Slashdot Mirror

← Back to Stories (view on slashdot.org)

EFF Sues FBI For Records About Paid Best Buy Geek Squad Informants (eff.org)

Posted by BeauHD on from the under-the-table dept.

The Electronic Frontier Foundation is suing the FBI for records "about the extent to which it directs and trains Best Buy employees to conduct warrantless searches of people's devices." The lawsuit stems around an incident in 2011 where a gynecology doctor took his computer for repairs at Best Buy's Geek Squad. The repair technician was a paid FBI informant that found child pornography on the doctor's computer, ultimately resulting in the doctor being charged with possessing child pornography. From the EFF's report: A federal prosecution of a doctor in California revealed that the FBI has been working for several years to cultivate informants in Best Buy's national repair facility in Brooks, Kentucky, including reportedly paying eight Geek Squad employees as informants. According to court records in the prosecution of the doctor, Mark Rettenmaier, the scheme would work as follows: Customers with computer problems would take their devices to the Geek Squad for repair. Once Geek Squad employees had the devices, they would surreptitiously search the unallocated storage space on the devices for evidence of suspected child porn images and then report any hits to the FBI for criminal prosecution. Court records show that some Geek Squad employees received $500 or $1,000 payments from the FBI. At no point did the FBI get warrants based on probable cause before Geek Squad informants conducted these searches. Nor are these cases the result of Best Buy employees happening across potential illegal content on a device and alerting authorities. Rather, the FBI was apparently directing Geek Squad workers to conduct fishing expeditions on people's devices to find evidence of criminal activity. Prosecutors would later argue, as they did in Rettenmaier's case, that because private Geek Squad personnel conducted the searches, there was no Fourth Amendment violation. The judge in Rettenmaier's case appeared to agree with prosecutors, ruling earlier this month that because the doctor consented both orally and in writing to the Geek Squad's search of his device, their search did not amount to a Fourth Amendment violation. The court, however, threw out other evidence against Rettenmaier after ruling that FBI agents misstated key facts in the application for a warrant to search his home and smartphone. We disagree with the court's ruling that Rettenmaier consented to a de-facto government search of his devices when he sought Best Buy's help to repair his computer. But the court's ruling demonstrates that law enforcement agents are potentially exploiting legal ambiguity about when private searches become government action that appears intentionally designed to try to avoid the Fourth Amendment.

13 of 147 comments (clear)

  1. The judge should have thrown out evidence... by CraigCruden · · Score: 5, Insightful

    Since this was an active program by the FBI to recruit and pay on piecework basis for material found that was illegal, the Best Buy workers were no longer working for Best Buy with regards to this action and were effectively working for the FBI in a sort of deputized role. As such the terms of conditions by Best Buy should not apply, and since they are effectively contract workers for the FBI -- they should have required warrants. Thus the evidence should be thrown out.

    1. Re:The judge should have thrown out evidence... by CaptainDork · · Score: 4, Insightful

      Once Geek Squad employees had the devices, they would surreptitiously search the unallocated storage space ...

      So you take your car in for a regular tune-up and the techs search the trunk?

      --
      It little behooves the best of us to comment on the rest of us.
    2. Re:The judge should have thrown out evidence... by Kjella · · Score: 3, Insightful

      Okay, I'm sort of playing devil's advocate here, but why should they need a warrant even if they were effectively working for the FBI? The customer voluntarily brought his computer to Best Buy and the computer was in their custody at the time of the search. There was no entry into the customer's home: Best Buy was in possession of the computer at the time of the search.

      Because otherwise a sysadmin at AT&T could wiretap any calls the FBI asks them to without violating the 4th amendment? Just because you have legitimate access to something in your job doesn't mean it's free for the police to grab.

      --
      Live today, because you never know what tomorrow brings
    3. Re:The judge should have thrown out evidence... by dgatwood · · Score: 3, Insightful

      We don't know the chain of custody for the hard drive, so there's reasonable doubt that the content found on the drive is content that the doctor did not know about during the time he used his computer.

      Worse, even if you knew the chain of custody from the manufacturer, and even if you could prove that the material wasn't planted by Best Buy employees, if the drive was refurbished (as is often the case for computers that have been repaired previously), you would also need to know the chain of custody for the platters in the drive, which almost certainly does not even exist.

      Searching the unallocated space on a hard drive for kiddie porn is simply not a legitimate investigative technique, and anybody in law enforcement who works with cybercrime should know that already. So why the heck are we even having this discussion? This evidence must be suppressed as fruit of the poisonous tree, along with any evidence obtained as a direct result of any warranty wrongfully obtained based on that evidence, which likely means that the case will get dismissed for lack of evidence.

