courts aiding and abetting them, are not just indecent but actually, murderers, torturers, war criminals. Every body that isn’t themselves a scoundrel hiding behind patriotism knows that, including the courts.
The seek to persecute (Not an error, persecute not prosecute) Assange, Manning, and WikiLeaks supporters because their activities are exposing for the whole world to see, out of the criminals own documents and activities, their criminality which in the end, if this government or a revolutionary government replacing it, or a world court, will lead to their prosecution and hanging.
So yes, Misters Obama and Holder, take your subpoena and stuff it up your ass, no crime has been committed except those, yours, that you continue to try to conceal and for which, after due process of course, you will hang.
As to transparency, transparency is a double edged or two sided sword. If the web is a place of open discourse then it should be open to anything anybody wants to say, i.e., transparent. But, if the speaker cannot do that in their own name, anonymity is an element of transparency.
Its called the negation of the negation.
Perfectly lawful persons exposing major and powerful criminals, at some risk to themselves, may not be able to publicly identify themselves, hence anonymity which the IP should not violate or be forced to violate. I don’t twitter but in this case they are to be much admired.
And because I think there is much else this government ought to shove up it let me be transparent.
Jack Jersawitz
bigjackjj@yahoo.com
404-892-1238
This was just a small mistake....
Thought I had included a disclaimer earlier. Oops.
IANAL, so I’m not sure I’m correct, but it seems that way to me. It also seems that way to whoever owns the ‘wikileaks’ account.
iceland is cool ...
At the beginning of your comment you agreed with me that it was a grey area, but by the end you had decided it wasn’t.
Why do you have to insist that you automatically know the answer and it’s so easy and simple that everyone should agree?
The fact is even the best first amendment experts are divided on this question and can see strong arguments on both sides. I suspect they would laugh at your assertion that it’s ‘pretty easy’
iceland is cool ...
*4th amendment