Posts

The PACER Investigation DOJ Revealed in 2009 But Did Not Reveal in 2011

In 2009, Aaron Swartz requested his FBI file. It showed the surveillance the FBI did in response to his liberation of 20% of federal court files. He posted excerpts from that file on October 5, 2009 (note: I don’t believe he ever posted all the contents of this and DOJ’s files; I presume they’ll all be released when FBI responds to the multiple FOIAs for Aaron’s file).

Slightly more than a year later–as Jason Leopold reported–Swartz made a similar request to DOJ’s Criminal Division.

All records related to me, Aaron Swartz, including in connection with the PACER system

Because Aaron asked for all records, including anything in connection with PACER, it would have also returned anything new.

On March 11, 2011, the Criminal Division responded that no new records had been created since his previous request for the information on October 8, 2010. But it also referred Aaron’s request to the Executive Office of the US Attorney (which would have records on investigations led by US Attorneys).

On January 11, 2011–just five days after Aaron was arrested in Cambridge–the EOUSA responded that there were 72 pages of records pertaining to him, but none of the could be turned over. They cited the following exemptions:

(b)(3): Prohibited by statute, citing FRCP 6(e) grand jury secrecy

(b)(5): Intra or interagency communications

(b)(7)(C): Privacy of those who might be mentioned in an investigation

(j)(2): Privacy Act

Basically they were exempting saying they couldn’t turn over any of the 72 pages they had because it would infringe on someone else’s privacy–the (b)(7)(C) and (j)(2) exemptions. More comprehensively, they couldn’t turn it over because at least some of it was grand jury material–the (b)(3)/FRCP 6(e) exemption. And finally, they wouldn’t turn over inter/intra-agency memos, which is often a deliberative privilege exemption.

The entirely innocent explanation for this response is that some US Attorney’s office–almost certain Washington DC–had grand jury materials related to the PACER investigation which they could not by law turn over, and which affected another person’s privacy as well (the PACER investigation would probably have also covered Carl Malamud).

That is, by far, the most likely explanation. The only question, then, is why it didn’t come up in the October 8, 2010 response, especially given that the PACER case was closed, per the FBI file, in October 2009. Though it may be that because Criminal Division had their own records, they didn’t refer it to the US Attorney’s office in question. In any case, that is the far most likely explanation.

Also note, EOUSA doesn’t cite (b)(7)(A), which is often invoked to protect an ongoing investigation. Though at the time, DOJ still operated (and still largely does operate) under its contention that it can hide ongoing investigations by lying about them.

Again, the most likely explanation here is entirely innocent: that DOJ was just telling Aaron there were documents that hadn’t previously been released–those pertaining to whatever comparatively negligible number of documents a grand jury reviewed or a grand jury subpoena returned–that for bureaucratic reasons they hadn’t revealed to him on any of his earlier requests.

But here’s what I find most interesting. As Criminal Division indicated, Aaron had just FOIAed this material in October 2010. Something led him to FOIA it again in December. So it may be worth noting that on December 1, the NYT reported on DOJ’s plan to prosecute Julian Assange and WikiLeaks. And on December 7, NYT further reported on the creative theories DOJ might use to prosecute Assange.

Update: Check out this quote in the December 7 NYT story:

“This is less about stealing than it is about copying,” said John G. Palfrey, a Harvard Law School professor who specializes in Internet issues and intellectual property.

So someone Aaron had presumably interacted with at Harvard was thinking about the distinction between stealing and copying three days before Aaron FOIAed something he had FOIAed 2 months earlier–something that had to do with the difference between stealing and copying.

What to Do about Computer Crime Laws

In a long piece published in AlterNet on Tuesday, I noted that Aaron Swartz’ treatment was not all that unusual.

In some ways, what was happening to Swartz was not all that unusual. George Washington University Law Professor Orin Kerr — a leading expert on computer crime law who is sympathetic to the issues Swartz championed — explains that the government’s charges fall within the norm for computer crimes. Moreover, the tactics used in this case are normal for the Department of Justice. The government often multiplies charges in order to coerce defendants to plead guilty without a trial.

