No Surprises Here: Presidential Commission On Law Enforcement Repeats Calls For Anti-Encryption Legislation

from the another-pile-of-garbage-ideas dept

[Note: this is one of multiple posts covering the Commission's 332-page report.]

The Presidential Commission on Law Enforcement -- ushered into existence by a 2019 Executive Order -- has released its report [PDF], just in time for the man who ordered it to move out of the White House. President Trump spent his four years defending and praising law enforcement, no matter how often law enforcement's actions provoked criticism elsewhere. This report does the same thing, even as it pretends to offer an objective opinion on the challenges facing the law enforcement community.

The Commission is composed solely of law enforcement officials and officers, which makes its findings one-sided and, of course, suspect. The report calls for an end to the "disrespect" shown to law enforcement. But it does little to address the roots of this perceived disrespect. At best, the report suggests the public is just "misinformed" about law enforcement's role in society and posits it's "progressive prosecutors" and opportunistic legislators causing most of the reputational damage, rather than the things cops do when their leash is long enough.

The report also has nothing good to say about device encryption. Using lingo provided to it by consecutive FBI directors and former AG Bill Barr, the report claims something called "warrant-proof encryption" (a.k.a., regular encryption) should have backdoors legislated into it.

The lack of lawful access to encrypted information controlled by technology companies is presently one of the greatest obstacles to law enforcement in its efforts to combat crime. The rule of law cannot exist in a space—digital or otherwise—that deliberately insulates criminals from law enforcement investigation. The substantial danger to individual victims and general safety posed by warrant-proof encryption demands a prompt and decisive policy action. Because the prominent technology companies have increasingly elected to implement data systems that prevent law enforcement access, the Commission has concluded that a legislative solution may be necessary to optimally balance the interests of personal privacy and public safety.

Ah, but the rule of law can exist in such a space. It's doing it right now. The FBI may have claimed it had nearly 8,000 devices "insulated" from "investigation" in its possession, but after being questioned by Congress about its struggles with encryption, it revealed it couldn't accurately count physical items. We're still waiting for an updated number -- one promised to us nearly three years ago.

At least the Commission recognizes law enforcement has never had more tech options at its disposal. But it suggests law enforcement make use of some of its most questionable options more frequently.

New methods of electronic surveillance and digital investigation hold considerable promise, and the Commission recommends that law enforcement take a proactive approach to developing and innovating technologies to combat crime instead of reactively catching up to the technological innovations of the day. Accordingly, the Commission encourages law enforcement to specifically consider—with appropriate contemplation of competing policy interests— developing and adapting crime reduction technologies, such as unmanned aerial systems (quadcopters), acoustic gunshot detection technologies, real time crime centers, and facial recognition software, to add to their crime-fighting arsenal.

Shot spotters. Predictive policing. Facial recognition. This is a list of things that don't work well and, in the latter two cases, are made worse by the inclusion of biases the tech is supposed to be removing.

Heading back to encryption, the report contains testimonial statements from an agency that shouldn't be allowed to bitch about encryption until it can be honest about how many encrypted devices are in its possession. Here's another call for legislated backdoors by Darrin Jones, the FBI's Assistant Director for Science and Technology:

“The impact and magnitude of the lawful access crisis in the United States has grown to a point where the public safety trade-off to the citizens of this country can and should no longer be made privately and independently in the corporate boardrooms of tech companies. It must, instead, be returned to the halls of the people’s democratically elected and publicly accountable representatives.”

But we don't know the "impact" or the "magnitude." The FBI says both are enormous. But the FBI has also overstated the number of locked devices in its possession -- something it routinely leveraged to push claims of a looming criminal apocalypse that has completely failed to materialize. Until it can provide an accurate count, it really shouldn't opine about the "impact" of device encryption. And its testimony shouldn't be the basis for legislation seeking to weaken encryption.

The report goes on to complain about Facebook adding encryption to its Messenger service and Zoom (sort of...) doing the same for its users. Then it claims this is pretty much the first time law enforcement hasn't been able to obtain evidence when it has a warrant.

Companies that have chosen to adopt end-to-end user encryption have effectively upended more than 200 years of jurisprudence by placing evidence beyond the reach of a court-ordered search warrant.

Right. Because no one's destroyed or hidden evidence prior to this point in history. No one held conversations in person to assure no record remained of criminal conspiracies. Just because phones now contain a wealth of potential evidence does not mean the tables have been turned because something more than a physical door separates cops from the stuff they want to take. Any number of third parties store communications and other data in unencrypted form. And no one in law enforcement feels like honestly discussing the phone-cracking tools that are available or how often suspects consent to searches.

The Commission asks for backdoors:

Congress should require providers of communications services and electronic data storage manufacturers to implement strong, managed encryption for stored data and data in motion while ensuring lawful access to evidence pursuant to court orders.

Then it claims it doesn't want backdoors:

The Commission considered but rejected the idea that lawful access equates to back-door access. Almost all mobile device manufacturers, operating system vendors, and app providers maintain their own “upgrade” back doors, which enables providers to routinely change functions and settings of a device or service. Law enforcement does not seek such direct access, nor does it wish to hold any encryption “keys.” Instead, law enforcement seeks to have tech companies develop and manage for themselves the capability to respond to a lawful court order. Having tech companies themselves remain in control of this process is actually privacy enhancing, ensuring law enforcement is afforded only specific, limited access to data as defined in each case by a specific warrant.

The government won't be honest about the challenges encryption actually poses -- beginning with its refusal to tell Americans how many devices it can't crack open. And it's not honest about its desires. A door is a door -- a hole in encryption that doesn't exist until it's mandated. Refusing to call it a "backdoor" doesn't change what it is.

Then there's this, which implies legislators should look into stripping tech companies of protections they currently enjoy… solely to make it easier for law enforcement to access device contents.

