Drug Dealer's Lawyers Want To Know How Yahoo Is Recovering Communications It Previously Said Were Unrecoverable

from the either-don't-understand-the-system-or-it-doesn't-work-the-way-Yahoo-clai dept

Yahoo's in the middle of another national security-related courtroom battle, albeit somewhat inadvertently. Its response to a discovery order in a drug dealer's trial has left the defense wondering exactly how the hell it complied with it. Joseph Cox of Motherboard has more details.

Defense lawyers in the case claim that six months of deleted emails were recovered—something which Yahoo's policies state is not possible. The defense therefore speculates that the emails may have instead been collected by real-time interception or an NSA surveillance program.

United States Magistrate Judge Maria-Elena James, from a San Francisco court, granted the defense's motion for discovery in an order filed on Wednesday.

Russell Knaggs, the accused drug dealer, apparently utilized a Yahoo email account to hook up suppliers in Colombia with buyers in Europe. To add to the difficulty level, Knaggs did this while serving time for another drug bust. The method used was not all that uncommon. Everyone shared a single email account and composed draft messages. Each party would log into the account, read the draft message left for them, and compose a draft of their own in response. No emails were sent. All drafts were then deleted from both the "Draft" folder and the "Trash."

According to Yahoo, there was no way for Yahoo to retain these messages. Except that it did and turned them over to law enforcement, suggesting ongoing surveillance, rather than the recovery of communications from the account.

After receiving requests from UK police and the FBI in September 2009 and April 2010, Yahoo created several “snapshots” of the email account, preserving its contents at the time—and revealing the messages. But the defense alleges there should have been nothing for law enforcement to find.

Yahoo's explanation is that the recovered emails were copies created by the email service's “auto-save” feature, which saves data in case of a loss of connectivity, for example. The company has filed several declarations from a number of its staff, but the defense said some of those contradicted each other, and it wants more information.

Here's what the defendant's tech expert had to say in his testimony [PDF].

With regard to Yahoo‟s “snapshot” and its process of “retriev[ing emails] from the servers because their auto-save function systematically preserved edits made over time,” Abramson says the descriptions Yahoo gives of its auto-save feature are inconsistent, contradictory, and furthermore “do[] not align with [Abramson‟s] understanding of such programs.” Abramson contends Yahoo‟s statements “do not in fact agree with common technical principles. The timing of e-mail data saved between 2 minutes and several seconds is not consistent.” Abramson Rpt. at 8. He asserts that “[a] more plausible explanation for the e-mail information provided to law enforcement is that the e-mail account of Mr. Knagg‟s [sic] was under surveillance and through the immediate efforts of surveillance, Yahoo was able to capture the email information and provide it to law enforcement.”

The defense wants several things from Yahoo, including source code, in hopes of sussing out the methods used to capture and preserve these draft messages. Yahoo would rather not give this information up. The judge, while somewhat sympathetic to Yahoo's arguments, also notes it's the company's own inconsistent explanations that have led to this situation.

The Court agrees with Yahoo that Petitioner's requests are somewhat broad; however, the Court also agrees that Yahoo‟s seemingly conflicting responses up to this point create a situation where Petitioner cannot be certain he understands the process of information gathering he seeks to challenge. While Yahoo believes that Petitioner seeks information that is cumulative given its interrogatory responses, it would appear that the requested discovery would not necessarily be cumulative, but might instead provide clarity to Petitioner regarding Yahoo‟s data-gathering methods. Additionally, since the documents Petitioner requests are potentially the same ones that helped Chan “clarify” her previous statement and better understand the data-gathering process, it would appear that these documents could help Petitioner gain a better understanding of the system as well, and could help to prove or disprove one of the grounds of his appeal, as is the purpose of his discovery request. The Court also notes that Chan‟s responses up to this point do not provide the sort of personal knowledge or foundational information for the Court or Petitioner to be able to adequately assess her responses. Consequently, Petitioner's request for documents and a 30(b)(6) deposition is appropriate rather than ordering further interrogatory responses.

The list of items the defense wants has been scaled back by the judge, but what remains will still provide a glimpse into Yahoo email's inner workings, including any evidence of targeted or bulk surveillance methods put into place by the company. Whether or not we'll get to see it is another matter, as the judge will consider instituting a protective order if the information produced is deemed too sensitive.