[snip]

The laws governing computer crime criminalize all sorts of actions that don’t seem like they should be crimes. The government inflates charges beyond all proportion to coerce plea deals. The government’s prosecutorial powers are overwhelming. This administration and these prosecutors have aggressively used the law to shut off the free flow of information.

So to the extent people are horrified by how Swartz was treated, they should also be horrified by the abuse of prosecutorial discretion more generally, whether it affects a genius like Swartz nabbed on an computer crime charge or a regular person brought in on drug charges.

That same day, I suggested we’d be far better off–and far truer to Aaron Swartz’ ethic–trying to fix systemic problems than avenging him personally (though I also called for firing Lanny Breuer, the head of DOJ’s Criminal Division).

One of the most ethical suggestions I’ve seen (and I’m not even sure if there is a White House petition for it) is to fix the Computer Fraud and Abuse Act. [Update: Thanks to Saul Tannenbaum,here it is.]

The government should never have thrown the book at Aaron for accessing MIT’s network and downloading scholarly research. However, some extremely problematic elements of the law made it possible. We can trace some of those issues to the U.S. criminal justice system as an institution, and I suspect others will write about that in the coming days. But Aaron’s tragedy also shines a spotlight on a couple of profound flaws of the Computer Fraud and Abuse Act in particular and gives us an opportunity to think about how to address them.

I didn’t know Aaron personally, but he doesn’t strike me as the kind of guy who would seek individualized solutions to systemic problems. And one of the problems with the system that destroyed him is a law that badly criminalizes actions that don’t present much harm.

Orin Kerr has now finished the second of two posts on Swartz, which says some of the same things–though in much more comprehensive and expert fashion.

 I think it’s important to realize that what happened in the Swartz case happens it lots and lots of federal criminal cases. Yes, the prosecutors tried to force a plea deal by scaring the defendant with arguments that he would be locked away for a long time if he was convicted at trial. Yes, the prosecutors filed a superseding indictment designed to scare Swartz evem more in to pleading guilty (it actually had no effect on the likely sentence, but it’s a powerful scare tactic). Yes, the prosecutors insisted on jail time and a felony conviction as part of a plea. But it is not particularly surprising for federal prosecutors to use those tactics. What’s unusual about the Swartz case is that it involved a highly charismatic defendant with very powerful friends in a position to object to these common practices. That’s not to excuse what happened, but rather to direct the energy that is angry about what happened. If you want to end these tactics, don’t just complain about the Swartz case. Don’t just complain when the defendant happens to be a brilliant guy who went to Stanford and hangs out with Larry Lessig. Instead, complain that this is business as usual in federal criminal cases around the country — mostly with defendants who no one has ever heard of and who get locked up for years without anyone else much caring.

Kerr and I differ on two points. He is silent about the role Obama’s DOJ has in setting certain priorities–both in punishing the liberation of information and in targeting the hacking community in Cambridge. That deserves attention: but the attention should be focused, IMO, at the people setting that emphasis, not those implementing it.

Kerr also argues–fairly compellingly, I think–that we’d be better off letting the courts fix the problem with the Computer Fraud and Abuse Act than letting Zoe Lofgren do so.

A lot of people have wondered how to amend the computer crime laws in response to the Swartz tragedy. So far I have seen a lot of interest in this, but not a lot of sensible proposals. Already, Rep. Lofgren stepped forward with “Aaron’s Law,” , text here, which would amend the statutory definition of “exceeds authorized access.” This isn’t new text: It’s just the definition of “exceeds authorized access” that was passed by the Senate Judiciary Committee last year to try to stop Lori Drew-like prosecutions. This amendment is well meaning, no doubt, but I think it is a bad idea for two reasons. First, it is weirdly disconnected from the Swartz case. Swartz would still have faced exactly the same criminal liability under “Aaron’s Law” that he did without it.

