To Prosecute A Single Bombing Suspect, FBI Demands Identifying Info On Thousands Of YouTube Viewers

from the general-warrants-are-back,-baby! dept

We waved goodbye to general warrants with the Fourth Amendment back in 1791. Now, thanks to tech companies collecting tons of info on site visitors and the FBI's apparent inability to craft a narrow warrant, it's the late 1700s all over again!

With a wealth of information a subpoena or warrant away, law enforcement is asking for everything and promising to sort it all out properly. This hasn't worked as well in practice as it has in theory. Investigators looking for evidence of one crime have found others to charge defendants with simply by sifting through the digital haystacks they're able to acquire with a single piece of paper.

In other cases, investigators have decided everyone is a suspect and that the massive amount of data obtained with this dubious legal theory will somehow point them to the real criminals. That's the theory behind law enforcement's "reverse" searches: ones where they demand all cell site location info from everyone connecting to certain cell towers before paring down the list of suspects from "everyone" to "everyone in certain locations at certain times."

A warrant requested by the FBI related to a bombing in New York last year is operating under this same premise. The search warrant ostensibly seeks to obtain information about defendant Victor Kingsley's YouTube viewing habits. Kingsley is facing federal charges for killing a New York City landlord with a handmade bomb. Kingsley was allegedly targeting a police officer who he thought lived at that address as revenge for his arrest by that officer three years earlier.

According to the affidavit [PDF], searches of Kingsley's computers revealed a slew of searches for bomb making materials and instructions. Many of these searches took him to YouTube videos. With this information, you'd think the feds would have plenty of evidentiary ammo to bring to court that would infer Kingsley intended to make a bomb. The FBI also recovered evidence on online purchases of items used in making explosives.

With this already in hand, it's hard to understand why the FBI is looking for more info. But what's harder to understand is why it's seeking more info in this particular manner.

The affidavit correctly points out Google collects a ton of info on YouTube viewers, whether or not they create a YouTube account. It also points out most viewers have accounts because without one, their actions (upvoting, downvoting, playlists, etc.) are severely restricted. It then details a long list of information the FBI believes Google can produce when served with a warrant (which also includes physical addresses, billing info, phone numbers, etc.).

As part of its business model, Google also collects a variety of data on YouTube videos. This includes information for each time a video was watched; the comments and shares of a video; the demographics of viewers; and the sources of traffic to the videos (i.e., the source webpages and links that a viewer used to land on the video).

Further, Google typically retains certain transactional information about the creation and use of each account on their systems. This information can include the date on which the account was created, the length of service, records of log-in session) times and durations, the types of service utilized, the status of the account (including whether the account is inactive or closed), the methods used to connect to the account (such as logging into the account via Google's website), and other log files that reflect usage of the account. In addition, Google often has records of the Internet Protocol address ("IP address") used to register the account and the IP addresses associated with particular log-ins to the account. Because every device that connects to the Internet must use an IP address, address information can help to identify which computers or other devices were used to access the account.

In addition, Google collects device-specific information (such as a user's hardware model, operating system version, unique device identifiers, and mobile network information including phone number), which it may associate with a user's Google account. Google states that it may also collect and process information about a user?s location, based on information including IP address, GPS, and other sensors that may, for example, provide Google with information on nearby devices, Wi-Fi access points and cell towers.

Now, the FBI has device identifying info, IP addresses, and other information gleaned from the devices and accounts already searched/subpoenaed that could tie certain YouTube/Google activity to Victor Kingsley. But it inserts none of that here to limit the search. Instead, it asks for all of this info for every visit to a list of YouTube URLs.

This is only the first page of its YouTube URL demands. [Click thru for a bigger version.]

The obvious problem is these videos could have been viewed by thousands of viewers completely unrelated to the case. (Not to mention the fact that the first URL will never resolve...) And yet, the FBI agent thinks it's OK to demand a long list of identifying info, along with location/cell tower data on each of these viewers from Google. Supposedly, this is being done to sort the righteous from the wicked… or whatever.

As explained herein, information stored in connection with a YouTube video and Google account may provide crucial evidence of the "who, what, why, when, where, and how" of the criminal conduct under investigation, thus enabling the United States to establish and prove each element or alternatively, to exclude the innocent from further suspicion.

