The FBI Impersonates the Media: Some of the Rules Governing Cyber-Subterfuge

The developing story of the FBI’s impersonation of journalists is, in a way, really the story of Timberline high school in Washington State. In June of 2007 Timberline had received a series of bomb threats, prompting a week of evacuations. The FBI and local law enforcement traced the problem to an anonymous account on the MySpace social media site. But the trail seemed to stop there, as investigators were unable to ascertain the identity of the person or persons behind the account. So the feds resorted to subterfuge. According to a letter sent from FBI Director James Comey to the editor of the New York Times, an undercover agent, relying on “an agency behavioral assessment that the anonymous suspect was a narcissist,” “portrayed himself as an employee of The Associated Press” and sent the MySpace account a message via MySpace’s internal communications channel. In the message, the agent apparently asked if the suspect would be willing to review a draft AP article about the threats and attacks, to be sure that the anonymous suspect was portrayed fairly. The message then linked to what seemed to be the draft Associated Press story. There was a catch. The AP story and link were fakes, and had been designed by the FBI to mimic the appearance and feel of a genuine AP article. That wasn’t all either. The link also contained a particular kind of malware, meant to enable the FBI surreptitiously to uncover the location and IP address of the computer behind the anonymous MySpace account. The ruse worked. Upon receipt, the suspect clicked on the link, thereby unwittingly downloading the malware and revealing case-making investigative information to the FBI. He later pleaded guilty to making the bomb threats to Timberline. Last week---and after reporting had suggested as much---the FBI confirmed that indeed it had impersonated the AP website, in order to apprehend its suspect. Apparently, the Bureau sought and received a warrant from a federal magistrate judge, to send a malware-containing “communication” to the target account; the application to the court did not describe any planned deception on the agency’s part. And just yesterday, in his Times letter, the FBI Director confirmed additional details of the Timberline episode and defended the legality of the FBI’s actions. The revelations sparked immediate if unsurprising controversy, even condemnation. Christopher Soghoian, the ACLU technologist who revealed the deception initially, took to Twitter to announce his outrage at the irresponsibility of impersonating a media entity. Senate Judiciary Chairman Patrick Leahy sent a letter to Attorney General Eric Holder, expressing his “increasing[] concern” that federal law enforcement agencies appropriate the  identity of others without their knowledge or consent and further urging the Justice Department to reevaluate its policies on this tactic . Leahy’s letter also points out that such a tactic carries “ethical and legal risks” as it “raises questions of copyright and trademark infringement” and “independent press.” The AP claimed that the “ploy violated AP’s name and undermined AP’s credibility.” Moreover, AP’s general counsel sent a letter to AG Holder, “protest[ing] in the strongest possible terms the FBI’s fabrication and publication of a fake Associated Press news story” and arguing that such a tactic “raises serious constitutional concerns” as it undermines the independence of a free press. Given these fierce reactions to the Timberline episode, an important question has again been raised: What rules apply to this sort of law enforcement trickery?  Below, I overview two potentially relevant constraints: policies employed within the FBI itself, as well as Fourth Amendment limits set by courts. (To be clear, I do not mean to canvass every legal issue raised by the episode.) Internal Rules Followed by the FBI Obviously the FBI’s own internal policies are relevant; the FBI Director made that much clear in his missive to the Times.  We have some clues about what he might have had in mind. By dint of 28 U.S.C. §§ 509, 510 and 533, Congress has delegated considerable power to the Attorney General---who in turn issued important guidance to investigators within the FBI: namely, the Attorney General’s Guidelines on FBI Undercover Operations (the “Guidelines”) updated in 2013. Additionally, there’s the Online Investigative Principles for Federal Law Enforcement Agents (the “Principles”), which was drafted in 1999 under the auspices of an interagency working group convened by the Justice Department. The first of these spells out steps and procedures the FBI must follow in order to engage in “undercover activities and undercover operations.” Significantly, the Guidelines define “activities” as “any investigative activity involving the use of an assumed name or cover identity by an employee of the FBI;” undercover “operation” in turn means “an investigation involving a series of related undercover activities over a period of time by an undercover employee.” The Guidelines sure seem like a plausible---if not obviously clear---fit, given that an FBI agent assumed the name or cover identity of an AP reporter in order to undertake such a scheme. To the extent they were in play, the Guidelines required the Bureau to examine:

[1] The risk of personal injury to individuals, property damage, financial loss to persons or businesses, damage to reputation, or other harm to persons; [2] The risk of civil liability or other loss to the Government; [3] The risk of invasion of privacy or interference with privileged or confidential relationships and any potential constitutional concerns or other legal concerns; [4] The risk that individuals engaged in undercover operations may become involved in illegal conduct; and [5] The suitability of Government participation in the type of activity that is expected to occur during the operation.

