ken white – Techdirt (original) (raw)

from the rhetorically-speaking dept

It’s been a while since we’ve seen a really good response letter to a — as Ken White likes to call them — “bumptious” legal threat letter. But here we’ve got one, courtesy of Ken himself, representing Chad Loder. Loder is a writer who has been calling out propagandist Andy Ngo and The Post Millennial, a propagandist rag that Ngo sometimes writes for. The Post Millennial was apparently sad about that and sent Loder a very silly legal threat:


Here’s the text of the letter:

From: Sam CoppolaSent: September 29, 2021 2:29 PM

Subject: The Post Millennial v Loder et al.

UNDER RESERVE

We are special counsel to The Post Millennial (“TPM”) who have advised us of various recent posts and allegations you have made publicly and on your Twitter account.

Our client advises us that the posts and allegations are false and misleading (eg: TPM is NOT Ngo’s “disinfo site” or a “disinformation website vilifying the Anti-Defamation League”, it is an independent news organization; TPM is NOT “run by Andy Ngo”, it is a site owned an operated by Matthew Azrieli as is publicly stated on TPM’s website. As specifically denied by Andy Ngo, he does NOT provide “kill lists of journalists…”; Our client and TPM are NOT “neo-nazis” and do NOT “publicly incite violence” or “target journalists with death threats”, in California State legal proceedings case No 21TRR000739 Chad Loder vs Sarah Mason you falsely believe “…that this account is popular with members of the far-right, including violent extremists” and Exhibit L where you indirectly and purposely falsely publish that “Andy Ngo knowingly defended pedophile Amos Yee”, et…) and were done only with malice and intent to harm our client and interfere with its commercial dealings.

Such posts are also a direct violation of Twitter Rules in respect of “Abuse/harassment” since they harassed and targeted our client and Andy Ngo and incited other people to do so including your directed @(TPMadvertiser) tags. Your posts also published private information (a private chat transcript with Sheri Freed) again contrary to law and the Twitter Rules. As you are aware, Twitter has taken these violations very seriously and even suspended the accounts of well known Canadian politicians for abuses such as those made by you.

You are on formal notice to:

1. Cease and Desist publishing any false, misleading, abusive, and harassing posts; 2. Remove all of the unlawful posts; 3. Publish a retraction and apology satisfactory to our client and sent to the public and the clients and customers which you tortiously interfered with.

If you fail to do so within 3 days, our client will be obliged to exercise all other rights and recourse it may have, including without limitation, commence legal proceedings against you without further notice or delay and hold you liable for any and all damages thereto.

PLEASE GOVERN YOURSELF ACCORDINGLY.

The main block of the 2nd paragraph is almost entirely inscrutable. It throws in some legal jargon but not in any manner that makes sense. The letter mixes up a bunch of things and suggests that TPM might take legal action, but also that Twitter might act? All in all it’s nonsensical, but Ken White is the master in responding to these kinds of letters, so I’ll let him take it from here:

On whose behalf do you write? You claim to be ?special counsel? to The Post Millennial (?TPM?). Congratulations, I?m sure.1 Yet most of your threat is a gripe about things Mr. Loder said about Andy Ngo, who is apparently an ?editor at large? for TPM. (Again ? congratulations, I?m sure.) Moreover, after asserting that you represent TPM, you lose track and refer to ?our client and TPM.? Do you represent Mr. Ngo as well? You seem intent on distancing Mr. Ngo from TPM, pointing out that he does not ?run? TPM. I?m sure everyone understands why you?d want to clarify that. But you also seem to be arguing that criticisms of Mr. Ngo are false and that Mr. Ngo is perfectly respectable. How, then, is it defamatory to associate TPM with him? That was a rhetorical question. Since your legal theories are nonsense, it doesn?t matter.

For what it’s worth, the footnote links to this article calling bullshit on a nonsense story spread by The Post Millennial and a few other sites that are focused on driving whatever silly culture war the Trumpist world delights in this week.

It gets better. Ken breaks out his French (thoughtful for the Canadians):

You may believe that you can intimidate Mr. Loder with frivolous legal threats because Canada, despite being quite delightful in many other ways, indulges such vexatious litigation calculated to silence critics on behalf of the thin-skinned, the vengeful, and the cynically partisan. Au contraire, mon ami. The United States, conscious of the dangers of libel tourism and pro-censorship legal systems, has enacted the SPEECH Act, 28 United States Code § 4102. The SPEECH Act prohibits American courts from recognizing foreign defamation judgments obtained under regimes that do not provide defendants with free speech protections as robust as those available under the First Amendment to the United States Constitution and the laws of the relevant states. American courts have found that there is ?no meaningful dispute that the law applied by [Canadian courts] provides less protection of speech and press than First Amendment and [state] law. Canadian defamation law is derivative of the defamation law of the United Kingdom, which has long been substantially less protective of free speech.? (Trout Point Lodge, Ltd. v. Handshoe, 729 F.3d 481, 488 (5th Cir. 2013) (upholding refusal to recognize Canadian libel judgment under SPEECH Act). Any Canadian judgment you obtain against Mr. Loder will be worthless ? both because Canadian courts lack personal jurisdiction over him (as also required by the SPEECH Act) and because his speech is clearly protected by American law.

Then, he highlights why it would be equally stupid to file a lawsuit in the US:

Perhaps you plan to sue Mr. Loder in America. It would be my pleasure, M. Coppola, to introduce you and your client or clients to one of our anti-SLAPP statutes. Any suit you file in the United States will fail for multiple reasons, and result in you paying Mr. Loder?s legal fees under an anti-SLAPP statute.

He then goes through all the many reasons, including:

Astoundingly, your threat is based largely on things Mr. Loder or his attorney said in court filings. Such statements are absolutely privileged from defamation claims under relevant law. Cal. Civ. Code § 47(b), Pollock v. University of Southern California, 112 Cal.App.4th 1416, 1430-1431 (2003) (declaration filed in court absolutely protected by litigation privilege); Holland v. Jones, 210 Cal.App.4th 378, 382 (2012) (litigation privilege barred defamation action because it was based on statements ?whether true or false or made with malice or without it, in her declaration in [court] proceedings [that] fall squarely within the litigation privilege. They are communications made in a judicial proceeding by a litigant to achieve the objects of the litigation with some connection to the action.?).

Reading this, you get the feeling that Ken was pretty excited to search out any Canadian reference he could think of:

Your threat is also a jumbled, oily poutine of complaints about opinions, insults, and heated rhetoric. But under American law, statements can only be defamatory if they?re provably false statements of fact. ?Thus, rhetorical hyperbole, vigorous epithets, lusty and imaginative expressions of contempt, and language used in a loose, figurative sense have all been accorded constitutional protection.?

There are a few more reasons included as to why any such lawsuit will fail (you can go read the whole letter if you’d like) but the final one is also worth highlighting here:

Finally, I am informed that in Canada a defamation defendant carries the burden of proving that a challenged statement is true. This hardly seems polite. In the United States, which values free speech and scorns the censor and the litigious bully, the burden is on the defamation plaintiff to prove that a challenged statement is false. You will fail to carry that burden. Take, for example, your gripe that Mr. Loder described TPM as a ?disinformation website vilifying the Anti-Defamation League.? Even assuming this statement were a provable statement of fact ? a laughable proposition ? your clients? own words will thwart any effort to disprove it

But, truly, the cherry on top is the closing. As we’ve seen over and over again, letters that close “please govern yourself accordingly” are hallmarks of lawyerly bullying, so it’s nice to see how Ken turns it all around on Mr. Coppola:

Direct all further patently frivolous threats and other communications to me. Kindly govern yourself.

Filed Under: 1st amendment, andy ngo, canada, chad loder, defamation, free speech, ken white, threats
Companies: the post millennial

Techdirt Podcast Episode 163: Teaching The Law Via Podcasts

from the learning-experience dept

Law isn’t simple, and truly learning about it takes more than a few short primers or even an in-depth guide or two — which makes it the perfect topic to explore via the medium of podcasts. This week, we’ve got a pair of guests who are doing exactly that: Ken White of Popehat fame, who recently launched the Make No Law podcast about First Amendment issues, and Elizabeth Joh, co-host of the What Trump Can Teach Us About Constitutional Law podcast. Instead of picking their brains about the law itself, we’ve got an episode all about their experience using podcasts to teach people about legal issues.

Follow the Techdirt Podcast on Soundcloud, subscribe via iTunes or Google Play, or grab the RSS feed. You can also keep up with all the latest episodes right here on Techdirt.

Filed Under: elizabeth joh, ken white, law, podcast, podcasting, popehat

Angry, Threatening Lawyer Fails To Sue As Promised, Drops His SLAPP Suit

from the wise-decisions dept

A couple weeks back we wrote about the somewhat odd decision making of an angry lawyer named Jason Lee Van Dyke, whom we’d also written about years ago for some spectacularly bad lawyering. This year he’s also gotten really really pissed off at three (very different) people: Ken White, Asher Langton and Talib Kweli. The first two have appeared on Techdirt many times. Ken is a criminal defense and First Amendment lawyer. Asher has an astounding ability to sniff out frauds online. And Talib is a musical genius among other things. But, Van Dyke has spent months angrily lashing out about them on the internet (well, the lashing out at Kweli was more recent).

