Quantcast
crime

​FBI: Hacking Tool Only Targeted Child Porn Visitors

An FBI agent involved in the investigation of Playpen says that the hacking tool used was more limited in scope than some may have believed.

Joseph Cox

Joseph Cox

Image: kubais/Shutterstock

The FBI's investigation into a child pornography dark web site called Playpen has been one of the most controversial cases of law enforcement hacking. In February 2015, the FBI seized the site and ran it from its own servers in order to deploy a hacking tool against visitors.

One controversial aspect is that the warrant authorised the FBI to hack anyone who logged in or signed up to the website, although the site itself, at least at one point, arguably wasn't explicitly advertising itself as a host of child pornography. But testimony from an FBI agent involved in the investigation now shows that the hacking tool was more limited in its deployment.

In a hearing held last Friday, FBI Special Agent Daniel Alfin, from the agency's violent crimes against children section, elaborated on how the Network Investigative Technique (NIT)—the agency's term for a hacking tool—was deployed only against visitors of specific sections of the site.

"The NIT was deployed against users who accessed posts in the 'Preteen Videos—Girls Hardcore' forum because users accessing posts in that forum were attempting to access or distribute or advertise child pornography," he said, according to a court transcript.

"At the point where a user in that forum accessed a post, we can affirmatively state that a user has attempted to access child pornography," he continued.

This point was reaffirmed in a ruling issued by Judge Robert J. Bryan on Thursday. "The FBI setup the NIT so that accessing the forum hyperlink, not Website A's [Playpen] main page, triggered the automatic deployment of the NIT from a government-controlled computer in the Eastern District of Virginia," Bryan wrote.

The forum thread in question was entitled "Preteen videos—girls HC," with HC standing for "hardcore."

Indeed, according to court transcripts, Keith Becker from the Department of Justice said in the hearing last Friday that although the supporting documentation for the warrant did authorize the FBI to deploy the NIT at the login stage, "the affidavit does articulate that the FBI may deploy in a more limited sort of fashion, including in particular areas of the target website." (The warrant and affidavit are currently sealed).

The latest ruling was written in response to the defense's claims that evidence against the accused should be suppressed, and centered around several arguments over the vagueness of the warrant.

"What was done here was ultimately reasonable," Judge Bryan wrote. "The NIT warrant was supported by probable cause and particularly described the places to be searched and the things to be seized."

In the case of Jay Michaud, a Vancouver, Washington man who was charged with child pornography crimes in July 2015, defense lawyers have also argued that the FBI effectively distributed child pornography by keeping the site up and running, though a judge recently ruled this was not "outrageous conduct."