FBI Documents Show More Evidence Of Agency's Sketchy Relationship With Best Buy's Geek Squad
from the squadders-installing-FBI-bloatware dept
Thanks to an FOIA lawsuit, the FBI has finally started handing over documents to the EFF detailing the federal agency's "partnership" with Best Buy Geek Squad employees. The too-cozy-to-be-Fourth-Amendment-compliant relationship was uncovered during discovery in a child porn prosecution. Produced documents showed the FBI not only paid Geek Squad members to search for child porn, but it actively engaged in recruiting efforts at Best Buy locations.
The problem with this relationship is the relationship. And the money. While tech repair personnel are expected to turn over discovered child porn to authorities, the active efforts of the FBI alter the incentives, pushing Geek Squad members towards digging through customers' computers for illicit material, rather than simply reporting what they come across during the course of their work.
The FBI wants to keep this relationship with Best Buy intact. It also wants to keep the evidence provided by Geek Squad members. While private searches can be used to predicate investigations, paying people to look for illegal material when their job is to repair devices turns this into a proxy search for federal law enforcement. That's not permitted under the Fourth Amendment and the FBI certainly knows it. The files central to this prosecution were discovered in unallocated space, making it unlikely they were discovered during routine repairs. It would imply a Geek Squad member went digging for illicit material, motivated by a possible payout from the FBI if anything was found.
The documents obtained by the EFF provide further evidence the FBI paid Geek Squad members to perform searches for it. They also show this relationship dates back at least a decade, with Best Buy doing its best to become an unofficial branch of the FBI.
The documents released to EFF show that Best Buy officials have enjoyed a particularly close relationship with the agency for at least 10 years. For example, an FBI memo from September 2008 details how Best Buy hosted a meeting of the agency’s “Cyber Working Group” at the company’s Kentucky repair facility.
The memo and a related email show that Geek Squad employees also gave FBI officials a tour of the facility before their meeting and makes clear that the law enforcement agency’s Louisville Division “has maintained close liaison with the Geek Squad’s management in an effort to glean case initiations and to support the division’s Computer Intrusion and Cyber Crime programs.”
This relationship has been the basis for several FBI investigations -- all predicated on actions that stray close to the edge of the Fourth Amendment, if not going past its boundaries completely.
Other documents show that over the years of working with Geek Squad employees, FBI agents developed a process for investigating and prosecuting people who sent their devices to the Geek Squad for repairs. The documents detail a series of FBI investigations in which a Geek Squad employee would call the FBI’s Louisville field office after finding what they believed was child pornography.
[...]
Some of these reports indicate that the FBI treated Geek Squad employees as informants, identifying them as “CHS,” which is shorthand for confidential human sources. In other cases, the FBI identifies the initial calls as coming from Best Buy employees, raising questions as to whether certain employees had different relationships with the FBI.
More information about this misuse of private searches will likely find its way into open court and the public domain in the next several years. The FBI is still withholding several files, which probably further corroborate the agency's incentivizing of invasive device searches. And Best Buy is likely not the only company offering both computer repairs and FBI-prompted "private searches" The EFF notes the FBI refuses to confirm or deny it has a similar relationship with other retailers.
The EFF is headed back to court to challenge the FBI's withholding of these documents, so additional documents may be produced sooner than later. But if the FBI can convince the court its payouts to tech repair staff are investigative methods that would be compromised if discussed publicly, we may see nothing at all. But it also has to convince another court its use of Best Buy employees as informants is kosher under the Fourth Amendment. And it has yet to do that.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: geek squad, private law enforcement, surveillance
Companies: best buy, fbi
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
How much extra time this file snooping adds to a routine PC service is anyone's guess, but its a sure bet that Best Buy is not footing the bill out of their own pocket.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
I can see logical (but not necessarily correct!) arguments made for both sides here.
On the one hand, the argument that Best Buy employees are performing a search without a warrant on behalf of the government.
On the other hand, the argument that it is no different than, say, the police offering a reward for evidence of illegal drugs, then you happen to open a drawer while you're working on someone's plumbing and find their stash.
I don't think we have enough of the story yet to truly determine which is which. If it's indeed true that individual companies or employees were contacted by the FBI instead of a general reward offered to all such repair companies, that makes it a lot harder to argue that comparison. But doesn't Geek Squad have some sort of agreement or contract that customers must sign? Would it cover this search, being that the customer has agreed to it?