When we last checked in on him, he was threatening to add those three individuals — plus the Huffington Post — to a fairly obvious SLAPP suit that he had already filed in Texas against an Ohio-based publication called the Mockingbird. Lots of people had pointed out that Texas has a fairly robust anti-SLAPP law, which could lead to Van Dyke having to pay up — and Van Dyke’s response (not atypical from his earlier responses) was to lash out and threaten more lawsuits and to promise violence if he was sanctioned.

He then went so far as to contact Mockingbird’s lawyer to ask for leave to amend the existing lawsuit with the three individuals mentioned above, plus the Huffington Post (which had also written about the lawsuit).

So… despite the promises to add more names to the lawsuit, that didn’t happen. And despite the claims that he was going to just keep fighting the lawsuit… a few days later, Van Dyke agreed to dismiss the suit with prejudice, and the judge agreed. Gerry Bello at Mockingbird has a post on this as well, which reveals that Van Dyke told Bello’s lawyer that the reason for the dismissal was that his “immediate supervisor at the company where I am employed” had “instructed” Van Dyke to dismiss the case. It is not clear where Van Dyke is currently employed or who told him to do this. Van Dyke has generally held himself out as being self-employed as a lawyer.

One hopes that this is actually Van Dyke recognizing that repeated threats of both violence and lawsuits against critics is not a particularly wise idea. I’m not holding my breath that this is the case, however. In the meantime, we’ve heard from others that various bar complaints have been filed against Van Dyke, and given his actions and statements, at the very least you have to wonder how much longer he’ll be able to practice law, no matter who “employs” him.

Filed Under: anti-slapp, asher langton, defamation, free speech, gerry bello, jason lee van dyke, jason van dyke, ken white, slapp, talib kweli, threats
Companies: mockingbird

Angry Lawyer Already Engaged In A SLAPP Suit Promises To Sue More Critics, Use His Machine Gun If Sanctioned

from the well,-that'll-go-over-well dept

Earlier this year, we mentioned the Texas lawyer Jason Lee Van Dyke in relation to a story in which Twitter, ridiculously, banned Ken “Popehat” White after he wrote about threats from Van Dyke. We had written about Van Dyke years earlier when he sued the Tor Project because a revenge porn site was using Tor. We also noted that that case involved a guy who had been declared the leader of a hate group, Kyle Bristow — and appeared to involve Van Dyke deliberately and knowingly “serving” the wrong party. The revenge porn site that Van Dyke claimed he was targeting had sarcastically provided Bristow’s address as its address to mock Van Dyke, and Van Dyke then claimed he had properly “served” the revenge porn site by serving it on Bristow.

That post, from back in 2014, also included an awful lot of Van Dyke cursing out people and threatening to sue lots and lots of people. Oh, and also declaring “it’s my job to violate the civil rights of people like you” to one critic. The more recent story, involving threatening Ken White and Asher Langton, showed that not much has changed with regards to anger management and Van Dyke. I won’t rehash the entire story, but Ken White summarized it earlier this year. Just suffice it to say, Asher Langton turned up quite a bit of evidence suggesting that Van Dyke was advertising his legal services to white nationalists on Stormfront.

Since then, Van Dyke has, repeatedly, threatened to sue and (separately!) to physically harm both White and Langton. He’s also declared himself to be part of the “Proud Boys” — a nutty group of self-declared chauvinists, who get upset if you suggest they’re racists or neo-Nazis, even if many of the distinctions appear to be quite fuzzy. Either way, they appear to get quite upset if anyone calls them those things, even though the press regularly associates them with racists, neo-nazis or the “alt-right.”

Van Dyke has also threatened to sue a number of news organizations for these claims, and actually did sue a small local news site in Ohio called the Mockingbird. The Mockingbird published this article about Proud Boy antics in Ohio — which led Van Dyke to send Mockingbird a letter requesting the site delete the article, no longer write about the Proud Boys and pay $10,000. Mockingbird’s Gerry Bello responded appropriately, telling Van Dyke to fuck off, but also stating Bello’s opinion (backed up with evidence) that Van Dyke is a Nazi.

It is over this letter that Van Dyke then sued (not the original article that inspired the bumptious threat letter). The lawsuit was filed in county court in Denton, Texas, which seems unwise. Texas actually has a fairly robust anti-SLAPP law that the courts have construed broadly to cover all sorts of SLAPP suits, making Texas one of the strongest defenders of free speech in the country.

Anyway, you can read Van Dyke’s complaint here. Mockingbird removed the case from the local county court to the federal district court late last week (we’ll see if Van Dyke tries to block that). Van Dyke is representing himself. The crux of the lawsuit:

On information and belief, Defendants are associated with a domestic terrorist collective known as ?Antifa? that prides itself on harassing, defaming, and committing acts of violence against persons and groups that espouse conservative groups. In this instance, Defendants wrongfully accused members of the Houston, Texas and Columbus, Ohio chapters of ?The Proud Boys? of the following: (a) being ?neo-Nazis?; (b) engaging in a hate crime by placing hand-drawn swastikas into mailboxes; (c) engaging in ?ethnic cleansing? during hurricane relief efforts in the Houston area; and (d) roaming the nation in an effort to commit acts of mass murder against minorities. It should be noted in this case that Plaintiff was present with the Houston Proud Boys during Hurricane Harvey relief efforts and assisted them in rescuing residents in need of evacuation and in the distribution of relief supplies such as food, bottled water, cleaning supplies, and other items to residents of areas affected by the hurricane.

Plaintiff sent a demand letter for Defendants to issue a retraction of these statements (which clearly meet the criteria for defamation per se) and Defendants responded by publishing the letter attached hereto as Exhibit ?B? on their website

Because of all of this, Van Dyke insists Bello/Mockingbird have committed libel per se, specifically in reference to the statements about Van Dyke being a Nazi, as well as statements Bello made claiming Van Dyke had a previous arrest and conviction. Bello claims this was “on weapons charges and domestic violence.” Van Dyke counters that it was a misdemeanor weapons charge — not domestic violence — and has since been expunged. He also claims that Bello wondering if Van Dyke is forum shopping his lawsuit is defamatory, as might also be Bello’s statement that under his conviction Van Dyke should not be allowed to possess firearms. Amusingly, in Van Dyke’s lawsuit, he also disputes that he was the lawyer pitching for business on Stormfront, but insists that he’s not suing over that because it’s not libel “per se.”

It does appear that Bello certainly goes a bit closer to the line than I imagine most lawyers would advise in making statements about Van Dyke, but the “Nazi” line is clearly protected opinion or rhetorical hyperbole. The throwaway line about forum shopping is clearly not defamatory either. The statement about whether he can possess firearms was presented as a question rather than a statement, so again is a stretch. As for getting the specific details of the conviction wrong, Bello doesn’t cite where he got that information, but it is true — as Van Dyke readily admits — that he was convicted on a misdemeanor firearm charge. So Van Dyke would have to show that Bello not only got things wrong beyond that in a defamatory way, but that Bello knew the information he posted was false. That’s… a tough bar to reach.

Bello/Mockingbird’s “Original Answer” is fairly short on details, other than denying all the claims and (for now) throwing out all possible affirmative defenses (I assume a more specific answer will be forthcoming later). Bello’s lawyer has also said that they’ll file an anti-SLAPP motion, though that does not appear to have happened yet.

Meanwhile, Bello has launched a crowdfunding campaign as well.

Oh, and we’re not even remotely done yet. A few weeks back, Van Dyke also got into a Twitter spat with, of all people, Talib Kweli. While the conversation is now gone (in part because Twitter recently suspended Van Dyke’s account), here’s how Kweli describes it:

?His first tweet to me was that he was a defense attorney and worked with mentally challenged people,? explained Kweli. ?He wrote, ?You are stupider than the mentally challenged people I work with,? and so that caught my eye immediately, because why would a defense attorney be upset at a black stranger and starting using his own clients to engage in harassment??

Kweli responded to the tweet, explaining that he doesn?t start arguments, but is willing to engage when challenged. ?And so, I engaged him,? he said. ?And the way I engage people who harass me like that is I always ask them to explain their position, because if you ask a racist or a bigot to explain their position, it falls apart.?

As this went on, Kweli eventually posted Van Dyke’s publicly available business contact info — and, not unlike Ken White, Twitter stupidly temporarily suspended Kweli’s account, because (again) Twitter is bad at understanding the difference between abuse and calling out abuse. Over the last few months and weeks, Van Dyke has been ranting about Kweli, Langton and White. He even wrote up and posted completely made up stories about Langton and White, calling them satire. It seems like he thinks he’s proving a point, though what point is unclear.

As for why Van Dyke was finally suspended from Twitter, it was apparently for tweeting a pretty gruesomely horrible racist tweet — involving both the n-word and a noose. In the HuffPo article, they spoke to the president of the Texas state bar, who does not seem happy about Van Dyke’s actions:

?The statements attributed to this individual are reprehensible and contrary to the values we hold as Texas lawyers,? State Bar of Texas president Tom Vick said in an email to HuffPost. ?I condemn them in the strongest terms.?

