From EFF’s Secret Files: Anatomy of a Bogus Subpoena

Electronic Frontier FoundationFrom the Electronic Frontier Foundation: Can the U.S. government secretly subpoena the IP address of every visitor to a political website? No, but that didn’t stop it from trying.

In a report released today, EFF Senior Staff Attorney Kevin Bankston tells the story of a bogus federal subpoena issued to independent news site Indymedia.us, and how the site fought back with EFF’s help. Declan McCullagh at CBSNews.com also has the story.

The report describes how, earlier this year, U.S. attorneys issued a federal grand jury subpoena to Indymedia.us administrator Kristina Clair demanding “all IP traffic to and from www.indymedia.us” for a particular date, potentially identifying every person who visited any news story on the Indymedia site. As the report explains, this overbroad demand for internet records not only violated federal privacy law but also violated Clair’s First Amendment rights, by ordering her not to disclose the existence of the subpoena without a U.S. attorney’s permission.

Because Indymedia follows EFF’s Best Practices for Online Service Providers and does not keep historical IP logs, there was no information for Indymedia to hand over, and the government withdrew the subpoena. However, as the report describes, that wasn’t the end of the tale: Ms. Clair wanted EFF to be able to tell the story of the subpoena and shine a light on the government’s illegal demand, yet the subpoena ordered silence. Under pressure from EFF, the government admitted that the subpoena’s gag order had no legal basis, and ultimately chose not to go to court to try to force Ms. Clair’s silence despite earlier threats to do so.

This story is an an important example of how government abuses breed in secrecy, and an argument for Congress to step in and require meaningful reporting about how the government uses its surveillance authorities. How often does the government attempt such illegal fishing expeditions through internet data? How many online service providers have received similarly bogus demands, and handed over how much data, violating how many internet users’ privacy? How many of those subpoena recipients have been intimidated into silence by unconstitutional gag orders?

We don’t know. And until Congress exerts stronger oversight, we can’t know, except in those occasional instances where a brave online service provider steps up, pushes back, and tells the world. We encourage other online service providers to follow the example of Indymedia.us and Kristina Clair by standing up for their users’ rights when the government secretly overreaches. If you’re an ISP, a web host, an email provider, an app developer, a Web 2.0 start-up or any other kind of online service provider and you receive a government demand for your users’ data, please call a lawyer. If you don’t have a lawyer, call EFF.

Related Posts

How to configure Ubuntu 14.04 server to forward root mails to your email address This short tutorial shows how to configure a Ubuntu 14.04 Cloud server to forward system-generated mails sent to the root account to your email addres...
Children hospitals saving money by using open source Italian children hospitals are saving money by using the 'Smart Inclusion project' using open source technology and offering access to for instance me...
FSF works with PayPal to the benefit of the free software community The Free Software Foundation thanks PayPal for responding to its concerns and making its terms more free software friendly. BOSTON, Massachusetts, ...
What’s LXD? Editor's Note: LXD is also pronounced L-X-D, which is my prefered pronunciation. So, what's LXD? Don't worry, if you don't know the answer, you...
Android 5.0 Lollipop, Nexus 9 tablet and Nexus 6 phablet Android 5.0, code-named Lollipop, is the latest edition of the most popular mobile operating system on planet Earth. Along with it, Google's also rele...
Linpus announces support for MeeGo™ on the connected TV platform Linpus Technologies, Inc., an open source solutions provider based in Taipei, Taiwan, has announced support for MeeGo™ on the connected TV platform. W...

We Recommend These Vendors

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).


Leave a Comment

Your email address will not be published. Required fields are marked *

*