DOJ: “Disclosure is not currently an option.” Rather than share the now-classified technological means that investigators used to locate a child porn suspect, federal prosecutors in Washington state have dropped all charges against a man accused of accessing Playpen, a notorious and now-shuttered website.
The case, United States v. Jay Michaud, is one of nearly 200 cases nationwide that have raised new questions about the appropriate limitations on the government’s ability to hack criminal suspects. Michaud marks just the second time that prosecutors have asked that case be dismissed.
“The government must now choose between disclosure of classified information and dismissal of its indictment,” Annette Hayes, a federal prosecutor, wrote in a court filing on Friday. “Disclosure is not currently an option. Dismissal without prejudice leaves open the possibility that the government could bring new charges should there come a time within the statute of limitations when and the government be in a position to provide the requested discovery.”
The Department of Justice is currently prosecuting over 135 people nationwide whom they believe accessed the illegal website. However, in order to find those people, federal authorities seized and operated the site for 13 days before closing it down. During that period, the FBI deployed a Tor exploit that allowed them to find out those users’ real IP addresses. The use of Tor, which obscures and anonymizes IP addresses and browser user agents, makes it significantly more difficult for individuals to be tracked online. With the exploit, it became extremely easy for suspects to be identified and located.
The DOJ has called this exploit a “network investigative technique,” (NIT) while many security experts have dubbed it as “malware.”
Defense attorneys have attempted to gain access to some, if not all, of the NIT’s source code as part of the criminal discovery process. In a related case prosecuted in New York, an FBI search warrant affidavit described both the types of child pornography available to Playpen’s 150,000 members and the NIT’s capabilities.
Last year, US District Judge Robert Bryan ordered the government to hand over the NIT’s source code in Michaud. Since that May 2016 order, the government has classified the source code itself, thwarting efforts for criminal discovery in more than 100 Playpen-related cases that remain pending.
Since the prosecution against Playpen defendants has unfolded, many have pleaded guilty, and only a few have had charges dropped altogether.
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.