FBI Dismisses Child Porn Prosecution After Refusing To Hand Over Details On Its Hacking Tool

from the extreme-tactics,-voluntary-dismissals dept

The FBI has decided to let one of its Playpen defendants walk rather than turn over information on its Network Investigative Technique. The NIT, deployed all over the world on the back of a single warrant obtained in Virginia, unmasked Tor users by dropping code on Playpen visitors' computers that sent back IP addresses and other information about the user's computer.

The warrant itself has been ruled invalid by a number of judges presiding over Playpen prosecutions, although not all of them have determined that the evidence obtained by the NIT should be suppressed. The FBI not only sent malware to site visitors, but it also ran (and possibly improved) the child porn website for two weeks while pursuing its investigation.

Michaud's lawyer asked the court to force the FBI to hand over information on the NIT. The FBI countered, saying it wouldn't turn over the information even if ordered to do so. Judge Bryan, after an in camera session with the agency, agreed with the government that there was a law enforcement need to keep the details of the tool secret. But he also made it clear the government couldn't have both its secrecy and its evidence. He ordered all evidence suppressed.

With all evidence deriving from the forced exposure of Michaud's IP address, there was nothing left for the government to work with. It could have voluntarily turned over information to Michaud's defense lawyer for examination, but has chosen instead [PDF] to let Michaud go free. (h/t Andrew Crocker)

On June 23, 2016, the United States Attorney’s Office for the Western District of Washington filed a protective Notice of Appeal to preserve the right of the United States to pursue an interlocutory appeal of the order of the district court granting the defense motion to compel and finding, as a remedy for the refusal to comply that the evidence of the Network Investigative Technique (NIT), the search warrant issued on the basis of that evidence and the fruits of that search should all be suppressed.

Upon further review within the Department of Justice or the Court’s order and the record in the case, the United States has concluded that this appeal should not be pursued. It is for that reason that the United States now respectfully requests that this appeal be dismissed.

The FBI is developing quite the reputation for dropping prosecutions in the face of challenges of its secret tools and techniques. The NDAs it hands out to every law enforcement agency seeking to purchase Stingrays not only tells them to obscure the device's use, but to let suspects walk if it seems some of this info might make its way into the courtroom.

What's more problematic here is the FBI/DOJ's two-faced stance on these issues. The FBI argues in court (often obtaining the court's agreement) that these questionable tactics (deploying malware, warrants that ignore jurisdictional limits, running child porn sites rather than shutting them down, etc.) are justified because the people it's going after (child porn viewers/distributors) are that terrible. But then it turns around and lets the very bottom of its basket of criminal suspect deplorables go free rather than hand over information to the defense. It does this even though the defense, the judge, and the DOJ would do all they could to protect as much of the NIT information as possible, including sealing documents and redacting those that are published.

Fortunately, the judge presiding over this case wasn't going to let the FBI have 100% secrecy and 100% of the derived evidence. And that has resulted in a voluntary dismissal of someone the government clearly felt was enough of a criminal menace that its extreme tactics were justified.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    orbitalinsertion (profile), 6 Jan 2017 @ 9:52am

    Better still, why keep it a secret when you can never actually use evidence obtained... ohhhhhh.

    reply to this | link to this | view in chronology ]

    • icon
      DannyB (profile), 6 Jan 2017 @ 12:01pm

      Re:

      I have posted before a hypothesis about why the government keeps everything about Stingray a secret.

      In a nutshell:

      Cell phone system was designed when we were using Windows 3.1. System cannot withstand 21st century attacks. There is some fundamental weakness in the way the network operates. This cannot be corrected without significant changes throughout the network base stations and mobile equipment. Thus it is expensive and time consuming to fix. This vulnerability is the very basis of how Stingray works. If the secret got out, chaos would ensue. Everyone would be building their own Stringray devices. Poor people would be spying on rich people. So we must be kept secure through obscurity of the vulnerability. Thus secrecy is paramount above all else including prosecutions. How this works can never be disclosed in open court, not even under the belly of a seal. The stakes are just too high.

      reply to this | link to this | view in chronology ]

      • identicon
        Canuck, 6 Jan 2017 @ 6:57pm

        Fantasy Land

        "I have posted before a hypothesis about why the government keeps everything about Stingray a secret."