Meanwhile, Van Dyke has been posting (on various other social networks) increasingly angry messages about Kweli — many of which have pretty clear racist overtones, and some of which include threats of violence. He complains about Kweli being “uppity” while promising to beat him and skin him alive. He compares Talib to Amadou Diallo, the man assassinated by the NYPD in 1999. He also says that Talib will have to change his name to “Toby”, a pretty damn likely reference to the famous scene in Roots in which Kunta Kinte is whipped by his owner, until he says his name is Toby — at which point the owner says “Aye, that’s a good n****r.” So, yeah. If Van Dyke is trying to portray himself as not being racist, he’s not doing a very good job of it so far.

And, because Van Dyke never seems to find the bottom of the hole he keeps digging, Asher Langton posted the following screenshot of Van Dyke not only promising to sue White, Langton, Kweli and the Huffington Post today, but also saying that he doesn’t care if he gets disbarred or sanctioned, and if they do he’ll defend himself with a gun.

If you can’t see that, it says:

No longer welcome where I’ve trained for years. This is the final straw. Langton, White, Kweli, HuffPo – they are all getting sued first thing Monday morning. This ends now. They can disbar me if they want, I don’t give a damn. If they sanction me, my property is defended with a 50 BMG.

I’m guessing that the Texas bar might not like that one so much either — nor any court where these lawsuits may be filed. Of course, we saw similar threats in what we posted about Van Dyke years ago as well, which did not lead to lawsuits. This time, he has sued Bello and Mockingbird, though, so perhaps he will attempt to follow through on these other threats also. Apparently he has sent Mockingbird/Bello’s lawyer the following email, asking to amend the original complaint to raise the damages from 60,000to60,000 to 60,000to10 million and to add White, Langton, Kwelli, Huffington Post and Andy Campbell (the author of the HuffPo piece).

It is, at the very least, unclear how he thinks any of this helps him rather than digging him deeper and deeper into a hole. As far as I can tell, Van Dyke seems upset that he’s facing the consequences of his own actions — which include threats of violence and lawsuits in addition to a variety of other highly questionable statements. And rather than recognize that perhaps he shouldn’t do those things, he’s responding to people who document his own statements by doing even more of the same, which only continues the cycle. We’ll see if he’s actually foolish enough to follow through on this lawsuit. It is unlikely to end well. Not only are there unlikely to be any legitimate claims, it makes no sense to add them to this other lawsuit, which is about an entirely different set of statements. Randomly joining together other people who have called you out separately hardly seems like good lawyering. It does, however, remind us of Rakofsky v. the Internet, in which a young (and not very good) lawyer sued basically everyone who criticized him. It didn’t end well. And, of course, that one didn’t include threats of violence mixed in.

I suspect he’s not interested in taking our advice — he has regularly mocked Techdirt any time we’ve written about him — but there’s a time when the correct response is to stop digging. Suing people for calling you out won’t end well. Threatening violence, repeatedly, over criticism is not a good look, especially for a lawyer.

Filed Under: asher langton, gerry bello, jason lee van dyke, ken white, proud boys, slapp, talib kweli, texas, threats, violence
Companies: mockingbird

DOJ Still Demanding Identity Of Twitter Users Because Someone They Shouldn't Have Arrested Tweeted A Smiley Emoji

from the this-case-remains-fucked-up dept

Last month, I had two blog posts about a particularly insane lawsuit being pushed by the Justice Department against a computer security researcher, Justin Shafer. As we explained, the arrest and prosecution of Shafer appeared to be the result of a truly ridiculous vendetta against Shafer by the FBI because Shafer got angry over a previous (and totally misguided) decision to raid his home, after he properly disclosed security problems involving some dental practice software. It seems clear that Shafer never should have been arrested (and never should have had the FBI raid his house three times over just a few months). Of course, what first brought the case to my attention was an even more ridiculous part of the story, in which the DOJ had sent a subpoena to Twitter demanding basically all info on five Twitter users — even though two of them don’t hide their identity — because Shafer tweeted a smiley emoji at them.

That story is even more insane than it sounds, but I’m not going to repeat the details here — I’ll just repeat: the case involved the DOJ demanding the identity (and more) of five Twitter users because someone else (who they’re railroading over bogus charges) sent a smiley emoji to them on Twitter where they were discussing a different lawsuit altogether.

We now have two updates on that story: (1) Shafer is appealing the fact that he’s still in jail, months later and (2) the DOJ has refused to withdraw the emoji subpoena. Yes. You read that right. The DOJ is doubling down, demanding the identity (and more) of Twitter users because someone they never should have arrested, sent a smiley emoji to them. We can cover that second point first because there’s not much more to say beyond “What the fuck is wrong with the DOJ?” As you may recall, the five Twitter users whose info was sought by the subpoena included @dawg8u (“Mike Honcho”), @abtnatural (“Virgil”), @Popehat (Ken White), @associatesmind (Keith Lee) and @PogoWasRight (Dissent Doe). Ken White and Keith Lee are both known (and each has blogged about the situation). The rest are at least partially pseudonymous. Dissent Doe, for one, has strong reasons for retaining anonymity, given her focus on data breaches and privacy issues. She revealed the DOJ’s stunning decision to keep going over the weekend, noting that she now needs to fight the subpoena in court.

Dissent Doe explained to me later that her lawyers have tried, repeatedly, to contact the DOJ about this ridiculous subpoena, and the DOJ has ignored all attempts to communicate. Twitter has told her that any motion to quash the subpoena needs to be filed this week. She also notes, appropriately, that she’s “really really ticked off” about all of this. We all should be.

And, just to be clear, there is no way the subpoena is even remotely Constitutional. Not even armchair lawyers could possibly think so. Over and over again, courts have said that anonymity is protected under the First Amendment, and you need to have very strong reasons to pierce the anonymity. The key case here is McIntyre v. Ohio Elections Commission, but plenty of others have weighed in since then. As we pointed out, the recent Awtry v. Glassdoor case nicely summarizes the history of cases protecting anonymity under the First Amendment:

_The Supreme Court has recognized that ?an author?s decision to remain anonymous, like other decisions concerning omissions or additions to the content of a publication, is an aspect of the freedom of speech protected by the First Amendment.? McIntyre v. Ohio Elections Comm?n, 514 U.S. 334, 342 (1995). Indeed, ?[t]he right to speak anonymously was of fundamental importance to the establishment of our Constitution.? Doe v. 2TheMart.com Inc., 140 F. Supp. 2d 1088, 1092 (W.D. Wash. 2001) (citing McIntyre, 514 U.S. at 341-42). In particular, ?Justice Black . . . reminded us that even the arguments favoring the ratification of the Constitution advanced in the Federalist Papers were published under fictitious names.? McIntyre, 514 U.S. at 342 (citing Talley v. California, 362 U.S. 60, 64 (1960)). So too were the responses of the anti-federalists, which were published by authors who used such fictitious names as ?Centinel,? ?Brutus? and ?The Federal Farmer.? In re Anonymous Online Speakers, 661 F.3d 1168, 1172-73 (9th Cir. 2011).

Further, it is well-established that anonymous speech on the Internet, like other types of anonymous speech, enjoys First Amendment protection. In re Anonymous Online Speakers, 661 F.3d 1168, 1173 (9th Cir. 2011)(?online speech stands on the same footing as other speech?there is `no basis for qualifying the level of First Amendment scrutiny that should be applied? to online speech?) (quoting Reno v. Am. Civil Liberties Union, 521 U.S. 844, 870 (1997)). As the Ninth Circuit has explained, ?the ability to speak anonymously on the Internet promotes the robust exchange of ideas and allows individuals to express themselves freely without `fear of economic or official retaliation . . . [or] concern about social ostracism.’? Id.(quoting McIntyre, 514 U.S. at 341-42).

First Amendment protection of anonymous speech ?is not unlimited, however, and the degree of scrutiny varies depending on the circumstances and the type of speech at issue.? Id. Political speech is considered to be ?core? speech and is afforded the highest level of First Amendment protection. McIntyre, 514 U.S. at 346. Online messages such as the ones at issue here are also entitled to some level of First Amendment protection, even if the hurdle for overcoming that protection is less stringent than it is for political speech. See In re Anonymous Online Speakers, 661 F.3d 1168 at 1177; see also Highfields Capital Mgmt., L.P. v. Doe, 385 F. Supp. 2d 969 (N.D. Cal. 2005) (finding that identity of individual who anonymously posted derogatory comments about a company on an online message board was protected from disclosure under the First Amendment); Art of Living Foundation v. Does 1-10, No. 10-cv-5022 LHK, 2011 WL 5444622, at *5 (N.D. Cal. Nov. 9, 2011) (finding the standard articulated in Highfields applied to anonymously posted online commentary criticizing the plaintiff?s organization).

Given that tons of people are pointing this out publicly, what possible reason could the DOJ have for continuing to push Twitter to cough up this info other than to just be assholes?

As for the second update: Shafer has appealed the decision of a magistrate just revoking his pretrial release. The filing, by lawyers Tor Ekeland and Frederic Jennings, is… quite a read (and even cites my articles). It certainly doesn’t hold back:

The government accuses Justin Mark Shafer of putting an FBI agent and his wife in substantial emotional distress and publishing restricted information about that FBI agent with the intent to incite violence against him. But nowhere in the record, or in the discovery in this case, is there any true threat of violence against anyone. There is no explicit language articulating any kind of threat. The ?restricted? information in question was a prior home address for the FBI agent, publicly available on the internet. This entire case is built on innuendo and speculation that withstands neither constitutional nor statutory scrutiny. It is a chilling example of federal law enforcement overreach, and has serious ramifications for constitutional free speech and due process in relation to the internet and computer law. If the government?s accusations in this case are a crime, then millions of social media using Americans are subject to the prosecutorial whim of the Department of Justice.

