FBI offered to Geek Squad a bounty on incriminating evidence found on long-term storage of computers they serviced and a lot of GS techs made those reports.
That is to say GS had no concern for privacy or fourth amendment protections during the era of rising surveillance awareness.
Yes, a handful of BestBuy employees accepted payments from the FBI to report on CP found on a customers device. So let’s all feel good about underpaid workers losing their jobs in this economy.
It’s up to you, but over here it looks like an abuse of power and a violation of trust. If they can’t be trusted not to look at the data they’re trying to restore (except directly in the service of restoring it) they they can’t be trusted with a business PC containing accounting data or legal correspondence either.
And a violation of trust in the service of law enforcement is still a violation of trust in the public. Considering how this would poison the service for business clients, I am surprised it doesn’t run contrary to Best Buy terms of employment (outside of mandated reporting, which is why mandated reporting laws exist for some cases).
On the other hand AT&T will gladly spooge your phone call records to the police if they ask for it. (No warrant necessary.) And Amazon’s Ring doorbell videos are sold to law enforcement whenever they want it (without permission of the doorbell owners.) But that’s finally resulted in trouble, and Amazon is rethinking this service.
It is interesting that in this economy which is intentionally managed to create a shortage of jobs and to lower wages, that employees are expected to betray the public trust and even engage in illegal activity at the behest of their employers just to stay employed, and that some of us might find this as an acceptable state of affairs. And yes, when business goes sour for the company, those employees will be discarded with no additional acknowledgment for their loyalty.
It’s up to you, but over here it looks like an abuse of power and a violation of trust. If they can’t be trusted not to look at the data they’re trying to restore (except directly in the service of restoring it) they they can’t be trusted with a business PC containing accounting data or legal correspondence either.
Have you ever done data recovery? Because I have, and part of recovery includes accessing random files to ensure they were restored/recovered correctly. I don’t go digging for incriminating shit, but I do have to make sure the data is readable before I hand it over to the client.
And you can be goddamned sure that if I see CSAM on your machine I’m turning you over to the police and I’ll gladly forego payment to see your ass in bracelets.i have professional ethics, but those don’t include protection of child abusers.
If you’re doing data recovery for a large enough tech firm (such as Best Buy’s Geek Squad service, you may be a mandated reporter of CSAM that you come across, depending on your state and the policy of your company, but in that case the CSAM in question is probably pretty obvious, either labeled as such or the first directory you hopped into.
id est, not because you scanned the drive’s unused blocks specifically looking for it.
Sometimes not seeing a few images is impossible if you want to be sure the restore or whatever actually worked.
I don’t live there but doesn’t the geek squad fix home PCs and such? Of course they shouldn’t touch business PCs that is ITs job or maybe the MSPs, if your work doesn’t have an IT department.
I don’t leave porn or NSFW content in plain view on my PC, much less files that might be evidence for crime. I’d assume those who actually do have criminal evidence or CSAM on their PC might keep it tucked away where it’s not obvious at the very least. On the other hand, I also know that Florida Man is active in all fifty states, and up to very dumb shit worthy of jail time. So they might not know better than to use CSAM as their desktop wallpaper.
I’d think finding CSAM by choosing a random media file and looking at it would be extremely rare, and if the tech restoring a drive of the worst offender would still find images more like bliss.jpg, maybe some images of last year’s office Christmas party or the recent trip to Yosemite, rather than the accumulated CSAM section.
So if multiple techs at a service are finding CSAM worthy of reporting to FBI, I’d assume they’re checking out the porn stash on PCs, or seeing if there are cheesecake photos buried in the My Pictures subfolders. From what I expect of humans, they hide stuff that’s super private. But it’s also possible that way more people than I expect are really that stupid.
The fact that FBI had a bounty with Geek Squad indicates it happens enough that GS techs routinely browse the data they restore, whether or not it’s company policy, and it shows a lack of discipline in the ranks. What’s more worrisome is what happens to those who keep their interpersonal sexts and cheesecake, and how tempted GS techs are to share pics with each other (typical in the surveillance sector) and post them on 4Chan. We’ve already had incidents like the fappening.
