In a case that raises questions about online journalism and privacy rights, the U.S. Department of Justice sent a formal request to an independent news site ordering it to provide details of all reader visits on a certain day.Such a move is troubling on so many levels, that I don't know where to begin.
The grand jury subpoena also required the Philadelphia-based Indymedia.us Web site "not to disclose the existence of this request" unless authorized by the Justice Department, a gag order that presents an unusual quandary for any news organization.
Kristina Clair, a 34-year old Linux administrator living in Philadelphia who provides free server space for Indymedia.us, said she was shocked to receive the Justice Department's subpoena. (The Independent Media Center is a left-of-center amalgamation of journalists and advocates that – according to their principles of unity and mission statement – work toward "promoting social and economic justice" and "social change.")
The subpoena (PDF) from U.S. Attorney Tim Morrison in Indianapolis demanded "all IP traffic to and from www.indymedia.us" on June 25, 2008. It instructed Clair to "include IP addresses, times, and any other identifying information," including e-mail addresses, physical addresses, registered accounts, and Indymedia readers' Social Security Numbers, bank account numbers, credit card numbers, and so on. (links in original omitted)
The article goes on to say that the Electronic Frontier Foundation is representing Ms. Clair (a good thing) and sent a letter to the U.S. Attorney which included a number of faults, including improper service, and an overly broad subpoena. The subpoena was withdrawn after the EFF got involved. But this story is reflective of a bigger problem.
The subpoena is a grand jury subpoena and generally those are kept confidential and so an order to not talk about the subpoena is not uncommon. But the fact that the subpoena was issued to the person who runs the server and not Indymedia.com is bit troubling. It would seem to me that Indymedia.com is the target of the probe, otherwise, why not serve the subpoena on them? Why serve it on a third party hardware administrator? What has Indymedia.com done to warrant such scrutiny of not only themselves, but whoever visited the site on June 25, 2008. Lots of questions to which we are likely to never find an answer.