This list is important. That the malware ruse did go forward at least raises the possibility that the FBI took the Guidelines into account and proceeded. As for the Principles: The most obviously relevant are Principles 6 (“Undercover Communications”), 7 (“Online Undercover Facilities”), and 9 (“Appropriating Online Identity”). Under Principle 6, “Agents may communicate online [with a subject] under a non-identifying name or fictitious identity if agency guidelines and procedures would authorize such communications in the physical world.” As mentioned above, the FBI is clearly authorized to operate undercover in the physical world. Additionally, principle 6 allows agents “to make pretext calls or other preliminary contacts without going through an elaborate approval process.” Principle 6 provides an example of such a “pretext call”:

An agent is seeking information about an attack on a computer system. She proposes to inquire about the attack, without disclosing her affiliation with law enforcement, in a chat room frequented by the suspected computer hackers. If the agency would consider such a communication to be an undercover contact had it occurred in person or over the telephone, it should be considered an undercover contact online, subject to the same procedures and constraints. . . . The agent in [this example] is permitted by her agency guidelines to make the isolated inquiry without seeking approval for an undercover operation. One of the participants in the chat room states that he has information, and a conversation ensues. . . .Depending on the agency’s undercover guidelines and the sensitivity of the operation, the agent may need to obtain approvals under the agency guidelines before engaging in further undercover communications on this matter.

The above doesn’t map perfectly on to the Timberline case.  On the one hand, the FBI identified an online account and then engaged in communication with the person behind the account, thereby leading to the suspect’s identification. On the other, and unlike the example provided above of an undercover agent merely “inquir[ing,” about a cyber-attack, the Timberline communication did not comprise an inquiry for general information conveyed within a quasi-public forum (a chat room), but instead a targeted search for specific information, conveyed to the target directly at a virtual location occupied by him only (his Myspace account). What’s more, the FBI’s missive did not have a true communicative purpose at all; the message instead was merely the vehicle by which malware was delivered. Which brings us to principle 7.  It says that “[j]ust as law enforcement agencies may establish physical-world undercover entities; they also may establish online undercover facilities, such as bulletin board systems, Internet service providers, and World Wide Web sites, which covertly offer information or services to the public.” The principle provides an example:

As part of a project to identify and prosecute computer criminals, a law enforcement agency considers a proposal to operate a World Wide Web site with information about and computer programs for hacking, links to other hacker sites, and a facility to allow people who access the site to discuss hacking techniques. The proposal would allow the law enforcement agents running the site to track all visitors, and monitor all communications among the users.

