Acting at the behest of the US government, German authorities seized a computer server hosting a vast cache of files from scores of US federal, state and local law enforcement agencies obtained in a Houston data breach, Associated Press has revealed.
The server was used by data transparency collective Distributed Denial of Secrets, an information clearing house akin to WikiLeaks, and the content shed light on US police practices, among other things.
The data, some of which dated back to 1996, included emails, audio and video files, and police and FBI intelligence reports. DDoSecrets founder Emma Best said the information, dubbed hailed from over 200 agencies, and had been stripped of references to sexual assault cases and crimes involving and affecting children, but names, phone numbers and emails of police officers weren’t redacted.
Best alleges DDoSecrets obtained the data from an individual who sympathized with nationwide protests against police killings of unarmed black Americans, and some of the files offered insights into the police response to those protests. The documents came to light via the breach of Houston web-design company Netsential’s servers, which hosts portals for law enforcement agencies and “fusion centers,” state-specific operations created after 9/11 to facilitate the sharing of threat intelligence with local and state police and private-sector partners.
While hacking into computers and stealing data is a federal crime, US courts have consistently ruled journalists can publish stolen documents, as long as they’re not involved in their theft.
Best said the files show “a lot of things that are entirely legal and normal and horrifying”, including police surveillance and intelligence of dubious origin, and none were classified.
Brendan McQuade, criminology professor at the University of Southern Maine who’s viewed the documents, told Associated Press the document dump helped expose the US’ “overdeveloped police intelligence apparatus”, and didn’t include high-level intelligence – but nonetheless provided a window into the relationship between law enforcement at all levels. He suggested the FBI doesn’t want the information in the public domain as it could “add more fuel to the protests” against police brutality and racism in policing that have raged in the wake of the murder by George Floyd by Minneapolis Police.
Best said the files remain yet publicly accessible via more complicated means, such as BitTorrent and Tor, and her organization is rebuilding its infrastructure for public access – “all they cost us is time,” she said defiantly.
Shortly after DDoSecrets posted the data, Twitter permanently suspended the organization’s account for publishing links and images on the social network, citing a controversial platform ban on posting hacked material.
One US law enforcement agency affected by the breach was the Iowa Law Enforcement Academy. Its director, Judy Bradshaw, told Associated Press the breach revealed names of students in academy courses and their drivers licenses, but no financial information, and Netsential had scores of clients in law enforcement, where it was a strong niche provider.
DDoSecrets was created in late 2018, and has since worked on various investigations with established media organizations, including German newsmagazine Der Spiegel and US news organization McClatchy. Previous DDoSecrets releases have included data on offshore Bahamas accounts used as tax havens, files hacked from Chilean police and data from a British provider of offshore financial services that has drawn comparisons to the infamous 2016 Panama Papers leak.
The prosecutor’s office in Zwickau, a German city near the Czech border, told Associated Press in an emailed statement the server was confiscated 3rd July in the town of Falkenstein, following a request from US authorities – but it was up to German authorities whether to hand the server over to their Washington counterparts.