Smart. Sharp. Funny. Fearless.
Sunday, October 23, 2016

By Mike Carter, The Seattle Times

SEATTLE — The FBI in Seattle created a fake news story on a bogus Seattle Times Web page to plant software in the computer of a suspect in a series of bomb threats to Timberline High School in Lacey in 2007, according to documents obtained by the Electronic Frontier Foundation in San Francisco.

The deception was publicized Monday when Christopher Soghoian, the principal technologist for the American Civil Liberties Union in Washington, D.C., revealed it on Twitter.

In an interview, Soghoian called the incident “outrageous” and said the practice could result in “significant collateral damage to the public trust” if law enforcement begins co-opting the media for its purposes.

The EFF documents reveal that the FBI dummied up a story with an Associated Press byline about the Thurston County bomb threats with an email link “in the style of The Seattle Times,” including details about subscriber and advertiser information.

The link was sent to the suspect’s MySpace account. When the suspect clicked on the link, the hidden FBI software sent his location and Internet Protocol information to the agents. A juvenile suspect was identified and arrested June 14.

The revelation brought a sharp response from the newspaper.

“We are outraged that the FBI, with the apparent assistance of the U.S. Attorney’s Office, misappropriated the name of The Seattle Times to secretly install spyware on the computer of a crime suspect,” said Seattle Times Editor Kathy Best.

“Not only does that cross a line, it erases it,” she said.

“Our reputation and our ability to do our job as a government watchdog are based on trust. Nothing is more fundamental to that trust than our independence — from law enforcement, from government, from corporations, and from all other special interests,” Best said. “The FBI’s actions, taken without our knowledge, traded on our reputation and put it at peril.”

Frank Montoya Jr., the special agent in charge of the FBI in Seattle, defended the investigation and the technique, which court records show led to the arrest and conviction of a 15-year-old student.

“Every effort we made in this investigation had the goal of preventing a tragic event like what happened at Marysville and Seattle Pacific University,” Montoya said. “We identified a specific subject of an investigation and used a technique that we deemed would be effective in preventing a possible act of violence in a school setting.

“Use of that type of technique happens in very rare circumstances and only when there is sufficient reason to believe it could be successful in resolving a threat,” he said.

Ayn Dietrich-Williams, the spokeswoman for the FBI in Seattle, pointed out that the bureau did not use a “real Seattle Times article, but material generated by the FBI in styles common in reporting and online media.” Assistant U.S. Attorney Tessa Gorman, chief of the office’s criminal division, was reviewing the EFF documents provided to her by The Times and had no immediate comment. She pointed out that the prosecutor who oversaw the case, Kathryn Warma, has since retired.

The EFF posted 172 pages of documents concerning the FBI’s use of a software tool called a “Computer and Internet Protocol Address Verifier,” or CIPAV, in two cases — one involving the Timberline High School bomb threats and the other involving an extortion attempt against a cruise line in Florida. More than half of the documents relate to the Seattle case.

According to the documents, CIPAV lets the FBI “geophysically” locate a computer and its Internet Protocol address.

Soghoian said the software is activated when someone clicks on the bogus link. The technique apparently exploits the same computer security vulnerabilities used by hackers.

Police in Lacey contacted the Northwest Cyber-Crime Task Force after the school began receiving a series of bomb threats beginning in late May of 2007 and continuing into early June. The school was forced to evacuate students at least twice, and police were unable to identify a suspect.

The documents indicate the FBI in Seattle obtained a search warrant to “deploy” the CIPAV software after the task force, which is run by the FBI, received a public tip about a suspect. Special Agent Norman Sanders, in seeking the warrant, said the bureau would send a “communication” to the suspect’s computer that would make the computer identify itself for the agent. The case was taken up by the U.S. Attorney’s Office, which helped draft and approve the warrant. The warrant does not say that “communication” would be a bogus news story that appeared to be published online by The Seattle Times.

AFP Photo/ Mandel Ngan

Want more national and political news? Sign up for our daily email newsletter!

  • Our “transparent” regime at work.

    • WhutHeSaid

      Oh yes, it’s undoubtedly another Obama plot. I ran out of toilet paper this morning, and I’m certain that Obama was responsible. It’s just plain scary how far Obama is willing to go to uh….er, um….well, just what is it that Obama is trying to do again?

  • Allan Richardson

    The same people who cheered when Republicans use such techniques, and enjoy crime shows (such as NCIS) where the TV cops do so, are SUDDENLY concerned when agencies now run by a black Democrat, following standard procedures established over many years, staffed by apolitical civil servants, do the same things.

    I have concerns when policing agencies, with the best of intentions, skirt or cross the line on search and seizure, as do many Americans on the right and left (during Republican administrations, the left was more concerned; at some times we joked that the 2004 Democratic National Convention would be held inside Gitmo, because Bush would have arrested all the Democrats). But as voters, we must work toward a consensus on what STOPPING the illegal surveillance would mean: a nonzero number of criminal and terrorist attacks will SUCCEED which would have been thwarted with the forbidden techniques. Not many, but a few. And that is the price we would pay for dropping the surveillance society.

    Whoever is President, regardless of party, if he/she publicly announces a return to original interpretations of Constitutional limits on search and seizure, he/she must EXPECT some voters to object that he/she has FAILED TO PROTECT our nation if even ONE attack gets through; that President may even be in danger of impeachment.

    Since an actual bomb threat is involved, this “sting” operation would seem to be what a President of either party would approve, but it was probably ordered by a career civil service supervisor like any police operation. Implying that it is a partisan operation is irresponsible, paranoid, and unfair, and not supported by any evidence.