That's not how warrants work. This is like demanding Amazon turn over account info, location data, etc. on everyone who's ever viewed a page for items that can be used to create bombs. And this request is being made despite the fact the government already has plenty of identifying info it could use to narrow the request.

If Google chooses to hand this over, it's not a question of if the government will get tons of data on innocent YouTube visitors. It's only a question of how much. It appears every URL targeted by this warrant has already been neutralized by Google. Typing in these URLs will either bring you to a deleted video or a dead page that feeds you absolutely zero information. (This is likely meant to keep users from adding to the data pile the FBI wants Google to produce.)

Here's just one of the URLs targeted, as it appears at the Internet Archive:

It's a Science Channel video titled "Building a Starship." As of its archive date (August 6, 2016), it had 222,000 views.

Here's how that URL looks now:

So, for just a single URL, there are at least 222,000 "suspects" the FBI wants Google to hand over info on. Then it will apparently work its exculpatory magic, travelling backwards by process of elimination to data linked to accounts owned by Victor Kingsley, matching YouTube visits with identifying info the FBI already has on hand.

This isn't a fishing expedition. This is dynamite tossed into a stock pond with the FBI promising to kick any surviving fish back into the water following the explosion. Somehow, this warrant was approved by Magistrate Judge Lisa Bloom and handed over to FBI Agent Lawrence Schmutz to forward to Google.

Hopefully, Google's fighting this request. The affidavit goes long on the evidence the FBI has already obtained to be used against Kingsley before throwing it all out to demand Google hand over as much as it can on as many YouTube viewers as possible. This is shoddy work. And it definitely appears to be unconstitutional. A warrant is the Fourth Amendment-approved gateway for unreasonable searches. But there's a limit to how unreasonable a search can be, even with a warrant.

If this is challenged by Google, it seems unlikely to withstand further scrutiny. It's a general warrant seeking to rummage through numerous people's belongings that happened to be housed at Google. Warrants aren't supposed to be used to separate the innocent from the guilty. That's not probable cause for a search. Probable cause may lead to the discovery of exculpatory evidence but that isn't its purpose. It's there to find evidence to use against a suspect using a search predicated on information the government swears in front a judge supports its need to perform an invasive search. The government has no probable cause to seek the info of YouTube viewers not directly accused of this crime. And it has no excuse to perform a search this way when it has plenty of information on hand that could have narrowed this request significantly before presenting it to Google.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • This comment has been flagged by the community. Click here to show it
    identicon
    Snow Bound, Alaska, 26 Nov 2018 @ 10:53am

    IF you're not going to complain that Youtube HAS the data...

    **... then why the hell do you think it can be kept from gov't -- which at least in this case has legitimate cause for a wide dragnet?

    You who constantly carry around gadgets that know can spy on you, which Google and every other corporation attempt to identify person and track you all over including collate with financial records (which you NEVER worry about), just WHAT THE HELL FANTASY WORLD DO YOU LIVE IN? Anyone who can read saw this coming since 1950s in science-fiction! Sheesh.

    reply to this | link to this | view in chronology ]

    • icon
      James Burkhardt (profile), 26 Nov 2018 @ 11:24am

      Re: IF you're not going to complain that Youtube HAS the data...

      Actually, no. The governemnt does not have a "legitimate cause for a wide dragnet". Ignoring for the moment that the constitution bars general warrants of this sort, Mike notes, specifically, that the police have information that would allow them to easily narrow search parameters. Device IDs, IP addresses, and other information could have been included as a means to narrow the scope of the request. So in this case they should have a far smaller dragnet, and maybe expand the net after they process these results.

      Then of course outside the specifics of this case, they do not have a legitimate reason to make a wide dragnet. General warrants are prohibited by the constitution, and I expect once this warrant moves past a rubber stamp magistrate into an adversarial process, it will be squashed.

      reply to this | link to this | view in chronology ]

      • identicon
        Dandy Dan, 27 Nov 2018 @ 1:42am

        Re: Re: IF you're not going to complain that Youtube HAS the data...

        "...and I expect once this warrant moves past a rubber stamp magistrate into an adversarial process, it will be squashed."

