FBI Ran 23 Child Porn Websites: Report

By William Turton on at

A new report from Ars Technica on documents unsealed by the American Civil Liberties Union show that the FBI may have operated 23 child pornography websites on the dark web.

We know, of course, that the FBI operated one of the biggest child pornography sites on the dark web, Playpen, for 13 days. The FBI even went as far as to improve the performance of the site, making it run faster. This was all in an effort to deploy what the FBI calls a Network Investigative Technique (another term for this is malware) to discover the identity of people accessing the child porn sites. To access these sites you have to do it through the Tor Network, which anonymises and obfuscates your identity. The FBI’s NIT was able to de-anonymise people accessing these sites, allowing the FBI to discover their IP address and other data, leading to their arrest.

Here is the key paragraph from the unsealed documents, which seems to show the FBI saying it operated 23 different child porn websites:

In the normal course of the operation of a web site, a user sends “request data” to the web site in order to access that site. While Websites 1-23 operate at a government facility, such request data associated with a user’s actions on Websites 1-23 will be collected. That data collection is not a function of the NIT. Such request data can be paired with data collected by the NIT, however, in order to attempt to identify a particular user and to determine that particular user’s actions on Websites 1-23.

An FBI spokesman seems to deny this in a statement to Ars, but doesn’t explain the documents that discuss “Websites 1-23.”

“I would refer you to public documents on the Playpen investigation, in which we seized and operated a darkweb child pornography site for a period of less than two weeks,” FBI spokesman Christopher Allen told Ars Techicna. “That was an extraordinary investigation, and to my knowledge may be the only time that has occurred. So to suggest this is a common thing is patently not true.”

This child porn investigation is part of a broader effort by law enforcement to wield expanded powers in order to hack people. In the case of Playpen, some cases are being thrown out entirely because the FBI went to one judge to receive authorisation to hack computers outside of that judge’s jurisdiction. However, earlier this year, the Supreme Court approved changes to a part of the Federal Criminal Procedure, Rule 41, which allows one judge to authorise the hacking of millions of computers around the world. Lawmakers are working to stop the changes to Rule 41 before it goes into effect in December.

We’ve reached out to the FBI and will update this post if we hear back. [Ars Techicna]