DOJ Subpoenas Twitter About Popehat, Dissent Doe And Others Over A Smiley Emoji Tweet
from the our-tax-dollars-at-work dept
So, here's a fun one. Back in May, the Justice Department -- apparently lacking anything better to do with its time -- sent a subpoena to Twitter, demanding a whole bunch of information on a five Twitter users, including a few names that regular Techdirt readers may be familiar with:
If you can't see that, it's a subpoena asking for information on the following five Twitter users: @dawg8u ("Mike Honcho"), @abtnatural ("Virgil"), @Popehat (Ken White), @associatesmind (Keith Lee) and @PogoWasRight (Dissent Doe). I'm pretty sure we've talked about three of those five in previous Techdirt posts. Either way, they're folks who are quite active in legal/privacy issues on Twitter.
And what info does the DOJ want on them? Well, basically everything:
- Names (including subscriber names, user names, and screen names);
- Addresses (including mailing addresses, residential addresses, business addresses, and e-mail addresses);
- Records of session times and durations, and the temporarily assigned network addresses (such as Internet Protocol ("IP") addresses) associated with those sessions;
- Length of service (including start date) and types of service utilized;
- Telephone or instrument numbers (including MAC addresses, Electronic Serial Numbers ("ESN"), Mobile Electronic Identity Numbers ("MEIN"), Mobile Equipment Identifier ("MEID"), Mobile Identification Numbers ("MIN"), Subscriber Identity Modules ("SIM"), Mobile Subscriber Integrated Services Digital Network Numbers ("MSISDND"), International Mobile Subscriber Identifier ("IMSI"), or International Mobile Equipment Identities ("IMEI"));
- Other subscriber numbers or identities, or associated accounts (including the registration Internet Protocol ("IP") address);
- Means and source of payment for such service (including any credit card or bank account number) and billing records.
And, just to make it clear, here are all the users "in the conversation" on that tweet (since Twitter now buries at least some of that information):
You'll note that all of the names are the same names as listed in the subpoena above (as a point of clarification, the four users listed below were already in the conversation, so their metadata gets swept along, and then the tweeter, Justin Shafer, is also adding in @PogoWasRight to the conversation).
So, who is Justin Shafer, and what the hell is all of this about? Buckle up, because it'll take a bit of background to get around to this tweet (and, yes, it will still feel very, very, stupid that this subpoena was ever issued). First up: Justin Shafer is a security researcher, who has some history spotting bad encryption. Go back to 2013 and he had spotted a weak not really "encryption" standard put out by Faircom. Once it was called out as weak, vulnerable and not really encryption, Faircom rebranded it from the "Faircom Standard Encryption" to "Data Camouflage" since the reporting by Shafer showed that it wasn't really encryption at all -- but just a weak attempt at obfuscation.
Fast forward to late 2013, when a dentist named Rob Meaglia alerted some of his patients that a computer was stolen from his offices with "medical records and dental insurance information." But, Dr. Meaglia told his patients that the records system they were using, Dentrix, made by a company called Henry Schein, Inc., had all of that data encrypted. Except it appeared that Dentrix was actually using Faircom's "Data Camouflage" and not actual encryption. And, as that link notes, Henry Schein, Inc. had been informed of this problem months earlier, around the time Faircom admitted it wasn't actual encryption.
In May of 2016, the FTC announced a settlement with Henry Schein, Inc. over the claim that it "falsely advertised the level of encryption it provided to protect patient data." Kudos to Justin Shafer.
But, literally days later, the FBI was raiding Justin Shafer's home and taking all of his computers. This was not specifically about the Harry Schein case, but since Shafer had continued to investigate poor data security practices involving dentists, he'd come across an FTP server operated by another dental software company, Patterson Dental, which makes "Eaglesoft," a dental practice management software product. Shafer had discovered an openly available anonymous FTP server with patient data. Shafer did the right thing as a security researcher, and alerted Patterson. However, rather than thanking Shafer for discovering the server they had left with patient data exposed, Patterson Dental argued that Shafer had violated the CFAA in accessing the open anonymous FTP server. Hence the FBI raid.
Not surprisingly, Shafer was none too pleased with the FBI's decision to raid his home and take all of his electronics. In particular, it appears he was especially annoyed with FBI Special Agent Nathan Hopp (who he initially believed was actually Nathan "Hawk.")
