by Mike Masnick
Fri, Aug 26th 2016 10:49am
by Tim Cushing
Tue, Aug 23rd 2016 11:45am
from the porn-harder! dept
Another FBI/Playpen/NIT case has moved to the point of a motion to dismiss. The lawyer for defendant Steven Chase is arguing the government should abandon its prosecution because the FBI's activities during its conversion of child porn site Playpen into its own Rule 41-flouting watering hole were "outrageous." What did the FBI do (besides traveling beyond -- far beyond -- the warrant's jurisdiction to strip Tor users of their anonymity) to merit this accusation? It made Playpen a better, faster child porn website. Joseph Cox reports for Motherboard:
Newly filed court exhibits now suggest that the site performed substantially better while under the FBI's control, with users commenting on the improvements. The defense for the man accused of being the original administrator of Playpen claims that these improvements led to the site becoming even more popular.
“The FBI distributed child pornography to viewers and downloaders worldwide for nearly two weeks, until at least March 4, 2015, even working to improve the performance of the website beyond its original capability,” Peter Adolf, an assistant federal defender in the Western District of North Carolina, writes in a motion to have his client’s indictment thrown out.
The government generally isn't known for efficiency or immediate improvements, but the filing [PDF] points out that the gains were exponential.
From there the FBI distributed child pornography to viewers and downloaders worldwide for nearly two weeks, until at least March 4, 2015, even working to improve the performance of the website beyond its original capability. As a result, the number of visitors to Playpen while it was under Government control from an average of 11,000 weekly visitors to approximately 50,000 per week. During those two weeks, the website’s membership grew by over 30%, the number of unique weekly visitors to the site more than quadrupled, and approximately 200 videos, 9,000 images, and 13,000 links to child pornography were posted to the site.
A better child porn site, brought to thousands of criminal suspects all over the world by your tax dollars. What a time to be alive!
The motion to dismiss points out that making it easier and faster to download child porn images runs contrary to assertions the government has made in support of prosecutions and stricter penalties for child porn viewers.
This behavior is all the more shocking because the federal government itself – in sentencing memoranda, online mission statements, reports to congress, press releases, and arguments before this very Court and many others – has repeatedly emphasized that victims of child pornography are revictimized each and every time their images are viewed online. Despite these frequent pronouncements, the government here made no attempt during the two weeks it was running the site to reduce the harm to innocent third party victims by limiting the ability for users to view or access the images. Indeed, government agents worked hard to upgrade the website’s capability to distribute large amounts of child pornography quickly and efficiently, resulting in more users receiving more child pornography faster than they ever did when the website was running “illegally.”
And once the images have been downloaded from a (faster) source, they can be redistributed elsewhere, furthering the damage done to victims of child pornographers. It really can't be argued that the ends justified the means.
Once the government seized the server hosting the Playpen site, it possessed a wealth of information it could use to criminally prosecute users without resorting to operating the site for two weeks. Even if the government wanted to deploy an NIT, it could have done so without also rendering the Playpen site functional. It could have, for example, disabled access to the images of child pornography, turned off the ability to upload pictures or videos, or even just run the site for a much shorter period of time.
Moreover, as noted above, the government has charged less than 1% of Playpen members, the same percentage of users it already had IP addresses for on the day it seized the site. It cannot be that the government may distribute child pornography to a thousand users for each user it catches, particularly when it already has the necessary information to identify the same number of users before it had distributes a single image.
The defense points to a message [PDF] posted to the forums after the site was seized by the FBI as evidence the agency improved the site to better serve users (with its NIT). A Playpen administrator's account stated the following on February 28th, eight days after it took control of the site.
I upgraded the Token Ring to Ethernet about an hour ago and things seem to be working a bit better.
This is what the FBI will do to further its investigations: it will become a better distributor of illegal material than the criminals it's going after. The filing notes that a conservative estimate of the number of images distributed during the FBI's two-week hosting stint sits around one million.
Also of note: throwaway email accounts are to be expected when users create accounts at child porn sites. But I honestly expected more from the President of the United States.
