When President Joe Biden said “journalism is not a crime” last April, federal prosecutors in Tampa, Florida, apparently took that as a challenge. Not a crime yet.
The next month, FBI agents raided the home of journalist Tim Burke. He is scheduled to be arraigned in the coming weeks under the Computer Fraud and Abuse Act (CFAA) and wiretap laws for finding and disseminating unaired Fox News footage of Kanye West’s antisemitic rant to Tucker Carlson. The indictment doesn’t accuse Burke of hacking or deceit. Instead, its theory is that he didn’t have permission to access the video, even though it was at a public, unencrypted URL that he found using publicly posted demo credentials.
But finding things that the powerful don’t want found is essentially the definition of investigative journalism—which, as Biden said, is not criminal in this country.
A recent court filing heightens concerns about whether prosecutors hid from the judge who authorized the raid that Burke was a journalist. By doing so, they may have avoided scrutiny of whether their investigation—and eventual indictment—of Burke complied with the First Amendment, federal law, and the Department of Justice’s own policies.
This article is weird. It spends a long long time hand-wringing over whether Tim Burke is a journalist, while not at all explaining whether he committed a crime.
Whether he did is slightly muddled – it sounds like he used a username and password he didn’t have permission to use, to log in to a web site, which sounds illegal (whether or not he’s a journalist), which would make this whole article an exercise in creating a narrative that didn’t happen to drive clicks. But, the credentials were sloppily exposed by a third party and were “demo credentials” in the first place, and the URLs that it gave him when he authenticated himself maybe weren’t themselves password protected. So maybe there’s some wiggle room. But I thought everyone prosecution and defense was in agreement that he used credentials that weren’t his to log in to the web site to get the links to the videos in the first place (albeit in pursuit of a noble goal, embarrassing Fox News by airing something true about them.) I don’t think being a journalist enters into it.
From a little bit better article:
Using a harvested demo account to log in to a service you dont have permission to access, WCGW?
Not only that, if we can say it’s relevant when their videos got stolen that the video distribution site had very poor OPSEC, I think we can say it’s relevant when he gets prosecuted that this guy had pretty poor journalistic OPSEC.
Use Tor. Download videos. Hey buddy where’d you get the videos? From a source, a journalistic source I’m not divulging, GFY, if you think something bad happened then prove it.
(I’m sitting in judgment when I don’t really know; for all I know he did everything right and his lawyer decided that this would be the best tack to take to defend the case, just to lay out what happened and argue that it wasn’t a crime.)
To me it sounds like they should be going after LiveU for not properly securing their videos, and going after the journalist is retribution. But that would also require the government to acknowledge that their own security isn’t a joke.
Same thought I had. Journalism seems entirely unrelated to the situation. From my reading of the facts, I don’t think criminal prosecution is warranted, but it’s not some 1st amendment violation it’s just a too-vague law.
This law has been out there for decades now and It’s never mattered HOW you came into possession of credentials, only whether or not you have permission to access the system that they unlock.
If he used those credentials to get into a system he wasn’t authorized to use then its a crime. If the video’s were publicly available, even unintentionally, then he should be clear on those charges but that doesn’t change the first part.
Unauthorized access to computer and information systems is still a crime punishable under the law. Kevin Mitnick was being prosecuted for this clear back in the 1980s.
IF the guy accessed the system, irrespective of the videos, then this is another case of a Journalist either being ignorant of the law or ignoring it because they believe the law doesn’t apply to them.
I think the key here is of they were truly a demo username/password. If they were, there’s an expectation of use there.
Again, it doesn’t matter HOW you came into possession of the credentials. What matters is your authorization to access the system they unlock. It’s really that simple.
You misunderstand- om saying that depending on what kind of demo account is it, he might have been authorized to view the demo.
It depends on who the demo was intended for.
Yeah thats BS.
There’s no discussion about if it’s a crime, because according to the law it’s 100% a crime. The law is extremely broad and doesn’t really take into account how computers work. It doesn’t matter if there were access controls or not, if you access something that the owner hasn’t given you explicit authorization to access, then it’s a crime under the CFAA.
This is the same law Aaron Swartz was facing trial for before his suicide. In his case he had legitimate credentials, but used them in an unauthorized way. Also Andrew “weev” Auernheimer, who just changed a number in a url to access other people’s information.