Second, after the en banc Nosal case in the Ninth Circuit, I think the smart move for those of us who want a narrow reading of the CFAA is probably to wait for the Supreme Court to resolve the circuit split. Kozinski’s opinion in Nosal is terrific, and it went far beyond the approach taken by “Aaron’s Law” in limiting the CFAA; instead, it adopted the interpretation I recommended in my 2003 article that the CFAA should be limited to breaching code-based restrictions. Read more

The December 2010 Black Hole in the Network Interface Closet

As I’ve suggested, I’m very interested in pinpointing when and how the Federal government first got involved in the investigation of the JSTOR downloading and what role MIT had in the Feds getting involved. While Swartz’ lawyers put together a timeline of the investigation, it constitutes grand jury material that is currently sealed (though you can be sure the content of it would have been aired during Swartz’ trial).

And while we can get a pretty good idea of how the investigation proceeded from court documents, there two periods about which I have questions: December 2010, and the day of January 4, 2011.

The timeline below shows how Swartz allegedly accessed JSTOR documents, along with the response that JSTOR, MIT, and the government took. As you can see, the investigative narrative sort of fades out for the entire month of December 2010, when Swartz had a computer hooked right into MIT’s network. And then–due to what gets vaguely described as new tools to track flows on MIT’s own network–they found Swartz’ computer. But there’s a weird lapse in time, too: JSTOR notes that Swartz is downloading again around Christmas. But MIT doesn’t go find the computer–which it has recently acquired the ability to do–until January 4. Note, too, that the indictment treats the downloads from November 29 to December 26 as one charge, and those from December 27 to January 4, as another.

That leads to January 4, 2011, when according to the public fillings, the Cambridge cops and Secret Service got brought in and–almost immediately–SS takes over the case and MIT hands over data flow materials to SS without demanding a warrant. HuffPo explained that process this way:

According to the source close to the investigation, when MIT employees found the laptop, they contacted MIT police, who called Cambridge police, where the call was then routed to a detective assigned to the New England Electronic Crimes Task Force. That detective contacted another member of the task force, Michael Pickett, a special agent with the U.S. Secret Service, who helped lead the investigation.

In addition, MIT allows SS to get Carnegie Mellon’s CERT to collect the signals from Swartz’ laptop in a dropbox; when Swartz’ lawyers first asked for CERT’s notes on that data flow, the government refused to turn it over, saying that since they would not call any CERT experts to testify they didn’t have to.

I’m wondering several things. First, what were the new tools MIT used to analyze their networks in December 2010? Where did they come from? When did they get them? Was the JSTOR download the reason they did?

And also, what kind of legal analysis did MIT go through before they just let the government into their networks?

Finally, what obligations was MIT under to file Suspicious Activity Reports to the government regarding the JSTOR downloads and when did those obligations kick in? Did MIT comply with those obligations? Did the government know MIT’s network was compromised as early as September, or not until Cambridge brought in SS in January?

To be clear: I’m not suggesting anything nefarious about this–though I am mindful of this, from the scope of the investigation MIT President Rafael Reif has ordered: “I have asked that this analysis describe the options MIT had and the decisions MIT made, in order to understand and to learn from the actions MIT took.” That is, Reif now wants to know which of the decisions MIT pursued they had legal choices to avoid.

The government’s consolidated response to Swartz’ suppression motion claims that “neither local nor federal law enforcement officers were investigating Swartz’s downloading action before January 4, 2011, when MIT first found the laptop.” Note, they refer just to Swartz’ downloading action, not Swartz (though that may just be legal particularity), so it is possible though unlikely that federal law enforcement officers were investigating other activities of Swartz before then (we know the FBI had investigated his PACER downloads the previous year).

Note: the following timeline depends on the assertions of both the government and Swartz’ lawyers. It represents alleged facts as presented by self-interested parties, not uncontested facts. Documents used include the hardware search warrant affidavit,  superseding indictment, motion for discoverypre January 4 suppression motion, January 4-6 suppression motionconsolidated response to motion to suppress, and exhibit to supplement to motion to suppress. I’ve also included Swartz’ FOIAs, as described in this Jason Leopold story, because I find some of the coincidences intriguing (see especially the timing of his request for Secret Service access to encrypted files and CERT, which I’ll return to in a later post). Read more

OK, But Can We Also Fire Lanny Breuer?