        Oh Gawd, not this BS again.


        "Cell phone system was designed when we were using Windows 3.1. System cannot withstand 21st century attacks. There is some fundamental weakness in the way the network operates. This cannot be corrected without significant changes throughout the network base stations and mobile equipment. Thus it is expensive and time consuming to fix. This vulnerability is the very basis of how Stingray works."

        This is hardly a secret. Cellular standards and their vulnerabilities are not secrets. Hackers have demonstrated home made cell site simulators at events like DefCon for years.


        "If the secret got out, chaos would ensue. Everyone would be building their own Stringray devices. Poor people would be spying on rich people. So we must be kept secure through obscurity of the vulnerability. Thus secrecy is paramount above all else including prosecutions. How this works can never be disclosed in open court, not even under the belly of a seal. The stakes are just too high."

        Again, not a secret. Peeps have been spying on cellphones forever. It goes way back to the analog days.

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 6 Jan 2017 @ 7:16pm

        Re: Re:

        "Poor people would be spying on rich people"

        OMG .. can't have that.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2017 @ 10:06am

    Well, that's just dandy. I wonder how many tax dollars will end up having been wasted on not convicting anyone. I wonder how many active pedos are gonna walk because the FBI cares too much about its secrecy to do its damn job properly.

    At best, some of the accused will take plea bargains, and some others will get scared into doing their dirty deeds to real children instead of pictures that can get them tracked.

    Thaaat's not exactly a silver lining.

    reply to this | link to this | view in chronology ]

  • icon
    Ninja (profile), 6 Jan 2017 @ 10:10am

    Speaks volumes of your Government. They'd rather let the worst of the worst criminal go free than follow due process. One has to wonder if the 'criminal' was that criminal at all or the case was forged just to make the Govt look awesome.

    reply to this | link to this | view in chronology ]

    • identicon
      eastpoint, 6 Jan 2017 @ 10:27am

      FBI Angels

      ...so the original "invalid warrant" and its execution were judicially proven as direct violations of the 4th Amendment --- but of course none of the government actors committing that illegal act will suffer any personal consequences.

      Also, there's ample evidence now of felony FBI activities in their sordid child-porn investigations -- certainly enough to issue warrants & sub poena's against the FBI... demanding the details of their tools & methods in this case-- and then pursuing a totally new prosecution case.

      Everybody is equal before the law (but not if you are a government 'Law Enforcement' agent).

      reply to this | link to this | view in chronology ]

      • identicon
        The Party of Hell No!, 7 Jan 2017 @ 7:59am

        Re: FBI Angels

        Yes! Who oversees the FBI when it's computers are laden with child porn images? What law enforcement agent can swoop into FBI headquarters and confiscate it's desktops computers, lap tops, tablets and phones?

        Also, are all FBI agents immune to the temptation of pre-pubescent girls and boys? Is it possible there is way more to see here than we can ever imagine. We can imagine confiscated drugs and money going bye-bye from an evidence locker, but child porn... naw, phhh, never!

        Solution one is to streamline civil suits against government employees or agents who knowingly, or are found to have violated a defendants rights. Make them carry liability insurance like a Doctor, Lawyer or any professional with a license. Make them consider carefully putting their name on affidavits, search warrants, or any government document where the repercussions could come back and bite them.

