The FBI has come under fire for using a digital “sledgehammer” to try to find potential terrorists—knocking out hundreds of unrelated email addresses and websites in the process.
The worst part? Despite the damage inflicted to any number of people’s Internet rights, it is unlikely the FBI’s approach will actually yield information leading to a suspect. The episode, however, does yield lots questions about where to draw the line between Internet liberty and personal security.
The FBI is seeking information related to a large number of bomb threats emailed to the University of Pittsburgh. A few handwritten bomb threats were discovered in university restrooms in February. After that, a group—which calls itself “The Threateners,” but may just be one, lone individual—began an email campaign repeatedly claiming they’d placed bombs in various university buildings. None were ever found, but the threats—over 100 in total and up to 12 in a single day—prompted a string of building evacuations and police sweeps.
If the perpetrator were less Internet-savvy, the FBI could easily discover the source of the emails by subpoenaing his email server for his Internet Protocol (IP) address, then subpoenaing his Internet Service Provider for the name and address associated with that IP address. That’s how law enforcement tracked down Boston’s so-called “Craigslist Killer.”
Instead, the group sending the threats uses a service that hides its email tracks.
The FBI seized a server in the New York office of the European Counter Network (ECN), an Italian-based political group that runs an email anonymizing service called Mixmaster. Police reportedly think at least three of The Threateners’ emails passed through those servers.
The seizure was reported by Riseup.net, a donation-supported, Seattle-based email service that supports Web freedom and anonymity. Riseup.net shares server facilities with ECN in New York.
RiseUp characterized the seizure of the server as a “sledgehammer” approach and claims that it both disrupts other users’ Internet use and won’t get the FBI any closer to finding The Threateners. Mixmaster is specifically designed to keep emailers anonymous, Riseup said in a statement. Not only would the FBI be unable to use the server to find any information about their suspect, over 300 unrelated email accounts and numerous websites have been disrupted by the seizure.
“We sympathize with the University of Pittsburgh community who have had to deal with this frightening disruption for weeks,” said Devin Theriot-Orr, a spokesperson for Riseup.
“However, taking this server won’t stop these bomb threats. The only effect it has is to also disrupt e-mail and websites for thousands of unrelated people.”
In the end, it might be a moot point for the investigation. The Threateners claimed Sunday that they have ceased all threats, since their one demand was met. The university had offered a $50,000 reward for the Threatener’s identities, and the group asked the school to rescind that offer.
Photo By Dougtone