FBI Documents Show More Evidence Of Agency's Sketchy Relationship With Best Buy's Geek Squad

from the squadders-installing-FBI-bloatware dept

Thanks to an FOIA lawsuit, the FBI has finally started handing over documents to the EFF detailing the federal agency’s “partnership” with Best Buy Geek Squad employees. The too-cozy-to-be-Fourth-Amendment-compliant relationship was uncovered during discovery in a child porn prosecution. Produced documents showed the FBI not only paid Geek Squad members to search for child porn, but it actively engaged in recruiting efforts at Best Buy locations.

The problem with this relationship is the relationship. And the money. While tech repair personnel are expected to turn over discovered child porn to authorities, the active efforts of the FBI alter the incentives, pushing Geek Squad members towards digging through customers’ computers for illicit material, rather than simply reporting what they come across during the course of their work.

The FBI wants to keep this relationship with Best Buy intact. It also wants to keep the evidence provided by Geek Squad members. While private searches can be used to predicate investigations, paying people to look for illegal material when their job is to repair devices turns this into a proxy search for federal law enforcement. That’s not permitted under the Fourth Amendment and the FBI certainly knows it. The files central to this prosecution were discovered in unallocated space, making it unlikely they were discovered during routine repairs. It would imply a Geek Squad member went digging for illicit material, motivated by a possible payout from the FBI if anything was found.

The documents obtained by the EFF provide further evidence the FBI paid Geek Squad members to perform searches for it. They also show this relationship dates back at least a decade, with Best Buy doing its best to become an unofficial branch of the FBI.

The documents released to EFF show that Best Buy officials have enjoyed a particularly close relationship with the agency for at least 10 years. For example, an FBI memo from September 2008 details how Best Buy hosted a meeting of the agency’s “Cyber Working Group” at the company’s Kentucky repair facility.

The memo and a related email show that Geek Squad employees also gave FBI officials a tour of the facility before their meeting and makes clear that the law enforcement agency’s Louisville Division “has maintained close liaison with the Geek Squad’s management in an effort to glean case initiations and to support the division’s Computer Intrusion and Cyber Crime programs.”

This relationship has been the basis for several FBI investigations — all predicated on actions that stray close to the edge of the Fourth Amendment, if not going past its boundaries completely.

Other documents show that over the years of working with Geek Squad employees, FBI agents developed a process for investigating and prosecuting people who sent their devices to the Geek Squad for repairs. The documents detail a series of FBI investigations in which a Geek Squad employee would call the FBI’s Louisville field office after finding what they believed was child pornography.

[…]

Some of these reports indicate that the FBI treated Geek Squad employees as informants, identifying them as “CHS,” which is shorthand for confidential human sources. In other cases, the FBI identifies the initial calls as coming from Best Buy employees, raising questions as to whether certain employees had different relationships with the FBI.

More information about this misuse of private searches will likely find its way into open court and the public domain in the next several years. The FBI is still withholding several files, which probably further corroborate the agency’s incentivizing of invasive device searches. And Best Buy is likely not the only company offering both computer repairs and FBI-prompted “private searches” The EFF notes the FBI refuses to confirm or deny it has a similar relationship with other retailers.

The EFF is headed back to court to challenge the FBI’s withholding of these documents, so additional documents may be produced sooner than later. But if the FBI can convince the court its payouts to tech repair staff are investigative methods that would be compromised if discussed publicly, we may see nothing at all. But it also has to convince another court its use of Best Buy employees as informants is kosher under the Fourth Amendment. And it has yet to do that.

Filed Under: , ,
Companies: best buy, fbi

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “FBI Documents Show More Evidence Of Agency's Sketchy Relationship With Best Buy's Geek Squad”

Subscribe: RSS Leave a comment
66 Comments
Anonymous Coward says:

Re: Re:

Since customers are paying by the hour, and the technicians are spending extra time rifling through the files in search of contraband, then yes, the customers are (presumably) paying extra for the “service” of being snooped on.

