
FBI Is Apparently Paying Geek Squad Members to Dig Around in Computers - bhartzer
https://www.techdirt.com/articles/20170106/10163236419/fbi-is-apparently-paying-geek-squad-members-to-dig-around-computers-evidence-criminal-activity.shtml
======
Bartweiss
Key takeaway: "Private searches are acceptable, but the introduction of cash
payments, as well as the FBI having an official liaison with Best Buy suggests
the searches aren't really "private." Instead, the FBI appears to be using
private searches to route around warrant requirements."

The FBI is paying Geek Squad members _for discoveries_ , not as direct
employees. This has two awful impacts. First, it incentivizes searching every
single computer touched, rather than just reacting to suspicions or FBI
requests. Second, the 'commission' nature of the payments is being used to
argue that these are "private searches" exempt from warrant requirements,
which are only connected to the FBI after the fact (despite what is apparently
a standing expectation of commission).

~~~
JumpCrisscross
The amounts are also concerningly small. How much would it cost to bribe one
of these "unofficial deputies" to plant evidence?

~~~
Shendare
Exactly! How on Earth could you prove an offending image wasn't yours?

~~~
voxic11
In fact the case referenced in the article ran into this. The image was
recovered from unassigned space on the drive and therefore there was not even
any data about where it came from (that could be faked too but at least it
gives you something to disprove).

------
jmcgough
I don't view child porn, but I still never let techs look at my drives. You
never know what they'll do with your data.

As an example, one Geek Squad tech took a female art student's naked art
photos and shared them online: [http://www.nydailynews.com/news/national/suit-
claims-best-bu...](http://www.nydailynews.com/news/national/suit-claims-best-
buy-geek-squad-stole-naked-pics-article-1.1427879)

------
Analemma_
This would be bad enough on its own, but fact that the techs are paid per
discovery is what's really terrifying. This is going to fall straight into the
Cobra effect: when you pay people to discover X, there will suddenly be lots
more X to be found, most of it unreal. Except instead of just wasted bounty
money, it's going to be people going to prison.

[0]:
[https://en.wikipedia.org/wiki/Cobra_effect](https://en.wikipedia.org/wiki/Cobra_effect)

------
h4nkoslo
The FBI has been repeatedly caught with their hands in the cookie jar.

[http://www.floridabulldog.org/2016/06/u-s-attorneys-
office-f...](http://www.floridabulldog.org/2016/06/u-s-attorneys-office-fbi-
accused-of-spying-on-defense-in-fraud-case/)

[http://www.mintpressnews.com/fbi-planted-bugs-california-
cou...](http://www.mintpressnews.com/fbi-planted-bugs-california-courthouse-
without-warrant/216482/)

When caught they feign a mixture of complete denial, ignorance, and "I didn't
know it was illegal", and they are approximately never held personally
responsible by judges.

------
youdontknowtho
Of course they are.

Wow. It's like the bad news just keeps coming. They already have massive
powers to conduct investigations.

~~~
r00fus
It's not enough power. It's never enough.

------
rthomas6
On a related note, I'm looking to start taking digital privacy/security more
seriously. Not because I'm worried about anything in particular, but because
I'd like to not enable purposeful tracking or collection of my information.

Anyway, what are the best practices for this, for someone that lives in the
US? Email, smartphone, laptop, etc?

Should I bother with setting up my own email server on a VPS? What about cloud
storage, calendar, etc? Should I use services like Todoist? How do I limit the
tracking, resale, and use of my smartphone info for ads? Is LUKS a good idea
for my laptop?

Is there a place online that has some guidance for this stuff? Who can give me
a clue about what's a good idea and what isn't?

~~~
nyolfen
[https://prism-break.org/en/all/](https://prism-break.org/en/all/)

------
paulpauper
Heard so many bad things about best buy and geek squad over the years. Amazed
they are still in business.

~~~
r00fus
Maybe it'll turn out like Dell and other computer makers who at some points
were only in the black because of Intel payola. It undermines their entire
offering but a "market solution" isn't possible to punish these offenses
because the payola protects the offender.

[http://money.cnn.com/2010/07/23/technology/dell_intel/](http://money.cnn.com/2010/07/23/technology/dell_intel/)

------
JumpCrisscross
How does Apple guard against such infiltrators tarnishing their brand?

~~~
Kadin
I doubt they are. Disk encryption (FileVault) may be somewhat more common on
Macs than on your average Windows machine, but I still bet it's more the
exception than the rule. I don't think it's enabled by default and I doubt
most people go to the work of enabling it.

~~~
JumpCrisscross
> _Disk encryption (FileVault) may be somewhat more common on Macs than on
> your average Windows machine_

When I drop off my Mac at a Genius Bar it's always a fight to not give them my
password. Sometimes, I give up and format. Can't imagine most Apple customers
go through that hassle.

------
Crito
I assumed they did that for free.

~~~
Bartweiss
They do, but it's actually worse that they're getting paid.

The incident prompting this article is a child pornography case - which would
be fine, since there's a reporting requirement for techs even without pay. But
rather than getting reports on incidental discoveries, the FBI is apparently
paying techs for each discovery; effectively using them as commission-based
employees.

That's bad because it creates an incentive to search every customer's files
for anything reportable, but it's _awful_ because it allows the FBI to rout
around warrant restrictions. "Private searches" are legal without warrants, so
rather than paying people to do searches (nonprivate), the FBI is giving them
money for results (nominally private, with nonprivate motivations).