        Solution two is to disband the FBI. When you start hearing defendants are supposed to know their rights are being violated by the FBI and bring it to the attention of the courts with an attorney to remedy the civil rights violation - rather than expect the FBI to respect the defendants inalienable rights there is no possibility of reform only disbanding of the organization can save any of us - especially when you have cowardly judges who have little understanding of their role in the scheme of things.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2017 @ 10:12am

    dropping code on Playpen visitors' computers that sent back IP addresses and other information about the user's computer.

    This keeps getting repeated, and while it plays up the potentially illegal data exfiltration, it totally whitewashes the other thing going on here:

    The FBI didn't "drop code" on visitor's computers... they exploited a vulnerability chain to inject and execute software onto the victims' computers. While their intent was to collect IP addresses and other information about the user's computer, leveraging software exploits can just as easily result in destroying or modifying data, crashing the computer, or causing other harm. Unless you already know the parameters of the attack (you already know what software is running on the victim computer, what's loaded in memory, etc.) and are making an informed decision about the potential damage, using such an attack vector is extremely irresponsible, no matter who does it.

    This point seems to be understood by a number of judges, but is continually totally missed by the media.

    reply to this | link to this | view in chronology ]

    • identicon
      Gods and Idols, 7 Jan 2017 @ 9:30pm

      Re:

      "dropping code on Playpen visitors' computers that sent back IP addresses"

      Pretty sure it's called JavaScript, turn off Global Scripts with NoScript and the FBI can't return shit, much less an IP address. Also, if users were smart enough to run TOR in a virtual machine instead of the host operating system, it'd make it almost impossible to infect the host computer. Malware can kiss my ass, because all I have to do is run my browser in a virtual machine, if that VM got infected, I'd completely close and delete that VM and restart a fresh uninfected clone.

      Qubes-Whonix can eliminate most of the vulnerabilities of the typical user. Qubes OS is a security-oriented operating system (OS). How does Qubes OS provide security? Qubes takes an approach called security by compartmentalization, which allows you to compartmentalize the various parts of your digital life into securely isolated compartments called qubes. Hmm, compartmentalization, that sounds really familiar. Oh wait, the military uses this concept for their own security! Where are all my OpSec and ComSec peeps at?

      Whonix is a heavily reconfigured Debian base Linux which is run inside multiple virtual machines, providing a substantial layer of protection from malware and IP leaks. In other words, The Debian Linux itself runs in its own virtual machine, then there's the proxy between TOR and Debian Linux that runs on its own virtual machine, and even TOR itself runs in its own virtual machine.

      How does Qubes OS compare to using a “live CD” OS? Live OSes such as Tails and other Linux distributions are still monolithic in the sense that all software is still running in the same OS. This means, once again, that if your session is compromised, then all the data and activities performed within that same session are also potentially compromised. Qubes uses a “Type 1” or “bare metal” hypervisor called Xen. Instead of running inside an OS, Type 1 hypervisors run directly on the “bare metal” of the hardware. This means that an attacker must be capable of subverting the hypervisor itself in order to compromise the entire system, which is vastly more difficult. Keep in mind, literally every single program in Qubes runs in its own virtual machine environment, the OS, proxy, TOR, even the browser you use to connect to TOR runs in its own virtual machine.

      reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 6 Jan 2017 @ 10:12am

    Because an open fair system should totally allow for overreach and secret methods. We should completely run CP sites & entice the creation of more CP, so we can get to court and then have to run away because exposing how we got the data might be bad for us.

    Imagine if NIT was just a nice way to cover-up parallel construction, a secret black box no one can question because they are bad enough that we can suspend the rule of law to get them.

    This behavior is making it much harder to tell the 'good guys' from the 'bad guys'. Everyone breaking the law in pursuit of something and when push comes to shove no one gets found guilty having wasted time, effort, cash, & subjected more children to abuse.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Jan 2017 @ 10:23am

      Re:

      Not to mention, the FBI was filing cases against actual people, not John Does. This means they have accused people of CP trafficking, but haven't given them the opportunity to clear their name in court.

