From EFF’s Secret Files: Anatomy of a Bogus Subpoena

Electronic Frontier FoundationFrom the Electronic Frontier Foundation: Can the U.S. government secretly subpoena the IP address of every visitor to a political website? No, but that didn’t stop it from trying.

In a report released today, EFF Senior Staff Attorney Kevin Bankston tells the story of a bogus federal subpoena issued to independent news site Indymedia.us, and how the site fought back with EFF’s help. Declan McCullagh at CBSNews.com also has the story.

The report describes how, earlier this year, U.S. attorneys issued a federal grand jury subpoena to Indymedia.us administrator Kristina Clair demanding “all IP traffic to and from www.indymedia.us” for a particular date, potentially identifying every person who visited any news story on the Indymedia site. As the report explains, this overbroad demand for internet records not only violated federal privacy law but also violated Clair’s First Amendment rights, by ordering her not to disclose the existence of the subpoena without a U.S. attorney’s permission.

Because Indymedia follows EFF’s Best Practices for Online Service Providers and does not keep historical IP logs, there was no information for Indymedia to hand over, and the government withdrew the subpoena. However, as the report describes, that wasn’t the end of the tale: Ms. Clair wanted EFF to be able to tell the story of the subpoena and shine a light on the government’s illegal demand, yet the subpoena ordered silence. Under pressure from EFF, the government admitted that the subpoena’s gag order had no legal basis, and ultimately chose not to go to court to try to force Ms. Clair’s silence despite earlier threats to do so.

This story is an an important example of how government abuses breed in secrecy, and an argument for Congress to step in and require meaningful reporting about how the government uses its surveillance authorities. How often does the government attempt such illegal fishing expeditions through internet data? How many online service providers have received similarly bogus demands, and handed over how much data, violating how many internet users’ privacy? How many of those subpoena recipients have been intimidated into silence by unconstitutional gag orders?

We don’t know. And until Congress exerts stronger oversight, we can’t know, except in those occasional instances where a brave online service provider steps up, pushes back, and tells the world. We encourage other online service providers to follow the example of Indymedia.us and Kristina Clair by standing up for their users’ rights when the government secretly overreaches. If you’re an ISP, a web host, an email provider, an app developer, a Web 2.0 start-up or any other kind of online service provider and you receive a government demand for your users’ data, please call a lawyer. If you don’t have a lawyer, call EFF.

Related Posts

LG’s 8-inch G Pad 8.3 Android tablet With the announcement of the G Pad 8.3 Android-powered tablet computer, LG just launched its own version of an 8-inch tablet computers. It probably is...
Clair: A vulnerability analysis tool for Containers Clair is a vulnerability analysis tool for containers that was just released by CoreOS. CoreOS is the same outfit that's behind the development of ...
Distributed R brings scalable, high-performance Big Data analytics to R The R statistical and programming language is a single-threaded language, a factor that counts against it when it comes to analyzing massive datasets....
What is the best blogging platform built atop Node.js? After about six years of using WordPress as the blogging  platform for this website, I have come to the stage where I want to try something else. Some...
Blind Inventors Develop Free Software to Enable the Blind to Use Computers For many blind people, computers are inaccessible. It can cost upwards of $1000 to purchase "screen reader" software, but two blind computer programme...
How to install S3QL from source on Fedora 19 S3QL is an online file system for UNIX-like operating systems that provide features like compression, encryption, data de-duplication, immutable trees...

We Recommend These Vendors and Free Offers

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


Leave a Comment

Your email address will not be published. Required fields are marked *

*