July 9, 2020
Germany seizes server hosting pilfered US police files
At the behest of the U.S. government, German authorities have seized a computer server that hosted a huge cache of files from scores of U.S. federal, state and local law enforcement agencies obtained in a Houston data breach last month.
The server was being used by a WikiLeaks-like data transparency collective called Distributed Denial of Secrets to share documents—many tagged "For Official Use Only"—that shed light on U.S. police practices.
The data, dating back to 1996, include emails, audio and video files and police and FBI intelligence reports. DDoSecrets founder Emma Best said the data, dubbed "BlueLeaks," comes from more than 200 agencies. It has been stripped of references to sexual assault cases and references to children, but names, phone numbers and emails of police officers were not redacted, said Best, who uses they/their pronouns.
Best said that DDoSecrets obtained the data from an outside individual who sympathized with nationwide protests against police killings of unarmed Black people. Some of the files offer insights into the police response to those protests, they said.
While hacking into computers and stealing data is a federal crime, U.S. courts have consistently ruled that journalists may publish stolen documents as long as they are not involved in their theft. DDoSecrets says it is a journalistic organization that shares documents in the public interest.
The documents came to light via a breach of Houston web-design company Netsential, which hosts portals for law enforcement agencies and "fusion centers," state-run operations created after the 9/11 attacks to share threat intelligence with local and state police and private-sector partners.
The prosecutor's office in Zwickau, a German city near the Czech border, said in an emailed statement Wednesday that the server was confiscated July 3 in the town of Falkenstein following a request from U.S. authorities.
The FBI declined to comment. A U.S. Embassy spokesperson in Berlin did not respond to phone calls and emails seeking comment.
The Zwickau prosecutors' statement said it would be up to German judicial authorities to decide whether to hand the server over to U.S. authorities. It said it would not disclose the reason for the U.S. request. Neither would a representative of Hetzner Online, the company that hosted the server.
Best said they assume the seizure was related to the posting of the BlueLeaks documents. They said the files show "a lot of things that are entirely legal and normal and horrifying," including police surveillance and police intelligence of dubious origin. Best said none were classified.
The document dump helps expose "the United States' overdeveloped police intelligence apparatus," said Brendan McQuade, a criminology professor at the University of Southern Maine who has viewed the documents. The files do not include high-level intelligence but provide a window into the relationship between law enforcement at all levels, he said—one that he believes the FBI doesn't want the public to see lest it "add more fuel to the protests" against police brutality and racism in policing.
Best said the files remain publicly accessible through more complicated means such as BitTorrent and the Tor network, both of which complicate censorship efforts. Best said the organization is now rebuilding its infrastructure for public access. "All they cost us is time," they said.
Shortly after DDoSecrets posted the data, Twitter permanently suspended the organization's account for publishing links and images from the collection, citing a ban on the posting of hacked material.
One U.S. law enforcement agency affected by the breach is the Iowa Law Enforcement Academy. Its director, Judy Bradshaw, told The Associated Press the breach revealed names of students in academy courses and their drivers licenses, but no financial information.
She said Netsential had scores of clients in law enforcement, where it was a strong niche provider. Netsential itself confirmed the breach in an undated statement on its bare-bones website and said it was assisting the investigation but would provide no further information "due to the sensitivity of client information."
Executives of the National Fusion Centers Association did not respond to emails and phone calls seeking comment on whether any sensitive investigations may have been compromised by the breach. But Maine State Police said in a statement on June 26 that the FBI was investigating and that affected bulletins may "contain identifying information, such as full name and date of birth of people under investigation by other law enforcement agencies." It said they "may also involve individuals wanted for criminal activity."
DDoSecrets was created in late 2018 by Best, a journalist specializing in freedom-of-information petitions. It has worked on various investigations with established media organizations including the German newsmagazine Der Spiegel and the U.S. news organization McClatchy.
Previous DDoSecrets releases include data on offshore Bahamas accounts used as tax havens, files hacked from Chilean police and data from a British provider of offshore financial services that has drawn comparisons, on a smaller scale, to the 2016 Panama Papers leak.
© 2020 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.