By Travis West — Edited by Mengyi Wang
Order, United States v. Ulbricht, No. 14-cr-68 (S.D.N.Y. Oct. 10, 2014).
Slip opinion
The alleged Silk Road founder Ross Ulbricht was denied the motion to suppress evidence in his case. Ulbricht argued that the FBI illegally hacked the Silk Road servers to search for evidence to use in search warrants for the server. The judge denied the motion because Ulbricht failed to establish that he had any privacy interest in the server.
The Silk Road was a website accessed through The Onion Router ("Tor") that was used for the sale of drugs and other illegal goods. Slip op. at 2–3. Ulbricht is alleged to have created the site, using the moniker “Dread Pirate Roberts.” Id. at 1. The US government investigated the site, eventually imaging the server in Iceland and using information found on that server, and received multiple warrants for pen-registers and searches of Ulbricht’s personal email accounts and social network accounts. Id. at 3–4. Ulbricht alleged that the government illegally hacked the Icelandic server, and that all of the evidence that came from that illegal hacking should be suppressed. Id. at 4–5. However, the judge found that since Ulbricht had not established a personal privacy interest in the server, which likely could only be established by admitting he owned or accessed the website, he could not contest the search of the Icelandic server. Id. at 6–7.
The case has attracted attention due to questions about how the government actually accessed the Icelandic server. The defense tried to have all of the evidence suppressed since it suspected that the government had illegally hacked the Icelandic server. In response, the government offered a declaration from one of the FBI agents who accessed the server. Memorandum of law in opposition to defendant’s motion to suppress evidence, obtain discovery anda bill of particulars, and strike surplusage at 12. The declaration claimed that Ulbricht had improperly configured the front page of the Silk Road, so that it leaked the IP address of the server. Id. Using this information, the agent was able to have the Icelandic police secretly image the server, whose information was then used by the FBI to obtain warrants for Ulbricht’s personal accounts. Id. at 13. However, multiple technical experts and Ulbricht’s attorneys disputed this series of events, arguing that it was technically implausible. The prosecution then responded in a motion by arguing that even if the FBI had hacked the Silk Road’s server, it would be legal since the site was facilitating blatantly illegal activities. Government response tothe declaration of Joshua Horowitz at 1.
Wired provides an overview of Ulbricht’s legal saga to date. Ars Technica explains how Ulbricht is in a legal quandary by being unable to admit that he owned the Silk Road website. Gizmodo summarizes the government’s argument that it could hack the Silk Road’s server without breaking any laws. Krebs on Security provides more information about the technical challenges with the FBI’s story of how it found the Silk Road’s server’s IP address.
This case continues to be closely watched by many in the technology community. The government’s claim that it can hack websites that are providing illegal services is a broad claim. Furthermore, the defense has alleged in public that the NSA may have been behind the hacking, which could indicate that Tor is not as secure as was previously thought or that the NSA is involved in criminal investigations to a degree previously unknown. Finally, many in the Bitcoin community see this as an attack by the government on a popular anonymous market and the latest in a series of battles over anonymity on the Internet.