Law enforcement is often eager to protect its own, but it might have overstepped its boundaries in an online case. The Department of Justice has sent a subpoena to Twitter demanding complete account info for @popehat (Ken White), @pogowasright (Dissent Doe), @dawg8u (Mike Honcho), @abtnatural (Virgil) and @associatesmind (Keith Lee) after security researcher Justin Shafer mentioned them in a tweet. While the post itself is a single smiling emoji, the DOJ believes they support cyber stalking allegations against Shafer over his response to a questionable FBI raid on his home. It's a bit complicated, so we'll elaborate.
It started in 2013, when Shafer found that Faircom's data 'encryption' package was really just a poor attempt at obfuscating info and had exposed a dentist's office to data theft. The researcher scored a win when the FTC settled with Faircom over false advertising, but Shafer faced an FBI raid in 2016 when another dentist's office responded to Shafer's disclosure of a glaring security hole (an open FTP server) by claiming he had broken the law. Shafer learned the name of one of the agents involved, Nathan Hopp, and found out that the agent was also linked to the arrest of John Rivello over the attempt to attack journalist Kurt Eichenwald with a seizure-inducing tweet.
The researcher then searched for public data on Hopp, such as family connections, and shared it on Twitter. White, Lee and the other Twitter users mentioned in the tweet had started their own discussions about Hopp, and Shafer's one-emoji tweet was a response to Honcho's joke that Hopp is the "least busy FBI agent of all time." The DOJ believes that Shafer was effectively stalking Hopp by publishing the info he did, and it's collecting info from those other users simply because they were swept up in his tweets.
If it sounds ridiculous... well, you're not alone. The other five users weren't the ones looking up Hopp's info, and stalking charges would only hold up if prosecutors could prove Shafer had intended to harass or otherwise harm the FBI agent. That clearly wasn't the case here -- Shafer was looking things up out of curiosity, not as part of a doxxing attempt to punish Hopp for the raid. The comments on the criminal complaint even suggest that authorities know they don't have a good case.
Whether or not this goes further isn't clear. The DOJ hadn't responded to a request for comment as of this writing, but Twitter pointed us to a tweet from Dissent Doe noting that the social network was fighting the subpoena. Still, that the subpoena exists at all is a little unsettling. Although there is the chance that Shafer's data hunt could have led to someone targeting Hopp, the complaint and the ensuing subpoena could be seen by outsiders as excessive. Does the DOJ really need to chase after Shafer, let alone sensitive info (such as connection data) for the people he talked to online? Intentionally or not, the DOJ is implying that any discussion of law enforcement agents' personal lives is forbidden, even if it's strictly aspects of those lives that are public knowledge.