Civil liability immunity statutes that were adopted during the infancy of many tech companies may unintentionally encourage such companies to pursue and market user-only access and end-to-end encryption models. Absent any risk of financial liability, the routine cost–benefit analysis— which most companies use to determine whether to dedicate resources to harm-mitigation strategies—may not influence some of these technology companies into a willingness to facilitate lawful access.

According to the Commission, the only way out of this mess is to strip companies of this liability shield... unless they agree to undermine the protections they give to their customers.

As long as tech companies are immune from liability, the Commission assumes that these companies perceive any development or maintenance of lawful access capabilities to be a drain on profits, which allows the tech companies to hide their financial motivations under the guise of a desire to enhance users’ privacy. Ultimately, this behavior enables plausible corporate ignorance and allows criminals to use these systems for illegal purposes. If corporations are to continue to benefit from civil immunity, Congress should mandate that these companies develop and maintain a lawful access solution capable of producing clear text data in response to court-ordered search warrants.

The Commission also says legislators should implement regulations that allow it to wiretap real-time communications that are currently encrypted. Somehow this proposal starts with stored communications and ends with ordained MITM attacks.

The Stored Communications Act of 1986 requires data to be stored for up to 180 days upon request by the government. Providers must also disclose private information in emergency cases where individuals or groups may be in danger. In addition, a “court order is required for access to digital information. An administrative subpoena may be issued to gain access to specific data such as usernames, addresses, telephone numbers, and call transcripts.”

Recently, the FBI investigated a gang task force case where it was revealed that the primary suspect of a homicide case used FaceTime to orchestrate the crime. Because Apple uses end-to-end encryption, it allows criminals to coordinate their crimes through this avenue. If law enforcement is given lawful access, they can then intercept the plans of criminals and gain evidence to prosecute those who break the law.

The government appears to hate tech companies. Combined with the recent attacks on Section 230, Trump and his law enforcement buddies are apparently still entertaining any option that might let them score a win over Big Tech and its supposed anti-conservative/anti-law enforcement bias.

These are dangerous suggestions. Fortunately, they're being offered up by a lame duck Commission that will presumably expire along with a lot of other Trump mandates following his exit from office. Bill Barr has already resigned. Whoever replaces him presumably can't be as terrible as he was.

Law enforcement faces a lot of challenges. But it also has access to more tools, data, and information than it's ever had before. Undermining user security in exchange for law enforcement convenience isn't the way forward. It's a step backwards -- one that places the government's wants over the needs of the people it's supposed to be serving.

Filed Under: doj, encryption, executive order, fbi, going dark, law enforcement, presidential commission on law enforcement

Supreme Court Says Muslim Men Can Sue The FBI For Placing Them On The No-Fly List For Refusing To Become Informants

from the faith-based-harassment dept

The FBI really enjoys its take on the War on Terror. Starting with the hassling of Muslims at airports and border entries, the FBI cultivates a large collection of confidential informants. These informants then find pliable individuals to target with extra attention, pushing them towards threatening to engage in violence. Then the FBI swoops in to arrest these supposed "terrorists" -- ones that often seem unable to stay gainfully employed, much less capable of carrying out terrorist attacks. The FBI's favorite targets are impressionable Muslim men with mental health issues -- ones its agents and informants radicalize right into jail cells.

It all starts at our nation's airports. If Muslims want to travel in and out of the United States (or just travel within the US), federal agents are always on hand to pressure them into becoming informants. Veiled threats are made and these targets are subjected to invasive searches and other harassment every time they set foot in an airport.

In some cases, Muslim men were placed on the "no fly" list simply for refusing to become government informants. A lawsuit filed in 2014 accused the FBI of retaliating against several Muslims who resisted the FBI's overtures. The district court ruled against the plaintiffs but the Second Circuit Court of Appeals revived the lawsuit in 2018, saying the men had sufficiently alleged violations of the Religious Freedom Restoration Act (RFRA). The government can't target people simply because of their chosen religion, but that's exactly what appears to be happening.

The case made its way to the Supreme Court and the nation's top court has sided [PDF] with the plaintiffs. The lawsuit can proceed and the FBI agents can be held accountable for violating the RFRA.

The government tried to argue the statute does not provide for lawsuits against federal officers in the personal capacity. Wrong, says the Supreme Court. The statute clearly states lawsuits can be brought against individuals, rather than their agency or the federal government as a whole.

We first have to determine if injured parties can sue Government officials in their personal capacities. RFRA’s text provides a clear answer: They can. Persons may sue and obtain relief “against a government,” §2000bb–1(c), which is defined to include “a branch, department, agency, instrumentality, and official (or other person acting under color of law) of the United States.” §2000bb–2(1) (emphasis added).

The Government urges us to limit lawsuits against officials to suits against them in their official, not personal, capacities. A lawsuit seeking damages from employees in their individual capacities, the Government argues, is not really “against a government” because relief “can be executed only against the official’s personal assets.” Kentucky v. Graham, 473 U. S. 159, 166 (1985).

The problem with this otherwise plausible argument is that Congress supplanted the ordinary meaning of “government” with a different, express definition. [...] A “government,” under RFRA, extends beyond the term’s plain meaning to include officials. And the term “official” does not refer solely to an office, but rather to the actual person “who is invested with an office.”

The Court then looks at whether or not damages can be pursued. This isn't a normal case alleging First or Fourth Amendment violations. The government argued this means damages can't be awarded. Again, the Supreme Court says the government is wrong.

A damages remedy is not just “appropriate” relief as viewed through the lens of suits against Government employees. It is also the only form of relief that can remedy some RFRA violations. For certain injuries, such as respondents’ wasted plane tickets, effective relief consists of damages, not an injunction. [...] it would be odd to construe RFRA in a manner that prevents courts from awarding such relief. Had Congress wished to limit the remedy to that degree, it knew how to do so.

If federal agencies want the law changed to shield them from accountability, they'll have to ask Congress to "fix" this perceived "wrong." The Court isn't going to get into the business of legislating from the bench (at least not in this case).

