From EFF’s Secret Files: Anatomy of a Bogus Subpoena

Electronic Frontier FoundationFrom the Electronic Frontier Foundation: Can the U.S. government secretly subpoena the IP address of every visitor to a political website? No, but that didn’t stop it from trying.

In a report released today, EFF Senior Staff Attorney Kevin Bankston tells the story of a bogus federal subpoena issued to independent news site, and how the site fought back with EFF’s help. Declan McCullagh at also has the story.

The report describes how, earlier this year, U.S. attorneys issued a federal grand jury subpoena to administrator Kristina Clair demanding “all IP traffic to and from” for a particular date, potentially identifying every person who visited any news story on the Indymedia site. As the report explains, this overbroad demand for internet records not only violated federal privacy law but also violated Clair’s First Amendment rights, by ordering her not to disclose the existence of the subpoena without a U.S. attorney’s permission.

Because Indymedia follows EFF’s Best Practices for Online Service Providers and does not keep historical IP logs, there was no information for Indymedia to hand over, and the government withdrew the subpoena. However, as the report describes, that wasn’t the end of the tale: Ms. Clair wanted EFF to be able to tell the story of the subpoena and shine a light on the government’s illegal demand, yet the subpoena ordered silence. Under pressure from EFF, the government admitted that the subpoena’s gag order had no legal basis, and ultimately chose not to go to court to try to force Ms. Clair’s silence despite earlier threats to do so.

This story is an an important example of how government abuses breed in secrecy, and an argument for Congress to step in and require meaningful reporting about how the government uses its surveillance authorities. How often does the government attempt such illegal fishing expeditions through internet data? How many online service providers have received similarly bogus demands, and handed over how much data, violating how many internet users’ privacy? How many of those subpoena recipients have been intimidated into silence by unconstitutional gag orders?

We don’t know. And until Congress exerts stronger oversight, we can’t know, except in those occasional instances where a brave online service provider steps up, pushes back, and tells the world. We encourage other online service providers to follow the example of and Kristina Clair by standing up for their users’ rights when the government secretly overreaches. If you’re an ISP, a web host, an email provider, an app developer, a Web 2.0 start-up or any other kind of online service provider and you receive a government demand for your users’ data, please call a lawyer. If you don’t have a lawyer, call EFF.

Related Posts

Mark Shuttleworth on Western media, Iraq, IS and Ukraine It's very rare that the CEO of a technology outfit that's based in the West takes an open stance on hot-button geopolitical issues. It's even rarer th...
Amazon’s Prime Air drone delivery sounds great, but it’s DoA So 60 Minutes gave Amazon's Jeff Bezos a platform to tout his company's next great idea - Prime Air, a 30-minute delivery service via small unmanned a...
Building Rancher Catalog Templates from Scratch : Part 1 Rancher is a platform for running and managing applications in (Docker) containers. Aside from the Rancher platform, there's also Rancher OS, a co...
What to do when Shutter’s Edit button is disabled Shutter is a nice screen grabber application with image editing features. There was a time when all it's features worked out of the box. Not any mo...
Your Web Surfing History Is Accessible Without Your Permission The Web surfing history saved in your Web browser can be accessed without your permission. JavaScript code deployed by real websites and online advert...
Italy to begin an open source competence centre Italian public administrations considering to use open source can turn to a competence centre specialised in this type of software. The centre, which ...

We Recommend These Vendors and Free Offers

ContainerizeThis 2016 is a free, 2-day conference for all things containers and big data. Featured, will be presentations and free, hands-on workshops. Learn more at

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.

Leave a Comment

Your email address will not be published. Required fields are marked *