ICE Questions an Admin of The-Eye Archive Site That Hosted ‘Blue Leaks’

A woman who helps maintain a well-known archival website received a visit from HSI agents asking questions about BlueLeaks.
July 20, 2020, 4:25pm
dhs-hsi

On Thursday, Immigrations and Customs Enforcement agents questioned a woman who hosted on her site a copy of allegedly stolen U.S. police internal documents, a trove nicknamed BlueLeaks, Motherboard has learned.

The woman, Meghan, who asked to be only identified by her first name because she fears retaliation from law enforcement, is an administrator of The-Eye, a site that has undertaken several high profile archiving projects, including hosting a BlueLeaks mirror for a brief time. She said three agents who identified themselves as part of Homeland Security Investigations (HSI), the investigative division of ICE, came to her home in the outskirts of Boston, Massachusetts on Thursday morning and asked questions about BlueLeaks, The Eye, and Emma Best, the person who founded the WikiLeaks-style website Distributed Denial of Secrets, which originally published the leaked trove of police documents.

“I was really caught off guard,” Meghan told Motherboard through an intermediary.

“They described BlueLeaks without mentioning it by name, and then proceeded to talk about how The-Eye was hosting it. They asked me if I knew anything about it and what my involvement was. I asked if they were referring to BlueLeaks and they said yes,” said Megan, who is an open source developer and archivist.

Meghan said she replied saying she doesn’t curate what ends up on The-Eye, and that BlueLeaks was sourced from Distributed Denial of Secrets. The agents, she added, also asked if she personally knew Best.

“They kept probing to see if I had any connections to [Distributed Denial of Secrets],” Meghan said. “And then eventually asked me to become an informant and offered to pay me for any information that led to arrests.” (ICE has previously been reported to pay informants).

Do you work or used to work for DHS or ICE? Or did you use to work at a police department? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, OTR chat at lorenzofb@jabber.ccc.de, or email lorenzofb@vice.com

The agents' visit is the latest development in the law enforcement investigation into the leak. Earlier this month, German prosecutors seized the server that was used to host BlueLeaks, acting in coordination with U.S. authorities.

Meghan said the agents said that she would be “compensated financially and protected” if she gave them any “actionable” information. Instead, she said she tried to distance herself from the whole situation as she didn’t even know who Best was until they mentioned her name.

“I'm not involved with a lot of overtly political stuff so it's interesting to have gotten wrapped up in this,” she added. “Definitely not how I expected or wanted my day to start!”

Motherboard attempted to contact multiple HSI agents at the number they gave Meghan. One of them did not respond to multiple calls and a voicemail. The other hung up after I identified as a reporter. A couple of hours later, a DHS spokesperson from the Miami field office called offering to help, following up from our calls to the agents.

The spokesperson said that he could not “confirm nor deny the existence of an investigation,” and declined to comment on whether any agents visited the woman in the Boston area.

Best said that as far as she knew, this is the first time authorities had questioned anyone in connection with BlueLeaks (though authorities did take action by seizing the German server).

“It's disturbing that the government is trying to intimidate people into not sharing BlueLeaks. First, they seized our public server, now they're going after people hosting mirrors and interrogating them not just about BlueLeaks, but about me,” Best told Motherboard in an online chat. “So far, the government has made no attempt to contact us—they simply went full-Gestapo right out of the gate and seem more interested in suppressing and retaliating than they are in investigating.”

Subscribe to our new cybersecurity podcast, CYBER.

This article originally appeared on VICE US.