You are here

Did the FBI break the law taking down Silk Road?

3 posts / 0 new
Last post
Easy Skanking
Did the FBI break the law taking down Silk Road?
ZDNet wrote:
Summary: Correction. Law enforcement located Silk Road by finding and accessing a server that wasn't supposed to be public. When others do this the government calls it a felony.

About 18 months ago 27 year-old Andrew Auernheimer was found guilty of one count of conspiracy to access AT&T Inc servers without consent. He was sentenced to 41 months in prison, a fine and supervised release.

[Correction on Setember 9: Auerenheimer tells me that his appeal is over, he won and he's out of the slammer. He's right.]

The case was successfully appealed and for good reason. The server held email addresses (and no other personal information) of registered iPad buyers, but AT&T had not taken any measures to control access to the server in question. Auernheimer saw, from the process of registering for AT&T service, that this particular server was being queried for the email address. Retrieving the contents of the server at that point only required a web browser.

Yet the federal government called this a felony, specifically unauthorized access under the Computer Fraud and Abuse Act. So I have to wonder whether the same logic applies to law enforcement, such as when they located the servers running the Silk Road marketplace on Tor, which the government claims they did by following addresses leaked because the server was misconfigured. (See the full government brief at the bottom of this story.)

As Professor Orin Kerr of the George Washington University Law School says on the Volokh Conspiracy blog, if Auernheimer is guilty of unauthorized access, then so is the FBI. Kerr, I should note, worked on Auernheimer's appeal to the Third Circuit US Court of Appeals.

The government brief, which is a declaration by an FBI cybercrime expert, says in part (footnotes omitted):

8. Upon examining the individual packets of data being sent back from the website, we noticed that the headers of some of the packets reflected a certain IP address not associated with any known Tor node as the source of the packets. This IP address (the “Subject IP Address”) was the only non-Tor source IP address reflected in the traffic we examined. The Subject IP Address caught our attention because, if a hidden service is properly configured to work on Tor, the source IP address of traffic sent from the hidden service should appear as the IP address of a Tor node, as opposed to the true IP address of the hidden service, which Tor is designed to conceal. When I typed the Subject IP Address into an ordinary (non-Tor) web browser, a part of the Silk Road login screen (the CAPTCHA prompt) appeared. Based on my training and experience, this indicated that the Subject IP Address was the IP address of the SR Server, and that it was “leaking” from the SR Server because the computer code underlying the login interface was not properly configured at the time to work on Tor.

With the IP address, the FBI was eventually able to locate the alleged operator of Silk Road, Ross Ulbricht. It would seem from this description that the CAPTCHA software was running on the same server as the login interface. This is a slight difference from the Auernheimer/AT&T case, where the email addresses were on a separate server, but it's a distinction without a difference. In both cases, in the normal course of using the site, the user was retrieving data from the server which was violated. Auernheimer and the FBI went on to access it differently and directly. If it's unauthorized access for Auernheimer, it is for the FBI as well.

Kerr presents many other arguements in defense of Auernheimer. The issue of whether this access violates the CFAA works, at least more immediately, for the defense of Ulbricht.

Silk Road Prosecution 4th Amendment Rebuttall

Did the FBI break the law taking down Silk Road?


of course they broke the law

however the odds on favourite when it goes to court IS........ [url=]Parralel construction[/url]

Parallel construction in the United States Drug Enforcement Administration

In August 2013, a report by Reuters revealed that the Special Operations Division (SOD) of the U.S. Drug Enforcement Administration advises DEA agents to practice parallel construction when creating criminal cases against Americans that are actually based on NSA warrantless surveillance. The use of illegally-obtained evidence is generally inadmissible under the Fruit of the poisonous tree doctrine.

Two senior DEA officials explained that the reason parallel construction is used is to protect sources (such as undercover agents or informants) or methods in an investigation. One DEA official had told Reuters: "Parallel construction is a law enforcement technique we use every day. It's decades old, a bedrock concept."

An example from one official about how parallel construction tips work is being told by Special Operations Division that: "Be at a certain truck stop at a certain time and look for a certain vehicle." The tip would allow the DEA to alert state troopers and search a certain vehicle with drug-search dogs. Parallel construction allows the prosecution building the drug case to hide the source of where the information came from to protect confidential informants or undercover agents who may be involved with the illegal drug operation from endangering their lives.

A number of former federal agents had used parallel construction during their careers according to Reuters interviews. Most of the former agents had defended the practice of parallel construction because no falsified evidence or illegally-obtained material were presented in courts. A judge can rule evidentiary material inadmissible if it is suspected that the evidence was obtained illegally.

Parallel construction in this case in the US usually is the result of tips from the DEA's Special Operations Division that are derived from sources within foreign governments, intelligence agencies or court-authorized domestic phone recordings. According to a senior law enforcement official and a former US military intelligence official tips are not given to the DEA until citizenship is verified to avoid any illegal wiretapping of US citizens who are abroad. US authorities require a warrant to wiretap domestic US-persons (citizens and non-citizens alike) and to wiretap US citizens who are abroad.

The Reuters piece occurred amid reporting of the 2013 NSA leaks, although it made no "explicit connection" to the Snowden leaks.

so use NSA/intelligence agency gathered material(most likely illegally gathered) then manufacture a means of prosecution to work around the illegality and get a conviction which was in effect based upon inadmissible evidence....

Log in to post comments