SEOmofo SERP Snippet

U.S. Department of Justice Uses Social Media …to Incriminate You

The goal of this post is simply to increase awareness of some of the ways the United States government is currently using social media networks to gather incriminating information about U.S. citizens. I’m not talking about the kind of surveillance where secret agents monitor terrorist organizations and keep us safe from attempted bombings.

No…I’m talking about the kind of surveillance where law enforcement officers use your MySpace pictures to prove that you allowed underage drinking at your last party, the same night your friend tried to drive home drunk and ran over a group of kids and their grandmothers. 


One minute you’re a law-abiding citizen who doesn’t have to worry about the government spying on your social media activities, because you have nothing to hide; the next minute, you’re being charged with 11 counts of 2nd-degree murder.

Before we continue, I should mention that this post isn’t some kind of crazy conspiracy theory. This information comes directly from authentic documents provided by the U.S. government. If you want the full backstory, check out this post from the Electronic Frontier Foundation (EFF), titled EFF Posts Documents Detailing Law Enforcement Collection of Data From Social Media Sites.

The article discusses some of the ways the U.S. government uses social networking sites (e.g. Facebook, MySpace, LinkedIn, Twitter, etc.) to gather personal information about ordinary U.S. citizens. It includes links to documents that EFF has obtained from the IRS and the Department of Justice. In this post, I’ll be reviewing the document from the Department of Justice, titled Obtaining and Using Evidence from Social Networking Sites.

This document was created for the United States Department of Justice, sometime after August of 2009. The document itself contains copies of slides (as in PowerPoint presentation slides) that are probably used as part of an internal training seminar of some kind. If you don’t want to read the whole 35-page pdf document, then you’re in luck…because I’ve already extracted the interesting slides for you. I have also added the following style/formatting features, in order to improve readability:

Acronyms – I searched for definitions of the acronyms used throughout the document, and I chose the definitions that made the most sense. You should see the expanded form of these acronyms when you hover over them.

Highlighting – I have highlighted content that I find particularly interesting (or worrisome).

Superscript – I have added numbers to some of the sections of highlighted content. This is to make it easier for me to add my two cents.

Bullets – Several of the slides have bullet lists but no bullets. I’ve added bullets to make the information easier to read.

Obtaining and Using Evidence from Social Networking Sites Facebook, MySpace, LinkedIn, and More

Introduction to Social Networking

Most social-networking sites allow users to:

  • Create personal profiles
  • Write status updates or blog entries
  • Post photographs, videos, and audio clips
  • Send and receive private messages
  • Link to the pages of others (i.e., “friends”)

How can LE obtain data from these sites?

  • Some info may be public
  • Use ECPA to get info from providers
  • Undercover operations?

Introduction to Social Networking

Evidence from social-networking sites can

  • Reveal personal communications
  • Establish motives and personal relationships
  • Provide location information
  • Prove and disprove alibis1
  • Establish crime or criminal enterprise

Also: instrumentalities or fruits of crime2.

1. TIP: If you’re planning on murdering someone, first create a script that automatically posts comments from your home computer. Make sure it’s running…then go take care of business. If anyone questions you, say you were at home…enjoying some quality time with your social media network of choice. And you’ve got the comments to “prove it.”

2. TIP: If you beat someone to death with a banana, DO NOT post photographs of said banana on your Facebook profile.

Overview of Key Social Networking Sites

  • Founded in 2004, primarily catering to students
  • Now over 250m active members worldwide
  • Over 10b photos in Oct 2008; adds over 1b monthly
  • Applications run on Facebook platform
  • True names encouraged but not guaranteed
  • Privacy model is highly granular; present different information to different groups or individual users
  • Messaging includes mail, real-time chat, “wall”
  • Now used in private background checks
  • Koobface – virus/worm vector1

1. I have no idea WTF this is. I can only assume “Koobface” is a top secret biological weapon that the U.S. government plans to disperse through Facebook.

