Ross Ulbricht, charged for operating the Silk Road black market, doesn’t have to wait the full 33 days until the start of his courtroom trial for the prosecution and defense teams to start trading blows.
Ulbricht’s lawyers recently charged the Federal Bureau of Investigation (FBI) with illegally hacking into the Silk Road servers and sidestepping due process. Then, on Tuesday, the prosecution called the theory factually wrong—they claim that Ulbricht misconfigured Silk Road and it gave up its location to anyone who asked correctly—but then they added a twist: Even if they did hack Silk Road, they assert, it would be perfectly legal because the website was “blatantly criminal” and the server was foreign, so constitutional Fourth Amendment protections didn’t apply.
“The government’s position appears to be that it can engage in criminal conduct with impunity in its pursuit of investigative objectives, and not be held accountable therefor,” Joshua Dratel, Ulbricht’s lawyer, shot back in a brief filed Tuesday night.
Ulbricht’s lawyers have compared the government’s alleged hacking of Silk Road servers to the actions of Andrew “Weev” Auernheimer, who found a bug in iPads that identified over 100,000 AT&T subscribers—anyone could type in a URL and find them. In 2012, Weev was convicted under the Computer Fraud and Abuse Act (CFAA), and spent 15 months in prison before having his case overturned.
The government dismissed the similarities, saying Weev impersonated AT&T users to gain private data.
Dratel, who argues police did almost exactly the same thing without proper authority, doesn’t buy the prosecution’s argument:
“The government posits two standards of behavior: one for private citizens, who must adhere to a strict standard of conduct construed by the government, and the other for the government, which, with its elastic ability to effect electronic intrusion, can deliberately, cavalierly, and unrepentantly transgress those same standards. Yet neither law nor the Constitution permits rank government lawlessness without consequences.”
Dratel further criticized prosecutors, saying they essentially ignored the accusations of hacking that have come not just from Ulbricht’s defense lawyers but also a wide range of security experts from around the world. Dratel even took a shot at the prosecution’s apparent lack of tech-savvy: The government’s Monday filing confuses PHP, a programming language, and MySQL, a database management system.
Prosecutors, quickly waving off charges of hacking, asserted that Ulbricht had no expectation of privacy for several reasons: First, Ulbricht violated his Icelandic host’s terms of service, so they had no obligation to protect his data. Moreover, he’s never claimed the Silk Road servers belong to him, so federal officials argue that he can’t say a search violated his privacy.
Critics have responded that even if Ulbricht was merely a Silk Road user, he has expectations of privacy.
Dratel continues to argue that evidence seized as a result of illegal searches must be excluded from the trial.
“The exclusionary rule was designed to address that very dangerous, and legally and constitutionally insupportable, attitude,” he wrote. “For example, as the Supreme Court acknowledged in Herring v. United States … ‘the exclusionary rule serves to deter deliberate, reckless, or grossly negligent conduct, or in some circumstances recurring or systemic negligence.’”