To be sure, there may be policy reasons why Congress may wish to shield Government employees from personal liability, and Congress is free to do so. But there are no constitutional reasons why we must do so in its stead.

It's an 8-0 shutout in favor of the plaintiffs who are now allowed -- six years after they filed their lawsuit -- to start holding the FBI accountable for its violation of their religious rights.

Filed Under: confidential informants, fbi, muslims, no fly list, scotus, supreme court

New Report Shows Cellphone Encryption Isn't Really Stopping Cops From Searching Phones

from the complaining-that-99%-access-isn't-100%-access dept

We're still hearing quite a bit about law enforcement's supposedly endless string of losses to criminals and their device encryption. Citing facts not in evidence, consecutive FBI directors -- along with outgoing Attorney General Bill Barr -- have claimed the implementation of encryption has pretty much made it impossible to successfully prosecute criminals.

We know this isn't true for several reasons. But let's begin with the FBI, which has relied on overstated numbers to press the "going dark" theory for a few dozen months at this point. After admitting it couldn't do math -- even when aided by a spreadsheet -- the FBI has refused to update its overblown number of locked devices in its possession. The FBI has not corrected its math for 931 days at this point.

Criminal prosecutions haven't slowed down either. When almost every prosecution ends in a plea deal, it's pretty rich for prosecutors and law enforcement to complain they're being beaten by criminals. And a bunch of federal agencies pad their own numbers, engaging in borderline entrapment to ensure a steady stream of prosecutorial wins.

A new report shows just how little of an effect device encryption has had on law enforcement efforts. Some of the report's highlights are touched on by Lawfare's Susan Landau. We've heard the complaints encryption is keeping law enforcement out of seized cellphones. The reality is much more worrying. Not only is encryption not much of a barrier, but law enforcement tech allows investigators to access pretty much everything before trimming it down to what's been asked for in warrant affidavits.

These forensic tools are quite sophisticated. FBI Director Christopher Wray once complained that “warrant-proof encryption,” like that used on iPhones, prevents law enforcement access to crucial evidence. But Upturn found that the forensic tools copy all the data found on a cellphone. The tools then sort the data so that law enforcement can easily search through it. And MDFTs include some features that make law enforcement’s job even easier. For example, Cellebrite, perhaps the most sophisticated MDFT, can compare a facial image, such as from a police database, to any of the faces in photos stored on the phone. Others MDFTs classify text conversations by topic, such as drugs, money or family.

The MDFTs work on a variety of sophisticated phones. Cellebrite says it can extract data from “all iPhone devices from iPhone 4S to the latest iPhone 11 / 11 Pro / Max running the latest iOS versions up to the latest 13.4.1.” The company claims to be able to handle even locked iPhones and Android devices.

"Going dark" is nothing more than rhetoric. The reality is encryption isn't much of a roadblock. The report by DC think tank Upturn shows there's little standing in the way of law enforcement forensic extractions, no matter how much federal officials claim otherwise. The business of cracking/scraping phones is largely automated -- plug-and-play invasive searches that pretty much ignore efforts owners might make to secure their devices against government intrusion.

Mobile device forensic tools (MDFTs) are so powerful, Upturn recommends the ban on consensual searches of cellphones, given what investigators can access when they're deployed. This makes some sense, given the specious reasons given for some cellphone searches. But that's going to be a really difficult thing to sell to legislators when one of the most recognized exceptions to the Fourth Amendment is the voluntary waiver. (Counterpoint: the definition of "voluntary" could use more examination by courts, which have decided the third-party doctrine applies even when voluntary consent isn't obvious, but still side with law enforcement agencies who have coerced confessions and "consent.")

People may think these powerful tools will only be aimed at the worst criminals -- drug kingpins, child molesters, financial services firms, etc. But they're not. They're used for everything because they're cheap, easy, and convenient.

Law enforcement use these tools to investigate not only cases involving major harm, but also for graffiti, shoplifting, marijuana possession, prostitution, vandalism, car crashes, parole violations, petty theft, public intoxication, and the full gamut of drug-related offenses.

Anti-encryption enthusiasts like FBI directors Chris Wray and James Comey have somewhat acknowledged some powerful tools render device encryption moot. But even while (sort of) admitting their "going dark" claims were overblown, proponents of encryption backdoors claim success rates are too low, tools are too expensive, and solutions provided by government contractors won't scale. Upturn's report says otherwise.

Our records show that at least 2,000 agencies have purchased a range of products and services offered by mobile device forensic tool vendors. Law enforcement agencies in all 50 states and the District of Columbia have these tools. Each of the largest 50 police departments have purchased or have easy access to mobile device forensic tools. Dozens of district attorneys’ and sheriff’s offices have also purchased them. Many have done so through a variety of federal grant programs. Even if a department hasn’t purchased the technology itself, most, if not all, have easy access thanks to partnerships, kiosk programs, and sharing agreements with larger law enforcement agencies, including the FBI.

So, there's plenty of access. Funding isn't a problem. Vendors have solutions that scale because there's plenty of access and plenty of funding. But the complaints continue. And the complaints continue despite how much is being extracted with each deployment.

MDFTs pull every photo on the device, extracting metadata that shows when and where photos were taken. It pulls data from every app that generates it, including location data, which allows law enforcement to track movement without a warrant. The extraction tools can also pull deleted data, allowing investigators to perform digital trash pulls for additional evidence.

Then there's the third parties themselves. While the FBI and others complain about a lack of access, any data/communications stored by cloud services can be recovered without having to deal with device encryption.

The wealth of data available to law enforcement allows them to engage in fishing expeditions for evidence of other crimes. The only thing stopping them is the courts, so it's worth their while to dig through everything, considering the worst case scenario is a dismissed case, rather than fines, fees, sanctions, or anything else that might hurt them more directly.

