Skip to main content

Questions Over FBI Allegedly Running 23 Child Porn Sites

 

image-via-billion-photos-and-shutterstock

Did the FBI actually run almost two dozen child porn sites to catch predators? No, said a spokesman. He claimed it probably happened just one time.

“I would refer you to public documents on the Playpen investigation, in which we seized and operated a dark web child pornography site for a period of less than two weeks,” FBI spokesman Christopher Allen told Ars Technica in a Friday report. “That was an extraordinary investigation, and to my knowledge may be the only time that has occurred. So to suggest this is a common thing is patently not true.”

In 2015, the FBI took seized a dark web child porn site called Playpen, and ran it for this 13 days. Why? So they could use a “network investigative technique” (a polite term for malware) to locate the website’s users. A federal judge in Virginia even authorized it. Almost 200 arrests were made, and more might be pending: According to one Utah complaint, the NIT discovered about 1300 IP addresses. This investigation reached computers all over the world.

And according to one affidavit obtained by the American Civil Liberties Union, it could have been even bigger. The FBI seemed to get authorization for 23 sites.

In the normal course of the operation of a web site, a user sends “request data” to the web site in order to access that site. While Websites 1-23 operate at a government facility, such request data associated with a user’s actions on Websites 1-23 will be collected. That data collection is not a function of the NIT. Such request data can be paired with data collected by the NIT, however, in order to attempt to identify a particular user and to determine that particular user’s actions on Websites 1-23.

But the wording is not very specific.

“That paragraph alone doesn’t quite say the FBI is operating them,” cybercrime lawyer Fred Jennings told Ars Technica. “But definitely no other way to read that than websites 1-23 were hosted at a government facility, with the FBI’s knowledge and to the FBI’s informational benefit. It’s clever phrasing on their part.”

The Playpen investigation remains fraught. A magistrate judge signed off on the Playpen warrant, which is a bit of a problem. That warrant was used for outside of her jurisdiction, but only more senior “District Judges” can apply these to such out-of-district investigations. Accordingly, federal judges in Iowa, Massachusetts, and Oklahoma ruled that this search violated procedure. We’ve reached out to the magistrate judge, Theresa Buchanan, for comment.

At any rate, the relevant federal procedure, “41 rule,” is slated to change on December 1. Federal authorities will get expanded powers to find cybercrime suspects who’ve hidden their computers, and gives a single judges the power to okay search warrants covering five or more judicial districts.

“The amendments would not authorize the government to undertake any search or seizure or use any remote search technique, whether inside or outside the United States, that is not already permitted under current law,” the feds said in a June press release.

But Ahmed Ghappour, a professor at the University of California’s Hastings College of the Law, doesn’t believe that. In 2014, he called the rule 41 proposal “Possibly the broadest expansion of extraterritorial surveillance power since the FBI’s inception.”

[image via Billion Photos and Shutterstock]

Follow Alberto on Twitter (@Alberto Luperon)

Tags:

Follow Law&Crime: