Law enforcement agents, for better or worse, will use whatever data they can get their hands on. In 2013, the FBI shut down TorMail, a privacy-focused email service hosted on the so-called dark web. Shortly after, the bureau started rummaging through the seized data for other criminal, albeit unrelated, investigations.It turns out, the Drug Enforcement Administration is using TorMail data too. According to court records unearthed by Motherboard, the DEA successfully requested the contents of a TorMail user's inbox for a dark web drug trade investigation. The DEA did obtain a warrant and the FBI provided the data. While not malicious, the move highlights that digital evidence obtained by one part of the US government may be shared with other agencies too. In other words, the agency that collects the data may not always be the one that actually uses it.
Advertisement
"I believe that users of Tor Mail e-mail accounts may disclose identifying details such as names, addresses, phone numbers, billing or subscriber information, travel records or confirmations, other open Internet online account names such as e-mail, social networking or website registration accounts, or other information that may assist law enforcement in identifying the actual users of the TARGET ACCOUNT," reads a December 2015 affidavit written by Jared Gabbay, a DEA task force agent.Specifically, Gabbay was investigating a drug dealer on AlphaBay, one of the largest dark web marketplaces. "Canadasunshine" is a vendor who sold various illegal substances, including ketamine, alprazolam—more commonly known as Xanax—and synthetic cannabis.Canadasunshine had been operating for years, it seems, and Gabbay dug up the vendor's previous profile on the original Silk Road. Included in the dealer's page was the email address canadasunshine@tormail.org.
A section of the affidavit.
Judging by Canadasunshine's private messages on the Silk Road, which Gabbay analysed, the vendor had used their TorMail address to communicate with customers away from the marketplace.Naturally, this is where searching Canadasunshine's TorMail account comes in. But Gabbay can't just go and search through all of the seized data himself; instead, a team consisting of FBI personnel or contractors who are not part of the investigation would retrieve the data related to Canadasunshine and pass it over, according to the affidavit."Only Tor Mail e-mail server data pertaining to TARGET ACCOUNT will be accessed by the administrative team and provided to the investigative team," Gabbay writes. Gabbay requested all emails associated with the account, attachments, and some pieces of metadata such as the date an email was sent.Although a judge granted Gabbay's request, and the search warrant was returned as executed a week later, it's not clear how useful this information was for any investigation into Canadasunshine: the DEA does not appear to have announced an arrest of the vendor, at least under that pseudonym.According to records on AlphaBay, the last time a customer left feedback for Canadasunshine was in September 2016. Canadasunshine was last active on the site in December, and did not respond to a request for comment."Anyone seen or heard from him?" one user on the DarkNetMarkets sub-Reddit wrote a few months ago.
ONE EMAIL. ONE STORY. EVERY WEEK. SIGN UP FOR THE VICE NEWSLETTER.
By signing up, you agree to the Terms of Use and Privacy Policy & to receive electronic communications from Vice Media Group, which may include marketing promotions, advertisements and sponsored content.