The motion makes good points about the FBI's apparently hypocritical child porn distribution and points out it had many options -- including disabling image downloads -- to pursue that would still have allowed it to serve up its NIT to the site's visitors. Unfortunately, courts have a hard time finding law enforcement activity to be "outrageous" enough to toss cases. And in this particular prosecution, it's the worst of the worst being prosecuted: a child porn viewer.
by Mike Masnick
Mon, Aug 15th 2016 9:34am
Did The FBI Get Confused And Arrest One Of Its Own Informants For Helping Create One Of Its Own Plots?
from the wtf? dept
However, in just the latest example of this -- the arrest of Erick Hendricks for supposedly trying to recruit people to carry out attacks for ISIS -- there's been something of an odd twist. Hendricks claims he has no idea why he was arrested because he's been an FBI informant for years, helping the FBI find other gullible souls to entrap in these "own plots." As Marcy Wheeler notes, it's possible the FBI lost track of one of its own informants and ended up having him "caught" in one of the plots where he thought he was helping the FBI find possible terrorists. Wouldn't that be something.
Has the FBI simply lost track of who are real and who are the people it is paying to play a role? Or is it possible someone from another agency, claiming to be FBI, recruited Hendricks (don’t laugh! That’s one potential explanation for Anwar al-Awlaki’s curious ties to US law enforcement, a story that wends its way through a related mosque in VA)?Either way, if Hendricks really was an informant, it appears that the "plots" he was engaged in may have been all confidential informants or undercover agents (and possibly one mentally disturbed internet troll).
Sure, maybe Hendricks is making all this up (at the very least, it may necessitate the BoP to protect him in prison since he has now publicly claimed to be a narc). But FBI’s network of informants sure is getting confusing.
This sounds like the plot to a potentially entertaining movie -- but back in the real world, it seems pretty fucked up. And it's yet another reminder of just how stupid these FBI "own plots" really are. It doesn't seem to really be about keeping people safe from attacks. Instead it seems to be about figuring out ways to push gullible and naive people to agree to do something stupid so that the FBI can get headlines for "keeping us safe" from attacks that would never actually happen.
by Tim Cushing
Wed, Aug 10th 2016 10:46am
Botnet Bill Could Give FBI Permission To Take Warrantless Peeks At The Contents Of People's Computers
from the mind-if-we-take-a-look-around,-they-asked-never dept
In a recent ruling in a child porn investigation case, a judge declared that the FBI's Network Investigative Technique (NIT) -- which sent identifying user info from the suspect's computer to the FBI -- was the equivalent of a passing cop peering through broken blinds into a house.
[I]n Minnesota v. Carter, the Supreme Court considered whether a police officer who peered through a gap in a home's closed blinds conducted a search in violation of the Fourth Amendment. 525 U.S. 83, 85 (1998). Although the Court did not reach this question, id at 91, Justice Breyer in concurrence determined that the officer's observation did not violate the respondents' Fourth Amendment rights. Id at 103 (Breyer, J., concurring). Justice Breyer noted that the "precautions that the apartment's dwellers took to maintain their privacy would have failed in respect to an ordinary passerby standing" where the police officer stood.
What would normally be awarded an expectation of privacy under the Fourth Amendment becomes subject to the "plain view" warrant exception. If a passerby could see into the house via the broken blinds, there's nothing to prevent law enforcement from enjoying the same view -- and acting on it with a warrantless search.
Of course, in this analogy, the NIT -- sent from an FBI-controlled server to unsuspecting users' computers -- is the equivalent of a law enforcement officer first entering the house to break the blinds and then claiming he saw something through the busted slats.
The DOJ may be headed into the business of breaking blinds in bulk. Innocuous-sounding legislation that would allow the FBI to shut down botnets contains some serious privacy implications.
Senators Whitehouse (D-RI), Graham (R-SC), and Blumenthal (D-CT) introduced the Botnet Prevention Act in May, which (among other things) amends the portion of federal law (18 U.S.C. § 1345) that authorizes these injunctions. The bill would expand § 1345 by adding violations of a section of the Computer Fraud and Abuse Act (“CFAA”) that covers botnets (and more) to the list of offenses that trigger the DOJ’s ability to get an injunction.
More specifically, it would allow injunctions in all violations or attempted violations of subsection (a)(5) of the CFAA that result or could result in damage to 100 or more computers in a year, including any case involving the “impair[ment of] the availability or integrity of the protected computers without authorization,” or the “install[ation] or maintain[nance of] control over malicious software on the protected computers” that “caused or would cause damage” to the protected computers.
It only sounds like a good idea: the government riding to the rescue of unaware computer users whose devices have been pressed into service by malware purveyors and criminals. But, as Gabe Rottman of CDT points out, there's some vague wording in the existing law that would undercut important Fourth Amendment protections when used in conjunction with the DOJ's botnet-fighting powers.