A city or state might ban facial recognition searches, but cops can still do this without violating the specifics of the ban, thanks to built-in tools.

Cellebrite offers a “search by face” function, whereby law enforcement can compare an image of a face to all other images of faces found on the phone.

They can also look for anything else conceivably incriminating (or titillating) without having to screw with their tools' default settings.

Cellebrite also allows law enforcement to define new image categories by feeding its software a small set of example images to search for (for example, searching for hotel rooms by giving the software a set of five images of hotel rooms that were taken from Google images). As another example, Magnet Forensics’ AXIOM can employ text classification models in attempts to detect “sexual conversations,” or to filter conversations by topics ranging from family, drugs, money, and police.

Even if encryption is the default option, a variety of software and hardware exploits renders this useless in most cases. Patches from developers and manufacturers make this somewhat of an arms race, but this race remains a tie, at worst. Law enforcement isn't losing. And if it's losing access, it's only temporary.

There's another "war" at play here -- one that's rarely referenced by law enforcement officials. Every vendor wants more customers, so they're always improving their tech. The healthy competition makes tools more powerful while dropping their price, ensuring equal access for law enforcement agencies across the nation. The public records obtained by Upturn show there's not a single state in the Union that doesn't have access to forensic tools capable of cracking or bypassing encryption. Funding isn't an issue, given the federal government's interest in making encryption a non-issue.

That means there's thousands of extractions a year -- something that undercuts the FBI's "warrant-proof encryption" narrative at least as much as its inability to count physical items accurately.

The records of use we’ve assembled from 44 law enforcement agencies represent at least 50,000 extractions of cellphones between 2015 and 2019.

There is no going dark. If legislators want to believe there is, they're going to have to do so by ignoring all the evidence to the contrary. What law enforcement wants is convenience -- the ability to crack open phones without having to hook them up to a machine or beat the submission out of an arrestee. The options are there and agencies are obviously using them. Every argument that says encryption is locking law enforcement out is not just disingenuous -- it's dishonest.

Filed Under: access, doj, encryption, fbi, going dark, law enforcement, prosecutors

Patriot Act Used By The FBI To Collect Internet Browsing Data, Contradicting Claims Made To Oversight

from the oh-no-this-must-be-the-first-time-the-IC-has-lied-to-its-oversight-[faints] dept

The NSA shut down its bulk phone records collection -- authorized under Section 215 -- after it became apparent it wasn't worth the effort. Reforms put in place by the USA Freedom Act prevented the agency from collecting it all and sorting it out later. Instead, it had to approach telcos with actual targeted requests and only haul away responsive records. The NSA somehow still managed to overcollect records, putting it in violation of the law. The NSA hinted the program had outlived its usefulness anyway, suggesting it had far better collections available under other authorities that it would rather not subject to greater scrutiny.

But this didn't end the government's bulk records collections. It just ended the phone metadata program. The NSA still collects other records in bulk, including banking records and, oddly, books checked out by library patrons. The broad authority of Section 215 could be read to allow the government collect other records, like email metadata and internet activity. Reasoning that people voluntarily create records of their internet use by using third-party services to surf the web, the government hinted it could sweep these up just as easily as it had swept up call records.

The government's attempt to collect internet history under this authority ran into some friction earlier this year when the Senate voted to block this collection. Senator Ron Wyden directly asked the director of national intelligence (DNI) to inform the Senate whether or not agencies under its purview had gathered internet use records under this authority. He received this answer.

In a Nov. 6 letter to Mr. Wyden, John Ratcliffe, the intelligence director, wrote that Section 215 was not used to gather internet search terms, and that none of the 61 orders issued last year under that law by the Foreign Intelligence Surveillance Court involved collection of “web browsing” records.

Wyden took this response to mean that implementing a ban on collection of internet history records could be put into place without negatively affecting any intelligence gathering activities. But when the New York Times pressed DNI John Ratcliffe on specifics, a new party inserted itself into the conversation: the DOJ. According to its response, the FBI had already done the thing the DNI had just told Sen. Wyden it hadn't.

In fact, “one of those 61 orders resulted in the production of information that could be characterized as information regarding browsing,” Mr. Ratcliffe wrote in the second letter. Specifically, one order had approved collection of logs revealing which computers “in a specified foreign country” had visited “a single, identified U.S. web page.”

So, the FBI was collecting internet browsing records, albeit with an order that only targeted foreign users visiting one US web page. Still, this wasn't what the DNI originally said to Sen. Wyden. This set Wyden off. Again. The supposedly honest answer he received in response to his questions wasn't actually all that honest. As he pointed out in his statement, the belated admission raised questions about domestic surveillance and potential abuse of Section 215 authority to collect something the DNI said no one was collecting. And, if nothing changed, there was no guarantee the Intelligence Community wouldn't talk itself into believing a collection of internet browsing data would be cool and legal.

“More generally,” Mr. Wyden continued, “the D.N.I. has provided no guarantee that the government wouldn’t use the Patriot Act to intentionally collect Americans’ web browsing information in the future, which is why Congress must pass the warrant requirement that has already received support from a bipartisan majority in the Senate.”

Previous attempts to erect a warrant requirement for the collection of internet data or search histories have failed to reach the president's desk. This latest admission has refueled the fire to protect Americans (or visitors to American websites) from government overreach. Even if such a collection targets only foreign internet users, there's no guarantee it won't sweep up US citizens -- like pretty much every other bulk collection has.

At this point, everything is up in the air. There's a new president headed into office who might be more receptive to reform efforts, but he's also the man who served the Obama Administration -- one that wasn't all that concerned about domestic surveillance until it became impossible to ignore the documents leaked by Ed Snowden. Even then, its response was tepid at best and it still allowed IC surveillance business to continue pretty much uninterrupted -- something it used to justify extrajudicial killings based on little more than metadata. This needs to be fixed, but surveillance reform advocates still lack majority support. And the guy headed to the White House has never seemed all that concerned about surveillance abuses.

