Rather than getting a warrant for the parts of the colocation business that were used for crime, the FBI finds that it's just so much more convenient to tar and feather the entire business and hundreds of its innocent customers:
Among more than 300 businesses affected by the raid on Crydon were Intelmate, which provides inmate calling services for prisons and jails and had about $100,000 in equipment seized in the raid; a credit card processing company that had just become PCI compliant and was in the process of signing on its first customers; Primary Target, a video game company that makes first-person shooters; a mortgage brokerage; and a number of VoIP companies and international telecoms that provided customers with service to the U.S. through servers belonging to a separate company Faulkner ran called Intelivox. These customers essentially lost connectivity to the U.S. after the raid, Faulkner says.
Faulkner says the FBI appears to have assumed that all the servers located at Crydon's address belonged to him, and didn't seem to understand the concept of co-location.
The seized data included transactional records for companies, which means the companies won't be able to bill customers for services already rendered before the raid.
"All of our clients will have to refund their customers, and we're in the hole now to refund our customers," says Faulkner. "I could tell the FBI agent had never even considered that. He just said, 'Well, that's your problem.'"
The FBI attempted to weasel its way out of this by arguing that its understanding of how colocation sites work is that all of the information is shared between the pieces of the infrastructure, but as the article shows, that wasn't true in this case. The data center did a lot more than just shared hosting of internet services, as many businesses found that their hardware was seized as though it were the property of the business(es) being investigated by the FBI. What the FBI did here was akin to arguing that if there are several crackhouses in a neighborhood, it is legally acceptable for them to seize the entire neighborhood pending investigation because of the possibility that other houses might have been used as storage space for the known crackhouses.
The FBI has caused several of the data center's customers to go bankrupt and many more are in danger of going bankrupt. All of that because the FBI could not be bothered to be more diligent in ensuring that it got the data that it needed. The best part of the case is that was all based on a confidential informant who, surprise, surprise, had a grudge against the owners of the data center:
Many of the allegations against Faulkner are based on claims from an unidentified informant who told the FBI that he used to work for Faulkner, and witnessed many criminal acts Faulkner committed. The witness told authorities he was "unaware of any legitimate business being run by Faulkner and that as far as he/she knew all of his income was derived from his illegal activities." The informant also claimed Faulkner used crack cocaine and methamphetamine and engaged in commercial spamming.
Faulkner says the unnamed informant is a former employee who was fired after failing to show up to work over an extended period.
"We paid him $70,000 to help us launch a VoIP business, and he never actually did anything," Faulkner says.
Indiscriminate seizure of property without regarding to the cost to a number of legitimate businesses. A confidential informant who has a serious grudge against the owners. A connection to Verizon and AT&T who were somehow able to turn a civil debt issue into a criminal case. Nothing questionable going on here...
In cases like this, law enforcement tends to seize a lot of property which has no legitimate bearing on the trial. It seized power strips, server racks, routers and even servers that didn't even belong to the businesses that were under investigation. There is never a good reason for the FBI to seize routers and switches outside of hacking cases were they have reason to believe that a hacker broke in by changing the configuration on the device or by changing the software. In the vast majority of cases, that's about as pointless as the FBI seizing a telephone 40 years ago when phones were nothing more than dumb devices that stored no data. Even if the routers connected the "criminal servers" and the "innocent servers," that has no bearing on whether or not the latter were actually used for the commission of a crime.
For law enforcement, one of the best reasons to overseize here is that it will cripple the business, and the assets are still very valuable. I would not be surprised in the least if the value of the seized property in this investigation was worth as much as many medium-sized drug raids. Just one of the customers affected lost $100K worth of equipment, and if they go bankrupt while the FBI checks for criminal use of the hardware, then the FBI will be able to sell it off at auction. The FBI may not make a policy of doing this sort of thing, but the fact that there are so few clear legal reasons not to do it, and good economic reasons to do it, don't give any incentive to take on anything resembling an above reproach civic responsibility either.
Leave a comment