US court files reveal Italian link to Indymedia server grab

But no legal authority for grabbing them

  • alert
  • submit to reddit

Top three mobile application threats

Documents relating to the seizure of Indymedia's servers at Rackspace's Heathrow premises have finally been unsealed by a Texas district court. Some information remains under seal, and the documents released by no means provide the full picture, but it is now clear that yes, it was the Italians, and no, there was no obvious legal basis for the seizure of the servers themselves. And as regards the British Government's apparent insouciance regarding the (faulty) operation of US court orders within British jurisdiction but without any British authorisation, well, that remains a puzzle.

The various documents, which are available at the EFF, here, show that the action took place as a consequence of a mutual legal assistance request from Italy to the US, relating to servers hosted by Rackspace in Texas. The Italian request pretty much confirms what it was possible to piece together a few weeks after the seizure. That is, an investigation into an anarchist grouping which the Italian authorities believed was connected to parcel bombs sent to, among other people, former EU Commission President Romano Prodi was trying to track the origins of some posting allegedly made at Indymedia Italy. Indymedia denies the existence of such postings, and insists that the group, the FAI, doesn't use Indymedia, but as Indymedia was never contacted about the matter it has never had a chance to cooperate.

According to the Italian request, the postings it wanted information on were at URLs (which have been redacted from the document) that "are all part of the web site http://indymedia.org. Indymedia is a self-styled 'international collectively run media network providing a radical objective and impassioned account of the truth', which is politically near to the extremist millieu, and purports to be an alternative to the news supplied by institutionally recognised and officially registered press and radio-TV broadcasting agencies." Nor, they might have added, is it owned by the Italian Prime Minister. The request does contain a couple of unredacted URLs which it associates with hosts in the Netherlands and Spain, but if there was any UK connection then it was in the redacted section.

The document, from the Bologna Public Prosecutor's Office, does make clear what is required, and it is the log files, not the servers. "To the purpose of identifying the internet users who published the web version of the document claiming responsibility for the terrorist attacks in the above listed web spaces, Italian prosecuting authority needs to obtain the log files in relation to the creation and updating of the contents of said spaces. The examination of the log files might disclose the IP addresses as well as the date and time of the internet connections, through which the documents were published in the web. The log files should be obtained from the Internet Service Provider managing the servers hosting the above web spaces."

The document goes on to suggest that a widespread conspiracy may exist, saying "said terrorist attacks are the result both of a common strategy agreed upon by different pro-insurrection factions of the anarchist movement and of world-wide operational links, also consisting in the dissemination on the web of copies of the document claiming responsibility for the attacks."

The US authorities seem receptive to the notion that Indymedia is the publishing arm of some kind of global conspiracy, and have had some run-ins with it over log files in the past. As far as we know Indymedia servers do not generally log originating IPs, and when requests for cooperation are made (generally to the ISP, rather than direct to Indymedia), Indymedia will usually try to resist them, within the bounds of legality. Which is pretty much what you'd expect your ISP to do for you, but as you may have noticed, most of them don't.

It's not clear from the documents how the request for log files from Rackspace in Texas resulted in the seizure of servers operated by Rackspace in Heathrow, however the documents include a certification dated 21st December 2004 from Assistant US Attorney Don Calvert that a CD "is a true and correct copy of log files in relation to the creation and updating of the web spaces corresponding to the following URLs [redacted]". So we don't know whether they got the log files from Texas or Heathrow, but we do know they think they got the right log files. They also, potentially, got the run of Indymedia's servers at Rackspace, Texas, and the only thing stopping them having the run of the Heathrow servers, which they had in their possession for several days, would have been their own honesty and uprightness.

Rackspace's role in the affair doesn't look particularly glorious. The subpoena required Rackspace to hand over log files by 13th August 2004, but on 7th October 2004 Rackspace told Indymedia that it had "received a federal order to provide your hardware to the requesting agency." The day after, Rackspace issued a statement saying that "The court prohibits Rackspace from commenting further on this matter." Which it doesn't - the court order merely says that notice to the other parties (i.e. Indymedia) is not required.

Now, it's perfectly conceivable (actually, we'd say 'probable') that it wouldn't exactly be easy for the hosting company to just lift the log files from an Indymedia server, and that some form of more radical surgery might be required to get them. It's also perfectly conceivable that attempts to track down the log files might lead to servers in Heathrow, London. But if either of these were the case it would be nice to think that the hosting company might try to mount some kind of legal defence against what might easily be seen as a fishing expedition.

Certainly, one would expect the company to do this once the request got as far as London, if only to protect its own arse. The Home Office's denials of involvement or responsibility for the seizures leaves only one target, and if as seems likely there was no legal authority for the seizures in the UK, then Rackspace could well have been in violation of the Data Protection Act or the Regulation of Investigatory Powers Act. We've had occasion to observe before now that the powers that be seem not to have a totally firm grasp of the operation of RIPA and its ilk, but it'd be something of a breakthrough if they contrived to get themselves busted under its terms - isn't it supposed to be pointing in the other direction? ®

Related Links:

EFF info and documentation on the case
Indymedia's case history
Legal row after police seize Bristol Indymedia server
We seize servers, you can't complain - US gov
Indymedia server grab - Home Office knew, but isn't telling
Indymedia: the tale of the servers 'nobody' seized
Indymedia seizures: a trawl for Genoa G8 trial cover-up?

Build a business case: developing custom apps

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
Bose says today is F*** With Dre Day: Beats sued in patent battle
Music gear giant seeks some of that sweet, sweet Apple pie
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Too many IT conferences to cover? MICROSOFT to the RESCUE!
Yet more word of cuts emerges from Redmond
Chips are down at Broadcom: Thousands of workers laid off
Cellphone baseband device biz shuttered
prev story


Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.