        Not sure why, but this tickled me. Technically I think you mean "quashed".

        quash (kwŏsh)►

        v. To set aside or annul, especially by judicial action. v. To put down or suppress forcibly and completely: quash a rebellion.

        reply to this | link to this | view in chronology ]

        • icon
          James Burkhardt (profile), 3 Dec 2018 @ 9:12am

          Re: Re: Re: IF you're not going to complain that Youtube HAS the data...

          I probably did, but I think the use of 'squashed' will be if not already is one of those lingual malformations that becomes standard - like using decimate instead of devastate.

          reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 Nov 2018 @ 11:35am

      Re: IF you're not going to complain that Youtube HAS the data...

      It's interesting that Tim included an archive.org link. They claim to not keep personally-identifiable logs (except in their privacy policy which says the opposite). I don't think that archived page loads the video from archive.org, but if it had and viewers used that, it would be difficult for the FBI to track them.

      reply to this | link to this | view in chronology ]

    • identicon
      WoodyChipper, 26 Nov 2018 @ 1:28pm

      Re: IF you're not going to complain that Youtube HAS the data...

      IF you're not going to complain that ~YouTube~ ~AT&T~ Experian HAS the data... **... then why the hell do you think it can be kept from gov't -- which at least in this case has legitimate cause for a wide dragnet?

      You who constantly carry around gadgets ~call your friends and family members using telephones~ use credit or debit cards~ that you know can spy on you, which ~Google~ ~Ma Bell~ every credit agency and every other corporation attempt to identify person and track you all over including collate with financial records (which you NEVER worry about), just WHAT THE HELL FANTASY WORLD DO YOU LIVE IN? Anyone who can read saw this coming since 1950s in science-fiction! Sheesh.

      (Why doesn't ` work for strikethrough? Makes it hard to FTFY)

      Because there needs to be some kind of limit on the Guys With Guns(tm), however ephemeral or weak, lest ... well, lest another revolution break out.

      Nah ... no one will look up from their phone long enough to march, much less fight.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 26 Nov 2018 @ 1:54pm

        Re: Re: IF you're not going to complain that Youtube HAS the data...

        (Why doesn't ` work for strikethrough? Makes it hard to FTFY)

        Why would it work that way? The documentation says backticks indicate inline code. (Although, that doesn't work either. It seems everyone implements something a little different when they say "markdown", even if they all link to the same spec.)

        reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 26 Nov 2018 @ 10:55am

    Makes perfect sense...

    ... if you start from the premise of 'Guilty until proven innocent.' Do that and grabbing everything is just saving time, in that everyone who watched the videos in question is assumed to be guilty by default, and will only be considered innocent if the FBI can't find any incriminating evidence to use against them after sifting through the data they get on them.

    reply to this | link to this | view in chronology ]

    • identicon
      Dandy Dan, 27 Nov 2018 @ 1:52am

      Re: Makes perfect sense...

      Yep. In the same way that anyone who ever bought "The Anarchist Cookbook" was automatically a filthy no-good pinko subversive commie terrorist.

      Disturbingly the UK seems to especially hate [fear] this book. Every decade or so they embarrass themselves by attempting to prosecute someone who merely possesses this book.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Nov 2018 @ 11:12am

    'it's the late 1700s all over again'
    more to the point, it's the USA all over!!

    reply to this | link to this | view in chronology ]

  • identicon
    Michael, 26 Nov 2018 @ 11:25am

    This is a great use for a botnet. When a warrant like this is found, it would be wonderful to have a botnet impersonate the IP address of every FBI office and US representative and hit each of the URL's.

    reply to this | link to this | view in chronology ]

  • identicon
    Colonel Panik, 26 Nov 2018 @ 11:26am

    FBI Demands Identifying Info

    You are guilty!

    reply to this | link to this | view in chronology ]

  • icon
    tom (profile), 26 Nov 2018 @ 11:33am

    Maybe Google should do what AT&T reportedly did during the pre-breakup court fights. "Where do you want the 83 tons of hard copy printout delivered?"

    reply to this | link to this | view in chronology ]

    • identicon
      bob, 26 Nov 2018 @ 1:20pm

      Re:

      Besides just killing a massive amount of trees, the government will eventually scan, index, and root through that.

      They have inexhaustible funds and manpower, unlike private law firms.

