How a Child Porn Case Became a Battle Over Government Secrets

The reason the government won't disclose its Tor Browser exploit? It's classified.

|
May 19 2016, 12:30pm

Criminal cases around Playpen, a dark web child pornography site busted by the FBI, are firing off in all directions. Although there have been successful convictions, some judges are ruling that the warrant used to hack visitors of the site was invalid, and others are throwing out evidence obtained by the FBI altogether.

In the last month, one case took another unexpected turn, and entered the realm of government secrets. The FBI is refusing to detail a Tor Browser exploit used to hack Playpen visitors, but the reason why is classified. To be clear: The FBI is not saying the exploit itself is classified; it's saying the motivation for not disclosing that exploit is.

Think about that for one moment. The issue isn't that the government has refused to provide details on how a defendant was caught. It's that the government is not even going to explain why it won't provide this information, possibly gaining a leg-up over the defense. And this is when there are already procedures in place for handling classified information in a courtroom which are being sidelined.

"It's bizarre for an agency to designate as classified the reasons why it can't disclose information, when the disclosure itself is not classified. This is the logic of totalitarian regimes, not democracy," Ahmed Ghappour, a visiting assistant professor at UC Hastings College of Law who has written on the issues around law enforcement hacking, told Motherboard.

"The government has transformed this case ... into a dispute over the balance between the government's interest in secrecy and the defendant's interest in a fair trial"

In February 2015, the FBI took control of Playpen, and for ran it from a government server in Virginia for two weeks. During that time, the agency deployed what it calls a network investigative technique (NIT), or what could more commonly be referred to as a hacking tool.

This NIT used an exploit to circumvent the protections of the Tor Browser, grab a suspect's IP address and other technical information, and send it to the feds.

In February, a judge ordered the FBI to produce this exploit to defense lawyers in an affected case so they could work out how their client was caught. The government pushed back, however—largely in sealed motions, of which only heavily redacted versions have been released—and urged the judge to allow a meeting to discuss why it didn't want to disclose the exploit, without the defense being present.

But in a reply filed last week, the defense dropped some intriguing information: The reason for nondisclosure was "classified." The defense argues that the government was trying to bypass the laws put in place to handle classified information in criminal proceedings.

"The Government maintains that it does not need to meet the requirements of the
Classified Information Procedures Act (CIPA) because 'the government is not arguing
that the discovery Michaud [the defendant] is seeking is itself currently classified,'" federal public defenders Colin Fieman and Linda Sullivan write. The pair are representing Jay Michaud, a Vancouver public schools administration worker arrested in July 2015.

CIPA is a statute followed when classified information enters a courtroom. Traditionally used in things like espionage or terrorism cases, CIPA is supposed to balance the defendant's right to information and the disclosure of classified details.

"When you do rely on CIPA it gives certain leverage to the defense, and it opens up the door to more information being disclosed than the government would want," Bradley P Moss, a national security attorney, told Motherboard.

In the Playpen case, the defense writes that the government is saying it doesn't have to follow CIPA because the browser exploit itself isn't classified, but it is relying on the classified nature of the information it wants to present to a judge to make the case for secrecy.

"They're trying to bypass CIPA, really, by claiming that it's not the same kind of secret"

"Congress enacted CIPA in part to ensure that the Government cannot rely on an unelaborated claim of state secrecy, like the one the Government is asserting here, to gain an unfair advantage in the discovery process," the defense lawyers add.

In other words, the government wants to have its cake and eat it too—to show a judge classified information to convince him to reverse his order, but without going through the processes of letting the defense perhaps see that information.

"They're trying to bypass CIPA, really, by claiming that it's not the same kind of secret," independent journalist Marcy Wheeler told Motherboard.

The Department of Justice declined to comment at this point.

Steve Vladeck, professor of law at American University Washington College of Law wrote in an email, "By claiming that some of the sought-after discovery is classified, the government has transformed this case from a run-of-the-mill dispute over the Federal Rules of Criminal Procedure into a dispute over the balance between the government's interest in secrecy and the defendant's interest in a fair trial."

Since that filing, the judge held a private meeting with the government. Shortly after, the judge reversed his order, meaning that the FBI no longer has to disclose the exploit.

But the defense has no idea why.

This story has been updated with additional context about the case.