Fast forward to March of this year, to an entirely different story: the FBI arresting John Rivello for "assaulting" journalist Kurt Eichenwald with a tweet. If you follow Techdirt related stuff, you probably remember that whole story. Lots of people, including us, posted the criminal complaint that was put together by one Nathan Hopp, a special agent at the FBI.
It appears that the Rivello arrest and subsequent news coverage suddenly alerted Shafer to the fact that "Nathan Hawk" was actually "Nathan Hopp" and Shafer began a bit of an open source "investigation" on Twitter. I wouldn't necessarily call the following tweets "smart," but Shafer, finally aware of the FBI agent who lead the raid on his house, started trying to find any public info on Hopp -- and his family. Now, searching out his family isn't great. But it does appear that he was just looking up publicly available information:
At this point, the FBI decided to start protecting its own. Seeing as the guy whose home the FBI had ridiculously raided a year earlier was now tweeting some info about one of its special agents, the FBI started putting together a new criminal complaint arguing that all of the tweets above amounted to "Cyber Stalking" under 18 USC 2216A. This seems like a huge stretch, because that law requires "intent to kill, injure, harass, intimidate, or place under surveillance...."
Either way, about the time all of this was happening, Ken "Popehat" White had started another Twitter thread about the Rivello arrest, leading Virgil and Keith Lee to respond about the criminal complaint, eventually leading Mike Honcho to note "Nathan Hopp is the least busy FBI agent of all time." It is to that tweet that Shafer replies with his smiley emoji and adds or cc's, Dissent Doe to the conversation:
And that takes us to 10 days later, when a new criminal complaint against Shafer is issued*, arguing that those tweets were criminal Cyber Stalking. And because part of that included his smiley emoji in response to the Popehat thread/Honcho tweet, the DOJ felt it necessary to issue a subpoena demanding basically all info on those 5 Twitter users (including Popehat, a former Assistant US Attorney whose info is pretty easy to find on Google). Perhaps the FBI somehow thinks that Shafer was really behind those other accounts or something -- but anyone with even the slightest level of competence should realize that's unlikely -- and that's got nothing to do with anything here anyway.
* As an aside, look closely at that criminal complaint against Shafer. I have no idea why but it appears that the FBI/DOJ is so clueless that rather than submitting the final complaint, they actually submitted the copy showing the "comments" on the Word doc they were using to prepare the complaint -- which shows two comments that both suggest the FBI is well aware that this complaint is weak sauce and probably doesn't meet the standard under the law... but this story is crazy enough without spending too much time on that.
Twitter is apparently fighting back against this subpoena. And even though it was issued back in May, a few days ago, the company alerted the individuals that the DOJ was demanding info on. Dissent Doe has already stated publicly a plan to move to quash the subpoena as well, and I wouldn't be surprised to see the others named take similar steps.
But, really, take a step back and everything about this situation is crazy. Going after Shafer the first time was crazy. Going after him again for supposed "Cyber Stalking" over a few harmless tweets was clearly just the FBI trying to protect its own from being embarrassed online. Then, to subpoena a ton of info on 5 totally unrelated Twitter users... just because Shafer tweeted a smiley face emoticon at them? What the fuck is the DOJ up to? Doesn't Assistant US Attorney Douglas Gardner, who signed the subpoena, have better things to do with his time, like going after actual criminals, rather than harassing people for tweeting?
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cfaa, cyberstalking, dissent doe, doj, douglas gardner, emoji, encryption, fbi, fbi raid, justin shafer, keith lee, ken white, nathan hopp, pogowasright, popehat, subpoena, tweets
Companies: henry schein, patterson dental, twitter
Reader Comments
Subscribe: RSS
View by: Time | Thread
Mistake in article
I think it's DOJ who wants the info, not twitter.
[ link to this | view in thread ]
Denuvo should rebrand its DRM as "Data Speedbump."
[ link to this | view in thread ]
subpoena tale
uhhh... who actually issued this subpoena? Was it some judge... or do DOJ employees pretend to have subpoena-authority under the Constitution (which is solely a judicial power) ?
