Drug Dealer's Lawyers Want To Know How Yahoo Is Recovering Communications It Previously Said Were Unrecoverable
from the either-don't-understand-the-system-or-it-doesn't-work-the-way-Yahoo-clai dept
Yahoo’s in the middle of another national security-related courtroom battle, albeit somewhat inadvertently. Its response to a discovery order in a drug dealer’s trial has left the defense wondering exactly how the hell it complied with it. Joseph Cox of Motherboard has more details.
Defense lawyers in the case claim that six months of deleted emails were recovered—something which Yahoo’s policies state is not possible. The defense therefore speculates that the emails may have instead been collected by real-time interception or an NSA surveillance program.
United States Magistrate Judge Maria-Elena James, from a San Francisco court, granted the defense’s motion for discovery in an order filed on Wednesday.
Russell Knaggs, the accused drug dealer, apparently utilized a Yahoo email account to hook up suppliers in Colombia with buyers in Europe. To add to the difficulty level, Knaggs did this while serving time for another drug bust. The method used was not all that uncommon. Everyone shared a single email account and composed draft messages. Each party would log into the account, read the draft message left for them, and compose a draft of their own in response. No emails were sent. All drafts were then deleted from both the “Draft” folder and the “Trash.”
According to Yahoo, there was no way for Yahoo to retain these messages. Except that it did and turned them over to law enforcement, suggesting ongoing surveillance, rather than the recovery of communications from the account.
After receiving requests from UK police and the FBI in September 2009 and April 2010, Yahoo created several “snapshots” of the email account, preserving its contents at the time—and revealing the messages. But the defense alleges there should have been nothing for law enforcement to find.
Yahoo’s explanation is that the recovered emails were copies created by the email service’s “auto-save” feature, which saves data in case of a loss of connectivity, for example. The company has filed several declarations from a number of its staff, but the defense said some of those contradicted each other, and it wants more information.
Here’s what the defendant’s tech expert had to say in his testimony [PDF].
With regard to Yahoo?s “snapshot” and its process of “retriev[ing emails] from the servers because their auto-save function systematically preserved edits made over time,” Abramson says the descriptions Yahoo gives of its auto-save feature are inconsistent, contradictory, and furthermore “do not align with [Abramson?s] understanding of such programs.” Abramson contends Yahoo?s statements “do not in fact agree with common technical principles. The timing of e-mail data saved between 2 minutes and several seconds is not consistent.” Abramson Rpt. at 8. He asserts that “[a] more plausible explanation for the e-mail information provided to law enforcement is that the e-mail account of Mr. Knagg?s [sic] was under surveillance and through the immediate efforts of surveillance, Yahoo was able to capture the email information and provide it to law enforcement.”
The defense wants several things from Yahoo, including source code, in hopes of sussing out the methods used to capture and preserve these draft messages. Yahoo would rather not give this information up. The judge, while somewhat sympathetic to Yahoo’s arguments, also notes it’s the company’s own inconsistent explanations that have led to this situation.
The Court agrees with Yahoo that Petitioner’s requests are somewhat broad; however, the Court also agrees that Yahoo?s seemingly conflicting responses up to this point create a situation where Petitioner cannot be certain he understands the process of information gathering he seeks to challenge. While Yahoo believes that Petitioner seeks information that is cumulative given its interrogatory responses, it would appear that the requested discovery would not necessarily be cumulative, but might instead provide clarity to Petitioner regarding Yahoo?s data-gathering methods. Additionally, since the documents Petitioner requests are potentially the same ones that helped Chan “clarify” her previous statement and better understand the data-gathering process, it would appear that these documents could help Petitioner gain a better understanding of the system as well, and could help to prove or disprove one of the grounds of his appeal, as is the purpose of his discovery request. The Court also notes that Chan?s responses up to this point do not provide the sort of personal knowledge or foundational information for the Court or Petitioner to be able to adequately assess her responses. Consequently, Petitioner’s request for documents and a 30(b)(6) deposition is appropriate rather than ordering further interrogatory responses.
The list of items the defense wants has been scaled back by the judge, but what remains will still provide a glimpse into Yahoo email’s inner workings, including any evidence of targeted or bulk surveillance methods put into place by the company. Whether or not we’ll get to see it is another matter, as the judge will consider instituting a protective order if the information produced is deemed too sensitive.
What it sort of looks like is possibly illegal surveillance being covered up with parallel construction. The problem with this theory is that Yahoo has been more than a little resistant to broad surveillance requests. That doesn’t completely rule out complicity, but it would definitely be a risky move for a private company to cover for government wrongdoing. When (and if) more details are provided, we’ll know more. If nothing else, it may indicate draft messages are indiscernible from sent messages, at least when it comes to Yahoo’s servers.