Buried deep within § 1345(b) is a single phrase that could open up a number of thorny issues when this injunctive authority is applied to botnets. The section not only allows the government to obtain a restraining order that stops someone from doing something nefarious, but also an order that directs someone to “take such other action, as is warranted to prevent a continuing and substantial injury . . . .”'
Rottman points to the FBI's 2011 shutdown of the Coreflood botnet. After obtaining a restraining order under the federal rule, the FBI used its own server to issue commands to infected computers, halting further spread of the malware and shutting down the software on infected host devices. Again, this seems like a good use of the government's resources until you take a closer look at what's actually happening when the FBI does this sort of thing.
The court hearing the Coreflood case accepted the government’s argument that the “community caretaker” doctrine allowed the transmission of the shutdown order, as the action was “totally divorced from the detection, investigation, or acquisition of evidence relating to the violation of a criminal statute.” At the time, the government likened its actions to a police officer who, while responding to a break-in, finds the door to a house open or ajar and then closes it to secure the premises.
The "community caretaker" function is one exception to warrant requirements. Accessing peoples' computers without their permission under these auspices allows the FBI to avail itself of a second warrant exception.
In order to scrub private computers for malware, the government would, by necessity, have to search the computer and its contents for the malware. Once the door is ajar, rather than closing it, the police would actually “walk in” to the computer. And anything they find in “plain view” can be used as evidence of a crime. Nothing in the current version of the bill would prevent such a search or collection, giving the government the potential means to search countless computers of victims of the botnet (not the perpetrators) without a warrant.
While these are both valid exceptions to warrant requirements, they've never been deployed on this sort of scale. Officers can perform community caretaker functions that may result in contraband being discovered in plain view. When the FBI takes on a botnet, however, it will have access to potentially thousands of computers at a time and the legislated permission to not only "enter" these computers, but to take a look around at the contents.
The Fourth Amendment was put into place to end the practice of general warrants. The FBI's botnet-fighting efforts turn court-ordered injunctions into digital general warrants, only without the pesky "warrant" part of the phrase. And, unlike other warrants, the proposed legislation would do away with another Fourth Amendment nicety: notification.
As CDT noted in its comments on the Rule 41 change mentioned above, potentially as many as a third of computers in the United States are infected with some form of malware. And, botnets are extremely hard to clean up, especially when you depend on victims to voluntarily submit their computers for cleaning. Given this reality, unless notice is required by statute, law enforcement would have an incentive to dispense with notice in the much wider array of shutdowns permitted under the Graham-Whitehouse bill.
The bill has only been introduced and there's no forward motion as of yet. It's in need of serious repair before it heads further up the legislative chain. As it's written, there's nothing standing between people's personal files and a host of digital officers wandering through virtual houses in search of malware and searching/seizing anything else that catches their eye.
by Tim Cushing
Wed, Aug 10th 2016 3:33am
from the the-fix-is-always-in dept
The question the government doesn't want to answer is whether we're better off pursuing fake criminals or capturing the real ones. Law enforcement does both, but sting operations -- both of the terrorist and the drug variety -- have been increasing over the years, turning officers and agents into actors and stage directors.
The FBI has been crafting "terrorists" from a collection of outcasts, retirees, and the developmentally disabled for years. Canada's law enforcement is just as willing to score on unguarded nets, traipsing happily over the line between "highly questionable" and "actual entrapment" in its own terrorist "investigations."
The ATF and DEA have combined forces to drag weapons into drug dealing using elaborate sting operations to entice no small number of people to get prepped to rob a nonexistent stash house of imaginary drugs. This would be bad enough, as it often appears the ATF is willing to bust anyone that engages in speculation about stash house robberies. Adding insult to injury, the federal government recommends sentences based on the fake amount of fake drugs not actually found in the fake stash house suspects talked about robbing.
Judge Otis Wright tore into the government for its willingness to craft imaginary stash house robberies and followed it up by asking for convicted suspects to be locked up for real years, based on nothing more than what the government told defendants would be located in the fake stash house.
In these stash-house cases, the Government’s “participation in the offense conduct” is what makes them particularly repugnant to the Constitution. Everything about the scheme—and therefore almost everything bearing upon a defendant’s ultimate sentence—hinges solely on the Government’s whim. Why were there not 10 kilograms in the stash house? Or 100? Or 1,000? Why were the guards allegedly armed—necessitating that Defendants bring weapons along with them? All of these factors came down to the ATF and the undercover agent alone. That sort of arbitrariness offends the Constitution’s due-process demands.