Overview of Key Social Networking Sites

  • Data is organized by user ID or group ID
  • Standard data productions (per LE guide):
    • Neoprint
    • Photoprint
    • User Contact Info
    • Group Contact Info
    • IP Logs
  • HOWEVER, Facebook has other data available.
  • Often cooperative with emergency requests.1

1. This statement is extremely significant. Why? Because it makes reference to a commonly-abused loophole in the Stored Communications Act, described under 18 U.S.C. § 2702, subsection (b)(8), which states (emphasis mine):

A provider may divulge the contents of a communication to a governmental entity, if the provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure without delay of communications relating to the emergency.

What does this mean? In a nutshell, it means any asshole who works for U.S. government can ask a social network for access to your records, and if the employee at that social network considers the situation to be an emergency, they can choose to comply with the request–without the presence of a court order or search warrant.

Basically, what the DoJ is saying…is that the folks at Facebook will gladly divulge your personal information to anyone with a badge and a sense of urgency.

Overview of Key Social Networking Sites

  • Founded 2003, now owned by Fox Interactive Media
  • 2006: Most popular SN; passed by Facebook in 2008
  • Currently tens of millions of active users monthly
  • True names less encouraged than Facebook
  • Messaging through messages1, chat, friend updates
  • Application platform rolled out early 2008
  • Young user base, history of child safety concerns
  • Privacy is currently less granular than Facebook

1. Messaging through messages = Brilliant

Overview of Key Social Networking Sites

  • Many profiles have public content.
  • Data is organized by Friend ID – see LE guide.
  • MySpace requires a search warrant for private messages/bulletins less than 181 days old
    • Also considers friend lists to be stored content
  • Data retention times
    • User info and stored files – indefinitely
    • IP logs, info for deleted accounts – 1 year

Overview of Key Social Networking Sites

  • Market leader in “micro-blogging”
  • Began in mid-2006 as “status message” service
  • Ubiquity and ease of updating, but limited space
  • Breaking news, real-time updates: USAir, Iran
  • Most multimedia handled by 3rd party links
  • Simplified privacy model: updates public or private
  • Direct messages are private; sender can delete
  • Short URLs used to serve malicious links and code

Overview of Key Social Networking Sites

The good news:

  • Most Twitter content is public
  • Private messages kept until user deletes them

The bad news:

  • No contact phone number
  • Only retain last login IP
  • Will not preserve data without legal process1
  • Stated policy of producing data only in response to legal process (i.e., no 2702)2
  • No Law Enforcement Guide

1. Am I seriously reading an internal document from the United States Department of Justice that considers “Twitter abides by the law” to be bad news?! WTF is wrong with this goddamn government? (Twitter, I sincerely hope this is a conscious effort on your part to protect your users’ privacy, and not merely the result of cutting back your expenses or something.)

2. Let me remind you that 2702 is the loophole I mentioned previously. In other words, the “bad news” is that Twitter’s employees won’t shit on your constitutional rights like Facebook’s will. What a bummer.

Overview of Key Social Networking Sites

  • Business-focused with enforced limits to interaction
  • Profiles focused on education and work experience
  • Use for criminal communications appears limited1
  • But can be used to identify experts
  • Can check background of defense experts
  • Privacy model similar to Facebook
  • Profile information is not checked for reliability

1. TIP: Out of the 4 social media sites mentioned in this document, LinkedIn is probably the best option for satisfying your criminal communication needs. LinkedIn is the only one that doesn’t have a “HOW TO GET INFORMATION FROM __” slide–possibly because law enforcement assumes LinkedIn doesn’t have any juicy criminal information to exploit.

Legal and Practical Issues UNDERCOVER OPERATIONS

  • Why go undercover on Facebook, MySpace, etc?
    • Communicate with suspects/targets
    • Gain access to non-public info
    • Map social relationships/networks
  • Undercover operations after U.S. v. Drew
    • If agents violate terms of service, is that “otherwise illegal activity”

So what have we learned from all this? Well…at the very least, I hope you’ve realized how vulnerable your personal/private information is. Basically, all the information you post to social media profiles (and all the private messages you send/receive) can be accessed by law enforcement and government agencies with very little effort…and they can use that information against you.

So the next time you’re in the voting booth and you find something on the ballot that aims to provide the government with the power to demand private information from social media sites or online service providers…vote against it. And the next time you kill someone with a banana…don’t brag about it on Twitter.

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram