Home Office in frame over FBI's London server seizures

Blunkett had final say on legality of request


The US seizure of two Indymedia servers in London last Thursday is likely to have needed the approval of UK Home Secretary David Blunkett, but Blunkett may have acted on tenuous legal grounds, according to a Statewatch analysis. Statewatch considers that the seizure is likely to have been made under a US-UK Mutual Legal Assistance Treaty (MLAT) of 1996, but it seems doubtful that the Indymedia request could have been justified under even the broad terms of this treaty.

Indymedia itself does not know why its servers were seized, while Rackspace, the hosting company which was compelled to hand them over, issued a statement saying it was complying with a court order under an MLAT, and that the court prohibited it from commenting further. Under the terms of this MLAT (there are more in the works, and others now litter the globe's legal systems) the Home Office may not admit that a request has been made. The FBI commented to Agence France Presse that this was not an FBI operation but a subpoena issued "on behalf of a third country" and that the FBI was acting for the Swiss and Italian governments. This, as The Register reported here, provides some clues regarding the justification for the seizure.

Indymedia had been contacted recently by the FBI and Swiss authorities regarding two photos of Swiss undercover police published on Indymedia's French site, IMC Nantes. The police had been handling the G8 events in Switzerland in 2003, but their identities do not appear to have been clear in the photos. Rackspace had also been contacted by the FBI, but according to Indymedia, correspondence it received from Rackspace on Tuesday indicated that the matter was closed. Or not. Indymedia is unable to identify a recent, particular reason for Italian involvement, aside from the Italian government's having been "overtly hostile ever since the 2001 G8 Summit in Genoa."

The likeliest grounds for the MLAT request would therefore seem flimsy, while the FBI's role as some kind of Uncle Enforcer for the Swiss and Italians seems a dubious use of a US-UK treaty.

And even if there were something far more serious involved than just a couple of photos, the procedure ought to send shivers down the spine of every publishing organisation on the Internet. It is clearly perfectly possible for their operations to be crippled without warning, without their being told what it is they've done, and without explanation. Depending on whether the authorities (under the international MLAT regime this could be many, many authorities) want something you've got or just want to stop you doing something, the crippling could be pretty extensive and pretty long term. If they want you to stop doing something then they'll quite likely want your backups as well, and if you've no servers, no backups, and no idea when/if you're getting them back, two photos is going to be the least of your worries.

Paradoxically, Indymedia may be rather less vulnerable to this kind of action than a conventional company or news organisation. Indymedia's decentralised structure (it describes itself as "a network of collectively run media outlets") gives it a certain amount of resilience - anybody wishing to knock it out entirely must recognise it has numerous heads in numerous jurisdictions to be cut off. The more structured IT setups of conventional publishing organisations, on the other hand, make it a far simpler task for their key infrastructure to be identified and impounded.

Standing between the press and such an unfortunate fate we have, in the UK, David Blunkett's Home Office. The terms of the 1996 MLAT would have permitted Blunkett to refuse assistance if he felt granting the request would impair sovereignty, security or "other essential interests or would be contrary to important public policy", or if the request relates to "an offence of a political character." The request itself should include a description of the proceedings to which the request relates, a summary of the information giving rise to the request, a description of the evidence sought, and the purpose for which it is sought.

It should also include "a precise description of the place or person to be searched and of the articles to be seized". David Blunkett's MLAT unit should therefore have in its possession details of proceedings to be brought against Indymedia and/or Rackspace by Italy and/or Switzerland. It should also be relatively confident that any alleged offence is not of a political character (photos of secret policemen seldom are, right?) and have a clear indication that the obtaining of the evidence sought necessitated the removal of whole servers or hard disks.

Or not. According to Indymedia in the AFP report: "The order was so short-term that Rackspace had to give away our hard drives in the UK." This suggests that the FBI requested something that was on the hard disk, now and that handing over the hard disk or the server was the only way to comply. So although the authorities will have known very well that they would be carrying off the hardware, the request itself quite possibly did not specify this. It is however clear from the MLAT's terms that it was devised primarily in order to detain or question individuals, and that if it has indeed been used here, the treaty has been to some extent repurposed.

The treaty does however provide for the "return of documents or articles... as soon as is practicable unless the Central Authority of the Requested Party waives the return of the documents or articles". The custodian here is the US, which presumably does not face insurmountable problems in extracting whatever it was its friends wanted, and sending the kit straight back. Statewatch editor Tony Bunyan has called on Blunkett to explain himself: "Why did the Home Office agree? What grounds did the USA give for the seizure of the servers? Were these grounds of a 'political' nature? Has the Home Office requested that the servers be returned? What does this action say about freedom of expression and freedom of the press?", he says. "A trail that started in Switzerland and Italy has now ended fairly and squarely in the lap of the UK Home Secretary to justify." ®

Related links

Indymedia
The AFP report Statewatch analysis
Feds seize Indymedia servers


Other stories you might like

  • Lonestar plans to put datacenters in the Moon's lava tubes
    How? Founder tells The Register 'Robots… lots of robots'

    Imagine a future where racks of computer servers hum quietly in darkness below the surface of the Moon.