Repeat occurrences indicates a lack of discipline regarding privacy among Geek Squad techs. Repeat leaks to FBI, and a bounty both imply GS techs habitually sift through other people’s files for their own gratification. And that’s messy.
It is interesting that in this economy which is intentionally managed to create a shortage of jobs and to lower wages, that employees are expected to betray the public trust and even engage in illegal activity at the behest of their employers just to stay employed, and that some of us might find this as an acceptable state of affairs. And yes, when business goes sour for the company, those employees will be discarded with no additional acknowledgment for their loyalty.
I fully agree with the point you are making here. It’s a fucked up system with a whole mess of badly designed incentives that cause people to be shitty to each other.
My only disagreement is with your willingness to condemn innocent people who lost their jobs over the actions of a few. I worked for GeekSquad, data privacy violations were not only a fireable offense but also something those I worked with prided themselves on protecting. All of my coworkers were privacy advocates and enthusiasts who did not go digging through anyone’s personal data. Rather, oftentimes they would try to help clients be more informed, even risking their own job stability when doing so lost sales.
There are good folks who didn’t deserve to lose their jobs, were not guilty of the actions you are upset over, and don’t deserve people callously implying they deserved it.
I worked for GeekSquad, data privacy violations were not only a fireable offense but also something those I worked with prided themselves on protecting.
This is news to me, and it’s commendable regardless of whether it’s standard policy for Geek Squad, or just specific to your Best Buy location. At any rate it’s good to know the conversation was had within the office.
FBI has been pursuing its mission in bad faith for decades now. Longer than when James Comey was in office. In 2002 it changed from law enforcement to national security as much for the budget increase, and its methods, whether in curbing CSAM distribution or in pursuing Islamist terrorists, were less about making the nation safer for the public and more about fabricating credit for the agency. But then it was just as reprehensible in the J. Edgar Hoover years, and it’s only because of serial killer fiction that I might have imagined better.
At least since the 1990s, law enforcement across the nation has lost its impartiality. I can’t say they protected and served much in the 1980s or before, but they certainly have not since the aughts. Being involved with them, such as working as an informant, is just as problematic as being involved with the mob. Possibly more so in the 2020s.
The problem isn’t that the computers had CP, it’s that the techs looked through the data.
Yes, if they happen to see CP while doing their normal work, they should report it. But their normal work shouldn’t involve looking through pictures at all in the first place.
Are you thinking of this instance? It’s an instance that could happen to any of us. The CSAM in question was found (and only found) in garbage data in unused storage. And it means our GS tech had actively scan (go out of his way), rather than just fix the machine.
It also means it’s inconclusive, since that kind of stuff can end up in your webcache through malware vectored through advertising. CSAM is weaponized in malware. Heck, there are CSAM images in the Bitcoin blockchain file (or were, if they found a way to scour them). Not that innocent websurfers have not been falsely convicted due to invisible crap in their cleared webcache, but we should know better by now.
It does raise a question about what you believe regarding the limits of our civil rights. Do you believe evidence illegally obtained by law enforcement should be wholly admissible if the crime is heinous enough? SCOTUS does, and ruled that even drug possession discovered during an illegal search should be admissible. But that pretty much means you and I cannot rely on constitutional protections from unreasonable search and seizure.
Here in the States, preserving our protections and our privacy sometimes means defending the worst people. See, it’s supposed to be a penalty against the state for poorly executing the law when someone can’t be convicted due to inadmissible evidence. If a guilty citizen is improperly treated by law enforcement (according to the legal theory that supposed Blackstone’s ratio) then they should be acquitted, and the public has only the incompetence of state actors to blame.
