ACLU Seeks To Unseal Docket In FBI's Tor-Exploiting Takedown Of Freedom Hosting
from the keeping-the-public-at-arm's-length dept
The ACLU would like to take a closer look at the government's activities regarding its seizure of Freedom Hosting back in 2013. To date, the docket remains sealed -- as is the case in far too many DOJ prosecutions. In this case, the FBI basically took over Freedom Hosting to serve up its Network Investigative Tool to unmask anonymous Tor users.
The difference between this and its more recent NIT deployment in the Playpen child porn case is that many of those exposed by the malware weren't suspected of any wrongdoing. While letting the exploit run its course, the FBI also helped itself to TorMail's email database, later acquiring a warrant to access the contents of the seized communications.
The ACLU would like to take a look at the warrant authorizing the NIT deployment, especially in light of recent Playpen prosecutions where federal judges have found the warrant used invalid. But the first step is unlocking the docket itself, which remains blocked from public view. Joseph Cox of Motherboard was the first to report on the ACLU's recent filing.
The Washington Post recently confirmed that the FBI used a “network investigative technique” or NIT—the agency's term for a hacking tool—on the TorMail site. According to the article, the FBI had obtained a warrant to hack the owners of certain email accounts suspected of being involved in child pornography, and anonymous sources claimed that, with this approach, only suspects who had been linked to child pornography would be hacked.
But journalists, dissidents, and other individuals used TorMail too, and it seems that the error page was presented to every TorMail user—raising questions about how broad the operation really was.
“That the FBI engaged in a bulk hacking operation against all visitors to TorMail, which had many lawful, valid uses, raises serious concerns about the appropriateness of bulk hacking, and the extents to which courts should be authorizing and supervising such operations,” reads the motion to unseal the docket, which was written by ACLU attorneys Brett Kaufman, Nathan Wessler, and David Rocah and filed last week.
As the ACLU points out in its filing [PDF], the public should be apprised of the details of questionable actions taken by the FBI -- especially the contents of the warrant supposedly authorizing the bulk distribution of malware to Tor users who weren't suspects in criminal investigations.
Even if the government were to argue that unsealing the docket and the contents of the warrant would negatively affect future investigations/prosecutions (and it surely will argue this…), the court shouldn't find that assertion particularly compelling. From the motion to unseal:
Once the First Amendment right of access attaches, the burden to overcome it “rests on the party seeking to restrict access, and that party must present specific reasons in support of its position.” Access may only be denied if the party can demonstrate a “compelling governmental interest” in support of closure and prove that closure is “narrowly tailored to serve that interest.”
There is, to be sure, a legitimate governmental interest in protecting the integrity of an ongoing investigation. As the Fourth Circuit has recognized, however, “it is not enough simply to assert this general principle without providing specific underlying reasons for the district court to understand how the integrity of the investigation reasonably could be affected by the release of [the] information [sought].”
[...]
The malware warrant in question here was issued by this Court in mid-2013, and by the end of 2014 the sole prosecution known to the ACLU to have resulted from it had already been resolved. See Klein Press Release. The existence of the malware operation, moreover, has been officially acknowledged by the FBI. 2013 Pouslen Article. Thus, “the genie is out of the bottle” with respect to information the government may have once had a legitimate interest in protecting.
What remains secret, however, is the very “index” to the proceedings that authorized the deployment of malware. Perversely, then, the public is aware of the investigation’s existence, and experts have even been able to analyze the malware used by the government, but the most basic details regarding the circumstances under which this operation was judicially authorized remain hidden. The public has a vital interest in knowing this information, which would greatly contribute to the ongoing public debate about the use of malware by law enforcement, and the government has no legitimate interest in keeping it secret.
The deployment of malware by a law enforcement agency -- a deployment that affected website visitors from around the world -- using a single warrant issued by a single judge is something that has never specifically been addressed by legislators. When cases like this arrive, the DOJ is quick to point out that the lack of a specific legislative permission slip should be construed as a lack of definitive "no," rather than a suggestion the agency shouldn't allow its reach to extend its statutory grasp.
But despite having the permanent ear of many sympathetic legislators, the FBI has never sought to codify its questionable hacking tactics. The closest it's come is the proposed Rule 41 changes, which would allow the agency to obtain a search warrant from the most accommodating magistrate judges and deploy them in jurisdictions where permission might not be so easily obtained.
As the ACLU points out, the FBI's refusal to discuss this openly with legislators is being aided and abetted by courts far too willing to lock up any supposedly public documents the DOJ feels the public -- including legislators -- shouldn't be able to access.
“The breadth and potency of malware as a law-enforcement tool raises concerns that can only be properly debated if legislators and the general public are aware of instances in which it is being used, the ways in which law enforcement seeks to use it, and the extent of judicial supervision,” the motion reads. “The sealing of docket sheets with warrants authorizing the use of malware prevents this critical public debate from happening, in violation of the public’s right of access.”
Allowing the government to maintain this secrecy only encourages further abuse of existing statutes. The longer secrets can be protected, the longer the FBI can use questionable methods backed by even more questionable legal authority. The DOJ's insistence on secrecy in all things tech-related has led it to directly encourage parallel construction, order prosecutors to drop cases rather than reveal means and methods, and basically turn normal law enforcement into Black Ops: Domestic Edition.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: exploits, fbi, malware, tor
Companies: aclu, freedom hosting
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
The correct response here is to go and vote. Vote the current crop out. Admittedly, your vote may well be useless, given the current political landscape. Granted, you're substituting new sleazeballs for old sleazeballs.
But if you do go and vote against the incumbent, then you can look yourself in the eye and say to yourself that you did your patriotic duty.
I'll just take up my soap box and see my self out. Have a nice day.
[ link to this | view in chronology ]
Trying to pry out the methods can only have one real goal, and the court shouldn't allow criminals to benefit from the crimes of others to better protect their illegal activities.
[ link to this | view in chronology ]
Re:
This isn't about protecting criminals from the consequences of their actions. This is about holding the government and cops to account for their actions. It's about what it means to be the good guys. I could witter on about how this is a nation of laws, and how there's a social contract, and how there's a moral imperative to not sink to the level of the bad guys. Instead, I'll ask a question.
Criminals break the rules - they cheat - to get what they want. The government breaks the rules - the government cheats - to get convictions.
Who's the good guy?
[ link to this | view in chronology ]
Re: Re:
In the case of TOR, there are a couple of potential issues that have been out there that they may have exploited. It's not really very much different from going undercover and becoming part of the criminal gang to gather information and move to an arrest.
Does anyone have proof that they broke the rules, or merely exploited a security failure in TOR? Somewhere along the chain of TOR, someone knows the original IP of the user, and someone knows the original IP of the site they are visiting. They have to. It's the weakest points. Taking steps that can exploit that weakness isn't breaking the law, it's using the criminal's own tools against them.
Social contract? Wow, that smacks of desperation, especially when talking about people who hosted and aided drug dealers and worse...
[ link to this | view in chronology ]
Re: Re: Re:
The problem is that the Government deems that anybody trying to keep their communications private are criminals. As a consequence few people believe that the FBI is limiting its attention to actual criminals.
[ link to this | view in chronology ]
Re:
What is requested is not how the hack worked, or FBI's methods to find bad guys, but how a warrant was obtained to hack an arbitrary number of unknown people.
[ link to this | view in chronology ]