      So time, money and effort are wasted all around, someone is perpetually flagged as a potential CP trafficker (basically ruining their life), affected children aren't protected any more than they were before. Basically, everyone loses.

      The FBI would have done better to send a note saying "We know what you've been up to. Cut it out; we're watching you now."

      Of course, that would be admitting they're part of a surveillance state.

      reply to this | link to this | view in chronology ]

  • icon
    Seegras (profile), 6 Jan 2017 @ 10:18am

    Useless tech for law enforcement

    As it happens, there's a reason law enforcement cannot use any tool as they see fit, at least within nations that uphold the rule of law.

    And apparently, what the FBI used there violates the rule of law, which is why the judge threw out the idiots for trying.

    But it's easy to guess what the FBI did: They infected the accused's computer with malware which also allowed the planting of (fabricated) evidence; like Hacking Team's "Galileo".

    As a hint for future cases: If it's technology meant for espionage or warfare, it's probably not usable for law enforcement. If the evidence it creates is not tamper-resistant but actually opens more options for tampering, it's not usable for law enforcement. If you don't want to talk about, it's NEVER useable for law enforcement. If it comes with an NDA, it's NEVER usable by law enforcement.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Jan 2017 @ 10:29am

      Re: Useless tech for law enforcement

      Actually, the NDA reference just helped me to connect a couple of dots.

      20 years ago, my response to "government can't use things that come with an NDA" would have been "sure they can -- it's not enforceable because they're the government."

      However, ISDS regulations mean that if a government violates an NDA, they can be sued before an international tribunal.

      The result of this is that anyone revealing details on Stingrays and their like could cause the US government to be guilty of NDA violation before an international court.

      Think about that. This illustrates both why using techniques under NDA should not be allowed AND why ISDS is a really bad idea.

      reply to this | link to this | view in chronology ]

  • identicon
    I.T. Guy, 6 Jan 2017 @ 10:21am

    "But he also made it clear the government couldn't have both its secrecy and its evidence. He ordered all evidence suppressed."

    Thats a great ruling. If you cant provide the means in which the evidence was gathered, you can't use it. I hope more judges and Liars, um, I mean lawyers take notice.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2017 @ 10:28am

    Why keep its software tools a secret? It will be a year maybe two before a different or better tool is release. By the time it has been made public and that information is put to use, the FBI will probably have that newer and better tool.

    reply to this | link to this | view in chronology ]

  • identicon
    anonymoose, 6 Jan 2017 @ 10:37am

    This seems like a perfectly predictable artifact of the trickle-down mission creep from anti-terror to plain old law enforcement.

    Tools can be used for multiple purposes, but they're finding the rules governing the theaters of use really are different.

    Disclosing domestic law enforcement tools and methods would now be a compromise of international anti-terror tools and methods. The two are becoming inseparable.

    Expect to see more of this sort of thing. And defense catching on.

    reply to this | link to this | view in chronology ]

  • identicon
    Jano Szabo, 6 Jan 2017 @ 10:43am

    "The FBI not only sent malware to site visitors, but it also ran (and possibly improved) the child porn website for two weeks while pursuing its investigation."

    Like the vice cops who solicit prostitution and the narcs who trade in drugs, the kiddie porn trollers at the FBI can only make their case by criminalizing themselves too.

    You can't unambiguously prosecute someone for the mere possession of something if you have to take possession of it yourself.

    reply to this | link to this | view in chronology ]

  • icon
    Miles Barnett (profile), 6 Jan 2017 @ 11:24am

    FBI: "We refuse to enforce the law unless we're allowed to break the law."

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2017 @ 11:34am

    So the cops are such criminals now, people that assault children will get away with their crimes. The FBI has just lost the last bit of credibility they had with me.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2017 @ 12:18pm

    ITs ok

    This fits the narrative that the FBI is full of pedophiles and child rapists, or at the very least the IT staff that serves them.