What it sort of looks like is possibly illegal surveillance being covered up with parallel construction. The problem with this theory is that Yahoo has been more than a little resistant to broad surveillance requests. That doesn't completely rule out complicity, but it would definitely be a risky move for a private company to cover for government wrongdoing. When (and if) more details are provided, we'll know more. If nothing else, it may indicate draft messages are indiscernible from sent messages, at least when it comes to Yahoo's servers.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    That Anonymous Coward (profile), 25 Jul 2016 @ 3:35am

    Parallel construction should never be acceptable. To violate any alleged protections citizens have, and then build a fantasy way to explain how they obtained it to hide the actual source seems to be an affront to Justice.

    But then we let court officers lie with no downside, Judges refuse to shame prosecutors who violate the law in order to secure a conviction against someone they knew was innocent, they throw out all the rules to get the bad guy and when caught they dismiss cases rather than admit what they are doing is wrong.

    This isn't how the legal system is supposed to work, and its looking like the rot has spread to far for us to save it. No bandaid is going to fix this, we need to cut out the bad parts to save the system.

    reply to this | link to this | view in chronology ]

    • icon
      Not an Electronic Rodent (profile), 25 Jul 2016 @ 5:51am

      Re:

      we need to cut out the bad parts to save the system
      I think you meant, "Cut out the bad parts and rebuild the entire system from first principles", there, but I agree with the sentiment. Courts ought to be essentially open and even-handed instead of covering up systemic corruption and biased in favour of the rich and powerful.

      reply to this | link to this | view in chronology ]

      • identicon
        Quiet Lurcker, 25 Jul 2016 @ 6:28am

        Re: Re:

        True enough as far as it goes. Courts should be open and even-handed, instead of as they are now. Yes, we do need to rebuild from first principles.

        Let's start by revisiting how courts actually come to their decisions. From what I've read here and there, courts follow first the plain language - the words in a law mean what they mean in everyday use; then they apply common sense; then they apply previous decisions from other courts regarding the same subject and facts (how closely? I don't know; maybe some expert in the audience would be kind enough to tackle that question for me - hint, hint), with appellate court decisions being given greater weight than those of circuit courts, and supreme court decisions given still greater weight.

        The fly in that ointment grows out of the adage that "hard cases make bad law". If there's a supreme court decision - or even a circuit court decision - that's wrong in some way, other courts are at least expected, if not bound to follow that bad decision in making their own on similar matters. Now assume that bad decision happened, oh, 40 years ago in the supreme court, and courts have been following it ever since. It's still a bad decision, no matter it's tacitly become an agreed-upon rule.

        How do we correct something like this? The only way I've come up with is, to strike out all those previous decisions, perhaps finding a way to keep the obviously good ones, and effectively start from scratch. Along the way, let's add a new principle to how courts make their decisions: If the previous decision is obviously flawed in some way, then ignore it.

        Maybe it would be worth the difficulties involved in throwing out who knows how many centuries of previous work.

        Maybe there are other approaches - I've considered putting non-lawyers on the bench for short periods, and changing them out frequently. Make the lawyers explain their positions in plain language. Maybe limit the lawyers to sitting on the bench, and coaching the litigants, and requiring the actual litigation work be done by the parties to the case. I can think of ways of incorporating lawyers into the process, but only at second hand - experts on how to format documents for example, or in a role similar to that of a football coach during a game: giving tips and advice from the sidelines.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 25 Jul 2016 @ 7:32am

          Re: Re: Re:

          the words in a law mean what they mean in everyday use; then they apply common sense

          The meaning of words change over time, hence to get at the meaning of a law, the meaning of the words when the law was written have to be used. Only after that has been done, can common sense be applied to the application of the law.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 25 Jul 2016 @ 8:57am

            Re: Re: Re: Re:

            This is how you can corrupt and pervert the Constitution.

            I can bet you that almost 99% of Americans cannot get the whole constitution right if tested. The founders intentions with the Constitution are so well documented that there is very little room for disagreement. But that is also why you NEVER see or hear any of the reporters/politicians quoting the founders.

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 25 Jul 2016 @ 9:43am

              Re: Re: Re: Re: Re:

              The constitution was written quite a while agao, and the everyday meaning of words has changed since then, sometimes subtlety, since then, so applying modern meaning can corrupt the constitution. For instance, the modern meaning of freedom of the press it usually taken to means the news organizations, whereas its original meaning was use of a printing press.

              reply to this | link to this | view in chronology ]

          • identicon
            Quiet Lurcker, 25 Jul 2016 @ 9:23am

            Re: Re: Re: Re:

            The meaning of words change over time....


            I can think of one instance where just a firm understanding of basic grammar would suffice to clarify about two centuries' worth of (perhaps intentional) misunderstanding.

            reply to this | link to this | view in chronology ]

      • icon
        That Anonymous Coward (profile), 25 Jul 2016 @ 7:35am

        Re: Re:

        I think the problem is, until we excise all of the gangrenous portions we can't try to rebuild.