How much extra time this file snooping adds to a routine PC service is anyone’s guess, but its a sure bet that Best Buy is not footing the bill out of their own pocket.

Mark (profile) says:

Re: Re: Re:

If there has been 10 years of this going on, maybe some lawyer will file a class action on behalf of everyone who has had their computer repaired at Best Buy.

Suppose they come up with a number like, 20 minutes of extra searching per computer and they have to pay all that back to each Geek Squad customer who had them work on their computer for the last 10 years.

That has to add up

Qwertygiy says:

I can see logical (but not necessarily correct!) arguments made for both sides here.

On the one hand, the argument that Best Buy employees are performing a search without a warrant on behalf of the government.

On the other hand, the argument that it is no different than, say, the police offering a reward for evidence of illegal drugs, then you happen to open a drawer while you’re working on someone’s plumbing and find their stash.

I don’t think we have enough of the story yet to truly determine which is which. If it’s indeed true that individual companies or employees were contacted by the FBI instead of a general reward offered to all such repair companies, that makes it a lot harder to argue that comparison. But doesn’t Geek Squad have some sort of agreement or contract that customers must sign? Would it cover this search, being that the customer has agreed to it?

And if anyone (coughootbcough) should argue that "well it’s child porn for god’s sake, you have to search for that whenever possible, it’s your duty to make sure you’re not allowing someone to get away with it!"… that’s specifically the whole point of the fourth amendment. Unless you’re an officer of the law and you have reasonable suspicion that a crime is being committed, you can’t initiate a search without a warrant.

Also, if anyone (COUGH) makes the argument that "you want them to just ignore any illegal content they find because it’s private property?" there is a difference between coming across the files in the course of your duties and reporting it, and going out of your way to search for the files in a way that isn’t directly and necessarily tied into the work you’re doing.

Anonymous Coward says:

Re: Re:

How much of “fixing the computer” involves searching files?
I can not think of any possibilities that would necessitate such a search in order to fix anything on a PC/laptop/whatever.

So – call it what you want but it is still performing work the customer did not authorize and certainly should not pay for.

Qwertygiy says:

Re: Re: Re:

You really cannot think of any possibilities that involve searching files?

Searching for files that have been infected by a virus?

Searching for drivers that may need to be installed?

Searching for corrupted files that may need to be repaired?

I’m glad you’re not in charge of repairing my PC…

Christenson says:

Re: Re: Re:3 Re:

But, remember that, since the OS was virused, it was misbehaving, and could have been deleting files for the wrong reason on its own.

When you pick up after a messy, kiddie-script, delete-everything virus, or even rm -rf, stuff you wan’t isnt gonna remain in the filesystem. Admitted, this is simplified.

Anonymous Coward says:

Re: Re: Re: Re:

Generally the drivers are in a non-data directory, and virus scans and file integrity checks are carried out by software. Finding child porn requires manual examination of photos and videos, and is not something that a repair tech would normally do, at least as part of their job, other than maybe checking whether a file looks good after some file recovery operation.

Anonymous Coward says:

Re: Re: Re: Re:

You may need to “search files” for some of those reasons, but normally it’s not in a way that would find porn. Is there any reason, in 99.9% of the cases, to search for a picture file? Are you expecting a .jpg to somehow contain a driver you need to install? Do you search for viruses by manually looking through your customer’s nonexecutable files one by one? Do you search for corrupted files by opening each picture and seeing how it looks, as opposed to using some automatic utility? If so, I’m glad you’re not in charge of repairing my PC, especially if you charge by the hour.

Qwertygiy says:

Re: Re: Re:2 Re:

If the law-breaking people in question are breaking laws and lacking morality as a side effect of their massive quantities of stupidity, a suspicious-looking file name in an antivirus log could be worth examining.

Or, if there’s hard drive trouble, an encrypted folder may have to be examined in order to make sure it’s neither corrupted nor infected. Such a cursory examination might result in some very concerning file or folder names.

Certainly not just opening up My Documents or performing a system-wide scan for *.avi or something, correct.