The factual bases of the government?s bare bones indictment are a handful of public tweets; a Facebook friend request and message sent to a public Facebook account; the following of a public Twitter account;1 and two emails to an FBI Agent ? one with a ? emoji and another inquiring about the status of a report of a patient privacy violation. The Defendant made no attempt to mask his identity, and the FBI never contacted the Defendant to express any concern or to ask him to stop his communications. Instead they arrested him. And any claim that he engaged in a sustained course of conduct with a continuity of purpose to cyberstalk or threaten are ludicrous when compared to facts embodied in the case law regarding these statutes.

These accusations led to a pretrial release order so broad it functioned as a prior restraint on Mr. Shafer?s constitutional right to speak about the accusations made against him. When he sought to do so ? through a post on his work-related blog ? the magistrate judge revoked release, broadly interpreting the release condition terms and finding a violation of those conditions.

An innocent man?who the government has not charged, and cannot charge, with any violent crime, nor with any history of violent crime? is now in jail on the basis of protected speech.

I recommend people read the entire document, as it goes into great detail (even beyond my original posts) about the vindictive nature of the FBI’s vendetta against Shafer — not for doing anything wrong, mind you — but for being upset that the FBI raided his house and took all his electronics twice for completely bogus reasons. And it’s not just Shafer, but Shafers three kids who are now traumatized over the mutliple FBI raids, in which agents pointed weapons at the children, or denied their parents the ability to get the children out of their rooms for extended periods of time.

The children now suffer currently from trauma and substantial emotional distress as a result of the repeated armed FBI raids. The Shafers? three-year old is now unable to sleep alone in her room. Their (now) six-year old is struggling and withdrawn in school, where he previously excelled. Their ten-year old is now afraid to be near open shades, for fear of being surveilled…. Their father has not come home since April 18, 2017, because he is in jail awaiting trial.

As for why Shafer has been in jail all this time? Apparently it’s because he wrote a blog post about the case. You can read that blog post here. I wouldn’t necessarily say that the blog post was a good idea, because he’s clearly venting his anger about the arrest and the treatment by the FBI and Special Agent Nathan Hopp in particular. But it hardly meets the criteria of threatening Hopp or “contacting” him via social media. And yet, since Shafer was barred from either of those things as condition for pretrial release, he was brought back in and has been in jail ever since. That raises a whole new set of First Amendment questions. Shafer is in jail for blogging.

During the period of Mr. Shafer?s pretrial release, he committed no crimes. He used no illegal or prohibited substances. He neither fled nor attempted to flee. He did nothing that posed a threat to the safety of any person or the community. He simply wrote a blog post comprised of constitutionally protected speech criticizing his prosecution. (See Ex. C, April 14, 2017 Blog Post) For this he has been taken away from his wife and children.

Shortly after the blog post was published, Mr. Shafer received a notice of potential violation of his pretrial conditions of release.

On April 18, 2017, a revocation hearing was held before Magistrate Judge Toliver. The government referenced vague concerns regarding flight risk, and claimed that the blog post Mr. Shafer had written was evidence of danger to the community or violation of the no-contact order between Mr. Shafer and SA Hopp. The government argued at the revocation hearing that merely ?criticizing? SA Hopp in the ?blog site? [sic] was indirect contact. (Tr. 5:8-6:10 (Apr. 18, 2017).) At the close of the revocation hearing, Magistrate Judge Toliver revoked Mr. Shafer?s pretrial release order. He has been detained since.

More specifically, Shafer’s lawyers point out:

The original terms of his supervised release violated his free speech rights under the First Amendment. Imprisoning him pre-trial based on his speech is unconstitutional. This current, unconstitutional incarceration before an adjudication by a jury of his peers hampers Mr. Shafer?s ability to put on an effective defense, as he is not free to diligently prepare for his defense with his attorneys due to constant monitoring and harassment in jail. This violates his Fifth Amendment Due Process rights and his Sixth Amendment right to mount an effective defense. Moreover, none of Congress?s narrowly prescribed exceptions to an innocent defendant’s presumption of liberty apply here. Mr. Shafer should be released pre-trial under appropriate conditions because his current incarceration violates the Constitution and federal law.

Everything about this case is crazy. We’ve certainly seen overreach by the DOJ in the past, but this case seems like a pretty blatant example not just of overreach, and not just of the DOJ doing whatever the fuck it wants, but of it doubling down to violate the rights of people just because it doesn’t like being called out about it.

Filed Under: anonymity, cfaa, disclosure, dissent doe, doj, fbi, first amendment, identity, justin shafer, keith lee, ken white, nathan hopp, popehat, subpoena, vendetta
Companies: twitter

The DOJ's Bizarre Subpoena Over An Emoji Highlights Its Ridiculous Vendetta Against A Security Researcher

from the lawlessness-under-the-guise-of-law-enforcement dept

Yesterday we broke the crazy story of how the DOJ issued a subpoena to Twitter attempting to identify five Twitter users, not because of anything they had done, but because someone else the DOJ disliked — a security researcher named Justin Shafer — had tweeted an emoji at them in response to a discussion about a different case. You can read all the details in that original post, in case you missed it yesterday. There was so much craziness in that story that I didn’t even get to cover all of it. Some of those named in the subpoena have posted their thoughts — including Ken “Popehat” White and Keith Lee. I suggest reading both, as the subpoena directed at each of them was particularly silly, given that both freely make their identities public. The DOJ didn’t seem to do even the slightest research into the accounts it was demanding info on, or it would have known just how easy it was to “unmask” White and Lee.

As for the other three Twitter accountholders — all of them are anonymous. But the DOJ certainly has zero legal basis for unmasking them. As we’ve discussed repeatedly in the past, anonymous speech is also protected by the First Amendment, and there’s a very high bar for law enforcement to get past to unmask anonymous speakers. EFF’s Kurt Opsahl pointed to a concise statement on this in a recent ruling in the Awtry v. Glassdoor case, which Lee also reposts in his blog:

The Supreme Court has recognized that “an author’s decision to remain anonymous, like other decisions concerning omissions or additions to the content of a publication, is an aspect of the freedom of speech protected by the First Amendment.” McIntyre v. Ohio Elections Comm’n, 514 U.S. 334, 342 (1995). Indeed, “[t]he right to speak anonymously was of fundamental importance to the establishment of our Constitution.” Doe v. 2TheMart.com Inc., 140 F. Supp. 2d 1088, 1092 (W.D. Wash. 2001) (citing McIntyre, 514 U.S. at 341-42). In particular, “Justice Black . . . reminded us that even the arguments favoring the ratification of the Constitution advanced in the Federalist Papers were published under fictitious names.” McIntyre, 514 U.S. at 342 (citing Talley v. California, 362 U.S. 60, 64 (1960)). So too were the responses of the anti-federalists, which were published by authors who used such fictitious names as “Centinel,” “Brutus” and “The Federal Farmer.” In re Anonymous Online Speakers, 661 F.3d 1168, 1172-73 (9th Cir. 2011).

Further, it is well-established that anonymous speech on the Internet, like other types of anonymous speech, enjoys First Amendment protection. In re Anonymous Online Speakers, 661 F.3d 1168, 1173 (9th Cir. 2011)(“online speech stands on the same footing as other speech—there is `no basis for qualifying the level of First Amendment scrutiny that should be applied’ to online speech”) (quoting Reno v. Am. Civil Liberties Union, 521 U.S. 844, 870 (1997)). As the Ninth Circuit has explained, “the ability to speak anonymously on the Internet promotes the robust exchange of ideas and allows individuals to express themselves freely without `fear of economic or official retaliation . . . [or] concern about social ostracism.’” Id.(quoting McIntyre, 514 U.S. at 341-42).

First Amendment protection of anonymous speech “is not unlimited, however, and the degree of scrutiny varies depending on the circumstances and the type of speech at issue.” Id. Political speech is considered to be “core” speech and is afforded the highest level of First Amendment protection. McIntyre, 514 U.S. at 346. Online messages such as the ones at issue here are also entitled to some level of First Amendment protection, even if the hurdle for overcoming that protection is less stringent than it is for political speech. See In re Anonymous Online Speakers, 661 F.3d 1168 at 1177; see also Highfields Capital Mgmt., L.P. v. Doe, 385 F. Supp. 2d 969 (N.D. Cal. 2005) (finding that identity of individual who anonymously posted derogatory comments about a company on an online message board was protected from disclosure under the First Amendment); Art of Living Foundation v. Does 1-10, No. 10-cv-5022 LHK, 2011 WL 5444622, at *5 (N.D. Cal. Nov. 9, 2011) (finding the standard articulated in Highfields applied to anonymously posted online commentary criticizing the plaintiff’s organization).