        The problem in trying to rebuild, will be all of the good intentions people will try to squeeze in.

        I think if we fix the glaring problems, add serious teeth to the rules, we have a fairly robust system.
        Prosecutor gets nailed for a Brady violation, why are they still employed?
        Cop lies, Cop finds new job with a big black mark that they lie.

        Judges should be required to have some understanding of the things they are ruling on. Far to often we see shitty outcomes in cases where some 'ancient' judge who insists everything be on paper & not electronic finds a way to twist a ruling into a pretzel because they don't like the law they should be applying.

        We need to demand that the whole we have to keep all of this secret to protect you BS is put to an end. It is a sham of Justice, that merely serves those who can't meet the burdens in real courts.

        reply to this | link to this | view in chronology ]

        • icon
          JonC (profile), 25 Jul 2016 @ 8:08am

          Re: Re: Re:

          Secret law is completely incompatible with the American way of life (or any free society). There is no reason that can be offered which justifies it.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 25 Jul 2016 @ 9:00am

            Re: Re: Re: Re:

            This could all be abolished if jurors would do their fucking damn jobs and nullify when this shit happens!

            We still have to work on the vast majority of fuck tards that are harassed by prosecutors if they don't cop a plea... and then give up their rights out of fear!

            Stand and fight people, every time you roll over it makes it that much harder for the next guy to win.

            reply to this | link to this | view in chronology ]

            • icon
              That One Guy (profile), 25 Jul 2016 @ 10:25am

              Re: Re: Re: Re: Re:

              As always, nice idea, rather difficult to do in practice given both judge and prosecutor would strike a potential juror from the jury pool in a second if they so much as admitting to knowing about the concept of jury nullification.

              Judges and prosecutors hate the very idea that they can go through their whole song and dance and have the jury decide that nope, laws or not the accused doesn't deserve what they want to do to them, as it makes the jury more powerful than them, and for people used to being the most powerful in the room that really burns.

              reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 25 Jul 2016 @ 3:02pm

              Re: Re: Re: Re: Re:

              Evidence admissibility is argued before the judge, not the jury. Do you think the jury will even be told there was a controversy over this? They can't nullify if they aren't allowed to know.

              reply to this | link to this | view in chronology ]

        • icon
          Padpaw (profile), 25 Jul 2016 @ 1:03pm

          Re: Re: Re:

          there are not enough nooses to hang every single one of the corrupt people in the system at this time

          reply to this | link to this | view in chronology ]

    • identicon
      Anon, 25 Jul 2016 @ 10:25am

      Re:

      You realize that yahoo is a private company and can run their services how they like correct? If you don't agree with what they do, use another email service. It's not illegal at all. Remember that HUGE ToS you sign every time in order to use something?

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 25 Jul 2016 @ 3:57am

    Do keep in mind that this is Yahoo we're talking about

    Yahoo's email service is one of the most awful, miserably-run, incompetently-managed, horribly inept services on the Internet. The chimps who "work" there don't even understand first principles of email, which is why the service is unreliable, inconsistent, and not used by anyone who actually cares about quality.

    So it's entirely possible that part of the reason this situation is murky (at best) is that nobody there is smart enough to produce a cogent explanation for what's going on -- and/or that they don't understand what their own systems are doing. Yes, that's a ludicrous state of affairs, but really quite plausible given the context of years of massive Yahoo failures.

    reply to this | link to this | view in chronology ]

  • icon
    hij (profile), 25 Jul 2016 @ 4:25am

    Could be worse, could be Verizon

    On the plus side it looks like Verizon is going to buy out Yahoo soon. Once that happens, the new company will be much more transparent and will take actions to stop any kind of abuse.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 25 Jul 2016 @ 5:25am

      Re: Could be worse, could be Verizon

      I hope I get this correct.

      One of the worst quality telephone companies is buying one of the worst quality internet companies to produce the best quality combination.