    Here is where some of the most important data is stored, to be left untouched for as long as can be. The idea sounds like something from science-fiction, but one startup that recently emerged from stealth is trying to turn it into a reality. Lonestar Data Holdings has a unique mission unlike any other cloud provider: to build datacenters on the Moon backing up the world's data.

    "It's inconceivable to me that we are keeping our most precious assets, our knowledge and our data, on Earth, where we're setting off bombs and burning things," Christopher Stott, founder and CEO of Lonestar, told The Register. "We need to put our assets in place off our planet, where we can keep it safe."

    Continue reading
  • Conti: Russian-backed rulers of Costa Rican hacktocracy?
    Also, Chinese IT admin jailed for deleting database, and the NSA promises no more backdoors

    In brief The notorious Russian-aligned Conti ransomware gang has upped the ante in its attack against Costa Rica, threatening to overthrow the government if it doesn't pay a $20 million ransom. 

    Costa Rican president Rodrigo Chaves said that the country is effectively at war with the gang, who in April infiltrated the government's computer systems, gaining a foothold in 27 agencies at various government levels. The US State Department has offered a $15 million reward leading to the capture of Conti's leaders, who it said have made more than $150 million from 1,000+ victims.

    Conti claimed this week that it has insiders in the Costa Rican government, the AP reported, warning that "We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power, you have introduced an emergency." 

    Continue reading
  • China-linked Twisted Panda caught spying on Russian defense R&D
    Because Beijing isn't above covert ops to accomplish its five-year goals

    Chinese cyberspies targeted two Russian defense institutes and possibly another research facility in Belarus, according to Check Point Research.

    The new campaign, dubbed Twisted Panda, is part of a larger, state-sponsored espionage operation that has been ongoing for several months, if not nearly a year, according to the security shop.

    In a technical analysis, the researchers detail the various malicious stages and payloads of the campaign that used sanctions-related phishing emails to attack Russian entities, which are part of the state-owned defense conglomerate Rostec Corporation.

    Continue reading
  • FTC signals crackdown on ed-tech harvesting kid's data
    Trade watchdog, and President, reminds that COPPA can ban ya

    The US Federal Trade Commission on Thursday said it intends to take action against educational technology companies that unlawfully collect data from children using online educational services.

    In a policy statement, the agency said, "Children should not have to needlessly hand over their data and forfeit their privacy in order to do their schoolwork or participate in remote learning, especially given the wide and increasing adoption of ed tech tools."

    The agency says it will scrutinize educational service providers to ensure that they are meeting their legal obligations under COPPA, the Children's Online Privacy Protection Act.

    Continue reading
  • Mysterious firm seeks to buy majority stake in Arm China
    Chinese joint venture's ousted CEO tries to hang on - who will get control?

    The saga surrounding Arm's joint venture in China just took another intriguing turn: a mysterious firm named Lotcap Group claims it has signed a letter of intent to buy a 51 percent stake in Arm China from existing investors in the country.

    In a Chinese-language press release posted Wednesday, Lotcap said it has formed a subsidiary, Lotcap Fund, to buy a majority stake in the joint venture. However, reporting by one newspaper suggested that the investment firm still needs the approval of one significant investor to gain 51 percent control of Arm China.

    The development comes a couple of weeks after Arm China said that its former CEO, Allen Wu, was refusing once again to step down from his position, despite the company's board voting in late April to replace Wu with two co-chief executives. SoftBank Group, which owns 49 percent of the Chinese venture, has been trying to unentangle Arm China from Wu as the Japanese tech investment giant plans for an initial public offering of the British parent company.

    Continue reading
  • SmartNICs power the cloud, are enterprise datacenters next?
    High pricing, lack of software make smartNICs a tough sell, despite offload potential

    SmartNICs have the potential to accelerate enterprise workloads, but don't expect to see them bring hyperscale-class efficiency to most datacenters anytime soon, ZK Research's Zeus Kerravala told The Register.

    SmartNICs are widely deployed in cloud and hyperscale datacenters as a means to offload input/output (I/O) intensive network, security, and storage operations from the CPU, freeing it up to run revenue generating tenant workloads. Some more advanced chips even offload the hypervisor to further separate the infrastructure management layer from the rest of the server.

    Despite relative success in the cloud and a flurry of innovation from the still-limited vendor SmartNIC ecosystem, including Mellanox (Nvidia), Intel, Marvell, and Xilinx (AMD), Kerravala argues that the use cases for enterprise datacenters are unlikely to resemble those of the major hyperscalers, at least in the near term.

    Continue reading

Biting the hand that feeds IT © 1998–2022