      Better to only send exactly what is needed and no more.

      reply to this | link to this | view in chronology ]

  • icon
    Richard M (profile), 26 Nov 2018 @ 12:04pm

    Trying to set another precedent

    The Govt and the FBI is trying to set another precedent where the keep getting to vacuum up more info without any real cause. Asking for all that info is just them not bothering to narrow it down, they are trying to normalize them being able to get all that info.

    My big question in these cases is WTF is up with the judges signing off on these stupid requests? Their job is to keep the Govt from stepping over the line but that does not seem to be what is going on except in very few isolated cases.

    reply to this | link to this | view in chronology ]

    • icon
      Bergman (profile), 26 Nov 2018 @ 10:02pm

      Re: Trying to set another precedent

      The judges are products of the same school system and culture that produces people who genuinely believe that only criminals stand on their rights -- just like the villain of the week on Law & Order.

      Innocent people don't need rights, you see.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Nov 2018 @ 12:09pm

    Of course it's a fishing expedition. They want a database of people who watch "bad" videos and are using the case as a convenient excuse.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 Nov 2018 @ 1:17pm

      Re:

      I could see VPN and proxy usage go way up, once people get wise to this, so their IP addresses will be hidden, and the FBI will not be able to get their info.

      reply to this | link to this | view in chronology ]

  • identicon
    I ain't clicking it., 26 Nov 2018 @ 12:32pm

    Science Channel video titled "Building a Starship."

    What possible connection could there be between Science Channel video titled "Building a Starship." and building a bomb?

    That's crazy.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 Nov 2018 @ 1:02pm

      Re: Science Channel video titled "Building a Starship."

      If there is any connection, it's in the basic underlying physics of exothermic reactions.

      But mostly it's just because this dude they're after at some point accessed that URL so into the pile it goes even though it's not actually related in any significant fashion.

      reply to this | link to this | view in chronology ]

      • identicon
        bob, 26 Nov 2018 @ 1:22pm

        Re: Re: Science Channel video titled "Building a Starship."

        The enterprise originally used nuclear reactors to power itself. Probably looked at it to see how to build one himself.

        reply to this | link to this | view in chronology ]

  • icon
    ECA (profile), 26 Nov 2018 @ 1:15pm

    If you could..

    If you could see everything in everyones life, and Send them away to jail for any law broken....
    I think you wouldnt have many Outside of jail..
    we would all starve, waiting for those farmers(in jail) the processors(in jail) Jailers(in jail) to feed us..

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 Nov 2018 @ 3:32pm

      Re: If you could..

      I could see stream rippers being used for more than just music or movie piracy. If the stream ripping site is not in the United States, than the site cannot be compelled to hand over details on who used that site to download a particular video from YouTube or elsewhere.

      reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 26 Nov 2018 @ 2:15pm

    Perhaps we had the going dark narrative all wrong...

    It looks like their brains have gone dark at this point.

    reply to this | link to this | view in chronology ]

  • icon
    Coyne Tibbets (profile), 26 Nov 2018 @ 4:34pm

    %s

    In reference to that first URL, the one that ends ".../watch?v=%s": The "%s" is a common computer language shorthand for "insert arbitrary string here". So, if I were YouTube, I would think that that meant "return information on every video ever watched."

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 Nov 2018 @ 1:50am

    I was going to log in to make this comment but after reading this article, I'm going to remain anonymous, fire up my vpn, then connect to another online vpn, then get on an online anonymizer site, then wrap myself in foil, put on my bike helmet, ski mask, respirator, butt plug (that one is just for fun), and finally roll myself up in a rug while performing a sustained squint ... all to say this : hi everybody!

    reply to this | link to this | view in chronology ]

    • identicon
      Not-so-Anonymous Coward, 27 Nov 2018 @ 7:05am

      Re:

      Unfortunately, your connection was recorded by the VPN's, one of which is feeding NSA, the other GCHQ. These agencies share and so your connection has been correlated. The anonymizer was pwned by the NSA three years ago, so that was also coordinated. And you left holes in your to foil to see/breathe, so their scanners are already recording your brainwaves.

      Nice try.

      reply to this | link to this | view in chronology ]

  • icon
    Klansman (profile), 8 Dec 2018 @ 5:26pm

    hate FBI pigs

    i hate the pigs and i hate the FBI. they should just stick to chasing commie spies or ISIS.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Show Now: Takedown
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.