Filed Under: 4th amendment, browsing data, bulk records, doj, fbi, fisa, fisc, john ratcliffe, mass surveillance, metadata, nsa, odni, patriot act, ron wyden, section 215, usa freedom act, warrant

FBI Asks To Perform An Intrusive Search Of A Phone For Evidence It Doesn't Need From A Device That Probably Doesn't Belong To The Suspect

from the in-which-an-agent-seems-to-believe-'wild-speculation'-is-'probable-c dept

It looks like the FBI believes it should be able to pull pretty much anything from someone's phone for pretty much any reason. A recent warrant affidavit [PDF] submitted by Special Agent Brian De Jesus requests access to nearly everything contained on a cellphone abandoned in a car, supposedly by the suspect now being charged for being a felon in possession of a handgun.

The first three pages list everything the FBI potentially wants to search, including all call info, texts, emails, social media messages, recordings, photos, GPS data, calendar/contact contents, and anything else on the device that might designate ownership or create problems for the FBI when it searches the phone (malware, encryption, data destruction software, etc.).

The affidavit also asks the judge to grant the FBI permission to use biometric measures to unlock the phone, including thumbs, fingers, facial features, and irises/retinas. According to the request, the FBI may only use "objectively reasonable force" to ensure compliance. So that adds some Fifth Amendment concerns to the over-abundant Fourth Amendment issues.

It's anyone's guess how the criminal event preceding the stop of the suspect and the seizure of this phone supports a forensic search of the device. Here's how the FBI came to be in possession of the phone.

A Los Angeles Sheriff's deputy started following a car whose driver appeared to be intoxicated. This led to a short vehicle chase. The driver and passenger fled the vehicle after it hit a curb. The driver escaped. The passenger didn't. The passenger was patted down and a gun was discovered. Since the passenger was a convicted felon, his possession of a gun was a criminal offense.

That should have been the end of it. Officers had a criminal offense and a suspect and all the evidence they needed (criminal record, illegal handgun). Deputies went back to inventory the vehicle before towing it and found a phone. But turning this over to the feds (for the federal weapons charge) resulted in one agent putting his imagination into overdrive to justify an intrusive search of the device.

From my training, personal experience, and the collective experiences relayed to me by other law enforcement officers who conduct firearms investigations, I am aware of the following:

a. Persons who possess, purchase, or sell firearms generally maintain records of their firearm transactions as items of value and usually keep them in their residence, or in places that are readily accessible, and under their physical control, such as in their digital devices. It has been my experience that prohibited individuals who own firearms illegally will keep the contact information of the individual who is supplying firearms to prohibited individuals or other individuals involved in criminal activities for future purchases or referrals. Such information is also kept on digital devices.

b. Persons who also possess firearms, especially prohibited arms, sometimes jointly possess or share firearms with each other.

c. Many people also keep mementos of their firearms, including digital photographs or recordings of themselves possessing or using firearms on their digital devices. These photographs and recordings are often shared via social media, text messages, and over text messaging applications.

d. Those who illegally possess firearms often sell their firearms and purchase firearms. Correspondence between persons buying and selling firearms often occurs over phone calls, e-mail, text message, and social media message to and from smartphones, laptops, or other digital devices. This includes sending photos of the firearm between the seller and the buyer, as well as negotiation of price. In my experience, individuals who engage in street sales of firearms frequently use phone calls, e-mail, and text messages to communicate with each other regarding firearms that they sell or offer for sale. In addition, it is common for individuals engaging in the unlawful sale of firearms to have photographs of firearms they or other individuals working with them possess on their cellular phones and other digital devices as they frequently send these photos to each other to boast of their firearms possession and/or to facilitate sales or transfers of firearms.

That's a lot to extrapolate from finding a felon in possession of a gun. While this may be true in some cases, it's not objectively reasonable to assume that all or most felons illegally possessing handguns also engage in trafficking of illegal firearms or that they keep "records" of illicit purchases that were likely facilitated by people generally adverse to recordkeeping or generating receipts.

But that's not the most egregious extrapolation. The most vivid use of the FBI agent's imagination is the linking of the abandoned phone to the man deputies arrested. Remember, he was the passenger in this vehicle -- something observed by officers on the scene and noted in the agent's affidavit.

Deputies then conducted an inventory search of the abandoned Camry before towing it. During the search of the car, deputies found the SUBJECT DEVICE on the driver’s side floorboard. LASD seized the SUBJECT DEVICE as evidence. The SUBJECT DEVICE was later transferred to the custody of the FBI.

This phone most likely belongs to the driver -- the suspect that got away.

This is a fishing expedition masquerading as an FBI investigation. The FBI wants to look at the phone to find evidence of criminal acts. It already has all the evidence it needs to secure a conviction on illegal possession charges. They caught the guy with the gun. This search isn't going to add anything to the info the FBI already has. The evidence on hand is more than enough to move forward with a prosecution.

This is an attempt to find other stuff -- either to charge this suspect with or to find other people to go after. The instigating crime was alleged drunk driving and evasion of an attempted stop by the LASD. The passenger had nothing to do with the events that triggered his pursuit by LASD deputies. He just ended up being the only suspect the deputies could catch... and he wasn't even driving. But he was caught and a gun was discovered, along with his criminal record. That should be the end of it. But the FBI wants permission to trawl through a phone for evidence of whatever.

According to the docket, this warrant request was granted. It may have been modified, but the notes don't seem to indicate it was. For now, the only other thing on record is the FBI's documentation of its seizure of the device. If this person has even a halfway competent lawyer, he'll challenge this search. There's nothing in the affidavit that justifies this intrusion. An FBI's agent's speculation about the contents isn't the same thing as probable cause. And the fact that the phone was found on the driver's side of the car only further separates this agent's assertions from reality.