Law enforcement is supposed to respect your protections, and if we let them conduct illegal searches (such as buying data from brokers, or using IMSI spoofers without a warrant, or asking Google for everyone within a mile and an hour of a criminal incident) then they’re going conduct those same illegal searches when you’re working with your mutual aid organization or are protesting against injustice. If serial killers and child molesters aren’t protected from overpolicing, then you aren’t either, and if you happen to be nonwhite, LGBT+ or part of another marginalized group (Juggalos!) then you’re in far more danger of illegal searches, false convictions and prison time, assuming you’re just not the victim of an officer-involved homicide.
If you live in the US, it’s very difficult not to commit crimes, particularly federal felonies. There but for your privacy (and / or the grace of prosecutorial discretion) goes your freedom and reputation.
That said, the FBI has been super sloppy in its pursuit to hunt down CSAM traders, even letting their high-end malware leak into the public to be dissected and used by black-hats, and interests of rival nations.
No, that’s not the case I mean. I mean I personally worked at Best Buy and knew a person who worked GS who made a report to the FBI. I don’t know the outcome of that report or even if it lead to any kind of prosecution.
It does raise a question about what you believe regarding the limits of our civil rights. Do you believe evidence illegally obtained by law enforcement should be wholly admissible if the crime is heinous enough?
Reporting a crime you observed first-hand is not an encroachment on anyone’s civil rights. Is that what you meant to say here? If it is, I wholeheartedly disagree.
I remember recent discussions on Mastodon I was half following where admins of certain instances where posting directions on how to make FBI reports if/when they find users posting things like CP. Are those admins encroaching on their users 4th amendment rights by reporting a crime? I think not.
With that said, I think there is a line between reporting a crime you happen across and a systematized search of user’s private files encouraged and paid for by government entities.
From your link,
Riddet says agents conducted two additional searches of the computer without obtaining necessary warrants, lied to trick a federal magistrate judge into authorizing a search warrant, then tried to cover up their misdeeds by initially hiding records.
For the record, THAT is a problem, in my eyes and not what my original comment was about.
FBI offered to Geek Squad a bounty on incriminating evidence found on long-term storage of computers they serviced and a lot of GS techs made those reports.
That is to say GS had no concern for privacy or fourth amendment protections during the era of rising surveillance awareness.
So I don’t care if they never wake up.
Yes, a handful of BestBuy employees accepted payments from the FBI to report on CP found on a customers device. So let’s all feel good about underpaid workers losing their jobs in this economy.
It’s up to you, but over here it looks like an abuse of power and a violation of trust. If they can’t be trusted not to look at the data they’re trying to restore (except directly in the service of restoring it) they they can’t be trusted with a business PC containing accounting data or legal correspondence either.
And a violation of trust in the service of law enforcement is still a violation of trust in the public. Considering how this would poison the service for business clients, I am surprised it doesn’t run contrary to Best Buy terms of employment (outside of mandated reporting, which is why mandated reporting laws exist for some cases).
On the other hand AT&T will gladly spooge your phone call records to the police if they ask for it. (No warrant necessary.) And Amazon’s Ring doorbell videos are sold to law enforcement whenever they want it (without permission of the doorbell owners.) But that’s finally resulted in trouble, and Amazon is rethinking this service.
It is interesting that in this economy which is intentionally managed to create a shortage of jobs and to lower wages, that employees are expected to betray the public trust and even engage in illegal activity at the behest of their employers just to stay employed, and that some of us might find this as an acceptable state of affairs. And yes, when business goes sour for the company, those employees will be discarded with no additional acknowledgment for their loyalty.
Have you ever done data recovery? Because I have, and part of recovery includes accessing random files to ensure they were restored/recovered correctly. I don’t go digging for incriminating shit, but I do have to make sure the data is readable before I hand it over to the client.
And you can be goddamned sure that if I see CSAM on your machine I’m turning you over to the police and I’ll gladly forego payment to see your ass in bracelets.i have professional ethics, but those don’t include protection of child abusers.
If you’re doing data recovery for a large enough tech firm (such as Best Buy’s Geek Squad service, you may be a mandated reporter of CSAM that you come across, depending on your state and the policy of your company, but in that case the CSAM in question is probably pretty obvious, either labeled as such or the first directory you hopped into.
id est, not because you scanned the drive’s unused blocks specifically looking for it.
