[liberationtech] The difficulties of anonymous leaks to bloggers in developed and developing countries...

[Yosem Companys]

Blogger’s Twitter Account Implicated in TSA Leak Hunt

   - By Kim Zetter <http://www.wired.com/threatlevel/author/kimzetter/> [image:
   Email Author]  <kzetter at wired.com>
   - January 4, 2010  |
   - 6:52 pm  |
   - Categories:
Censorship<http://www.wired.com/threatlevel/category/censorship/>
   , Spooks Gone
Wild<http://www.wired.com/threatlevel/category/spooks-gone-wild/>
   -

[image: image-2]<http://www.wired.com/images_blogs/threatlevel/2010/01/image-2.jpg>

TSA Special Agent John Enright, left, speaks to Steven Frischling outside
the blogger's home.

Hours after two TSA agents served a civil subpoena on blogger Steven
Frischling last week to uncover the anonymous source of a leaked document,
an unusual message appeared on the blogger’s Twitter account.

“To the gentleman who sent Flying With Fish the TSA Security Directive …
Thank You! Can you drop me an email?I have a question. Thanks-Fish.”

[image: tweety-fish]<http://www.wired.com/images_blogs/threatlevel/2010/01/tweety-fish.jpg>

Now conflicting stories about origins of the message have emerged,
underscoring the unusual measures taken by the TSA in tracking down the
leak, and the actions of a blogger under extraordinary pressure over the
publication of unclassified government information.

According to someone familiar with the incident, one of the TSA agents,
while in possession of Frischling’s BlackBerry, typed the message in the
blogger’s Twitter account. He then handed the BlackBerry back to Frischling
and asked him to click on the “send” button to post the message to his Flying
With Fish <http://twitter.com/flyingwithfish> Twitter page, the source
offered to Threat Level.

The honeypot message was intended to draw the source out of hiding so that
agents could obtain his e-mail address, which would allow investigators to
subpoena the source’s e-mail provider to obtain his IP address. Once the
agent had written the message, he handed the BlackBerry back to Frischling
to publish it, “So that they could then say we didn’t send that,” the source
told Threat Level.

A TSA spokeswoman, however, has denied that either of the agents drafted or
wrote the message or asked Frischling to hit a button to post the message
online.

Frischling, a freelance travel writer and photographer in Connecticut,
didn’t respond to calls for comment about the tweet and never mentioned the
Twitter message during several conversations with Threat Level last week. He
has indicated in subsequent messages on his Twitter account that he would
not identify who wrote the message that was directed at his source.

The controversy adds yet another twist to an investigation that has been
described as heavy-handed and excessive.

A blogger named Dennis Schaal speculated on
Saturday<http://www.tnooz.com/2010/01/02/news/did-tsa-ghost-write-flyingwithfish-tweet-twitter-coercion/#comment-4114>
that
the TSA might have written the tweet message and asked Frischling about the
timestamp on the message. Frischling told Schaal that the BlackBerry from
which the message was posted to Twitter was set to Pacific standard time and
that the local time in Connecticut was around 10pm when the message was
posted. Frischling previously told Threat Level that the TSA agents were at
his house from 7pm to about 9pm, when they left briefly before returning
around 10pm and staying for another hour or so. This would put them in his
home around the time the message was sent.

Schaal suggested that Frischling’s cooperation in sending the message to
ensnare his source made him more of an accomplice in the TSA’s investigation
than he has previously acknowledged.

“Identifying the author of the tweet is important because Frischling argues
that he acted appropriately in facing the TSA onslaught,” Schaal writes.
“But, the Dec. 29 tweet from Frischling’s account makes it appear that he
became part of the hunt to help the TSA identify the source of the leaked
document.…”

The TSA’s denial suggests that Frischling was solely responsible for the
message.

Frischling has been criticized by TechCrunch’s Michael Arrington for
cooperating with the agents, saying that Frischling “caved” to the
TSA<http://www.techcrunch.com/2010/01/02/the-tyranny-of-government-and-our-duty-of-confidentiality-as-bloggers/>.
Arrington argues that bloggers have the same responsibility as mainstream
journalists to protect their sources if they want to be taken seriously as
journalists.