Anonymous Coward says:

Re: Re: Re: Re:

I have not seen any virus scan software that displays the pictures it finds, infected or not. That would take a lot longer to compete and is unnecessary.

I was unaware that drivers were being inspected manually, how and why would anyone do this? Would they use a decompiler or disassembler to look at the source? The results of either do not provide a source that is easily read.

When you repair a file, is it required to look at it first?

Likewise, I’m glad that I do not have to service anything of yours.

Qwertygiy says:

Re: Re: Re:2 Re:

You said “any circumstance where you’re searching files”, that’s all I’m responding to. The chances of an average competent scan finding illegal material that has been competently hidden are very low.

But if a file has a revealing name, or you want to make sure that it can now be properly opened and isn’t corrupted beyond use (like another commenter mentioned below), you might just happen upon something while you’re doing a legitimate part of your job.

orbitalinsertion (profile) says:

Re: Re: Re: Re:

You don’t search visually through opened documents looking for an infection, and document corruption does not harm your system.

I have managed, for years, to manually fix what automated tools do not, and then fix the issues caused by the changes an infection caused (including “missing system files” which are neither missing, nor system files) without looking at anyone’s personal shit.

I’d be happy to trawl everything on your drives for you next time you need a repair, if you like, but billing depends on how much i have to pointlessly snoop through for you.

hegemon13 says:

Re: Re: Re:

I’ll provide a perfect real-life example. About 12 years ago, I worked for a small, local IT shop. A customer brought in a system riddled with malware and viruses, and they opted for a flat rate backup/wipe/reload/restore service.

Part of that service was transferring the data they specified off the computer to external media, scanning and repairing it from an isolated system we had for that purpose, and restoring it to the reloaded system (assuming it was safe to do so). This was before the days of ubiquitous, cheap cloud storage, and very few customers had good backup habits.

When the tech attempted to do this, there were a bunch of files that were corrupted and would not copy over. These weren’t encrypted files, just plain old data corruption on the hard drive. So, the tech scanned the drive using a data recovery program (which always had varying results), and was able to restore many of them successfully. In verifying the data, he happened to open a shocking image. There were many more where that came from, and we immediately turned the system over to the police.

The owner is still in prison. He was not just a possessor, but a guy who abused his position as a high school coach to produce and distribute spy videos and photos of the girls he coached.

Yes, we had a policy to avoid interacting with actual customer data, but in the real world, sometimes the easiest way to verify a successful, uncorrupted data restoration was just to spot-check some files and make sure they opened properly.

hegemon13 says:

Re: Re: Re: Re:

I should also clarify that I fully realize that this is not a best practice. But the fact is, techs are paid poorly, have a lot to do, and mostly just want to get done and go home. Path of least resistance is going to win in some cases, whether it’s a best practice or not. We’re not talking about servicing a confidential corporate or government server here.

Sure, that tech should have simply scanned and copied over what he was able to restore, and let the customer sift through what was and wasn’t successful. But then if it wasn’t, it was a phone call and a return trip, and generally unpaid follow-up service.

orbitalinsertion (profile) says:

Re: Re: Re:2 Re:

Yes, it does happen like this, but not to the extent the FBI and repair employees are counting on. Personally, if it was not in the original work order, i would be asking the customer whether they wanted corrupt data recovery and a visual check to see how well that went. (Even for close friends for whom i can correctly assume they don’t care and will respond in the affirmative.) Aside from that, would it not be an addition charge for the additional work?

Anonymous Coward says:

Re: Re: Re: Re:

I agree, good example.

The fact remains that it was not necessary to actually look at the file and you were not actively looking for such things. This is a big difference legally, relative to whether a warrant is required – I think (IANAL). So your situation was very different than that of GS and their activities which are legally questionable.

The Wanderer (profile) says:

Re: Re: Re: Re:

This is the sort of example I was thinking of.