      Not to mention that deleted kiddie porn files are not prima facie evidence of a crime, because it is only a crime if possession was willful and with the offender's knowledge (United States v. X-Citement Video, Inc.). If the offender had a reasonable belief that the performers were of legal age, or that the material was not pornographic, or if the offender did not intentionally obtain that material, then it isn't a crime. That's what makes prosecution really problematic.

      Of course, it is quite possible that the Best Buy "finders" are actually parallel construction. For example, the owner of the computer might have knowingly downloaded one of those state-sponsored trojans that we've read about from a kiddie porn site, which in turn caused him to take the computer to Best Buy to remove the infection, and they detected that during the cleanup. If so, it's possible that they aren't allowed to talk about it in court because the trojan would then become part of the public record, which would create a whole new fruit-of-the-poisonous-tree discussion that makes this one look like child's play. But that's pure speculation.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

    4. Re:The judge should have thrown out evidence... by geekmux · · Score: 3, Insightful

      depends, what if you said there was a problem with the trunk latch and you wanted him to look at it?

      "Hi, my CD drive isn't working. Oh and while you're at it, can you take a look at my unallocated drive space?", said NO ONE EVER.

    5. Re:The judge should have thrown out evidence... by dwillden · · Score: 4, Insightful

      Because the Customer granted Best Buy permission to access the files and data needed to repair the computer. Not the FBI. By instituting a regular reward system, the FBI makes the Geek Squad Techs agents of the government. And thus a warrant is required to look at anything not absolutely required for effecting the needed repair. Unless specifically tasked to recover lost/deleted files, Scanning unallocated disk space for image files definitely exceeds that scope of access needed to effect repairs.

      The government is not allowed to simply have someone else do the dirty work to get around the protections afforded a citizen under the Constitution and the Bill of Rights. If someone else finds something and takes it to the Government of their own free will, it is admissible. If the government approaches someone and says hey look for this on every hard drive you service and we'll pay you when you find some, that is inadmissible, or should be as that person is acting as an agent of the government.

      --
      I'm too lazy to compose a creative sig.
    6. Re:The judge should have thrown out evidence... by v1 · · Score: 3, Insightful

      But poking around a hard drive is a legitimate part of fixing a computer, and if they inform on criminal activity they've observed as part of their normal activities they're informants.

      Not even remotely. I repaired computers for a decade, and never once did I have reason to "poke around on a hard drive". Even on the rare occasion I needed to open a document without the customer's involvement (to test speakers or a video issue for example) I knew where in the OS to find pictures or sound files I could use. I never needed to even rifle through their Pictures folder to find something to open.

      And lets not forget, they were searching the unallocated space on the hard drive. There is absolutely no reason to do this unless you are searching for deleted data. So unless they brought it in for an unformat or to recover something accidentally deleted, you have ZERO business doing that kind of search.

      I see this as no different than contracting a painter to come over and paint a few rooms of your house, and when you step out into the garage to work on your car they start rifling through your dresser looking for anything illegal. Maybe the local DEA has a private deal with that employee and wants to know if he ever "stumbles across" any drugs. And they'll pay him for the tip. And maybe he carries a little baggie in his truck to leave in your underwear drawer if you look like a good mark.

      And lets not forget, he's being offered a reward. If that doesn't reek of "incentive to plant evidence", I don't know what does. There's a reason we don't pay cops bonuses when they make busts. You don't give incentives to law enforcement to find more illegal activity because it encourages them to plant evidence and violate rights. Using a proxy doesn't improve this. If anything, it makes it worse because now you're not trying to rely on the morality and legal knowledge of an officer... now you're relying on the morals and legal know-how of Joe Citizen, and that's a heck of a lot worse still.

      I see three things that need to be addressed here. First off, employees conducting searches that clearly go beyond the business contract. I think anyone who's been surreptitiously searched by a service provider should have grounds for legal action, whether or not they found anything naughty. If I come back in from the garage and see the painter sifting through my dresser he's going to get thrown out of my house as a starter. Then I'm going to be on the phone lighting up the ear of his manager. And depending on how that goes, I may meet him in court a little later. The problem with computer forensics is it's a heck of a lot harder to catch them doing this. They're doing it out of your sight, and leaving essentially no evidence. IMHO that should make civil penalties worse. Penalties for behavior that's harder to catch needs to be more severe to balance out the incentive that it's easier to get away with, to make the risk-calculations in the criminal's head balance out.