Filed Under: 4th amendment, brian de jesus, fbi, fishing expedition, general warrant, probable cause, surveillance

FBI Turns A Man With Mental Health Issues Into A 'Terrorist,' Busts Him For Using The Internet

from the must-have-locked-up-all-the-real-terrorists-already dept

Another FBI counterterrorism "investigation" has turned someone with mental health issues into a potential long term tenant of the federal prison system. The arrest happened in August, but the documents related to the arrest weren't unsealed until earlier this month.

This summation of events shows how little the FBI needs to do to get someone charged with a federal crime:

A Clarksville man has been arrested following an investigation by the FBI into ISIS-connected terrorist threats they say he made against the Clarksville Police Department and the Fort Campbell PX Exchange.

Jason Solomon Stokes, 41, was arrested Aug. 20 and charged with sending threatening communications interstate, a federal crime, according to documents unsealed today and obtained by Clarksville Now.

Using the internet for anything makes it "interstate," which gives the feds jurisdiction. Stokes spoke about attacks in internet chat groups but never obtained anything needed to carry them out, like explosives or weapons. More details make it clear Stokes isn't a dangerous terrorist, but rather someone who would have benefitted from some intercession from mental health professionals. The sad thing is the FBI agent who pursued the investigation knew this and just kept going until he could ring up Stokes on terrorism-related charges.

Agents accompanied by mental health professionals met with Stokes, who was being treated medically for schizoaffective disorder, according to the complaint. He was living with his mother in Summit Heights. Stokes admitted to making the posts but denied being violent and denied owning any weapons.

There was another visit later. And in that one, the mental health professional handed out a diagnosis... which was ignored by FBI agent Scot Sledd.

About a year and a half later, on about Nov. 5, 2019, the FBI was tipped that Stokes had made more terrorism-supporting statements. They again interviewed him and advised him to stop posting messages on social media. The mental health professionals advised that Stokes was not in crisis or a danger to himself or others, the documents said.

Five months later, Stokes was back in the ISIS-focused chat rooms talking about attacks again. And, again, he never showed interest in actually carrying them out. He backed out as the proposed attack date approached, saying he was worried about his elderly mother. He also failed to acquire weapons and ammunition to carry out the attack, offering to try again at some undetermined point in the future.

The criminal complaint makes it clear Stokes spent most of his time talking to FBI informants. And his "interviews" with Agent Sledd -- accompanied by the mental health professional -- were also part of the agency's subterfuge. Sledd never identified himself as an FBI agent -- a fact that may have made Stokes aware of the potential consequences of his online activities and perhaps pushed him away from engaging in these conversations.

Stokes' online posts were first seen by one FBI informant. A second FBI informant initiated conversations with Stokes, hoping to secure a recording of Stokes pledging allegiance to the Islamic State. This led to a third informant pushing Stokes towards acquiring weapons. When the third informant set a date for the weapons delivery, Stokes backed out.

After that, Stokes never spoke to any of three informants the FBI set him up with. That was July 24, 2020. The FBI arrested him a month later, apparently deciding this month of silence was the perfect time to wrap up this pathetic "investigation" and pursue charges.

The FBI has not announced this arrest via its site. Neither has the DOJ. This suggests neither entity is especially proud of this takedown of a man suffering from mental health issues -- issues the FBI ignored to rack up another cheap win. His online activities may have justified some additional scrutiny but when a mental health professional says someone isn't a threat to himself or others, maybe the FBI should steer investigative resources towards people who actually are threats.

Filed Under: chatroom, fbi, internet, isis, jason stokes, mental health, own plots, terrorism

Another Arrest Shows It's Pretty Much Everyone But Antifa Engaging In Anti-Government Violence

from the presidential-conspiracy-theory-suffers-another-setback dept

The DOJ really wants to make El Presidente's antifa dreams come true. The anti-police brutality protests have been cast by the administration as a leftist conspiracy to… um… demand better policing and better police officers. In addition to sending federal officers to clamp down on unrest in "Democratic" cities, the FBI has been sending analysts to crack phones taken from protesters in hopes of finding some sort of antifa org chart the feds can use to dismantle this "group."

If you think it's weird a free world government would be obsessed with tracking down people fighting fascism, you're not alone. Seems like the time and effort would be better utilized to neutralize the threat posed by homegrown extremists, many of whom align themselves with white supremacist movements. But this is what this Administration is diverting resources to, even when available evidence suggests the antifa movement isn't filled with dangerous individuals.

More evidence suggests the government might want to focus on another loose assortment of anti-government individuals: the so-called "Boogaloo Bois." If antifa is a collective in the loosest definition of the word, the Boogaloo Bois are similarly unstructured. Small groups exist but there's no organizational head to bring down or nationwide structure to dismantle. While the president complains about "violent" BLM/antifa protesters, real violence is being perpetrated by actual anarchists Trump has never criticized publicly.

In the wake of protests following the May 25 killing of George Floyd, a member of the Boogaloo Bois opened fire on the Minneapolis Police Third Precinct with an AK-47-style gun and screamed “Justice for Floyd” as he ran away, according to a federal complaint made public Friday.

[...]

Ivan Harrison Hunter, a 26-year-old from Boerne, Texas, is charged with one count of interstate travel to incite a riot for his alleged role in ramping up violence during the protests in Minneapolis on May 27 and 28. According to charges, Hunter, wearing a skull mask and tactical gear, shot 13 rounds at the south Minneapolis police headquarters while people were inside. He also looted and helped set the building ablaze, according to the complaint, which was filed Monday under seal.

Hunter's public social media posts helped bring him down. So did posts from other members of the group Hunter associated himself with, including Steven Carillo, who shot and killed a federal officer in Oakland, California and a sheriff's deputy in Santa Cruz. Hunter apparently traveled all the way from Texas to open fire on a police precinct and help set it on fire.

And, as if everything happening with protests and various self-invited interlopers wasn't confusing enough, this particular Boogaloo Bois unit managed to mix domestic and international terrorism into a completely incomprehensible blend.