Another would be a “unindexed” files recovered from a deleted or partly-corrupt filesystem – which might, in fact, appear to be in unallocated space. Most tools for recovering such files (in fact, all the ones that I know of) don’t recover the original filenames, but give the files seemingly-arbitrary meaningless names; in an environment which relies on file extensions in order to know how to open a given file, such as Windows, your ordinary user won’t even be able to open the file to check.

In order to figure out what these are, you have to either use a tool like the *nix libmagic (usually via the ‘file’ program), or open each file individually in various programs to see whether the program can recognize it. Even if libmagic reports that a particular file is e.g. a JPEG image, you may need to examine the file’s contents to figure out whether it’s stock desktop wallpaper or something from the browser cache or part of the user’s collection of landscape photos or what-have-you.

It’s entirely reasonable to wind up opening at least a few of the files to check on what they are – and if you happen to see something alarming in the process, well…

(That said, just because it’s possible to encounter such things during the legitimate course of a repair tech’s business, that doesn’t mean that going out of your way to look for such things is any less inappropriate.)

The Wanderer (profile) says:

Re: Re: Re:3 Re:

That would usually be the better course, yes – but in far too many cases, if the owner of the device had enough technical savvy to do that “figure out what each file is and get it back to being open-able again” work, there wouldn’t be any need for a repair tech to get involved in the first place.

I certainly don’t do it every time (even in the relatively rare cases where I wind up doing such file-restoration work in the first place), but there are times when it’s the most appropriate way of serving the customer’s needs.

Rekrul says:

Re: Re:

On the other hand, the argument that it is no different than, say, the police offering a reward for evidence of illegal drugs, then you happen to open a drawer while you’re working on someone’s plumbing and find their stash.

What possible reason could a plumber have for going through a person’s drawers? I suppose you think that when you bring your car in to have the oil changed, the mechanic has a right to rifle through the contents of the glove compartment?

Qwertygiy says:

Re: Re: Re:

A drawer that is underneath the sink, for example, or next to the sink, and which has some proximity to the job at hand even if no pipes directly go through the area visible by opening the drawer.

An oil change wouldn’t reasonably go through the glovebox. But a locksmith making a new key for your car might wind up looking through the glovebox or trunk, as they might have keycodes or be more easily disassembled, or they might just need to be tested to make sure they open. Directly necessary? No. But important to doing a fast and proper job in circumstances that aren’t uncommon.

DannyB (profile) says:

What could possibly go wrong?

Your computer didn’t have any kiddie pr0n on it when you took it in to Best Buy.

But it did have some by the time the minimum wage geek squad called the FIB to get paid for turning it in.

Even if nothing illegal is found, something innocent, like some forms of real art, or the classic baby’s behind photo, could result in a minimum wage geek squad ruining someone’s life or career.

Roger Strong (profile) says:

Re: Re: Re:2 How do we know

…says the one associated with facts and intelligent reasoning the way cheeseburgers are associated with a lactose intolerant Hindu.

But yes, I should have specified that we normally or traditionally don’t give financial incentives. The recent asset forfeiture without a conviction or court case trend seems to be and America-only thing. (Among first-world countries.)

Anonymous Coward says:

There's a reason why mafia backyards are full of broken appliances

Washing machines, refrigerators, etc.

No one could trust the repair people that came to their homes.

But if these dead appliances are thrown out, then they can be legally searched for chemicals, fingerprints, DNA, etc., without a warrant.

The FBI has been compromising repair persons for close to 100 years.

Anonymous Coward says:

Perhaps Best Buy should inform their customers about the mandatory search of their files for illegal content. Is there a contract that the customer signs before they work on the item?

I imagine that the list of what constitutes illegal content will be increasing in size and scope. Soon the list will include images of political figures with drawn on mustaches.

And then there are the pictures that websites put in your cache whether you want them or not, most of the time the user is unaware of the caching and probably never saw the pics anyway.

Anonymous Coward says:

I would think that the 4th amendment would seem to make this “fruit of the poisonous tree”. IF, the GS were acting on a request from the FBI to search in return for payment. Then they were in fact agents of the government. If there was no cause to execute a search warrant on the customers PC then the whole thing is unlawful. Of course one would wonder why if there was enough to execute a search warrant on the customer the FBI just didn’t seize the PC in the first place. Occam’s razor suggests that there was not enough to grant the warrant.