That the Assistant US Attoreny, Douglas Gardner, who signed off on the subpoena, either didn’t know this or didn’t care is hugely troubling and problematic. As Scott Greenfield colorfully summarizes of the federal agents involved in this case, looking at the details, “this situation is so utterly idiotic as to make one wonder how they can get out of bed without hurting themselves.”

Of course, for White and Lee, this is mostly amusing. For the other three, it’s likely that the DOJ will backdown, though it may cause them something of a headache in the meantime.

But the really crazy story is what’s going on with Justin Shafer, the security researcher at the heart of all of this. As we explained yesterday, Shafer had exposed some bad technology practices by various dental software companies — including fake encryption that resulted in an FTC fine — and a wide open FTP server revealing private info on customers. The latter resulted in the FBI raiding his home and taking all of his electronics. That, of course, set things off on the crazy course leading to the emoji subpoena, because Shafer got interested in finding out more about FBI Special Agent Nathan Hopp (who Shafer initially thought was Nathan “Hawk”). As mentioned yesterday, I don’t agree with Shafer’s decisions and actions in trying to track down Hopp, but to argue that it was, in anyway, criminal Cyber Stalking seemed nuts.

Dissent Doe, one of the anonymous users whose info was subpoenaed by the DOJ, and who has worked with Shafer in the past to (ethically) expose breaches has a longer post detailing just how totally fucked up the DOJ’s claims are against Shafer. It’s even worse that we initially thought. In the criminal complaint we posted yesterday, we didn’t even get into the earlier parts, where FBI Special Agent Ronnie Buentello tries to connect Shafer to a fairly well known black hat hacking group that deals in vulnerabilities and illegally accessed information, called The Dark Overlord. The Dark Overlord actually was in the press this week for accessing private info from a plastic surgeon who works with many famous people, and promising to release the info.

In the Buentello’s affidavit with the criminal complaint against Shafer, the FBI agent tries to connect Shafer to The Dark Overlord, claiming that the dental database he had discovered available online was also found in The Dark Overlord’s possession, and also presenting evidence of communications between Shafer and The Dark Overlord. It’s not at all clear what that has to do with with Shafer’s alleged “Cyber Harassment” of Nathan Hopp, but it’s certainly presented to the grand jury in a way to make Shafer out to be a bad dude:

On June 29, 2016, FBI Atlanta (NDGA) opened a criminal computer intrusion investigation on an individual using the online moniker, “TheDarkOverlord,” who claimed to have stolen 655,000 patient medical records and attempted to extort medical facilities he victimized. As part of their case, FBI Atlanta is investigating JUSTIN SHAFER as a co-conspirator of “TheDarkOverlord.” Subsequent media reports confirmed “TheDarkOverlord” had posted the records for sales where he was seeking 60 Bitcoins ($39,782.00) for a Farmington, Missouri database of 47,864 records, which was found on JUSTIN SHAFER’s computer during a search warrant executed on January 29, 2017; 170 Bitcoins ($112,200.00) for a Central/Midwest database containing 207,572 records; and 300 Bitcoins ($197,940.00) for a Blue Cross/Blue Shield (BC/BS) database containinng 396,458 records. Since his appearance in June 2016, “TheDarkOverlord” has claimed approximately 15 major computer breaches and the sale of one million customer PII records, and engaged in extortion of the victims across the United States, targeting medical providers, financial companies, large U.S corporations, and even a provider of cancer servcies in Indiana. In most cases, “TheDarkOverlord” extorted his victims with verbose, condescending, and abusive language, and taunted victim companies, their employees, and (in at least one case) the children of victim employees. “TheDarkOverlord” has carried out threats to release data when victims declined to pay, and has made implied threats to FBI Agents in Atlanta and New Orleans.

Collaboration between multiple FBI Divisions has subsequently identified significant links (IP addresses, emails, social media ccounts) between “TheDarkOverlord” and JUSTIN SHAFER. On January 29, 2017, FBI Dallas, FBI Atlanta, FBI Saint Louis, FBI New Orleans, and FBI Newark executed a search warrant at JUSTIN SHAFER’s residence, located in North Richland Hills, Texas. At time of entry, JUSTIN SHAFER was logged into at least two different workstations in his home office and garage. During the execution of the search warrant, the FBI seized approximately 29 evidence items, including desktops, laptops, hard drives, router, several cell phones, numerous universal serial bus (USB) drives, CD’s, and an Xbox game console. A chat session appearing to be with “TheDarkOverlord” was observed on a computer during the execution of the search warrant. In the months following the initial search warrant on May 25, 2016, several online media outlets published articles defending Shafer as a “security researcher” and admonished the FBI for executing a search warrant at his residence. SA Nathan Hopp was present for both search warrants that were executed on May 25, 2016 and on January 29, 2017.

Sounds pretty nefarious, right? Right. Except… as Dissent Doe points out, this leaves out a ridiculous amount of context that suggests that rather than collaborating with “TheDarkOverlord” (or maybe even being TheDarkOverlord as some might read the Buentello’s account to suggest, Shafer had a long history of trying to expose TheDarkOverlord — and, specifically to share the details of what he learned with the FBI.

What the FBI did not tell the court was that Shafer had emailed that very database to the FBI in July, 2016, telling the FBI that TheDarkOverlord gave it to him, unsolicited, duing a chat on Twitter.

So here’s “Exhibit A” for you: the email Justin Shafer sent on July 1, 2016 to this blogger and the Dallas FBI with the database the FBI would later claim supported a suspicion that he was a “co-conspirator:”

On July 1, 2016, Shafer emailed the Dallas FBI a copy of a database TheDarkOverlord had given him via Twitter. On March 31, 2017, the FBI claimed they found it during a raid of his home in January and never mentioned that he had provided it to them voluntarily in July, 2016.

Okay. But how about that supposed “chat session” that Shafer was having with The Dark Overlord when the FBI raided his house?

The affidavit referred to a chat session, but did not indicate whether it was a file copy of an old chat session or a new one in progress at the time of the raid. In fact, Shafer did have a number of private (DM) conversations on Twitter with TheDarkOverlord that Shafer logged. He often reviewed the logs afterwards, looking for additional clues in the material. Shafer generally shared his logs of the chats with this blogger and with others – including the FBI.

So now view “Exhibit B:” an email Shafer sent on July 3, 2016 to an NHS unit in the U.K. to warn them that they had been hacked by TheDarkOverlord. Shafer had been told about the hack in a private conversation with TheDarkOverlord and then tried to contact the NHS so that they could secure their data and warn patients. Shafer also cc:d Dallas FBI on that email, and included part of the chat log between him and TheDarkOverlord:

When Shafer learned that TheDarkOverlord hacked the NHS, he tried to notify the NHS and cc:d the Dallas FBI. Part of the chat log between Shafer and TheDarkOverlord that was emailed to the Dallas FBI to alert them. The FBI would later suggest that finding chat logs on Shafer’s computers was somehow evidence that he was a co-conspirator.

As Doe points out, Shafer was even continuing to share information on The Dark Overlord with the FBi after the FBI had raided his house. Doe points out, a la Scott Greenfield’s observations, that these FBI and DOJ folks don’t seem to have the slightest clue what they’re doing:

It seems the FBI couldn’t tell a white hat from a black hat. Or perhaps the Dallas FBI failed to share the information he was providing to them with the Atlanta and Missouri regions of the FBI and other regions investigating TheDarkOverlord. Despite TheDarkOverlord’s bizarre attempts to implicate Shafer or tease him, Shafer had always helpfully provided information to the FBI. What co-conspirator does that?

And do note that Shafer offered this help to the Dallas FBI in July, 2016 – even after they had raided him in May, 2016 and upset his children and damaged his property (he claims). He was still being a whitehat. What a shame that the Dallas FBI did not respond to him that way.

Now consider “Exhibit C:” If Shafer was a co-conspirator, why was he running around the internet trying to get TheDarkOverlord patient data dumps removed? Here’s an email from Mega.nz in February, 2017 thanking Shafer for notifying them and saying they suspended TDO’s account. It was not the first time Shafer had contacted them. And once again, Dallas FBI was cc:d.

File-sharing site Mega.nz thanked Shafer for alerting them to a data dump of sensitive information.

So beginning in July, 2016 and thereafter, Dallas FBI received evidence that Shafer provided to try to help them catch TheDarkOverlord. Does any of the evidence above look like someone conspiring with TheDarkOverlord or does it look like someone trying to help law enforcement catch TheDarkOverlord?

As Doe further points out, the FBI has all of this evidence. It chose to selectively present it to a grand jury in a manner that totally misrepresents Shafer’s relationship to The Dark Overlord (and to the FBI, for that matter). It really looks as if the somewhat clueless FBI was just so focused on protecting one of its own — Special Agent Nathan Hopp — that it appears to have practically framed Shafer to the grand jury to lead to his eventual arrest and indictment.

And, on that note, in April of this year, Shafer was indicted (though, somewhat oddly, in a different district…) for the supposed Cyber Stalking of Hopp. The indictment, somewhat ridiculously, claims that Shafer “with intent to injure, harass, and cause substantial emotional distress” had “used and attempted to use, facilities in interstate and foreign commerce, including electronic mail and internet websites, to engage in a course of conduct that caused and attempted to cause substantial emotional distress to the victims.”