Two members of the Boogaloo Bois, including one from Minnesota, have been indicted on federal charges of attempting to provide material support to Hamas, a designated foreign terrorist organization, the U.S. Justice Department announced Friday.

And this is apparently all it takes to talk a Boogaloo Boi into believing you work for a foreign terrorist organization.

In June, the FBI began receiving information about Teeter, Solomon and other Boogaloo Bois from a confidential source that the Bois believed to be a member of the terrorist organization Hamas. The source, a paid informant, had a Middle Eastern accent.

This isn't going to stop Trump and Bill Barr from continuing their hunt for an antifa kingpin. There's really no difference between the two, as far as Trump is concerned. Anti-THIS government is indistinguishable from anti-ALL government when you're THIS government. But one "group" tends to be composed of white guys with guns wearing Hawaiian shirts while the other is a very loose affiliation of what Trump considers to be "leftists." And it will always be the "leftists" that are considered more dangerous, even when its actual anarchists killing cops.

Filed Under: antifa, boogaloo bois, doj, fbi, free speech, ivan hunter, protests, violence, william barr

Ninth Circuit Dumps Sentencing Enhancement Handed To Defendant For Opening Social Media Accounts For ISIS Sympathizers

from the decades-in-jail-for-sock-puppet-construction dept

The FBI is still creating terrorists -- finding loud-mouthed online randos to radicalize by hooking them up with undercover agents and informants seemingly far more interested in escalating things than defusing possibly volatile individuals.

The Ninth Circuit Court has, fortunately, decided to roll back a ridiculous sentencing enhancement added to another one of the FBI's homegrown extremists. The terrorism enhancement in this case was triggered by this: the defendant's opening of six social media accounts for alleged ISIS sympathizers.

The details of the case -- contained in the court's reversal [PDF] of the sentencing enhancement -- show Amer Alhaggagi was a bit of a troll. The son of Yemeni immigrants, Alhaggagi was born in California but spent a lot of his life traveling back and forth to Yemen to spend time with his mother. He was raised in a Muslim home but that upbringing didn't really make him a Muslim. He didn't seem to have much interest in adhering to the religion's rules and instead drifted towards the internet, where he developed a "sarcastic and antagonistic persona."

This is how things were going before the FBI got involved:

In 2016, at the age of 21, Alhaggagi began participating in chatrooms, and chatting on messaging apps like Telegram, which is known to be used by ISIS. He chatted both in Sunni group chats sympathetic to ISIS and Shia group chats that were anti-ISIS. He trolled users in both groups, attempting to start fights by claiming certain users were Shia if he was in a Sunni chatroom, or Sunni if he was in a Shia chatroom, to try to get other users to block them. He was expelled from chatrooms for inviting female users to chat, which was against the etiquette of these chatrooms, as participants in those chats followed the Islamic custom of gender segregation.

One can only imagine what would have happened to Alhaggagi if the FBI hadn't decided to step in. Probably something way less interesting than what happened when it did. The internet is full of trolls, even the parts of the internet most people don't access. But an FBI source happened to be hanging out in a chatroom when Alhaggagi attempted to stir up the crowd there with some extremist chatter.

In one Sunni chatroom, in late July 2016, Alhaggagi caught the attention of a confidential human source (CHS) for the FBI when he expressed interest in purchasing weapons. In chats with the CHS, Alhaggagi made many claims about his ability to procure weapons, explaining that he had friends in Las Vegas who would buy firearms and ship them to him via FedEx or UPS. Alhaggagi also made disturbing claims suggesting he had plans to carry out attacks against “10,000 ppl” in different parts of the Bay Area by detonating bombs in gay nightclubs in San Francisco, setting fire to residential areas of the Berkeley Hills, and lacing cocaine with the poison strychnine and distributing it on Halloween. He claimed to have ordered strychnine online using a fake credit card, of which he sent a screenshot to the CHS, bragging that he engaged in identity theft and had his own device-making equipment to make fake credit cards.

In isolation, this sounds horrifying. Given the context of Alhaggagi's internet trolling, it was just more bullshit. As the court notes, his online persona was not especially well-crafted and prone to delivering contradictory claims during the same chatroom conversations.

One minute his persona was selling weapons, the next he claimed to need them, all in the same chatroom. His persona allegedly had associates in Mexican cartels who could get him grenades, bazookas, and RPGs, offered to join a user in Brazil to attack the Olympics, and was considering conducting attacks in Dubai.

This isolated braggadocio led to 24-hour surveillance by the feds and the insertion of an undercover agent into Alhaggagi's life. The FBI's confidential informant pushed Alhaggagi to meet with the undercover agent and things kind of took off from there. The pair discussed bomb-making and visited a storage space to supposedly be used to store bomb stuff. Alhaggagi said other ridiculous things, like detailing a plan to become a cop so he could obtain more weapons. On the third visit, the FBI stocked the storage space with fake explosives. On the drive back, Alhaggagi pointed out good locations for bombs.

Then he stopped meeting with the undercover agent. Alhaggagi claimed seeing the explosives in the storage space made it clear he'd taken this too far. From that point on, he never contacted the undercover agent again.

The FBI searched his home in November of 2016, finding evidence showing Alhaggagi was back to trolling, rolling into ISIS-related chatrooms to say bad things about the US government. It also found that he had opened up Twitter and Gmail accounts for some people in the chatroom, who were alleged ISIS sympathizers. Some of these accounts were later linked to ISIS's propaganda organization. Agents also found online searches related to bomb-making, strychnine, and flammable devices/substances.

The "material support" alleged here was the opening of social media and email accounts. But the court doesn't find the government's arguments persuasive. The government had the burden of proving Alhaggagi knew these accounts would be used to "intimidate or coerce" the US government or "retaliate" against it via violent acts.