I’ve lost count of how many White House petitions are seeking some kind of vengeance for the harsh treatment of Aaron Swartz. Fire Carmen Ortiz. Fire Stephen Heymann. Pardon Swartz. Commute John Kiriakou’s sentence.

One of the most ethical suggestions I’ve seen (and I’m not even sure if there is a White House petition for it) is to fix the Computer Fraud and Abuse Act. [Update: Thanks to Saul Tannenbaum, here it is.]

The government should never have thrown the book at Aaron for accessing MIT’s network and downloading scholarly research. However, some extremely problematic elements of the law made it possible. We can trace some of those issues to the U.S. criminal justice system as an institution, and I suspect others will write about that in the coming days. But Aaron’s tragedy also shines a spotlight on a couple of profound flaws of the Computer Fraud and Abuse Act in particular and gives us an opportunity to think about how to address them.

I didn’t know Aaron personally, but he doesn’t strike me as the kind of guy who would seek individualized solutions to systemic problems. And one of the problems with the system that destroyed him is a law that badly criminalizes actions that don’t present much harm.

Moreover, as Corey Robin argues in this post, asking Obama to take action to absolve the actions of his own government defeats the point.

Asking the state to pardon Swartz doubly empowers and exonerates the state. It cedes to the state the power to declare who is righteous and who is wrong (and thereby obscures the fact that it is the state that is the wrongful actor in this case). The petitioning language to Obama only adds to this. The statement depicts Obama as somehow the good father who stands above the fray—much like how the Tsar was depicted in the petition of the Russian workers who marched with Father Gapon on the Winter Palace in 1905 and were summarily slaughtered.

Pardoning Swartz also would allow the government, effectively, to pardon itself.

These petitions seem to serve the purpose of pretending that Swartz’ treatment was abnormal.

It was not.

Not only has Obama’s Administration treated all those who liberate information without his government’s sanction as dangerous criminals, but his DOJ has been ruthless against just about everyone who is not a Wall Street Executive.

Jesslyn Radack–who knows how aggressively Obama’s DOJ has targeted those who free information as well as anyone–discusses the legal futility of trying to go after Stephen Heymann. But she also notes that the real remedy to prevent more people from experiencing what Swartz did is to start fixing DOJ.

What might be more realistic is for citizens to demand that the Senate Judiciary Committee exercise meaningful oversight over the out-of-control Justice Department, which has waged an unprecedented, unaccountable, brutal war on whistleblowers and hackers, and to create something akin to the Church Committee to investigate the improper monitoring and targeting of hackers, whistleblowers, Occupy participants, journalists, and a numerous other groups of non-violent “offenders” who’ve done nothing to harm anyone or the country, and have been acting purely in the public interest.

It would be a good start (though SJC Chairman Patrick Leahy has been lax in examining any Obama Administrations abuses).

But there is one action Obama could take today that would both address some of the problems with his dysfunctional DOJ and attest he means to change things systematically: Fire DOJ’s Criminal Division head, Lanny Breuer.

Lanny Breuer is not the only reason Obama’s DOJ has been so aggressive (though he has been instrumental in ensuring it ignores bank crimes). There are far more senior and far less senior people who have fostered DOJ’s overreach. But Breuer runs this system. Moreover, as the head of this system of prosecutorial overreach, he has actually explicitly rewarded abuse.

If we want to fix the injustice that was done to Aaron Swartz, we need to fix the aspects of the system that rewarded such behavior. We need to fix the law that empowered the prosecutors gunning for him. We need to put some breaks on DOJ’s power. And we should start by getting rid of the guy who has fostered this culture of abuse for the last four years.

DOJ Invoked Aaron Swartz’ Manifesto To Justify Investigative Methods

In the original July 14, 2011 indictment of Aaron Swartz, DOJ described him this way.

Aaron Swartz lived in the District of Massachusetts and was a fellow at Harvard University’s Center for Ethics. Although Harvard provided Swartz access to JSTOR’s services and archive as needed for his research, Swartz used MIT’s computer networks to steal well over 4,000,000 articles from JSTOR. Swartz was not affiliated with MIT as a student, faculty member, or employee or in any other manner other than his and MIT’s common location in Camrbidge. Nor was Swartz affiliated in any way with JSTOR.