And if anyone (coughootbcough) should argue that "well it's child porn for god's sake, you have to search for that whenever possible, it's your duty to make sure you're not allowing someone to get away with it!"... that's specifically the whole point of the fourth amendment. Unless you're an officer of the law and you have reasonable suspicion that a crime is being committed, you can't initiate a search without a warrant.
Also, if anyone (COUGH) makes the argument that "you want them to just ignore any illegal content they find because it's private property?" there is a difference between coming across the files in the course of your duties and reporting it, and going out of your way to search for the files in a way that isn't directly and necessarily tied into the work you're doing.
[ link to this | view in thread ]
Re: Re:
That's a hard claim to believe when they've been giving them tours of their facility.
[ link to this | view in thread ]
double negatives
[ link to this | view in thread ]
What could possibly go wrong?
But it did have some by the time the minimum wage geek squad called the FIB to get paid for turning it in.
Even if nothing illegal is found, something innocent, like some forms of real art, or the classic baby's behind photo, could result in a minimum wage geek squad ruining someone's life or career.
[ link to this | view in thread ]
How do we know
In these cases, the chain of custody of the evidence needs to be looked at VERY closely.
[ link to this | view in thread ]
Badges? Yeah, we got those.
[ link to this | view in thread ]
Re: double negatives
But no one at Techdirt reads the comments, so don't expect it to be fixed anytime soon.
[ link to this | view in thread ]
Re: FBI
[ link to this | view in thread ]
Re: How do we know
But paying a minimum-wage Best Buy employee $500 each time he finds evidence? Apparently that's OK.
[ link to this | view in thread ]
Has everyone forgotten how many times GS folks have been caught snooping through their customers’ data?
https://lockergnome.com/2012/07/23/best-buy-geek-squad-trust/
And those are just the few that were caught with their hands in the cookie jar. How much do you want to bet it still isn't going on?
[ link to this | view in thread ]
FBI's In-House Rallying Cry
Isn't that practically the FBI's mantra in the 21st century?
[ link to this | view in thread ]
There's a reason why mafia backyards are full of broken appliances
No one could trust the repair people that came to their homes.
But if these dead appliances are thrown out, then they can be legally searched for chemicals, fingerprints, DNA, etc., without a warrant.
The FBI has been compromising repair persons for close to 100 years.
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re:
Well, they're defending it: Best Buy defends practice of informing FBI about child porn it finds (way to miss the point... few people were complaining about them reporting stuff they "found"—the complaint was that they were searching)
[ link to this | view in thread ]
Re: Re: How do we know
I'm claiming Poe's law here, because we totally do. And Techdirt has run countless stories about it.
[ link to this | view in thread ]
Re:
I can not think of any possibilities that would necessitate such a search in order to fix anything on a PC/laptop/whatever.
So - call it what you want but it is still performing work the customer did not authorize and certainly should not pay for.
[ link to this | view in thread ]
Truth in advertising
[ link to this | view in thread ]
I imagine that the list of what constitutes illegal content will be increasing in size and scope. Soon the list will include images of political figures with drawn on mustaches.
And then there are the pictures that websites put in your cache whether you want them or not, most of the time the user is unaware of the caching and probably never saw the pics anyway.
[ link to this | view in thread ]
Re: Re: How do we know
Asset forfeiture often rewards law enforcement for discovering 'crimes'.
[ link to this | view in thread ]
The question remaining is did the FBI specifically ask GS techs to search computers on a routine basis ( 4th amendment should apply ) or did they just issue a general hunting license by saying "If you should happen to come across something, let us know" I'm not sure how the latter would be looked at in re: the 4th.
I have absolutely no idea how information from a confidential informant who gets compensated thru $$ or getting to walk on a misdemeanor is looked upon.
Having your computer worked on by someone you don't know is a good way to share the honeymoon videos with who knows how many people.
Is child porn disgusting and despicable. Of course. But do we want to go down that slippery slope where we make exceptions to rights expressly granted by the governing document of our country? At what point do we draw a line and say this is too disgusting but that isn't or do we just keep sliding down that slope?
No answers here, just questions
[ link to this | view in thread ]
DO NOT take your computer to Best Buy. Ever!
Unless you're a computer forensics expert, then you probably have no idea what could be on it. And if you are such an expert, then you shouldn't need the Geek Squad in the first place.
Remember, just because you didn't know about it, doesn't mean your life can't ruined for it.
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: Re: Re: How do we know
[ link to this | view in thread ]
Re: DO NOT take your computer to Best Buy. Ever!
[ link to this | view in thread ]
Re: Re:
Searching for files that have been infected by a virus?
Searching for drivers that may need to be installed?
Searching for corrupted files that may need to be repaired?
I'm glad you're not in charge of repairing my PC...
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: Re: Re:
I was unaware that drivers were being inspected manually, how and why would anyone do this? Would they use a decompiler or disassembler to look at the source? The results of either do not provide a source that is easily read.
When you repair a file, is it required to look at it first?
Likewise, I'm glad that I do not have to service anything of yours.
[ link to this | view in thread ]
Re: Re:
Part of that service was transferring the data they specified off the computer to external media, scanning and repairing it from an isolated system we had for that purpose, and restoring it to the reloaded system (assuming it was safe to do so). This was before the days of ubiquitous, cheap cloud storage, and very few customers had good backup habits.
When the tech attempted to do this, there were a bunch of files that were corrupted and would not copy over. These weren't encrypted files, just plain old data corruption on the hard drive. So, the tech scanned the drive using a data recovery program (which always had varying results), and was able to restore many of them successfully. In verifying the data, he happened to open a shocking image. There were many more where that came from, and we immediately turned the system over to the police.
The owner is still in prison. He was not just a possessor, but a guy who abused his position as a high school coach to produce and distribute spy videos and photos of the girls he coached.
Yes, we had a policy to avoid interacting with actual customer data, but in the real world, sometimes the easiest way to verify a successful, uncorrupted data restoration was just to spot-check some files and make sure they opened properly.
[ link to this | view in thread ]
Re: Re: Re: Re:
[ link to this | view in thread ]
Re: Re: Re:
Sure, that tech should have simply scanned and copied over what he was able to restore, and let the customer sift through what was and wasn't successful. But then if it wasn't, it was a phone call and a return trip, and generally unpaid follow-up service.
[ link to this | view in thread ]
Re: Re: Re: Re:
Or, if there's hard drive trouble, an encrypted folder may have to be examined in order to make sure it's neither corrupted nor infected. Such a cursory examination might result in some very concerning file or folder names.
Certainly not just opening up My Documents or performing a system-wide scan for *.avi or something, correct.
[ link to this | view in thread ]
Re: Re: Re:
I have managed, for years, to manually fix what automated tools do not, and then fix the issues caused by the changes an infection caused (including "missing system files" which are neither missing, nor system files) without looking at anyone's personal shit.
I'd be happy to trawl everything on your drives for you next time you need a repair, if you like, but billing depends on how much i have to pointlessly snoop through for you.
[ link to this | view in thread ]
Re: Re: Re: Re:
But if a file has a revealing name, or you want to make sure that it can now be properly opened and isn't corrupted beyond use (like another commenter mentioned below), you might just happen upon something while you're doing a legitimate part of your job.
[ link to this | view in thread ]
Re: Re: double negatives
But no one at Techdirt reads the comments, so don't expect it to be fixed anytime soon.
Yeah, fuck those guys.
[ link to this | view in thread ]
Re: Re: Re: Re:
[ link to this | view in thread ]
Re: Re: Re: double negatives
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Boycott Best Buy
. But if the FBI can convince the court its payouts to tech repair staff are investigative methods that would be compromised if discussed publicly, we may see nothing at all.
Or... perhaps all of the law enforcement entities involved have signed non-disclosure statements with one another which in our dystopian existence apparently supersede full public disclosure of the fact that FBI and local law enforcement are unconstitutionally surveilling Americans using Digital Receiver Technology (ie drt-1301c) and StingRays and would rather see a criminal case dismissed than divulge the origin of the evidence used for the indictment.
https://www.cato.org/publications/policy-analysis/stingray-new-frontier-police-surveilla nce
https://www.scmagazine.com/fbi-stingray-nda-instructs-police-to-use-parallel-construction/article/5 28046/
https://www.revealnews.org/article/chicago-and-los-angeles-have-used-dirt-box-surveillance-fo r-a-decade/
It is simply amazing these law enforcement bozo's who have all sworn oaths to protect and defend the US Constitution go out of their way on a seemingly daily basis to circumvent the enumerated protections found within for their own expedient motives (at best) while vainly attempting to hide behind the torn and tattered robes of Lady Justice.
Best Buy (etal) should be embarrassed that they have allowed themselves to become co-opted by the criminals of the US surveillance/warfare state.