    That makes way more sense to me

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Jan 2017 @ 1:20pm

      Re: ITs ok

      There are good and bad people in the FBI and all intelligence organizations, hell its true for everyone on earth. To judge a whole organization on the actions of one case is pigeon-holing your creativity in understanding why it happened.

      You have to look at like this, even FBI agents are regular people. They are not aligned with the same ideals as their fellow agents. Everyone has differing idea's on whats right and wrong. (Just look how pedophiles try to claim it's a disease and not a horrible conscious act of evil) It only takes a few in key positions to control a majority of the investigations.

      This could be interpreted as they are having to resort to certain industry made backdoor vulnerabilties to get the dirt on well protected pedophiles and they don't want them to know how they did it. And also as A giant leap towards making worldwide warrants a real thing, just read my other comment below for more thoughts on that.

      You have to remember all the intelligence agencies are in competition with each other. They compete for budgets and pull in their respective fields. For example this could of played out like this. CIA may not like that FBI found dirt on mr. X and want this whole playpen case to fail. Say the CIA (who specialize in illegal international espionage and covert ops) plant evidence on someone's computer (as this defendant claims) during the course of the FBI's investigation.

      FBI charges this guy along with many others at first because at a glance it seems legitimate. But come to realize that when they get into a more deep investigation of his actual computer and the data, there are signs it was planted but they don't know by who, or they might know EXACTLY who did!

      Instead of revealing that and possibly allowing all the criminals walk free and also reveal to everyone their trick to finding pedophiles. they try to suppress it for the sake of "justice". Which is indeed breaking laws as they probably did break the 4th amendment doing it, but people are really starting to take advantage of laws being vague in respect to technology to protect themselves as well as create loopholes for law enforcement to abuse.

      reply to this | link to this | view in chronology ]

  • identicon
    Adam, 6 Jan 2017 @ 12:47pm

    ah.. ha..

    ah, playpen investigation. I thought the Rule 41 amendments were a direct attempt to legitimize the playpen investigation. As well as enable warrants like this to procede legally. I'm glad they are striking this down. Although it relates to possible pedophiles, the amendments allowed for world wide warrants for people who arn't even criminals.

    Such as a normal person is affected by spyware that makes them part of a bot-net. Warrants like this would be used to access your computer and "save" you from the malware.

    Also It tries to say that some. people using tor and anonymous internet services are up to something illegal, a true statement. But they say that so they can claim they have the right to look into ALL people using it.

    I'm of mind to think playpen is a setup investigation to create legal precedence for these type of wide ranging illegal warrants legal, and at the same time ignoring the high-ranking pedophiles and just going for people low on the food chain. (77,000 people found using it.. I doubt we will see anywhere near that amount of charges being pressed on criminals)

    reply to this | link to this | view in chronology ]

    • identicon
      Celeste Guanini, 9 Jan 2017 @ 12:04am

      Re: ah.. ha..

      With this BINGO you win the game: "I'm of mind to think playpen is a setup investigation to create legal precedence for these type of wide ranging illegal warrants legal, and at the same time ignoring the high-ranking pedophiles and just going for people low on the food chain. (77,000 people found using it.. I doubt we will see anywhere near that amount of charges being pressed on criminals)"

      What is actually happening is that the various 'save the children' and ' save the hookers' industrial complex organizations are actually distributing this material in order to blackmail high profile people (look up #OpDeathEaters on Twitter). The majority of this material is hosted right there in Virginia, and Maryland; and the Five Eyes nations have a base in Thailand where they distribute this stuff as well (our little buddy Israel has a virtual license from the 'good Christian' nations to run these operations.)

      And the last election certainly revealed the widespread use of the term 'pedophile' to destroy aspirations, or cast ill-light on candidates. It is a classic blackmail scheme, and the ones the FBI targets are the ones who know this above is true.

      And, look up RFA Croughton air base in England: it is not just a 'listening post' but it is also home to many of the the USAF compromise and blackmail operations.