Again, I think that Shafer probably went overboard in venting his anger about Hopp and posting some publicly available info about Hopp and his family. He also did reach out to Hopp’s wife via Facebook — which, again, seems dumb. But to argue that his messages were harassing seems like a stretch. The conversation was Shafer asking Hopp’s wife to ask Hopp to return the videos of his kids that had been seized in an earlier raid. Again, this is a dumb thing to do, but it seems like a stretch to call it cyber stalking.

Meanwhile, another thing found in the original affidavit was a chat between Shafer and a friend of his, Darrell Pruitt, in which Pruitt responded “What an asshole” following Shafer’s sharing some info on Hopp. Pruitt commented on our story, noting that his involvement meant that the FBI showed up at his office:

As a friend of Justin, he shared with me his suspicion of FBI Special Agent Nathan Hopp’s (or Hawk’s) perceived vendetta as it was happening. I responded, “What an asshole.” And that was enough to warrant an unannounced visit to my dental office by two agents, whose questions indicated to me that they really didn’t have a clue about the case they were prosecuting. I think they were disappointed that I actually didn’t assist Justin in identifying Hopp, that I have nothing to do with TheDarkOverlord, and that no money had been exchanged between Justin and me… Thus went an hour of my life which I’ll never regain – Not to mention that my first patient waited in my dental chair for an hour while I was asked pointless questions. I was even warned by one of the agents that “‘I don’t know’ will only go so far.” But it is the damn truth.

This whole story is crazy and bizarre — but really raises serious questions about a DOJ and FBI totally out of control.

Filed Under: dissent doe, doj, fbi, justin shafer, keith lee, ken white, nathan hopp, popehat, security research, the dark overlord

DOJ Subpoenas Twitter About Popehat, Dissent Doe And Others Over A Smiley Emoji Tweet

from the our-tax-dollars-at-work dept

So, here’s a fun one. Back in May, the Justice Department — apparently lacking anything better to do with its time — sent a subpoena to Twitter, demanding a whole bunch of information on a five Twitter users, including a few names that regular Techdirt readers may be familiar with:

If you can’t see that, it’s a subpoena asking for information on the following five Twitter users: @dawg8u (“Mike Honcho”), @abtnatural (“Virgil”), @Popehat (Ken White), @associatesmind (Keith Lee) and @PogoWasRight (Dissent Doe). I’m pretty sure we’ve talked about three of those five in previous Techdirt posts. Either way, they’re folks who are quite active in legal/privacy issues on Twitter.

And what info does the DOJ want on them? Well, basically everything:

1. Names (including subscriber names, user names, and screen names); 2. Addresses (including mailing addresses, residential addresses, business addresses, and e-mail addresses); 3. Records of session times and durations, and the temporarily assigned network addresses (such as Internet Protocol (“IP”) addresses) associated with those sessions; 4. Length of service (including start date) and types of service utilized; 5. Telephone or instrument numbers (including MAC addresses, Electronic Serial Numbers (“ESN”), Mobile Electronic Identity Numbers (“MEIN”), Mobile Equipment Identifier (“MEID”), Mobile Identification Numbers (“MIN”), Subscriber Identity Modules (“SIM”), Mobile Subscriber Integrated Services Digital Network Numbers (“MSISDND”), International Mobile Subscriber Identifier (“IMSI”), or International Mobile Equipment Identities (“IMEI”)); 6. Other subscriber numbers or identities, or associated accounts (including the registration Internet Protocol (“IP”) address); 7. Means and source of payment for such service (including any credit card or bank account number) and billing records.

That’s a fair bit of information. Why the hell would the DOJ want all that? Would you believe it appears to be over a single tweet from someone to each of those five individuals that consists entirely of a smiley face? I wish I was kidding. Here’s the tweet and then I’ll get into the somewhat convoluted back story. The tweet is up as I write this, but here’s a screenshot in case it disappears:

And, just to make it clear, here are all the users “in the conversation” on that tweet (since Twitter now buries at least some of that information):

You’ll note that all of the names are the same names as listed in the subpoena above (as a point of clarification, the four users listed below were already in the conversation, so their metadata gets swept along, and then the tweeter, Justin Shafer, is also adding in @PogoWasRight to the conversation).

So, who is Justin Shafer, and what the hell is all of this about? Buckle up, because it’ll take a bit of background to get around to this tweet (and, yes, it will still feel very, very, stupid that this subpoena was ever issued). First up: Justin Shafer is a security researcher, who has some history spotting bad encryption. Go back to 2013 and he had spotted a weak not really “encryption” standard put out by Faircom. Once it was called out as weak, vulnerable and not really encryption, Faircom rebranded it from the “Faircom Standard Encryption” to “Data Camouflage” since the reporting by Shafer showed that it wasn’t really encryption at all — but just a weak attempt at obfuscation.

Fast forward to late 2013, when a dentist named Rob Meaglia alerted some of his patients that a computer was stolen from his offices with “medical records and dental insurance information.” But, Dr. Meaglia told his patients that the records system they were using, Dentrix, made by a company called Henry Schein, Inc., had all of that data encrypted. Except it appeared that Dentrix was actually using Faircom’s “Data Camouflage” and not actual encryption. And, as that link notes, Henry Schein, Inc. had been informed of this problem months earlier, around the time Faircom admitted it wasn’t actual encryption.

In May of 2016, the FTC announced a settlement with Henry Schein, Inc. over the claim that it “falsely advertised the level of encryption it provided to protect patient data.” Kudos to Justin Shafer.

But, literally days later, the FBI was raiding Justin Shafer’s home and taking all of his computers. This was not specifically about the Harry Schein case, but since Shafer had continued to investigate poor data security practices involving dentists, he’d come across an FTP server operated by another dental software company, Patterson Dental, which makes “Eaglesoft,” a dental practice management software product. Shafer had discovered an openly available anonymous FTP server with patient data. Shafer did the right thing as a security researcher, and alerted Patterson. However, rather than thanking Shafer for discovering the server they had left with patient data exposed, Patterson Dental argued that Shafer had violated the CFAA in accessing the open anonymous FTP server. Hence the FBI raid.

Not surprisingly, Shafer was none too pleased with the FBI’s decision to raid his home and take all of his electronics. In particular, it appears he was especially annoyed with FBI Special Agent Nathan Hopp (who he initially believed was actually Nathan “Hawk.”)

Fast forward to March of this year, to an entirely different story: the FBI arresting John Rivello for “assaulting” journalist Kurt Eichenwald with a tweet. If you follow Techdirt related stuff, you probably remember that whole story. Lots of people, including us, posted the criminal complaint that was put together by one Nathan Hopp, a special agent at the FBI.

It appears that the Rivello arrest and subsequent news coverage suddenly alerted Shafer to the fact that “Nathan Hawk” was actually “Nathan Hopp” and Shafer began a bit of an open source “investigation” on Twitter. I wouldn’t necessarily call the following tweets “smart,” but Shafer, finally aware of the FBI agent who lead the raid on his house, started trying to find any public info on Hopp — and his family. Now, searching out his family isn’t great. But it does appear that he was just looking up publicly available information:

At this point, the FBI decided to start protecting its own. Seeing as the guy whose home the FBI had ridiculously raided a year earlier was now tweeting some info about one of its special agents, the FBI started putting together a new criminal complaint arguing that all of the tweets above amounted to “Cyber Stalking” under 18 USC 2216A. This seems like a huge stretch, because that law requires “intent to kill, injure, harass, intimidate, or place under surveillance….”

Either way, about the time all of this was happening, Ken “Popehat” White had started another Twitter thread about the Rivello arrest, leading Virgil and Keith Lee to respond about the criminal complaint, eventually leading Mike Honcho to note “Nathan Hopp is the least busy FBI agent of all time.” It is to that tweet that Shafer replies with his smiley emoji and adds or cc’s, Dissent Doe to the conversation:

And that takes us to 10 days later, when a new criminal complaint against Shafer is issued*, arguing that those tweets were criminal Cyber Stalking. And because part of that included his smiley emoji in response to the Popehat thread/Honcho tweet, the DOJ felt it necessary to issue a subpoena demanding basically all info on those 5 Twitter users (including Popehat, a former Assistant US Attorney whose info is pretty easy to find on Google). Perhaps the FBI somehow thinks that Shafer was really behind those other accounts or something — but anyone with even the slightest level of competence should realize that’s unlikely — and that’s got nothing to do with anything here anyway.

* As an aside, look closely at that criminal complaint against Shafer. I have no idea why but it appears that the FBI/DOJ is so clueless that rather than submitting the final complaint, they actually submitted the copy showing the “comments” on the Word doc they were using to prepare the complaint — which shows two comments that both suggest the FBI is well aware that this complaint is weak sauce and probably doesn’t meet the standard under the law… but this story is crazy enough without spending too much time on that.

Twitter is apparently fighting back against this subpoena. And even though it was issued back in May, a few days ago, the company alerted the individuals that the DOJ was demanding info on. Dissent Doe has already stated publicly a plan to move to quash the subpoena as well, and I wouldn’t be surprised to see the others named take similar steps.