      Second, Best Buy should have at least some legal exposure here also, because it should be part of their employee's training that you don't violate the privacy rights of a customer. We didn't have a written policy where I worked, but it was occasionally discussed with the new people that you don't go mucking around on customer hard drives. If several of your employees are taking advantage of their access to customer data for personal gain, this should be a huge issue for Best Buy. Not only is it a legal issue, but it's a huge violation of customer trust and will have an impact on business as customers take their gear elsewhere for service. So it's in the business's best interest for several reasons to prevent this behavior. (that, and how much clock time was wasted by these employees while they conducted hard drive scans, getting paid by the hour from BB to scan hard drives that the FBI would then maybe pay them for? That's theft, as I doubt they d

      --
      I work for the Department of Redundancy Department.
  2. The discoveries are not accidental by bongk · · Score: 4, Insightful

    Some of the articles seem to indicate employees are stumbling across illegal images as part of their repair process. But they are retrieving images from slack space, which afaik is not something a best buy type repair tech would do as part of a repair. So the techs are at a minimum using forensic tools to recover data. Also where are they billing the time for these non repair activities?...forensic scans are time consuming.

    I'm also very curious to know if the techs were then manually reviewing the recovered images, again time consuming, or if the FBI further assisted by providing the tech access to LE tools such as the databases of hashes of known CP to make their searching faster.

    As a victim of CP myself I have no love for creeps who access or share it, but for the FBI to argue that best buy employees weren't being led to perform searches on their behalf sounds rediculous.

  3. Re:Oh Dear Lord! by twalk · · Score: 5, Insightful

    It's relevant because it means that the police can avoid the 4th amendment simply by having a 3rd party examine things instead of the police doing it directly. It's another word game that's being used to gut the 4th

  4. End-Run Around the Constitution by mentil · · Score: 3, Insightful

    FBI: "We're not doing an end-run around the Constitution. We're paying civilians to do an end-run around the Constitution FOR us! There's a difference!"
    Courts need to come down on this hard or else it'll become standard practice.

    --
    Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
  5. Re:Oh Dear Lord! by hawguy · · Score: 5, Insightful

    Without further details, we can't know whether the doctor is guilty or not. The hard drive could have been purchased refurbished, from a friend, found in the guts of an old computer at Goodwill... who knows? The important part is, if we're going to gather information, it should be through the proper channels. Bribing near-minimum-wage workers with a month's wages to violate the same laws that protect us all is closer to organized crime than any legitimate government. They know better, and the EFF is one of the few organizations that calls bullshit when they see it.

    You forgot to mention another possibility -- when you pay someone a big bounty to find something, you're giving them incentive to put it there themselves.

    https://en.wikipedia.org/wiki/...

    Before the Anatomy Act 1832, executed criminals were the only legal source of bodies for hospitals to use for surgeon training. Due to high demand from chronic shortage of legal cadavers, "resurrection men" resorted to illegal means to obtain bodies, such as digging up corpses from graveyards or even murder. In 1828, William Burke and William Hare murdered 16 people and sold the bodies. Thomas Williams and John Bishop, part of a group of body snatchers known as the London Burkers, committed murder for the purpose of selling the victim's body in 1831.

  6. what abort chain of custody / forensics issues? by Joe_Dragon · · Score: 4, Insightful

    what abort chain of custody / forensics issues? The defense has the right to know and they have the right to do there own forensics work with there own lab.

    Under reasonable doubt I can say

    Who knows if that porn came form other infected systems on the Geek Squad network (I head that they outscored some of the clean up of systems to remote places)

    What if an Geek Squad worker has an infected usb disk that just copy's stuff system to system? some workers have copied stuff from people systems for there own use.

    what if was just in the browser cache??
    http://www.popsci.com/technolo...
    http://gizmodo.com/5099383/pop...

  7. Re:Oh Dear Lord! by Anonymous Coward · · Score: 4, Insightful

    That's a horrifying, if relevant and probable point.

    People have a lot of incentive to lie or otherwise cheat their "task", especially if it means they can get out of a dead-end job, start saving a little, or buy that sick rig they've been eyeing. $1000 ain't shit to the government, but to nerds trying to make their way up at Geek Squad, that's a big deal. Best Buy's not gonna provide any real incentives to do a good job (at least, not at that level), so these employees probably thought, "Fuck, I'm helping the government AND they value my work! I should keep this up!"

    As usual, pitting the poor against the rights of others. It makes me wonder where the employees are in all of this, and what their stories are. It's not like the government just saunters into your HQ one day and demands you do something highly illegal. It was probably an inside job coming from middle management (perhaps legal pressure for another crime, and their compliance is used as currency to avoid jail time), or pre-discussed with leadership behind a gag order.

    Whatever the case, it wholly deserves the scrutiny and attention it's receiving.