In their September 12, 2012 superseding indictment, DOJ described him this way.

Aaron Swartz lived in the District of Massachusetts and was a fellow at Harvard University’s Safra Center for Ethics. Swartz was no affiliated with MIT as a student, faculty member, or employee or in any other manner. Although Harvard provided Swartz access to JSTOR’s services and archive as needed for his research, Swartz used MIT’s computer networks to steal millions of articles from JSTOR.

On November 16, 2012, they wrote this motion to rebut Swartz’ claims that a number of the searches MIT and the Secret Service conducted in their investigation were improper and should be suppressed.

During the period alleged in the Superseding Indictment, Aaron Swartz was a fellow at Harvard University’s Safra Center for Ethics, on whose website he was described as a “writer, hacker and activist.” Harvard provided Swartz with access to JSTOR’s services and archives as needed for his research there. Swartz was not a student, faculty member, or employee of MIT. In the Guerilla Open Access Manifesto, which Swartz actively participated in drafting and had posted on one of his websites, Swartz advocated “tak[ing] information, wherever it is stored, mak[ing] our copies and shar[ing] them with the world.”

In other words, precisely at the moment the government defended all the searches it did of Swartz, it (for the first time, I believe) introduced a new descriptor (in addition to the adjectives “writer, hacker, and activist”): Swartz wrote the Guerilla Open Access Manifesto.

The reference is particularly odd, being introduced (though not elaborated on) in this brief defending the investigative approach used by MIT and then the government. It effectively invokes First Amendment protected speech to justify investigative tactics.

The timeline laid out in the rest of the brief claims (not entirely credibly) they had no idea who was downloading from JSTOR until they arrested him in January 2011 (note, too, it is predictably vague about when the Secret Service got involved). So what Swartz wrote two years before the JSTOR downloads started is (or should be) utterly irrelevant to the legitimacy of investigative tactics, because according to the government they didn’t know about that until a good bit later.

Unless of course Secret Service was involved earlier, in which case under DOJ’s current Domestic Investigation and Operations Guide, they could use First Amendment activity as part of the predicate for an investigation.

But that’s not the narrative they lay out in this brief.

And look at the passage from the Manifesto they quote in the brief, which appears in this larger passage.

There is no justice in following unjust laws. It’s time to come into the light and, in the grand tradition of civil disobedience, declare our opposition to this private theft of public culture.

We need to take information, wherever it is stored, make our copies and share them with the world. We need to take stuff that’s out of copyright and add it to the archive. We need to buy secret databases and put them on the Web. We need to download scientific journals and upload them to file sharing networks. [my emphasis]

In context, much of the manifesto advocates for things that are perfectly legal: sharing documents under Fair Use. Taking information that is out of copyright and making it accessible. Purchasing databases and putting them on the web.

Aside from sharing passwords, about the only thing that might be illegal here (depending on copyright!) is downloading scientific journals and uploading them to file sharing networks.

Precisely what the government accused Swartz of.

But they don’t cite that passage. Rather, they cite the “making copies” passage–something not inherently illegal. As if that justified the investigative tactics they used.

Used as it is in this page-limited brief arguing why their tactics were legal, the citation is really bizarre. But it does seem to admit that the government considers Swartz’ role in the Open Access movement to be as much proof he was a criminal as that he chose to download the documents at MIT and not Harvard.

What Kind of Fishing Trip Did the Government Conduct into Aaron Swartz’ Amazon Data?

Yesterday, privacy researcher Chris Soghoian posted an interesting exchange he had with Aaron Swartz in March 2011.

But then I wondered about Amazon. Amazon not only has a lot of private data on its own, but they host a lot of other websites with personal data. It seems like everyone is using Amazon EC2 these days ­­ Reddit and Netflix and Foursquare and more. Even sites that aren’t hosted on EC2, like 37 signals, still use S3 for backup. The “truly paranoid” tarsnap uses both EC2 and S3. (Yes, tarsnap encrypts your data, but [it sometimes has bugs][b] and doesn’t protect against traffic analysis.) Hell, even WikiLeaks was hosted there at one point.