Frischling and another blogger named Christopher Elliott received home
visits from Transportation Security Administration
agents<http://www.wired.com/threatlevel/2009/12/dhs-threatens-blogger/>
last
Tuesday after the agency published a controversial, new directive that
revised screening procedures and put new restrictions on passengers in the
wake of the Christmas Day bombing attempt by the so-called underwear bomber.

The agents served each of the bloggers with a civil subpoena demanding
information on the anonymous source who provided them with the TSA document.
The document was not classified — but was marked Sensitive Security
Information, or SSI. Although it is not illegal for journalists or bloggers
to publish SSI,government employees can lose their
job<http://ecfr.gpoaccess.gov/cgi/t/text/text-idx?c=ecfr&sid=c2ede02a754d9f45c08a3abd7498caf6&rgn=div5&view=text&node=49:9.1.3.4.8&idno=49>
for
disclosing the information to unauthorized people.

Elliott refused to comply with the subpoena and indicated to the TSA that he
would challenge it in federal court. Frischling cooperated fully and allowed
agents to search his BlackBerry, iPhone and laptop.

The TSA has been heavily criticized for its tactics in trying to uncover the
identity of the person who leaked the document. The TSA directive was sent
to airport and airline personnel around the world, a list that likely
included thousands of recipients. The use of a subpoena to uncover a
journalist’s source is considered extraordinary. Even in the case of the
2005 New York Times story about the Bush administration’s warrantless
wiretapping, the Justice Department refrained from using that tool against
the reporters who published the information.

Frischling, who writes a blog for the KLM Royal Dutch
Airlines<http://blog.klm.com/> as
well as a personal blog, told Threat Level last week that his anonymous
source had sent him the TSA directive after he’d posted messages to his
Twitter account describing his frustrated attempts to obtain more
information from the TSA about the new security procedures.

Both he and Elliott received the document separately and published it within
minutes of each other on Dec. 27. Two days later, two agents visited
Frischling at his home arrived around 7 p.m. One of the visitors was TSA
Special Agent John Enright.

Frischling told Threat Level that the two agents threatened to get
Frischling fired from his KLM contract and indicated they could get him
designated a security risk, which would make it difficult for him to travel
and do his job, unless he identified his source.

Frischling said the source had sent him the document anonymously using a
Gmail account, but he had already deleted the e-mail after publishing the
security directive and couldn’t remember the sender’s full address. The
Gmail address consisted of the name “Mike,” followed by random numbers and
letters. Frischling determined, after speaking with an attorney, that he
might as well cooperate with the TSA agents since he had little information
about the source and there was no federal shield law to protect him.

The agents searched through Frischling’s BlackBerry and iPhone, but couldn’t
find anything from the source. The agents then told Frischling that they
wanted to take an image of his hard drive. They went to WalMart to buy a
hard drive, but when they returned, they were unable to get it to work.

It was around 10pm that one of the agents typed out the Twitter message and
told Frischling to send it.

The agents left around 11 p.m., after which Frischling began tweeting about
the experience, tipping off the source and anyone else who was reading his
Twitter account that the TSA was investigating the leak of the document.

“It is not fun being visited by two US Federal Special Agents with two kids
behind you in the living room & one in your arms,” he wrote in a couple of
tweets. “Yesterday I was joking about the DHS reading my blog & the black
helicopters…it wasn’t quite as amusing this evening. . . . I was visited by
the Feds tonight.”

The agents returned to his house Wednesday morning and, with Frischling’s
consent, seized his laptop, which they later returned after copying the hard
drive.

Last Thursday, in the wake of public outcry against the TSA for serving
civil subpoenas on the bloggers, the government agency canceled the legal
action and apologized for the strong-arm tactics agents used. According to a
source who spoke with Threat Level, the administration said it had obtained
what it needed and therefore the subpoenas were no longer necessary.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20100105/92f091c1/attachment.html>