The government loves these cases because they're easy wins. There are no suspects to track down after a robbery. Instead, every suspect is safely housed in an undercover agent's vehicle, unwittingly waiting to be arrested. The suspects never lay low until the heat dies down, forcing the government to perform actual investigative work. Instead, the suspects are guided through the process of planning for a stash house robbery, including being given weapons to do so if they fail to provide their own. With massive sentences predicated on made-up drug quantities hanging over their heads, plea deals favorable to federal prosecutors are easy to obtain.
Another federal judge has plenty of problems with the government's stash house stings. Pennsylvania's Gerald McHugh has just issued a memorandum [PDF] trimming back the sentence handed to Clifton McLean, mainly due to the government's sentencing recommendation being based on the amount of drugs it said would be found at the fake stash house, rather than on anything tangible. [h/t Brad Heath]
Early last year, the judge took note [PDF] of the government's willingness to push people into actions they may not otherwise have taken.
Initially, there is no indication that McLean was involved in an ongoing criminal enterprise to commit stash house robberies prior to his initial contact with the government informant, and there is also no indication that the government believed it was infiltrating an already-existing conspiracy to commit such a robbery. Rather, in the best case scenario for the government, a newly created conspiracy was hatched when McLean allegedly approached the CI for the first time, though this initiation is less than certain. This factor weighs in favor of McLean.
The third factor, and certainly one of the most important, is the nature of government instigation or origination of the crime. The outcome of this inquiry is less clear. The government has asserted that the paid CI in this case was initially approached by McLean, who then inquired about whether the CI knew of any stash houses that McLean could rob. There are many questions surrounding this initial engagement. The encounter was not recorded, which is to be expected since the government asserts that the meeting was not planned, and a CI cannot be expected to wear a wire at all times. However, what this means is that the only person, aside from McLean, who can speak to what occurred at that meeting is the CI, who was not present to testify at the evidentiary hearing. While this is certainly a valid trial strategy, and may reflect government concern over the informant’s safety, I am hesitant simply to adopt this second-hand account of what occurred at this meeting, as told by the agents to whom the CI reported. I certainly do not discredit the testimony of the agents, but all they can testify to is what the CI relayed to them and their impression of his credibility. On top of this, the determination of whether McLean was inquiring about a stash house robbery is based on the CI’s account of slang that McLean used and the CI’s personal interpretation of that slang, with no additional context provided.
Unlike other stings the ATF has run, McLean showed more interest than most in pursuing a stash house robbery. But even though the judge didn't see enough to indicate entrapment, he's less pleased with the government's sentencing recommendations.
The structure of sting operations such as this is highly problematic. In practical terms, “sentencing discretion is delegated all the way down to the individual drug agent operating in the field.” United States v. Staufer, 38 F.3d 1103, 1107 (9th Cir. 1994). Although the Government defends the specified amount as necessary to protect its agents, I find that rationale troublesome on several levels. First, law enforcement’s tactical concerns should not control either the severity of charges against a defendant or the range of sentences. To the extent that the Government constructs a crime, its elements should be related to a defendant’s culpability. Here, where the record is clear that McLean was “in for a penny, in for a pound,” specifying such a high amount does not truly bear on his culpability. Once the Government established that McLean was willing to engage in an armed robbery of any quantity large enough to resell, its core law enforcement objective was met.
The Government clearly had an interest in exposing the scope of his capability and connections, and in seizing as great a quantity of drugs as possible. No similar interest exists where the crime itself is fictional.
But if the objective is really to hit stash house sting suspects with the full force of sentencing guidelines, then the objective is "whatever nets the most years in prison." The judge here finds the government always conjures up a quantity of fake drugs that will generate the longest minimum sentence.
From my review of reported cases nationwide, I have not identified any investigation where the specified amount of cocaine in the fictional stash house was less than 5 kilograms. By statute, 21 U.S.C. § 841(b)(1)(A), 5 kilograms is the amount that triggers exposure to a 20-year mandatory minimum sentence.
[B]y the Government’s reasoning, the very nature of this type of undercover operation necessarily requires, for the safety of its operatives, a scenario that automatically triggers mandatory minimum sentences, even if the target of the sting would otherwise have taken the bait, and regardless of whether the suspect had ever before dealt in quantities of this kind.
The government's "evidence" of its fake drug amounts is nothing more than agents' testimony. They can swear they told the defendant there would be more than 5 kilos of drugs. It makes little difference that there were never any drugs to be stolen. The government then wraps itself in its "operative safety" blanket and hopes the judge won't question its inexplicable need to protect its agents by consulting drug sentencing guidelines. Judge McHugh, however, did take a look at it, and doesn't like what he sees -- a government agency pushing judges towards harsher sentences by insinuating anything less would be dangerous for law enforcement agents.