What’s disturbing is that this means your personal data isn’t just accessible by the people who operate these sites ­­ it’s also accessible by Amazon. And anyone Amazon decides to hand it to.

What are Amazon’s policies? I’ve had several conversations with them about this, but they refuse to comment on the record. Still, I’m in the rare position of getting to experience them first­hand. A couple years ago the government sent Amazon a subpoena for information about an EC2 instance I’d purchased. Amazon handed it over without stopping to warn me. When I asked them about it specifically, they refused to comment. When I asked them about their general policy, they refused to comment. The only reason I found out about it was because I filed a FOIA request with the Department of Justice. The DOJ was more transparent about this than Amazon.

As best as I can tell, this is Amazon’s policy: When the government asks, turn stuff over. Never tell the people affected. Don’t give them a chance to object.

The exchange ends with Soghoian asking if Swartz will publish his piece, to which Swartz says he cannot.

I thought of that and wish I could, but I can’t put my name on it right now personal reasons.

The exchange happened, we now know, in between the time the Cambridge police first arrested him for breaking and entering and the time the government indicted him for a slew of computer crimes. It seems likely that those “personal reasons” include negotiations with the Secret Service about the JSTOR downloads (we know Swartz and his lawyer met with the Secret Service that summer and turned over some hard drives).

As Swartz himself pointed out, this exchange also happened in the wake of news that the government had issued orders to Twitter–basically within a day of the time the Secret Service triggered Swartz’ initial arrest–for the communications of people associated with WikiLeaks.

The exchange is notable because of a request Swartz’ lawyer made the following year, at the beginning of the pre-trial discovery process. In addition to asking how the government had obtained a bunch of communication involving Swartz and others, his lawyer asked to see everything returned from grand jury subpoenas and orders served on MIT and JSTOR–which makes sense in this case–but also Twitter, Google, and Amazon.

These paragraphs request information relating to grand jury subpoenas. Paragraph 1 requested that the government provide “[a]ny and all grand jury subpoenas – and any and all information resulting from their service – seeking information from third parties including but not limited to Twitter. MIT, JSTOR, Internet Archive that would constitute a communication from or to Aaron Swartz or any computer associated with him.” Paragraph 4 requested “[a]ny and all SCA applications, orders or subpoenas to MIT, JSTOR, Twitter, Google, Amazon, Internet Archive or any other entity seeking information regarding Aaron Swartz, any account associated with Swartz, or any information regarding communications to and from Swartz and any and all information resulting from their service.” Paragraph 20 requested “[a]ny and all paper, documents, materials, information and data of any kind received by the Government as a result of the service of any grand jury subpoena on any person or entity relating to this investigation.”

Swartz requests this information because some grand jury subpoenas used in this case contained directives to the recipients which Swartz contends were in conflict with Rule 6(e)(2)(A), see United States v. Kramer, 864 F.2d 99, 101 (11th Cir. 1988), and others sought certification of the produced documents so that they could be offered into evidence under Fed. R. Evid. 803(6), 901. Swartz requires the requested materials to determine whether there is a further basis for moving to exclude evidence under the Fourth Amendment (even though the SCA has no independent suppression remedy).

[snip]

Moreover, defendant believes that the items would not have been subpoenaed by the experienced and respected senior prosecutor, nor would evidentiary certifications have been requested, were the subpoenaed items not material to either the prosecution or the defense. Defendant’s viewing of any undisclosed subpoenaed materials would not be burdensome, and disclosure of the subpoenas would not intrude upon the government’s work product privilege, as the subpoenas were served on third parties, thus waiving any confidentiality or privilege protections. [my emphasis]

Effectively, Swartz’ lawyer was indicating that he had seen subpoenas and orders that requested information from–among others–Amazon, but not all of what these providers had returned in exchange was turned over as evidence in the case. He was trying to see what else the government had. He’s also making it clear that the government asked for the information in such a form that could be entered as evidence in a trial (meaning the government would not have to call an employee from Amazon or another service provider to certify the authenticity of the data, who could then be questioned by the defense).