      To believe this one would have to believe that water runs uphill.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 25 Jul 2016 @ 10:00am

        Re: Re: Could be worse, could be Verizon

        > To believe this one would have to believe that water runs uphill. <

        Water can and does run uphill, you just have to be close enough to a blackhole ;p

        reply to this | link to this | view in chronology ]

      • identicon
        Another Anonymous Cowatd, 25 Jul 2016 @ 4:01pm

        Re: Re: Could be worse, could be Verizon

        No. All you need is an MBA.

        reply to this | link to this | view in chronology ]

      • identicon
        ted emund, 25 Jul 2016 @ 4:47pm

        Re: Re: Could be worse, could be Verizon

        they are easily the best wireless/phone/internet company there is (verizon wireless & fios)

        yahoo is crap.

        reply to this | link to this | view in chronology ]

  • icon
    Ninja (profile), 25 Jul 2016 @ 4:30am

    When using these services you have to assume everything you type is retained. Even your browser, if it has dns pre fetching enabled may be a trap.

    reply to this | link to this | view in chronology ]

  • icon
    MadAsASnake (profile), 25 Jul 2016 @ 6:20am

    Difficult to know. What Yahoo advertise and what their labyrinthine scripts do may well be very different things. This is not unusual in large organisations.
    This could be the result of anything from Yahoos lawyers not knowing how these systems work, to the NSA giving it back and asking them to "find" it.
    Granting discovery is exactly the right thing to do.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 25 Jul 2016 @ 6:49am

      Re: what their labyrinthine scripts do

      Typically the people at the executive level are compartmentalized away from any plausible knowledge of what the system actually does. This is achieved in the following fashion:

      Exec to technician: "Hey do this (unethical and probably illegal) thing.

      An hour later the whole company gets a broadcast email from the same exec saying: "Nobody, under ANY circumstances should EVER do (the same unethical and probably illegal) thing".

      Ten minutes later the marketing director crawls out from under the execs desk, wipes his chin, and sends an email to the marketing staff saying: "Hey, write up a blurb on the site saying: 'we're awesome because we don't do (the same unethical and probably illegal) thing."

      Then the lawyer, after reading the bat-shit email that he got from the exec, puts down his rolled up hundred dollar bill and mirror, turns to his boss and says: "Obviously their doing crazy shit down there, we should amend our service agreement with some obtuse language saying the customer implicitly gives us the right to do (the unethical and probably illegal) thing."

      There are a hundred ways that this dudes data could have been snooped. The likelyhood of it happening the way it was described by the company is unlikely. That isn't to say their was perjury. The only two guys who actually know probably got a better offer and left the company six months ago.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 25 Jul 2016 @ 6:37am

    According to Yahoo, there was no way for Yahoo to retain these messages. Except that it did and turned them over to law enforcement, suggesting ongoing surveillance, rather than the recovery of communications from the account.

    Simple to overcome technically. The "general" system does the once per 2 minute save for peeps NOT under surveillance, while the "special spying for uncle sam" system saves every fucking time it was told to save shit per surveilled account.

    Now, despite this, the accused has every right to know how evidence was collected, by who, and the entire chain of custody regardless of guilt.

    Parallel construction of evidence is manufactured evidence.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 25 Jul 2016 @ 6:39am

    While in prison?

    "Knaggs did this while serving time for another drug bust"

    If he was in prison, what are the rules on monitoring of all electronic & internet usage by the prison service? I don't see an answer. How do 'we' know that the comms was not monitored according to prison service rules and that the Y! connection is a farrago of incompetence, misunderstanding, confusion and bureacracy such that even all levels of Y! don't know what happened and are struggling to find explanations when the real answer lies elsewhere. I would expect that prison internet usage is monitored but perhaps the prosecution doesn't want to reveal it (can't imagine why, it's hardly secret that prison internet usage is probably captured). This is all moot if he was out on house arrest or similar, althought the filing says he is serving 20yrs so that is unlikely. The story looks incomplete, though I admit I didn't go through all the links so may have missed something.

    reply to this | link to this | view in chronology ]

  • identicon
    Skeeter, 25 Jul 2016 @ 7:34am

    Moot Point

    This is now, nothing but a newsprint cover. Verizon just bought Yahoo, so the chances of getting any semblance of truth just went the way of your itemized cellular bill. FORGET IT.

    reply to this | link to this | view in chronology ]

  • icon
    Padpaw (profile), 25 Jul 2016 @ 12:59pm

    First they go after the criminals, which most people will approve of, then go after the protesters which again a lot will support.

    Finally they will target the dissidents by which time no one will be left to fight back against the use of such illegal and criminal methods to gather evidence be it real or fake sealed under "national security" tape against the governments targets.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 25 Jul 2016 @ 1:37pm

    Yahoo lawyer: we can recover emails going back 6 months years...because NO-ONE has used us for YEARS...we just checked the recycle bin and bingo!

    reply to this | link to this | view in chronology ]

  • identicon
    Tor user, 25 Jul 2016 @ 7:48pm

    NSA dun goofed.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Jul 2016 @ 11:21am

    NSA must help Megaupload users who lost their files.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.