Suffice it to say that the creation of a fake website seems to fall well within the language above. Principle 7, however, goes onto warn that online undercover facilities “can raise novel and complex legal issues . . . involving privacy, international sovereignty, and unintended harm to unknown third parties.” There’s more. “Agencies must be sensitive to the profound public policy implications that can be raised by online undercover facilities. Imprudent or undisciplined use of such facilities by any agency will surely lead to public distrust of law enforcement’s online work in general.” Prescient stuff, given the AP’s eventual reaction to the methods used to snare the Timberline suspect. Of course the big-ticket issue here is not simply that the FBI created a fake online website (principle 7) or employed a non-identifying name or fictitious identity (principle 6)---but that the FBI along the way impersonated existing entities: the Associated Press and one of its reporters. That’s where Principle 9 comes in. It discusses the appropriation of an online identity, which occurs when “a law enforcement agent electronically communicates with others by deliberately assuming the known online identity (such as the username) of a real person, without obtaining that person’s consent.” There are a couple of wrinkles here. The AP, a private company, is a corporate person rather than a physical one---and thus might or might not be within Principle 9’s coverage as a literal matter.  Either way though, the spirit of principle 9, when considered in conjunction with principles 6 and 7, very much seems to be implicated by the impersonation of the AP qua organization. Principle 9 declares that appropriation of identity is “an intrusive law enforcement technique” that may “raise significant legal problems” and as such, “[t]he technique should be confined only to investigations of serious criminal cases, and should be used in those investigations as narrowly as possible.” It further outlines procedures the Justice Department must follow if seeks to undertake such an action.  For instance, an agent involved in the investigation “must, whenever possible, seek the concurrence of the United States Attorney’s Office’s Computer and Telecommunications Coordinator (CTC) in the District where the investigation is taking place.” (Principle 7, which addresses the establishing of an online undercover facility, has a similar requirement.) But unlike any other principle, and perhaps reflective of the uniquely “important concerns raised” by appropriating an existing identity, Principle 9 further directs that the CTC must in turn  “notify the appropriate supervisor in the U.S. Attorney’s Office when they are consulted under this Principle.” There would have been good reasons to follow that approach in this case. For one, the AP is a high-profile outfit. Just as appropriating the identity of a well-known human being (a senator or a general) would likely pose more concerns than appropriating the identity of a low-ranking drug dealer, the status of the AP means that there is an especially present “threat [of] damage to their reputations” and “[t]he damage caused may be both long-lasting and widespread.” As mentioned above, “the risk of personal injury to individuals, property damage, financial loss to persons or businesses, damage to reputation, or other harm” is the first factor the FBI must consider under the FBI Undercover Guidelines when deciding to implement an undercover activity or operation. Of course, “damage to reputation” is nonexistent if a ruse like this remains under wraps. From the FBI’s perspective, it is at least arguable that the most theoretically reputation-damaging undercover activities could be undertaken if the Bureau takes adequate precautions to prevent the activities from becoming public knowledge. But it is doubtful that Guideline 1, when it directs the FBI to “examine” the “damage to [the] reputation” of a person, is really directing the FBI to examine how well it can keep damaging stuff secret. For one, such an interpretation would obviate the need for any Guidelines or safeguards; risk to reputation would be zero in every case where the FBI believed it could achieve total secrecy. That moreover, would seemingly run counter to a key purpose behind the Guidelines: to “carefully consider[] and monitor[]” undercover activities. Moreover, the AP is---obviously---a part of the media. The media has a special relationship to the public and an often adversarial relationship to the government, facts reflected by the requirement that federal investigators undertake all reasonable means to obtain information from other sources, before subpoenaing a member of the press. Appropriating a media identity thus not only touches the first factor under the Guidelines---which directs the FBI to balance any undercover activity with the risk of causing “damage to reputation” to persons---but also Principle 7 in the DOJ Principles. The latter, recall, warned of “profound public policy implications that can be raised by online undercover facilities” and that improper use of such facilities will “surely lead to public distrust of law enforcement’s online work in general.” If discovered, appropriating the identity of a leading media organization would seem to present just that possibility. Lastly, it is clear that real live human beings are subject to Principle  9---though it remains unclear whether the FBI in fact impersonated an existing AP reporter, or invented a new AP reporter’s identity outright. If the former is true, principle 9 likely applies; if the latter is true, likely not (though principle 6, noted above, would still arguably be in play). Fourth Amendment Limits What about the suspect's rights under the Fourth Amendment? In construing the Fourth Amendment, courts have given the FBI quite a bit of flexibility when it comes to subterfuge and other undercover activities vis-a-vis the target. The classic example here is Lewis v. United States, in which an undercover narcotics agent phoned Lewis, a suspected drug dealer, to inquire about a purchase. The agent represented himself as a friend of a friend of Lewis; the dealer then invited the agent to his home where he sold drugs to the agent. The agent had proceeded without a warrant. But the Supreme Court rejected Lewis’s protest---he had argued that any waiver of Fourth Amendment protection could not be held against him, because of the government’s deception---stating that “in the detection of many types of crime, the Government is entitled to use decoys and to conceal the identity of its agents.” More recent Supreme Court cases are along the same lines. In United States v. Jimenez Recio, the Court noted that the use of decoys and the concealment of law enforcement agents’ identity is part of a “properly run law enforcement sting operation.” And in United States v. Russell, the Court understood that “there are circumstances when the use of deceit is the only practicable law enforcement technique available.” There are differences between the above cases and this one. As noted above, the FBI impersonated not a human being but a company: the Associated Press. And part of the holding in Lewis was based on the fact that a police officer’s “pretense . . . merely encouraged the suspect to say things which he was willing and anxious to say to anyone who would be interested in purchasing marihuana.” Regardless of the AP article’s legitimacy, it is doubtful the suspect was just as willing and anxious to telegraph his location, identity, or IP address---though, to be sure, the protection one can reasonably expect in situations like these, so far as the Fourth Amendment goes, remains unsettled. One the one hand, there’s the familiar principle that voluntarily forked-over data typically forfeits protection; on the other, recent cases, such as the Eleventh Circuit’s opinion in United States v. Davis, have suggested a possible reasonable expectation of privacy in one’s location. In any event---and significantly---the FBI in this case did obtain a warrant. As noted above, the warrant authorized the sending of a “communication” to the anonymous MySpace account, but did not mention the use of deception in the form of a fake news website laden with malware. The detail probably wouldn’t matter much, given Lewis’ tolerance for deception even absent a search warrant. At any rate, the Second Circuit has said that “a ruse in execution of a search warrant” doesn’t violate the Fourth Amendment; other courts of appeals have made similar pronouncements. In light of them, it seems the FBI’s investigation of the suspect here didn’t obviously transgress any Fourth Amendment limits.