And he’s suggesting that if the prosecutor asked for these things, then they must be relevant in this case, and therefore discoverable.

I suspect, though, that that last claim is not what the lawyer really thought. I suspect that he believed the grand jury investigating Swartz–during precisely the same period when Swartz was researching how Amazon might respond to a government request for information–had conducted a fishing trip on other issues, and had done so in such a way that any information gleaned could be used both to prosecute the alleged JSTOR download but also any other crime.

Now I suspect that DOJ’s original request to Amazon–the one Swartz mentioned to Soghoian–dated to Swartz’ efforts to liberate PACER. It shows up in the part of his FBI file Swartz published on his blog.

Data that was exfiltrated went to one of two Amazon IP addresses.

Investigation has determined that the Amazon IP address used to access the PACER system belongs to Aaron Swartz.

So it’s possible the grand jury was reinvestigating what Aaron had done two years earlier, even though DOJ had earlier declined to press charges, in an effort to criminalize Swartz’ efforts to liberate information generally.

But given the timing and Swartz’ own tie to the WikiLeaks orders, I also wonder whether there was something else there–whether Swartz believed the government had information pertaining to activities entirely unrelated to JSTOR or PACER.

Ultimately, Swartz didn’t get this information. As to the communications, the judge assumed the government’s assurances that they had neither used a civil administrative subpoena nor “court ordered electronic surveillance” to get his communications closed the issue (given that the government investigated WikiLeaks as an Espionage case, the government might have claimed access to some of this under the PATRIOT Act simply because of Swartz’ ties to the Cambridge hacktavist community). And she refused to turn over the grand jury information on the grounds that the government may use such inquiries to chase down every lead, even if those leads are unrelated.

So it’s not clear Swartz ever learned what the government was looking for in its fishing expedition with Amazon.

Two Days Before MIT and Cambridge Cops Arrested Aaron Swartz, Secret Service Took Over the Investigation

The public story of Aaron Swartz’ now-tragic two year fight with the Federal government usually starts with his July 19, 2011 arrest.

But that’s not when he was first arrested for accessing a closet at MIT in which he had a netbook downloading huge quantities of scholarly journals. He was first arrested on January 6, 2011 by MIT and Cambrige, MA cops.

According to a suppression motion in his case, however two days before Aaron was arrested, the Secret Service took over the investigation.

On the morning of January 4, 2011, at approximately 8:00 am, MIT personnel located the netbook being used for the downloads and decided to leave it in place and institute a packet capture of the network traffic to and from the netbook.4 Timeline at 6. This was accomplished using the laptop of Dave Newman, MIT Senior Network Engineer, which was connected to the netbook and intercepted the communications coming to and from it. Id. Later that day, beginning at 11:00 am, the Secret Service assumed control of the investigation. [my emphasis]

In fact, in one of the most recent developments in discovery in Aaron’s case, the government belatedly turned over an email showing Secret Service agent Michael Pickett offering to take possession of the hardware seized from Aaron “anytime after it has been processed for prints or whenever you [Assistant US Attorney Stephen Heymann] feel it is appropriate.” Another newly disclosed document shows the Pickett accompanied the local cops as they moved the hardware they had seized from Aaron around.

According to the Secret Service, they get involved in investigations with:

  • Significant economic or community impact
  • Participation of organized criminal groups involving multiple districts or transnational organizations
  • Use of schemes involving new technology

Downloading scholarly articles is none of those things.

A lot of people are justifiably furious with US Attorney Carmen Ortiz and AUSA Heymann’s conduct on this case.

But the involvement of the Secret Service just as it evolved from a local breaking and entry case into the excessive charges ultimately charged makes it clear that this was a nationally directed effort to take down Swartz.

MIT’s President Rafael Reif has expressed sadness about Aaron’s death and promised an investigation into the university’s treatment of Aaron. I want to know whether MIT–which is dependent on federal grants for much of its funding–brought in the Secret Service.