But, really, take a step back and everything about this situation is crazy. Going after Shafer the first time was crazy. Going after him again for supposed “Cyber Stalking” over a few harmless tweets was clearly just the FBI trying to protect its own from being embarrassed online. Then, to subpoena a ton of info on 5 totally unrelated Twitter users… just because Shafer tweeted a smiley face emoticon at them? What the fuck is the DOJ up to? Doesn’t Assistant US Attorney Douglas Gardner, who signed the subpoena, have better things to do with his time, like going after actual criminals, rather than harassing people for tweeting?

Filed Under: cfaa, cyberstalking, dissent doe, doj, douglas gardner, emoji, encryption, fbi, fbi raid, justin shafer, keith lee, ken white, nathan hopp, pogowasright, popehat, subpoena, tweets
Companies: henry schein, patterson dental, twitter

Twitter Suspends Popehat For Writing About Violent Threats He Received From Another Twitter User

from the wait-what? dept

Twitter has gotten a lot of flack over the years for how it responds to threats and abuse online — much of it deserved. The company insists that it’s gotten much better about this, and now responds much more quickly to inappropriate threats or abuse online. But doing so is often difficult and bound to lead to some really bad decisions. Like one that just happened. Ken White’s Popehat account has been temporarily suspended from Twitter. Why? Because he posted a threat he had received from someone else on Twitter to Twitter. Update: after this story started getting some attention, Twitter reversed the suspension and publicly apologized, saying that it was an error.

If you’re a regular Techdirt reader, I’m sure you’re familiar with Ken “Popehat” White, the blogging lawyer who covers a lot of the same stuff we do, mainly in the free speech realm. Ken has also, a few times, represented us in response to silly legal threats we’ve received. If you’re a Twitter user, you may also be aware that Ken is a prolific and masterful user of Twitter often commenting on the news of the day. He also uses Twitter to do some law ‘splaining and to call out bullies and trolls. He’s pretty good at it. One such recent bully was a Texas lawyer named Jason L. Van Dyke. We actually wrote about Jason a few years ago when he tried to sue the Tor Project, because some revenge porn site used Tor. We didn’t hear much about him until a few months ago. It seems that, somehow, Van Dyke was offered a job as an assistant district attorney in Victoria County. For unclear reasons, that job offer was pulled. Van Dyke was not happy. He proceeds to sue the DA for pulling the job offer.

In the midst of all this, another Twitter user, Asher Langton — who has an uncanny ability to sniff out people online who are not exactly what they claim to be — pointing out that it certainly looked like there were very strong similarities between Van Dyke and someone claiming to be a lawyer trolling for business on the white supremacist site Stormfront. There’s a fair amount of back and forth between Langton and Van Dyke and then a direct threat from Van Dyke to knock out Langton’s teeth. At one point there was this bizarre drama in which Van Dyke gave Langton 24 hours to promise to stop talking about him or promising to come to Langton and punch out his teeth.

24 hours passed and nothing happened.

Anyway… around this point, Ken White steps in and writes up quite the post about Jason L. Van Dyke. It’s a good, well researched, thorough and detailed post as you might expect. In response, Van Dyke trains his anger on Ken, and starts tweeting shit about Ken and making similar threats to those he made to Langton (though a bunch of those tweets now appear to have been deleted).

There were other tweets that certainly appeared to imply potential violence against Ken including a meme involving a bullet, that Van Dyke posted to Ken’s Facebook thread about one of his posts:

Ken then posts a second story about being sent a truly pathetic “glitterbomb” by someone claiming to be a supporter of Van Dyke’s… and then goes on to expose someone who commented about Van Dyke on the earlier post, making Van Dyke out to be some sort of bad ass (or, as Ken puts it “a badass [as] might be imagined by a lonely 14-year-old.”) Ken tracks down some evidence suggesting that the comment came from Van Dyke himself or someone working with him (though, very likely Van Dyke himself).

Following that post, Van Dyke sent Ken this email:

If you can’t read that, it says:

White–

You listen to me, and you listen good. This ends now and here is how it’s going to work. I have deleted my Twitter account because, frankly, I have better things to do than deal with you and your followers. I am going to make you a one-time offer and you get to choose.

1. I am willing to walk away. Right here. Right now. You remove the libelous blog posts about me and make whatever excuse you want. I really don’t care what it is. You will never see or hear from me ever again. We both go about our lives. 2. You can do what I think you are more than likely to do anyway and simple add this e-mail to your blog post. If you d that, I want to make it very clear what is going to happen. I have a picture of you. I am going to put it on my mirror at home, near my desk, and in my truck. My pure and absolute hatred for you will be unprecedented. My hatred for you will serve as a motivation for me to build an entirely new business and to earn enough money so that, one day, I will be able to make your life such an absolute living hell that I’ll be able to hurt you without so much as laying a hand on you. I will make you so miserable and treat you with such extreme and completely unprecedented cruelly that you’ll either kill yourself or move yourself and your family to the most remote part of the world you can afford to escape my wrath. The bottom line is that I will not forget you and that there will be retribution. It may take me a year. It may take me 20 years. I may get you on my first try. I may get you on my seventeenth try. But I will never stop.

You will take this offer today or the only thing you will have to know is that, sooner or later, I will come for you.

Jason L. Van Dyke Attorney & Counselor at Law

So, nice guy, right? Ken posted that email to his blog and to Twitter, noting: “I don’t respond well to threats. It’s kind of a thing. Sorry, Jason.”

And… Twitter suspends Ken’s Popehat account for 12 hours. Ken’s. Not Jason’s. Not the guy doing the threatening. The guy posting about being threatened. It’s Twitter’s “cool off” suspension, in which your account is still live, but you can’t tweet, retweet or like other tweets for 12 hours.

Having seen stuff like this before, I’m pretty sure I know why Twitter did this, even if it’s stupid. Twitter’s terms of service and “rules” which are incorporated into the terms says that you cannot share private information. In the past I’ve seen similar suspensions when people post someone else’s email that includes phone numbers/addresses and the like. Indeed in a post that Ken just put up on his own blog, Twitter confirms that it’s the posting of someone else’s info that got him into trouble, though Ken points out that Twitter itself says that it will take context into account. And if you’re taking context into account, you have to wonder how it is that Ken gets suspended for highlighting the guy who threatened him, while the actual threatener remains free to post at will.

I asked Ken for a comment on the situation, and he told me:

Twitter is perfectly in its rights to do this. Twitter is a private company with its own free speech and free association rights. I’ve got no right to post there if they don’t want me to post there.

But I think most reasonable people would see this as egregiously stupid, and a sign of a recurrent problem — the systems that social media platforms put in place to deal with harassment are often dumb, and seem to catch people responding to threats and abuse as often as they catch the abuse itself.

Meanwhile, I’m not deleting the tweet. I wrote about a lawyer and damn-near-active-prosecutor who threatened people who writing about him, and he threatened me. When I wrote more, he threatened more, including that freakish email. That’s newsworthy, and I’m not taking it down.

Indeed. We’ve talked many times about the problems of demanding that platforms police behavior. It’s one of those things that seems easy, until you realize just how tricky it is. A trust and safety team dropping in on Ken’s conversations wouldn’t have the relevant background and is likely to rush through and make a bad decision. So be careful what you wish for when you say platforms should be policing content. They’re probably not up to the task.

Filed Under: jason l. van dyke, jason lee van dyke, jason van dyke, ken white, popehat, privacy, private info, suspension, threats, trust and safety
Companies: twitter

Seeking Clarification: Is James Woods A Hypocritical Asshole?

from the good-for-the-goose dept

Oh, James Woods. He has now “settled” the ridiculous lawsuit he filed against someone mocking him on Twitter… but is still fighting a fairly similar lawsuit that was filed against him — complaining that it’s an attack on his free speech rights.

If you don’t recall, the rather opinionated actor sued a trollish Twitter user who went by the name Abe List, after Abe referred to Woods as a “cocaine addict” in a clearly hyperbolic tweet. As the case progressed, “Abe List” died unexpectedly, leading to Woods obnoxiously gloating on Twitter that List had “dropped” his anti-SLAPP appeal, and when people pointed out it was only because List had died, Woods demonstrated what kind of character he is by cheering on the fact that someone died.

Nice guy, huh?

And, of course, that leaves out that Woods had a history of tweeting similarly hyperbolic statements about others who he disagreed with:

So, Woods was already looking fairly hypocritical here, but as you’ll see soon, that level of hypocrisy is becoming more pronounced.

Either way, after “List” died, you might think that Woods would just drop the case, but given his clear animosity (see tweet above) towards a guy making a silly statement on Twitter, he kept the case going in order to unmask the real identity of “List” and to potentially pursue the case against his estate. As first revealed by Eriq Gardner at THREsq, Woods has finally agreed to settle the case, but at least part of the terms of the settlement is that he got attorney Ken “Popehat” White (who you probably know if you’re reading Techdirt, and who has represented us at times) to write a silly letter stating what basically everyone in the world already knew: specifically that when Abe List referred to Woods as a “cocaine addict” it wasn’t meant to be taken literally:

From attorney Kenneth White, the letter states, “On behalf of my client ? the defendant referred to as ‘Abe List’ in the lawsuit filed by James Woods ? and my client’s surviving family, I acknowledge that they are not aware of any facts to suggest that Mr. Woods has ever been a cocaine addict or used any other drugs.”

Frankly, this feels more like an attempt to try to humiliate Ken (which, uh, generally isn’t a good idea), but the end result just makes Woods look ridiculously and almost comically petty.