All persons seeking to use Best Buy's (etal) Geek Squad tech services should boycott these entities until they publicly avow they will only cooperate with law enforcement when a valid warrant has been presented. No exceptions. Until then any person bringing their tech gear to these sea going surveillance state snitches is a fool.
[ link to this | view in thread ]
Re: Re:
Or maybe the FBI pays some of those malware scam Indian call centers already.
[ link to this | view in thread ]
Re: DO NOT take your computer to Best Buy. Ever!
[ link to this | view in thread ]
Re: Re: Re: Re: How do we know
But yes, I should have specified that we *normally* or *traditionally* don't give financial incentives. The recent asset forfeiture without a conviction or court case trend seems to be and America-only thing. (Among first-world countries.)
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
That makes me think it might have been covered by the original work order.
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
And the topic of discussion is?
[ link to this | view in thread ]
Re: Re: Re:
The fact remains that it was not necessary to actually look at the file and you were not actively looking for such things. This is a big difference legally, relative to whether a warrant is required - I think (IANAL). So your situation was very different than that of GS and their activities which are legally questionable.
[ link to this | view in thread ]
Re: Re: Re: Re: Re: How do we know
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: Boycott Best Buy
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
When you pick up after a messy, kiddie-script, delete-everything virus, or even rm -rf, stuff you wan't isnt gonna remain in the filesystem. Admitted, this is simplified.
[ link to this | view in thread ]
Of course they should also make an exact copy of the disk and md4 hash it beforehand for use later when angered Geek Squad techs add real kid porn and turn them in anyway. Then turn the tech in to the police and sue the everlasting daylights out of Best Buy.
[ link to this | view in thread ]
When presented with overwhelming evidence, tech bloggers will defend or completely ignore the unconstitutional relationship between the FBI and DOJ, and the DNC and any liberal pundit toeing the line for Obama and Hillary.
[ link to this | view in thread ]
Re:
AFAIK, there have been many different administrations, congressional compositions and SCOTUS members serving during the time period in which this sort of illegal activity has been going on. So - I ask wth - you seem to be a bit off plumb.
[ link to this | view in thread ]
Re: Re: Re:
Another would be a "unindexed" files recovered from a deleted or partly-corrupt filesystem - which might, in fact, appear to be in unallocated space. Most tools for recovering such files (in fact, all the ones that I know of) don't recover the original filenames, but give the files seemingly-arbitrary meaningless names; in an environment which relies on file extensions in order to know how to open a given file, such as Windows, your ordinary user won't even be able to open the file to check.
In order to figure out what these are, you have to either use a tool like the *nix libmagic (usually via the 'file' program), or open each file individually in various programs to see whether the program can recognize it. Even if libmagic reports that a particular file is e.g. a JPEG image, you may need to examine the file's contents to figure out whether it's stock desktop wallpaper or something from the browser cache or part of the user's collection of landscape photos or what-have-you.
It's entirely reasonable to wind up opening at least a few of the files to check on what they are - and if you happen to see something alarming in the process, well...
(That said, just because it's possible to encounter such things during the legitimate course of a repair tech's business, that doesn't mean that going out of your way to look for such things is any less inappropriate.)
[ link to this | view in thread ]
Re: Re: Re: Re:
[ link to this | view in thread ]
Re:
What possible reason could a plumber have for going through a person's drawers? I suppose you think that when you bring your car in to have the oil changed, the mechanic has a right to rifle through the contents of the glove compartment?
[ link to this | view in thread ]
Re: What could possibly go wrong?
Don't forget Japanese Hentai and porn stars that look underage.
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
I certainly don't do it every time (even in the relatively rare cases where I wind up doing such file-restoration work in the first place), but there are times when it's the most appropriate way of serving the customer's needs.
[ link to this | view in thread ]
Re: Re:
An oil change wouldn't reasonably go through the glovebox. But a locksmith making a new key for your car might wind up looking through the glovebox or trunk, as they might have keycodes or be more easily disassembled, or they might just need to be tested to make sure they open. Directly necessary? No. But important to doing a fast and proper job in circumstances that aren't uncommon.
[ link to this | view in thread ]
Re: Re:
Suppose they come up with a number like, 20 minutes of extra searching per computer and they have to pay all that back to each Geek Squad customer who had them work on their computer for the last 10 years.
That has to add up
[ link to this | view in thread ]