      It is used to run these blackmail schemes, and child porn is also integral to creating terrorists because it allows for the creation of controlled assets' and also creates in the targeted person a Bateson double bind, wherein moral choices are damned if you do report damned if you don't report this stuff to the 'proper authorities,' who are themselves blatantly distributing this material.

      The US armed services has always had these operations in one form or another, from the Air Force to the Marines- cp is a powerful tool to enforce conformity, and stifle dissenters. As such, the FBI has made it a virtual symbolic tool with which to oppress the constitution; as such it has become a symbol of that signifies free speech and privacy usurpation.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2017 @ 1:10pm

    If you've done nothing, you have nothing to hide.

    As they like to say.
    OK, so what's the FBI trying to hide?

    reply to this | link to this | view in chronology ]

  • identicon
    Ken Gage, 6 Jan 2017 @ 5:38pm

    What's to gain from recycling old news stories like this? Just curious on the strategy. Space to fill? http://www.usnews.com/news/articles/2016-05-26/judge-deals-blow-to-secret-fbi-hacking

    reply to this | link to this | view in chronology ]

    • identicon
      PCDEC, 6 Jan 2017 @ 6:50pm

      Re:

      Old news is still news if you haven't heard it yet.

      reply to this | link to this | view in chronology ]

    • identicon
      Robert Driggers, 6 Jan 2017 @ 10:50pm

      Re: Ken Gage and space to fill

      Had you read the motion by the DOJ Prosecutor you would notice the late December 2016 date signifying that the case had just then ALMOST reached a conclusion as it was a request to dismiss their appeal. Details but technically the State was reserving its right to appeal the judge's suppression of the evidence at a higher court so the defendant was still subject to prosecution based on the appeal's outcome. No one in May knew the DOJ would withdraw its appeal.....even the DOJ.

      I guess the "strategy" is to report the actual outcome of a case.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2017 @ 9:07pm

    But DOJ still has him on double secret probation!

    "The FBI has decided to let one of its Playpen defendants walk rather than turn over information on its Network Investigative Technique."

    https://en.wikipedia.org/wiki/Double_Secret_Probation

    (The double secret part of the U.S. Constitution, that you can only learn as a member of Skull & Bones.)

    https://en.wikipedia.org/wiki/Skull_and_Bones

    reply to this | link to this | view in chronology ]

  • identicon
    Agent76, 7 Jan 2017 @ 8:26am

    FBI Is Now Officially the Enemy of All Computer Users

    Jan 3, 2017 With Rule 41 the FBI Is Now Officially the Enemy of All Computer Users

    "Today, the FBI becomes the enemy of every computer user and every IT security professional worldwide." We dissect the new "Rule 41" that gives American law enforcement unprecedented leeway to break into any computer in the world, the implications this has for a world in which privacy is increasingly a thing of the past, and what people can do to protect themselves from the New Online Order of global FBI operations.

    reply to this | link to this | view in chronology ]

  • icon
    gallumhrasha (profile), 8 Jan 2017 @ 1:44pm

    FBI is all about disobeying civil liberties. When is the last time the FBI has done something good to protect this country form harm rather than spending all the resources pursuing non violent crimes and spying on innocent civilians with their CESSNA dirtboxes

    reply to this | link to this | view in chronology ]

  • icon
    Animedude5555 (profile), 9 Jan 2017 @ 4:38pm

    Why let the pedophiles walk? Wasn't this exactly what the NIT tool was made for? They say they can't reveal it because it must be left secret for later use on other (and presumably even worse) criminals? But wait, aren't pedophiles the WORST OF THE WORST?! If you aren't willing to show all your cards now, in order to secure a conviction of these sick pedos, and are instead going to save that for use on someone else, who is that someone else? Who do they think are worse than PEDOPHILES?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Jan 2017 @ 11:25am

    The land of the fre... secrets.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.