Preliminarily, I have an institutional concern that the Government couches the justification for its techniques in terms of officer safety. Unquestionably, undercover operatives are individuals of great commitment and courage who take risks average citizens would find intolerable. Their safety must be of paramount concern. At the same time, however, tying the physical safety of an agent to a mandatory triggering quantity of drugs is problematic. Such a rationale cannot help but inhibit any judge who must consider the implications of sting operations because no responsible judicial officer would ever want to place agents in harm’s way. But without in any way jeopardizing the safety of any agent, a court can certainly ask why, even if it is necessary for purposes of “credibility” to specify certain amounts as part of an operation, why is it necessary to charge the target of the investigation with such high amounts in every case?
In short, nothing about the actual record in this case validates the proposition advanced by the Government that substantial amounts of cocaine are fundamental to the success of its operation.
This not only prevents judges from exercising discretion, it also prevents the jury from doing its job properly.
Absent some constitutional prohibition, because the jury found McLean guilty of conspiring to possess 5 kilograms or more of cocaine, I am bound to sentence him accordingly. This underscores the due process concerns at the heart of sting operations. Since no drugs existed, McLean was charged with conspiring and attempting to possess the amount of drugs the Government decided to offer him, after he had agreed to participate in a fictional robbery. The Government made a deliberate choice concerning which offenses and quantities to charge, a choice that then constrains the jury.
The judge goes on to note the government even cited a decision finding against mandatory minimum sentences to support its argument for a mandatory minimum sentence. On top of that, it used the fake drug quantity to ensure it got the sentence it sought, leaving no room for meddling from troublesome judges or jurors.
It is certainly true that the jury “found” the defendant guilty of a conspiracy to possess greater than 5 kg of cocaine, but the Government assured such a result in advance by the script that it wrote and the charges that it brought. In that sense, a stash house sting operation is the “perfect” crime, at least from the standpoint of the prosecution, in that it predetermines both verdict and sentence.
In the end, Judge McHugh does what he can… which isn't much. He boots the government's mandatory minimum-triggering claim of five kilograms and uses a lower amount. In total, it only takes away five years of McLean's 19-year sentence. But McHugh shows his courtroom won't be a place where the government can expect easy wins with prosecutions where the fix is in from the moment the indictment drops.
Some courts have suggested that so long as there is a “reasonable” explanation for the amount of drugs specified in an undercover operation the Government’s conduct will pass constitutional muster. I am not prepared to adopt such an approach where the Government’s premise cannot be tested in any meaningful way and is refuted by specific evidence of record...
To the extent that principles of Due Process are meant to be a check on government power, there is no more fundamental interest than liberty. A sting operation that constructs a crime implicates liberty interests in a unique way, in that the Government seeks out its citizens for the purpose of testing their willingness to commit a criminal act. There can be no greater manifestation of the coercive power of Government than creating what is, in effect, a morality test, while specifying the penalty for failing that test in advance.
A check on government power is what's needed. Very few courts have been willing to place themselves between defendants and law enforcement agencies that would rather create criminals than go after those already in circulation.
by Tim Cushing
Mon, Aug 8th 2016 2:31pm
from the a-small-shift-in-the-secrecy-status-quo dept
The magical, wonderful, oft-abused National Security Letters have been deemed Constitutional, thanks to the vague promise of reviews by courts and government agencies to determine whether or not the normally-indefinite gag orders accompanying them can stay in place.
The USA Freedom Act took away the "indefinite" part of the equation, stipulating that NSL gag orders must be justified by periodic reviews. Unfortunately, "periodic" was left open-ended. The language only specifies "appropriate intervals." It does place the burden on the government to prove that a NSL's gag order is still necessary, but makes no specific demands on how often the government should have to make these assertions.
FISA DC District Court, however, has specified what a "periodic review" should entail -- at least narrowing down what period "periodic" should mean.
In this order [PDF], a redacted company exercised its USA Freedom Act option to demand a review of gag orders connected to two NSLs it had received. After some in camera presentations to the FISA court, along with some discussion between the NSL recipient and the FBI, it was agreed that the gag orders could stay in place for the time being, but that the FBI should be given the burden of specifying a time frame for periodic reviews, rather than forcing the recipient to file petitions repeatedly until the gag orders were finally determined to be no longer necessary.
