MENUMENU

Evidence collected thanks to a FBI hack dismissed by judge in child-porn case

glitched image of code

Photo via Ruiwen Chua/Flickr Remix by Max Fleishman

This case is now essentially dead.

A federal judge has thrown out all the evidence gathered by the FBI using a hacking tool targeting Tor users in a child-porn investigation. 

U.S. District Court Judge Robert Bryan on Wednesday shut down the FBI’s case against defendant Jay Michaud, a Vancouver middle-school teacher accused of downloading child porn through the Tor anonymity network while the FBI surreptitiously took control of a child-porn site called Playpen for two weeks in early 2015.

Bryan’s order came after the FBI refused to reveal the full code behind the hack. 

“Much of the details of this information is lost on me, I am afraid, the technical parts of it, but it comes down to a simple thing,” Bryan said in court. “You say you caught me by the use of computer hacking, so how do you do it? How do you do it? A fair question.”

The hack targeted the Tor Browser used by targets. It revealed, most crucially, their IP addresses, according to federal prosecutors. That leads directly to their names, locations, and real identities.

Beyond that, the FBI refused to reveal more.

The FBI identified Michaud using its hack—known as a Network Investigative Technique (NIT)—but everything from the hack has now been thrown out. The case, as far as this courtroom goes, is essentially dead. An appeal is expected.

“Evidence of the N.I.T., the search warrant issued based on the N.I.T., and the fruits of that warrant should not be offered in evidence at trial,” Bryan wrote. 

The defense argued that the code behind the hack would allow verification of the information obtained, including Michaud’s IP address and identity.

The FBI argued that hacking the site and all of its users played a crucial role in identifying a wide swatch of pedophiles.

“We had a window of opportunity to get into one of the darkest places on Earth, and not a lot of other options except to not do it,” Ron Hosko, a former senior FBI official, told USA Today in January. “There was no other way we could identify as many players.”

H/T Brad Heath

Patrick Howell O'Neill

Patrick Howell O'Neill

Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.