When President Joe Biden said “journalism is not a crime” last April, federal prosecutors in Tampa, Florida, apparently took that as a challenge. Not a crime yet.
The next month, FBI agents raided the home of journalist Tim Burke. He is scheduled to be arraigned in the coming weeks under the Computer Fraud and Abuse Act (CFAA) and wiretap laws for finding and disseminating unaired Fox News footage of Kanye West’s antisemitic rant to Tucker Carlson. The indictment doesn’t accuse Burke of hacking or deceit. Instead, its theory is that he didn’t have permission to access the video, even though it was at a public, unencrypted URL that he found using publicly posted demo credentials.
But finding things that the powerful don’t want found is essentially the definition of investigative journalism—which, as Biden said, is not criminal in this country.
A recent court filing heightens concerns about whether prosecutors hid from the judge who authorized the raid that Burke was a journalist. By doing so, they may have avoided scrutiny of whether their investigation—and eventual indictment—of Burke complied with the First Amendment, federal law, and the Department of Justice’s own policies.
There’s not that much nuance, actually.
It’s equivalent to someone plugging in the default password to luggage locks knowing full well it’s not their luggage.
He wasn’t authorized to access those files, it really doesn’t matter how he came by the credentials.
It also really doesn’t matter that he’s a journalist. Journalists aren’t allowed to break the law, even if he’s going after a scumbag like West.
This differs from the Marion county raid in that they accessed public information (actual public information. That the server interacts with the public doesn’t make it public) and received files from people who were authorized to access it. No crimes were committed by the journalists.
This differs from Assange in that Assange merely received the files and published them. Assange didn’t steal the files himself.
If I go to an old site on the wayback machine, that no longer exists because the original webmaster took it offline at some point and doesn’t want anyone to go there anymore, am I breaking the law because they didn’t include a robots.txt to show they didn’t want the site to be crawled?
There should be no expectation of privacy for a publicly hosted URI.
If you make a separate webpage with an anchor link to that public URI without accessing it yourself, or even if you just post the text to the URL to public forum like this one, or Twitter or Reddit or Facebook or Instagram or YouTube where it just gets converted to a hyperlink automatically, when someone else then clicks the link and accesses it, who does the law hold responsible?
If you talk to a live chat representative at the actual company that has exposed that file for public access, and let them know about the URI by sending it to them in chat, and they clicked it to confirm, are they now accessing something illegally that their own company didn’t authorize them access to?
How absolutely cretinous would the lawmakers have to be, to write a law like that?
It’s my responsibility to secure my own shit, to a reasonable degree. If I leave a dollar on the ground in a public park and come back a month later and it’s been taken by someone who saw it and picked it up, have they stolen from me?
That’s not how the archive works.
When you access an old website, they saved a snapshot of that website on their servers. You are not accessing 3rd party servers.
You understand that all a URL is, is a forwarding address? Do you have no expectation of privacy if you’re in the phone book? What if your front door is unlocked? (If you’re in the US, yes you do. Most the world I imagine.)
When you plug a URL in, your browser goes to a DNS server, looks, for the domain name in question, then tells your. Browser what the current/best IP address is for that.
That’s as far as “public” as it is. When you’re taking about domain names all it means bejng “public” is that you’re registered with a DNS service. Your server is still yours. That is all that’s “public” about it.
The streaming service relies, apparently, on security through obscurity.
That they have shitty security protocols doesn’t change that he wasn’t supposed to get it, and that it wasn’t public.