The order redacts the number of years these gag orders have been in place, but it's safe to assume the number hidden behind the gray box is larger than one.
The court looks to the Attorney General's own gag order termination policy, crafted in response to stipulations in the USA Freedom Act. Unfortunately, it doesn't do much to narrow down what sort of "period" a "periodic review" covers. The policy says the FBI only needs to review its NSL gag orders every three years or at the close of an investigation. As the court notes, this is far from satisfactory.
Such procedures, as [REDACTED] points out, leave several large loopholes. First, there is no further review beyond these two, meaning that where a nondisclosure provision is justified at the close of an investigation, it could remain in place indefinitely thereafter. Second, these procedures by their own terms apply only to "investigations that close and/or reach their three-year anniversary date on or after the effective date of these procedures;" as a result "a large swath of NSL nondisclosure provisions… may never be reviewed and could remain unlimited in duration." Third, for long-running investigations, there could be an extended period of time -- indefinite for unsolved cases -- between the third-year anniversary and the close date.
The court points out that the loopholes pretty much nullify the legislation's demand for periodic NSL gag order reviews. The court ordered the FBI to explain why it should not be able to handle annual reviews of its NSL nondisclosure requirements.
The FBI complained that doing so would be "cumbersome." The court agreed that reviewing every NSL every year would be too burdensome for the agency. However, the decision just glides past the jaw-dropping number of NSLs issued by the FBI -- 16,000 annually -- without further comment.
So, the FBI, having burdened itself by using NSLs rather than court orders or warrants, isn't required to perform annual reviews of its gag orders. Fortunately, it's no longer allowed to simply follow the loophole-filled policy issued by the Attorney General. The opinion notes that the AG's policy "seems inconsistent with the intent of the law." Recent FISA court addition Judge James Boasberg pulls a number out of the air and declares it good:
The Court believes that, given both the facts and the circumstances of this particular case and the legal authority discussed above, a triennial review fairly balances the specific burdens on the FBI against the countervailing interest that [REDACTED] has in avoiding a lengthy and indefinite nondisclosure bar.
The gag orders that are currently in place (and have been in place for an indeterminate number of years) are allowed to remain. The FBI will have to review these every three years from now on. This is better than the AG's policy and much better than the open-ended language of the USA Freedom Act.
But it's unclear whether this order is meant to govern the FBI's other NSLs, or simply the two involved in this particular case. There's nothing in the opinion that suggests this is a blanket policy change, but as the court notes earlier in the decision, it seems likely that anything granted to this particular entity will be requested by others in the same position. Given the reasoning used to make this determination, it would be difficult to imagine a situation where similarly-situated recipients would not be able to avail themselves of the court-ordered review process -- rather than being forced to file review petition after review petition for the rest of whatever.
by Tim Cushing
Fri, Aug 5th 2016 4:10pm
from the both-sides-of-the-judicial-coin,-all-in-one-federal-district dept
The fallout from the FBI's surreptitious bugging of county courthouses in California has coalesced into two motions to suppress -- with two very different outcomes. What makes this even more interesting is that both decisions were issued in the same judicial district.
Judge Phyllis Hamilton denied a motion to suppress last week. While she had concerns about the location of the bugs used in the FBI's investigation of property auction price fixing, she reached the conclusion that the recording of conversations that occurred in a public area did not violate the defendants' expectation of privacy. The decision hinted Judge Hamilton would be hard pressed to find any conversation in public -- no matter what attempts were made to prevent bystanders from listening in -- worthy of an expectation of privacy.
Judge Charles Breyer, however, has reached the opposite conclusion. Breyer dug deeper into the location of the recording devices and questioned whether the FBI was crossing a line by placing them in areas where privileged conversations might occur.
In a decision [PDF] handed down on August 1, Judge Breyer has tossed 200 hours of recordings made by the FBI on the grounds that the eavesdropping violated the defendants' expectation of privacy. (via Joe Mullin at Ars Technica)
The volume of oral communications is relevant to whether the speaker has a reasonable expectation of privacy, as is the proximity or potential of other individuals to overhear the conversation. The key inquiry here, however, “is not whether it is conceivable that someone could eavesdrop on a conversation but whether it is reasonable to expect privacy.” The evidentiary record here confirms that Defendants did not speak at a volume loud enough for an undercover agent or an FBI cooperator to overhear them. Feb. 11 Tr. at 155:7–12 (reflecting that the lead FBI agent testified that “the key observation made in the early part of the case” was that the cooperator and undercover agent “could not hear” Defendants’ conversations).
