US prosecutors drop demand for 1.3m IP addresses of folks who visited anti-Trump site

But DreamHost's fight is not over: information still demanded

The US Department of Justice has eased up in its legal fight against hosting company DreamHost, saying it no longer wants all IP logs associated with a Trump protest site.

Following a hearing earlier this week in which DreamHost argued that the expansive request for information related to the site was too broad and broke the First and Fourth Amendments, government lawyers claim they had no idea that the information requested was so broad.

"The government values and respects the First Amendment right of all Americans to participate in peaceful political protests and to read protected political expression online," it states [PDF].

"This Warrant has nothing to do with that right. The Warrant is focused on evidence of the planning, coordination and participation in a criminal act – that is, a premeditated riot. The First Amendment does not protect violent, criminal conduct such as this."

DreamHost went public with its concerns last week, noting that handing over the amount of information requested – basically anyone who visited the site – was tantamount to political persecution. "The Search Warrant not only aims to identify the political dissidents of the current administration, but attempts to identify and understand what content each of these dissidents viewed on the website," it argued.

The DoJ's response paints DreamHost's stance as borderline hysterical. It argues that it had no idea of the extent of the information and that DreamHost did not make it clear to the government what it held.

It particular, DreamHost noted publicly that it had 1.3 million IP addresses of visitors, emails associated with people who used the site for legal advice, membership lists, draft blog posts and several thousand images, some published and some not.

Oooh, that's a lot

"These additional facts were unknown to the government at the time it applied for and obtained the Warrant," the DoJ filing states. "Consequently, the government could not exclude from the scope of the Warrant what it did not know existed."

It is not interested in any information that is not relevant to ongoing criminal investigations against protestors, the DoJ claims. "The government is focused on the use of the Website to organize, to plan, and to effect a criminal act – that is, a riot. The government has no interest in seizing data from the Website that does not relate to this limited purpose." And that includes "their political views" and the "lawful activities of peaceful protesters."

The DoJ also explains why it served the search warrant following a more precise one that had been served six months earlier:

The website was not just a means to publicly disseminate information (as many websites are designed to do), but was also used to coordinate and to privately communicate among a focused group of people whose intent included planned violence. For example, as shown in the affidavit, the site was even used to verify the identity of people in closely held meetings that were not open to the media or public, where organizers required attendees to log into the website to prove their credentials.

That is a reasonable motive to want additional information from DreamHost. And it is fair to assume that despite unprecedented recent efforts by the White House to impose itself on the Department of Justice's traditional autonomy, we have yet to reach the point where the DoJ is using its extraordinary powers to gather political intelligence on the Trump Administration's political opponents.

However, the DoJ's search warrant was inexcusably broad and DreamHost has greeted the response as "a huge win for internet privacy."

That is not the end of the matter, however. The DoJ still wants records related to what it suspects was the planned coordination of illegal acts. It has slightly limited the request to a six-month window ending on the day of the protest itself, to "subscribers" of the site as opposed to simple visitors, and it has said it does not want draft blog posts or images.

In other words, it doesn't want to potentially unmask more than a million netizens via their IP addresses, but it still wants details on folks who used the website to organize.


In its filing, the DoJ notes: "The rioters – some of them armed with hammers, crow bars, wooden sticks and other weapons – moved as a cohesive unit for approximately thirty minutes, traveling more than a dozen city blocks, as individual participants engaged in violence and destruction that caused hundreds of thousands of dollars' worth of property damage and left civilians and officers injured."

While the DoJ has narrowed its request for information, it still wants the search warrant carried out and will keep pushing through the courts to get it. DreamHost is happy with a narrowed request but notes that "there are still a few issues that we consider to be problematic for a number of reasons."

It doesn't state exactly what those issues are, but does say it is preparing another filing "to address the remaining First and Fourth Amendment issues raised by this warrant." Another hearing on the matter is scheduled for Thursday in Washington DC. ®

Narrower topics

Other stories you might like

  • Abortion rights: US senators seek ban on sale of health location data
    With Supreme Court set to overturn Roe v Wade, privacy is key

    A group of senators wants to make it illegal for data brokers to sell sensitive location and health information of individuals' medical treatment.

    A bill filed this week by five senators, led by Senator Elizabeth Warren (D-MA), comes in anticipation the Supreme Court's upcoming ruling that could overturn the 49-year-old Roe v. Wade ruling legalizing access to abortion for women in the US.

    The worry is that if the Supreme Court strikes down Roe v. Wade – as is anticipated following the leak in May of a majority draft ruling authored by Justice Samuel Alito – such sensitive data can be used against women.

    Continue reading
  • Tim Hortons collected location data constantly, without consent, report finds
    Hortons hears a sue

    From May 2019 through August 2020, the mobile app published by multinational restaurant chain Tim Hortons surveilled customers constantly by gathering their location data without valid consent, according to a Canadian government investigation.

    In a report published Wednesday, Office of the Privacy Commissioner (OPC) of Canada and the privacy commissioners from three provinces – Alberta, British Columbia, and Quebec – presented the results of an inquiry that began shortly after the publication of a June 2020 National Post article.

    That article revealed the Tim Hortons app tracked location data every few minutes even when relegated to the background, and the report compiled by Canadian privacy officials confirmed as much.

    Continue reading
  • Behind Big Tech's big privacy heist: Deliberate obfuscation
    You opted out, but you didn't uncheck the box on page 24, so your data's ours...

    Opinion "We value your privacy," say the pop-ups. Better believe it. That privacy, or rather taking it away, is worth half a trillion dollars a year to big tech and the rest of the digital advertising industry. That's around a third of a percent of global GDP, give or take wars and plagues. 

    You might expect such riches to be jealously guarded. Look at what those who "value your privacy" are doing to stop laws protecting it, what happens when a good law  gets through, and what they try to do to close it down afterwards. 

    The best result for big tech is if laws are absent or useless. The latest survey of big tech lobbying in the US reveals a flotilla of nearly 500 salespeople/lawyers touring the US state legislatures, trying to either draw up tech friendly legislation to insert into privacy bills, water then down through persuasion, or just keep them off the books.

    Continue reading
  • International operation takes down Russian RSOCKS botnet
    $200 a day buys you 90,000 victims

    A Russian operated botnet known as RSOCKS has been shut down by the US Department of Justice acting with law enforcement partners in Germany, the Netherlands and the UK. It is believed to have compromised millions of computers and other devices around the globe.

    The RSOCKS botnet functioned as an IP proxy service, but instead of offering legitimate IP addresses leased from internet service providers, it was providing criminals with access to the IP addresses of devices that had been compromised by malware, according to a statement from the US Attorney’s Office in the Southern District of California.

    It seems that RSOCKS initially targeted a variety of Internet of Things (IoT) devices, such as industrial control systems, routers, audio/video streaming devices and various internet connected appliances, before expanding into other endpoints such as Android devices and computer systems.

    Continue reading

Biting the hand that feeds IT © 1998–2022