Oh, and back to the hypocrisy thing. Earlier this year, we also noted, with some amount of irony, that Woods was now on the receiving end of a very similar lawsuit. A woman, Portia Boulger, sued Woods for calling her a “Nazi” in a tweet that was actually a case of mistaken identity. As we pointed out, unlike some people, we can remain true to our principles, and we believe that Boulger’s lawsuit against Woods is just as misguided and just as much as a SLAPP suit as Woods’ lawsuit was against List.

Either way, in that case, Woods’ lawyers filed a motion for judgment on the pleadings last month, which makes a bunch of statements that sound a little odd, considering they’re on behalf of someone who was (at the time) still engaged in litigation against someone who jokingly called him a “cocaine addict” on Twitter.

This case is simply an unsuccessful attempt by Plaintiff to quell the free speech rights of Mr. Woods, a conservative actor. Indeed, Plaintiff’s claims for defamation and false light/invasion of privacy both fail as a matter of law. First, Plaintiffs claim for defamation fails as a matter of law because Mr. Woods’ allegedly defamatory question is not a statement of fact. Nor would a reasonable reader interpret Mr. Woods’ question–seeking clarification–as inferring any factual content. Likewise, Plaintiff’s false light/invasion of privacy claim fails as a matter of law because no misrepresentation regarding Plaintiff’s character, history, activities or beliefs is present in Mr. Woods’ tweets, much less a misrepresentation that would warrant a reasonable person, in Plaintiff’s position, to take the serious offense required to succeed on a false light/invasion of privacy claim.

That’s… an interesting way of saying what happened. As a reminder, here’s how THResq described the tweet that Woods sent:

This all started in March 2016, after the Chicago Tribune posted a campaign rally photo of a woman who was wearing a Trump T-shirt and giving a Nazi salute ? the well-known ‘Heil Hitler’ salute with her right hand raised straight up ? and several Twitter users misidentified the woman in the picture as Boulger, according to the complaint. Woods tweeted the photo from his verified account and wrote, ?So-called #Trump ?Nazi? is a #BernieSanders agitator/operative??

So, yeah, his tweet was a “question” but a “reasonable person” would be unlikely to think that Woods was “seeking clarification.” Rather most reasonable persons would likely believe that Woods was implying strongly that Boulger, a Bernie Sanders supporter, had gone to a Trump rally and pretended to be a Nazi supporter of Trump (which she had not).

But, really, it’s the “reasonable person” line that’s the kicker here. Because that same “reasonable person” looking at Abe List’s tweets would similarly have been just as unlikely “to take serious offense” to that tweet. And, yes, there’s something fairly ridiculous for Woods to be whining that someone is trying to “quell” his free speech (even if true) when he was doing something quite similar at the very same time.

Later in the motion, Woods’ lawyers (properly) point out that “the general context of the statement” and the “broader context in which the statement appears” are a critical element in determining defamation — which, again, seems silly given that same test, applied to the guy Woods’ sued would likely have worked very much against Woods’ defamation case.

Finally the truly amazing argument, given Woods’ lawsuit against List. I’ll just post the paragraph here:

Likewise, Mr. Woods’ allegedly defamatory question appeared on his personal Twitter account, in the midst of a highly-contested and widely-covered presidential political campaign…. A personal social media account, such as an individual’s Twitter account, cannot reasonably be interpreted as a forum for fact reporting…. Rather, such a context is akin to a forum or editorial section of a newspaper where a reader would expect to see statements of opinion…. Additionally,Twitter, a social media platform powered by individual user accounts, can be described even more so as a “well established genre of opinionated speech as it is commonly known the average Twitter user is not “normally engaged in the business of factual reporting or news dissemination.”

What the actual fuck, James? I mean, I agree. That paragraph is 100% accurate. But it sure seems… massively hypocritical to make that argument while suing someone for their similarly silly tweet about you.

Either way, if you’re going to go around suing people for trollish tweets, perhaps don’t go around posting trollish tweets yourself. And, if you do and even continue to pursue them after their death, don’t then argue in a different lawsuit a bunch of points that totally undermine your own lawsuit. I mean, unless you want to be called out as a raging hypocrite.

Filed Under: abe list, context, defamation, free speech, james woods, ken white, portia boulger, rhetorical hyperbole, slapp

Our Response To Titan Note Sending A Frivolous Takedown Notice Over Our Critical Coverage

from the censorious-thuggery dept

We’ve written two separate stories about the Titan Note — a small recording/transcription device that was originally sold via a crowdfunding project at IndieGogo. It was an interesting device, that immediately generated a fair bit of press — though that included some reasonable skepticism about whether or not the product could really do what it claimed it could do (especially since many other larger companies couldn’t seem to produce similar voice recognition capabilities, despite putting tremendous resources towards it). I still backed the project hoping that maybe it was legit. The good press still beat out the few skeptical posts and the campaign initially raised over $1 million dollars. However, soon after the project closed, IndieGogo canceled the campaign (perhaps due to a group of online skeptics contacting them) and refunded everyone’s money, saying that that Titan Note had violated its terms. We reported on this not because of the project being canceled, but because in discussing the cancellation, the Verge also noted that Titan Note had sent a bogus DMCA notice over its skeptical story — and writing about censorious DMCA takedowns is pretty common around here.

Last week we wrote about Titan Note again, following what the company did after IndieGogo shut it down. Our post highlighted a number of other sketchy moves by the company, including blaming IndieGogo (and promising to sue the company for unspecified reasons). Then there was the second crowdfunding platform that also canceled a Titan Note campaign. And the fact that Titan Note kept deleting the fairly innocuous questions I asked on its Facebook page, which were just about trying to understand the real reasons for getting kicked off IndieGogo (and for sending the bogus DMCA notice). As part of this I also sent Erik Jansson, the guy behind Titan Note, an emailed list of questions.

Rather than respond… he sent a DMCA takedown notice to us in response.

In that last post, we included screenshots of Titan Notes’ comments on Facebook. We showed the screenshots specifically because Titan Note had a history of deleting others’ Facebook comments, and I feared that the company might delete its own embarrassing statements. Similarly, we posted a closely cropped image of Titan Note’s own website to show the questionable claim it makes about how the product raised over $1.1 million with 12,000 backers via crowdfunding. That claim is highly misleading, given that the project was canceled and Titan Note never received that money. Its website certainly appears to imply otherwise.

The DMCA notice claims that all of these screenshots are infringing:

The website https://www.techdirt.com/blog/?company=titan+note is using our images without our permission. All of the images in the article are stolen from our Facebook page and our website. They are also using our trademarked name “Titan Note” without our permission. The have also stolen many quotes and paragraphs from our Facebook page and included that in the article. This is a clear violation of the law and we urge you to remove the link immediately.

Obviously, our use of these images and the Titan Note name is fair use. It’s not even remotely in question. The images were not “stolen” — we took screenshots to include with significant commentary for the purpose of news reporting. This is exactly what fair use is designed to cover. The only reason to send this kind of takedown notice is to try to intimidate or silence critical reporting of Titan Note. Indeed, with a third critical article written by someone else also receiving a DMCA takedown over screenshots, it seems that Titan Note is repeatedly trying to abuse the DMCA to censor criticism.

If you are still backing Titan Note (now doing pre-sales on its own site), I would suggest considering whether or not you trust a company that feels the need to send bogus takedown notices to anyone even moderately critical of its products or actions.

In the meantime, we’ve retained lawyer Ken “Popehat” White to handle this matter, and he has responded to Jansson’s takedown notice as follows:

Dear Mr. Jansson,

This firm is litigation counsel to Floor64, Inc., which owns and operates the site Techdirt.com (?Techdirt?). I write in response to your email of May 26, 2017 to Mike Masnick of Floor64.

I will ignore the procedural deficiencies in your purported DMCA notice and address the lack of substance. Your assertion that Techdirt has violated Titan Technologies, LLC?s (?Titan?) intellectual property rights is astoundingly frivolous and represents a transparent attempt to suppress negative news coverage through vexatious legal threats. It will fail. Techdirt?s coverage of Titan?s conduct is clearly protected by applicable law.

Even assuming for the sake of argument that Titan has a protected intellectual property interest in its public Facebook comments, Techdirt?s coverage is classic fair use protected by Title 17, United States Code, section 107. Techdirt has reported and displayed those comments for the purposes of criticism, comment, and news reporting. Your claimed trademark violation is equally meritless. Techdirt has used Titan?s name not to compete with Titan, but to identity Titan in order to report on its conduct. That?s self-evidently nominative fair use. New Kids on the Block v. News Am. Pub., Inc., 971 F.2d 302, 307 (9th Cir. 1992).

Your bogus claims, threatened to deter news coverage, are exactly the sort that lead to courts awarding attorney fees to defendants. Should you file an action, you should expect me to seek attorney fees, win them, and pursue you personally for them wherever you may retreat. Floor64 also reserves its right to seek damages for abuse of the DMCA under, for instance, Title 17, United States Code, section 512(f).

Please direct any further communications, including further bumptious legal threats, to me.

Very truly yours,

Ken White

Filed Under: abuse, censorship, copyfraud, copyright, dmca, erik jansson, ken white, notice and takedown, titan note, trademark
Companies: indiegogo, titan note