The Court thus finds no evidence in the record establishing that bystanders overheard the conversations surreptitiously recorded on the twenty-eight days in question; it does, however, find ample evidence in the record that bystanders could not overhear those conversations. See, e.g., Feb. 11 Tr. at 155:7–12. This factor thus supports a reasonable expectation of privacy.
Unlike Judge Hamilton's case, the defendants took active steps to avoid being overheard -- something that should have been expected, considering the presence of competitors hoping to acquire foreclosed property as cheaply as possible. Not only that, but the FBI testified that its undercover informant somehow managed to get booted from the inside circle, meaning that the government's own man had some idea bidders weren't loudly proclaiming their bidding strategies to all and sundry.
Away goes 200 hours of recordings -- a lot of which apparently captured stuff the FBI didn't care about. Along with it might go the rest of the evidence, if the court comes to the conclusion it's been tainted by the government's bugs.
The court concludes that zero expectation of privacy Judge Hamilton hinted at in her decision may be the new normal in the future, but we aren't there quite yet.
With continuing advances in technology, private conversations may become anachronistic rituals reducing intimate encounters to silent exchanges of notes. But that day has not arrived. Until it does, our Fourth Amendment protections should be defined by traditional circumstances. The Court concludes that Defendants had (1) a subjective expectation of privacy in the conversations recorded by the stationary microphones at the San Mateo County Courthouse, and (2) that expectation was objectively reasonable.
Whether or not efforts to carve out privacy expectations in public spaces will be successful appears to come down to the judge presiding over the case. Hamilton's decision made some scary assumptions about communicating in public areas, but she also had testimony and recordings showing the defendants she dealt with made less effort to keep their conversations secret than those in front of Judge Breyer. This may have been the key difference between the two cases, but Hamilton would have raised fewer privacy concerns if she hadn't expanded her thought process to declare that the privacy-less future Judge Breyer only hinted at has already arrived.
by Mike Masnick
Tue, Aug 2nd 2016 4:03pm
from the well,-that's-one-plan dept
A spokesman for the FBI, when asked to comment on Marlinspike’s law-breaking philosophy, replied, “The First Amendment protects people who hold whatever view they want. Some people are members of the KKK. I’m not going to engage in a debate with him.”This is insane on multiple levels. First off, what a weird thing to pull out. Here's someone building tools to help keep the public private and secure. Why would the KKK be the FBI's immediate go to in terms of talking about him? Second, what does any of this have to do with the First Amendment? I guess they're saying that Moxie is free to support the idea that it's good that people can break some laws. But, still, saying the FBI "won't engage in a debate" with Moxie is again missing the point.
I get that many in the law enforcement realm believe (incorrectly) that strong encryption makes us less safe. And, so I can understand that those misguided folks might not like Moxie at all. But it seems like a pretty big leap to go from that to bringing up the KKK.
by Tim Cushing
Tue, Aug 2nd 2016 2:36pm
Documents Show FISA Court Refusing To Grant FBI's Requests To Scoop Up Communications Along With Phone Metadata
from the rubber-stamp-runs-dry dept
A handful of FOIA documents [PDF] obtained by EPIC (Electronic Privacy Information Center) are shedding some new light on the FISA court and its relationship with the FBI. The good news is that the court is not quite the rubber stamp it's often been portrayed as. Even though a vast majority of requests are improved, there appears to be a significant amount of modification happening behind the scenes.
The documents reveal that the Foreign Intelligence Surveillance Court (FISA) told the FBI several times between 2005 and 2007 that using some incidental information it collected while monitoring communications in an investigation — specifically, numbers people punch into their phones after they’ve placed a call — would require an explicit authorization from the court, even in an emergency.
The FBI wanted to trap these digits using its pen register orders, which are only supposed to provide numbers called and received. This additional information had been considered "content," as these post-cut-through digits could reveal details such as credit card info or social security numbers.
The FBI's collection of content -- along with the call metadata it was actually authorized to receive -- appears to have continued until a FISA judge finally asked it what it was doing with this "incidentally collected" content. The DOJ, of course, argued that is was entitled to this information.
In May 2006, the government told the court that it had the authority to collect that sensitive information, and would “in some cases … specifically seek authority for secondary orders requiring a service provider to provide all dialing, routing, addressing or signaling information transmitted by a target telephone, which, in light of technological constraints, may include content and non-content digits alike,” the report continues.
It also claimed that, although it specifically sought to collect this info with modified pen register orders, it was only accessed for a limited number of reasons: national security, emergencies, exigent circumstances, etc. The FISA court doesn't appear to have believed the FBI's claims that it was seeking this information just to use it only in the rarest of circumstances.