The lower court simply shrugged and said there was no other possible use for the accounts, given that they were created for people in a pro-ISIS chatroom. But that shrug of indifference added decades to Alhaggagi's sentence. The probation office's pre-sentencing report suggested 48 months. The government countered with its terrorism enhancement, asking for a 396-month sentence. That's a difference of 29 years. The court settled on 188 months with 10 years of supervised release.

The Appeals Court reminds the government that the enhancement doesn't automatically apply to material support for terrorism charges. It also notes the government fell short on the burden of proof.

The district court’s conclusion rests on the erroneous assumption that in opening the social media accounts for ISIS, Alhaggagi necessarily understood the purpose of the accounts was “to bolster support for ISIS’s terrorist attacks on government and to recruit adherents.” Unlike conspiring to bomb a federal facility, planning to blow up electrical sites, attempting to bomb a bridge, or firebombing a courthouse—all of which have triggered the enhancement— opening a social media account does not inherently or unequivocally constitute conduct motivated to “affect or influence” a “government by intimidation or coercion.” 18 U.S.C. § 2332b(g)(5)(A). In other words, one can open a social media account for a terrorist organization without knowing how that account will be used; whereas it is difficult to imagine someone bombing a government building without knowing that bombing would influence or affect government conduct.

The lower court stretched the definition beyond credulity to add more than a decade to the defendant's sentence.

The district court’s “cause and effect” reasoning is insufficient because the cause—opening social media accounts—and the effect—influencing government conduct by intimidation or coercion—are much too attenuated to warrant the automatic triggering of the enhancement. Instead, to properly apply the enhancement, the district court had to determine that Alhaggagi knew the accounts were to be used to intimidate or coerce government conduct.

The FBI found a malcontent wandering the internet and when the troll refused to keep participating in the "blow shit up" charade, it raided and arrested him for material support. Then, for the crime of opening social media accounts, the government wanted to lock him up for more years than he'd been alive. And, for all the effort -- the 24-hour surveillance, the undercover agent, and the confidential informant -- the FBI came no closer to heading off a terrorist attack or taking down a terrorist organization.

Filed Under: 9th circuit, amer alhaggagi, fbi, isis, own plots, own terrorists, sentencing enhancements, social media, trolling, trolls

FBI Sent A Special Task Force To Portland To 'Exploit' Phones Taken From Protesters

from the collect-it-all dept

Ongoing protests in Portland have been met with a federal response. The opening salvo was disturbing: Gestapo-esque tactics carried out by unidentified federal officers driving unmarked vehicles. It didn't get any better after that. The federal task force headed by the DHS seemed more willing to escalate the situation than settle things down, even if they were supposedly there to just do federal things like protect federal property and investigate federal crimes.

Documents leaked to Ken Klippenstein indicated the federal presence in Portland was more interested in finding evidence of some sort of Antifa hierarchy than sticking to the directive. FBI forensic analysts and their tech had been scrambled to Oregon to dig into phones taken from protesters and arrestees in hopes of finding some sort of organizational structure for them to attack.

This immediately raised questions about the Constitutionality of these device extractions. There's a warrant requirement in place for phone searches incident to arrests and it's not clear whether this requirement is being followed. For that matter, cloning phones belonging to detainees not necessarily suspected of criminal activity (with or without a warrant) seems like an unjustified abuse of the powers granted to law enforcement.

Emails obtained by the New York Times indicate that's exactly what's happening. A special deployment of FBI agents was sent to Portland specifically to aid in the extraction of information from protesters' phones.

The FBI’s Washington, D.C., headquarters sent agents from its “Fly Team,” an elite counterterrorism unit, to Portland this summer during the second weekend in July. Their task was to interview arrested protesters and carry out the “initial exploitation of phones, or other communication devices,” according to FBI emails obtained through a public records request. It is unclear whether the Fly Team operation extended either past that weekend or beyond Portland, but the emails suggest that the FBI has been using counterterrorism tools and powers to map left-wing protest networks just months before an election whose result is likely to be delayed, if not challenged.

The Fly Teams have been in existence since shortly after the 9/11 attacks in 2001. But until now, they've mainly been foreign-focused -- either operating in other countries or targeting foreign terrorists. This breaks some new ground in a disturbing way: counterterrorist activity targeting US citizens, some of which have engaged in nothing more than exercising their First Amendment rights.

The emails also suggest federal law enforcement is working around warrant requirements by exploiting one particular exception:

In one of the replies to [Special Agent] Chamberlin’s email, a colleague in the Portland bureau notes that the Fly Team’s “defintion [sic] of exigency will be different from ours.”

The emails [PDF] detail an incident that might be used to stretch the definition of "exigent" to cover any detained protester. A man arrested for shining laser lights into officers' eyes was found to be carrying weapons and explosives. He consented to a search of his phone, which led to a search of his home and criminal charges. If agents can talk themselves into believing any arrestee or detainee poses a threat, phones are going to be searched without warrants in the hopes a court will grant the government the benefit of a doubt if the search is challenged.

There's nothing in the emails that says the FBI is adhering to the Fourth Amendment. There's nothing in there that says it isn't, either. But you generally don't memorialize Constitutional violations in communications that can be obtained with public records requests.

As the New York Times notes, it's unclear under what authority the FBI is acting if it's treating domestic protests like domestic terrorism. But the Constitution may not be much of an obstacle thanks to actions taken by President Ronald Reagan nearly four decades ago.

Among the special powers granted exclusively to the FBI under a Reagan-era executive order (No. 12333) are authorizations to conduct “unconsented physical searches” and “physical surveillance” for intelligence purposes in the US.

We'll know more as more information leaks out or searches are challenged in court. But even if the FBI is following the law, the law gives it a lot of leeway to engage in acts it probably shouldn't, even if it legally can.

Filed Under: 1st amendment, 4th amendment, antifa, dhs, exigent circumstances, fbi, phones, portland, protests, surveillance