Quite tale though, our protectors in D.C. see evil-doers everywhere
[ link to this | view in thread ]
Clearly not. Taking a hint from Honcho:
Assistant US Attorney Douglas Gardner is the least busy A-US-A of all time.
[ link to this | view in thread ]
"So, here's a fun one."???
However, since apparently real criminal investigation with possible penalty here, I doubly don't see it as "fun". So it's likely that you're just gleeful at having a "safe" topic, meaning one in which you've no stake.
[ link to this | view in thread ]
Perhaps if Mr. Shafer hadn't been robbed at badgepoint on baseless grounds, he would have spent this time on more productive matters, hunting subtle vulnerabilities that threaten people's security instead of digging up easily discovered public information.
[ link to this | view in thread ]
Oink, Oink
Doesn't Assistant US Attorney Douglas Gardner, who signed the subpoena, have better things to do with his time, like going after actual criminals, rather than harassing people for tweeting?
going after actual criminals is hard work.
harassing people for tweeting while feeding at the public trough is fun.
[ link to this | view in thread ]
By that logic, the newspapers who received letters from the Zodiac killers were accomplices.
[ link to this | view in thread ]
Re: "So, here's a fun one."???
[ link to this | view in thread ]
Re: "So, here's a fun one."???
[ link to this | view in thread ]
That one of those users is Ken White is required by narrative convention.
[ link to this | view in thread ]
Re: "So, here's a fun one."???
[ link to this | view in thread ]
[ link to this | view in thread ]
WWKD
Could Twitter just bill the government an amount similar to what the FBI would charge for an equivalent FOIA request? If so, Twitter could make bank on these things.
[ link to this | view in thread ]
Re: WWKD
I'm wondering how Ken White will respond to this
I'm not sure, but I'm going to be disappointed if the response does not involve ponies.
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
Third Party Doctrine
How come they suddenly change their view when one of their own is concerned? Even if the allegations are correct, Shafer has done nothing but make publicly available information, well, a bit more public. How can anyone believing in the Third Party Doctrince take issue with that?
[ link to this | view in thread ]
1) Speech is violence
2) Emoji are speech
3) Therefore, emoji are violence
QED SUCKAS!
[ link to this | view in thread ]
Re: Re: WWKD
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Third Party Doctrine
Because they know the power of collecting infomation, and are willing to use it against the people, but don't want it used against them by the people.
[ link to this | view in thread ]
Re: Re: Re: WWKD
[ link to this | view in thread ]
They see someone collecting information on an agent (which is fucking with them) and they fuck with them back. Of course, when the government fucks with you, it usually isn't very proportional to how much you can fuck with the government.
[ link to this | view in thread ]
Bar grievances//Judicial conduct/prosecutorial misconduct
If a lawyer remember the duty of oversight by others in the firm and ask yourself: Were functioning adults overseeing this.
[ link to this | view in thread ]
Re: Oink, Oink
[ link to this | view in thread ]
Re: "So, here's a fun one."???
[ link to this | view in thread ]
Re: Re: WWKD
(Still waiting for MY chance to try a GIF animation in a document. The words 'not a magical unicorn' is what I wanna tie it to)
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
You missed a raid there...
Y'all need to go check out the latest post over at databreaches.net on this subject.
[ link to this | view in thread ]
Re: Re: WWKD
[ link to this | view in thread ]
Re: Re: Re: WWKD
https://www.popehat.com/2017/10/24/in-which-my-identity-is-sought-by-federal-grand-jury-sub poena/
[ link to this | view in thread ]
Re: Re: Re: Re: WWKD
[ link to this | view in thread ]
Re: Re: Re: Re: WWKD
Sub epona.
[ link to this | view in thread ]
Re: Mistake in article
Having said that... It's a fair statement to say that Twitter probably wants everything too. :)
*Not sure if the smiley was a step too far - look out for the article about our info being subpoenaed too.
[ link to this | view in thread ]
Re: Re: WWKD
While Mr. Shafer might be portrayed to a naive Grand Jury as some nefarious "hacker", they would have a hard time pulling that with Ken "PopeHat" White and his all star team of dancing ponies, considering his work as an AUSA, his criminal defense practice, first amendment advocacy and his authorship of numerous articles in the MSM.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
So the story as I see it so far...