The court “had made modifications to the government’s proposed pen register orders,” reads the biannual report to Congress obtained by EPIC. “Although the [FISA Court] has authorized the government to record and decode all post-cut-through digits dialed by the targeted telephone, it has struck the language specifically authorizing the government to make affirmative investigative use of possible content” unless permission is specifically granted by the court.
This pushback wasn't just limited to the nation's most secret court. The FBI also met resistance at local levels when trying to scoop up content with its metadata.
In July 2006, a magistrate judge in Texas denied an application for a pen register because filtering technology would not eliminate the additional content information.
This lower-level refusal was addressed by the FISA court, which asked the FBI how it expected this magistrate's refusal to affect its FISA court requests. The FBI replied it no longer had to worry about it as revisions to the US Patriot Act had given it permission to collect it all -- even stuff the agency treated as content when crafting its altered pen register requests.
This failed to move the court. It also failed to alter the FBI's tactics. The FBI continued to submit requests for post-cut-through content and the court, quite frequently, continued to strip this part of the agency's request from its approved orders. After several years, this became standard operating procedure for the FISA court, which instituted a blanket refusal on FBI requests for post-cut-through content, even for "emergency" reasons. This resistance is likely what prompted the FBI to turn something it wasn't being allowed to obtain into formal agency policy by 2011.
The new documents shed some new, somewhat surprising, light on the inner workings of the mostly-opaque FISA court, showing that it is not always inclined to give the government what it wants. It also shows the government doesn't seem to handle rejection very well, having to be told "no" repeatedly before the message sinks in.
by Tim Cushing
Mon, Aug 1st 2016 3:23am
from the because-someone-in-Virginia-inadvertently-said-it-could-do-this dept
The FBI is already having problems here at home with the hacking tool it deployed during its dark web child porn investigation. A few judges have ruled that the warrant used to deploy the Network Investigative Technique (NIT) was invalid because the FBI's "search" of computers around the United States violated Rule 41(b)'s jurisdictional limits.
Now, we'll get to see how this stacks up against international law. It's already common knowledge that the FBI obtained user information from computers around the world during its two weeks operating as the site administrator for the seized Playpen server. More information is now coming to light, thanks (inadvertently) to a foreign government's inquiries into domestic anti-child porn efforts. Joseph Cox of Motherboard has the details:
Earlier this year, Austrian MPs sent a letter to the country's parliament, asking for more information on child pornography and sex tourism cases. In response, politician Johanna Mikl-Leitner wrote that Austrian authorities cooperated in Operation Pacifier, showing for the first time that the FBI hacked computers in the country.
According to her letter, a list of 50 Austrian IP addresses were evaluated by a federal intelligence unit and used to pursue suspects of possession and distribution of child pornography. The IP addresses led investigators to “countless child pornography files,” according to a translation of the letter, which is dated March 2016. “Extensive investigations are still underway,” it continues.
Local law enforcement appears to be unconcerned that the FBI has exceeded its Rule 41(b) grasp. It took the tips delivered to it by the FBI's NIT and has carried out investigations of its own, collaborating with Europol. Apparently, the FBI's lack of explicit permission -- either from the local US magistrate judge or from foreign governments -- isn't considered problematic when used to scoop up offenders few are willing to defend. Europol and the FBI have refused to comment on how far the Playpen/NIT net was cast, but it apparently includes Greece, Chile, Denmark, and Colombia -- along with possible (but unconfirmed) Playpen users located in Turkey and the UK.
Obviously, the Virginia magistrate who signed the FBI's warrant application had no idea how far its NIT would reach. To be fair, the FBI likely had no idea either, as it was dealing exclusively with users whose originating locations had been obscured by the Tor browser. That being said, the FBI gave no indication in its affidavit that it would possibly be carrying out extraterritorial searches, traveling far beyond the magistrate's jurisdiction and into computers located in multiple foreign countries.
To "fix" this limitation, the FBI is firmly behind the current, mostly-downhill push to strip jurisdictional limits from Rule 41, leaving it free to perform this hacking without being second-guessed by federal judges during prosecutions. That other countries are more than happy to partake in the results of possibly illegal actions doesn't say much about their willingness to protect their own citizens from US law enforcement overreach. Or, at least, it shows there are certain suspects they're not interested in protecting -- even if it means creating a slippery slope they may regret later, when the FBI starts coming after alleged criminals not so universally reviled.