The question remaining is did the FBI specifically ask GS techs to search computers on a routine basis ( 4th amendment should apply ) or did they just issue a general hunting license by saying “If you should happen to come across something, let us know” I’m not sure how the latter would be looked at in re: the 4th.

I have absolutely no idea how information from a confidential informant who gets compensated thru $$ or getting to walk on a misdemeanor is looked upon.

Having your computer worked on by someone you don’t know is a good way to share the honeymoon videos with who knows how many people.

Is child porn disgusting and despicable. Of course. But do we want to go down that slippery slope where we make exceptions to rights expressly granted by the governing document of our country? At what point do we draw a line and say this is too disgusting but that isn’t or do we just keep sliding down that slope?

No answers here, just questions

Anonymous Coward says:

DO NOT take your computer to Best Buy. Ever!

Unless you’re a computer forensics expert, then you probably have no idea what could be on it. And if you are such an expert, then you shouldn’t need the Geek Squad in the first place.

Remember, just because you didn’t know about it, doesn’t mean your life can’t ruined for it.

Personanongrata says:

Boycott Best Buy

. But if the FBI can convince the court its payouts to tech repair staff are investigative methods that would be compromised if discussed publicly, we may see nothing at all.

Or… perhaps all of the law enforcement entities involved have signed non-disclosure statements with one another which in our dystopian existence apparently supersede full public disclosure of the fact that FBI and local law enforcement are unconstitutionally surveilling Americans using Digital Receiver Technology (ie drt-1301c) and StingRays and would rather see a criminal case dismissed than divulge the origin of the evidence used for the indictment.

https://www.cato.org/publications/policy-analysis/stingray-new-frontier-police-surveillance

https://www.scmagazine.com/fbi-stingray-nda-instructs-police-to-use-parallel-construction/article/528046/

https://www.revealnews.org/article/chicago-and-los-angeles-have-used-dirt-box-surveillance-for-a-decade/

It is simply amazing these law enforcement bozo’s who have all sworn oaths to protect and defend the US Constitution go out of their way on a seemingly daily basis to circumvent the enumerated protections found within for their own expedient motives (at best) while vainly attempting to hide behind the torn and tattered robes of Lady Justice.

Best Buy (etal) should be embarrassed that they have allowed themselves to become co-opted by the criminals of the US surveillance/warfare state.

All persons seeking to use Best Buy’s (etal) Geek Squad tech services should boycott these entities until they publicly avow they will only cooperate with law enforcement when a valid warrant has been presented. No exceptions. Until then any person bringing their tech gear to these sea going surveillance state snitches is a fool.

Anonymous Coward says:

Someone should get a brand new computer, put a folder on the desktop called “Private”, and put a video in that folder called “Kids Sex.mp4” that consists of nothing but 10 minutes of scat clips with the words FUCK YOU GEEK SQUAD added at the end, disable the wifi adapter, then turn it in to Geek Squad requesting help with the internet connection.

Of course they should also make an exact copy of the disk and md4 hash it beforehand for use later when angered Geek Squad techs add real kid porn and turn them in anyway. Then turn the tech in to the police and sue the everlasting daylights out of Best Buy.

Another Anonymous Coward says:

When presented with overwhelming evidence, tech bloggers will decry the unconstitutional relationship between the FBI and Best Buy…and rightly so.

When presented with overwhelming evidence, tech bloggers will defend or completely ignore the unconstitutional relationship between the FBI and DOJ, and the DNC and any liberal pundit toeing the line for Obama and Hillary.

Anonymous Coward says:

Re: Re:

How long has this been going on and upon what do you build your conclusions?

AFAIK, there have been many different administrations, congressional compositions and SCOTUS members serving during the time period in which this sort of illegal activity has been going on. So – I ask wth – you seem to be a bit off plumb.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...