Skippy the wonder agent decided he had this awesome slam-dunk case to earn him a gold star.
People then noticed that Skippy was out of his fscking mind.
Skippy then decided that gifs were actually WMD's.
People comment on case 2 & Skippy get the bright idea that an emoji WMD is just as dangerous & decides to go on the attack.
Skippy isn't very bright, is he.
Perhaps pissing off a former AUSA with a large platform wasn't very smart.
I do wonder how this will look on Assistant US Attorney Douglas Gardner record, signing off on the thinnest complaint ever & taking a swing at lawyers.
Yeah our protectors aren't inept keystone cops, the keystone cops actually had detailed plans for their stunts.
[ link to this | view in thread ]
Where's the smirk, Ken?
I'm glad the USA is doing this.
Very, very glad.
Anyone here ever play dominoes? Fun game.
The internet version is even more fun!
Grab a seat.
[ link to this | view in thread ]
Re: Where's the smirk, Ken?
[ link to this | view in thread ]
Justin Shafer
[ link to this | view in thread ]
Re: "So, here's a fun one."???
Wow, you really suck at irony. That's gotta make you pretty dull.
[ link to this | view in thread ]
Re: Justin Shafer
I was even warned by one of the agents that "'I don't know' will only go so far." But it is the damn truth.
Ah good old inquisition tactics, where a plea of innocence is merely a sign that you need a little 'persuasion' to admit your 'true' guilt.
Nice of them to confirm your original stance like that though.
[ link to this | view in thread ]
Re: Where's the smirk, Ken?
[ link to this | view in thread ]
"We listed WHO?!"
I imagine in true DOJ fashion once they realize they included a former Assistant US Attorney in the complaint, along with someone that's willing to fight back they'll 'correct' their mistake and run away as quickly as possible.
Bullying people who can fight back is just not the same after all.
[ link to this | view in thread ]
Re: Where's the smirk, Ken?
What exactly is your beef with Ken White?
So you think the info that the feds will get about/from Ken will point to other people, which will in turn point to other people, and so on? That Ken is involved with multiple people in some sort of conspiracy? If so, what is that conspiracy?
[ link to this | view in thread ]
Re: Re: Where's the smirk, Ken?
[ link to this | view in thread ]
Re: Justin Shafer
Why did your attorney advise you to say one word to the FBI at all?
I can maybe understand why you felt uncomfortable with “Please leave, you're trespassing.” But saying something like “It's x:xx o'clock in the morning” ?
[ link to this | view in thread ]
Re:
https://twitter.com/That_AC/status/922949349646196736
[ link to this | view in thread ]
Hmmm
Now, the Supoena is ridiculous, the search behind the whole thing and the CFAA is crap, but what did the FBI dude's wife do?
[ link to this | view in thread ]
Back on Eichenwald
(copying highlights from the NYTimes here) Rivello wrote in that message “YOU DESERVE A SEIZURE FOR YOUR POSTS”. He also sent direct messages to other Twitter users about Mr. Eichenwald, including one that read, “I hope this sends him into a seizure.” and “I know he has epilepsy.” Investigators also found a screenshot on Rivello’s digital accounts Mr. Eichenwald’s Wikipedia page that had been altered to show a fake date of death of Dec. 16, 2016, the day after the strobe light attack.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Hmmm
[ link to this | view in thread ]
Re: Back on Eichenwald
I can't speak for why he used quotation marks but I'm going to guess that it wasn't sarcasm but merely the acknowledgement that this is an unusual, if not unprecedented, application of the term "assault". Not that it's legally inaccurate, but that it's certainly not the first example anyone would think of on hearing that word.
[ link to this | view in thread ]
Re: Re: Re: Re: Re: WWKD
[ link to this | view in thread ]
Re: WWKD
I don't know about federal law, but in my state, I've served subpoenas that come with a check for a few dollars, maybe like $5. You're not exactly going to "make bank" on them.
[ link to this | view in thread ]
FBI Like Hoover Butthurt Homo X Dressers
[ link to this | view in thread ]
Yes, because THAT was what Hoover did that was so objectionable.
[ link to this | view in thread ]
Re: subpoena tale
Looks like a magistrate judge signed off on everything, can't really read his signature though (and it doesn't have his name typed).
[ link to this | view in thread ]