Sometimes not seeing a few images is impossible if you want to be sure the restore or whatever actually worked.
I don’t live there but doesn’t the geek squad fix home PCs and such? Of course they shouldn’t touch business PCs that is ITs job or maybe the MSPs, if your work doesn’t have an IT department.
I don’t leave porn or NSFW content in plain view on my PC, much less files that might be evidence for crime. I’d assume those who actually do have criminal evidence or CSAM on their PC might keep it tucked away where it’s not obvious at the very least. On the other hand, I also know that Florida Man is active in all fifty states, and up to very dumb shit worthy of jail time. So they might not know better than to use CSAM as their desktop wallpaper.
I’d think finding CSAM by choosing a random media file and looking at it would be extremely rare, and if the tech restoring a drive of the worst offender would still find images more like bliss.jpg, maybe some images of last year’s office Christmas party or the recent trip to Yosemite, rather than the accumulated CSAM section.
So if multiple techs at a service are finding CSAM worthy of reporting to FBI, I’d assume they’re checking out the porn stash on PCs, or seeing if there are cheesecake photos buried in the My Pictures subfolders. From what I expect of humans, they hide stuff that’s super private. But it’s also possible that way more people than I expect are really that stupid.
The fact that FBI had a bounty with Geek Squad indicates it happens enough that GS techs routinely browse the data they restore, whether or not it’s company policy, and it shows a lack of discipline in the ranks. What’s more worrisome is what happens to those who keep their interpersonal sexts and cheesecake, and how tempted GS techs are to share pics with each other (typical in the surveillance sector) and post them on 4Chan. We’ve already had incidents like the fappening.
Repeat occurrences indicates a lack of discipline regarding privacy among Geek Squad techs. Repeat leaks to FBI, and a bounty both imply GS techs habitually sift through other people’s files for their own gratification. And that’s messy.
I fully agree with the point you are making here. It’s a fucked up system with a whole mess of badly designed incentives that cause people to be shitty to each other.
My only disagreement is with your willingness to condemn innocent people who lost their jobs over the actions of a few. I worked for GeekSquad, data privacy violations were not only a fireable offense but also something those I worked with prided themselves on protecting. All of my coworkers were privacy advocates and enthusiasts who did not go digging through anyone’s personal data. Rather, oftentimes they would try to help clients be more informed, even risking their own job stability when doing so lost sales.
There are good folks who didn’t deserve to lose their jobs, were not guilty of the actions you are upset over, and don’t deserve people callously implying they deserved it.
I worked for GeekSquad, data privacy violations were not only a fireable offense but also something those I worked with prided themselves on protecting.
This is news to me, and it’s commendable regardless of whether it’s standard policy for Geek Squad, or just specific to your Best Buy location. At any rate it’s good to know the conversation was had within the office.
FBI has been pursuing its mission in bad faith for decades now. Longer than when James Comey was in office. In 2002 it changed from law enforcement to national security as much for the budget increase, and its methods, whether in curbing CSAM distribution or in pursuing Islamist terrorists, were less about making the nation safer for the public and more about fabricating credit for the agency. But then it was just as reprehensible in the J. Edgar Hoover years, and it’s only because of serial killer fiction that I might have imagined better.
At least since the 1990s, law enforcement across the nation has lost its impartiality. I can’t say they protected and served much in the 1980s or before, but they certainly have not since the aughts. Being involved with them, such as working as an informant, is just as problematic as being involved with the mob. Possibly more so in the 2020s.
I knew a guy who made one of those reports. It was CP.
You seem kind of upset about people being caught for this. Am I misreading you?
The problem isn’t that the computers had CP, it’s that the techs looked through the data.
Yes, if they happen to see CP while doing their normal work, they should report it. But their normal work shouldn’t involve looking through pictures at all in the first place.
Are you thinking of this instance? It’s an instance that could happen to any of us. The CSAM in question was found (and only found) in garbage data in unused storage. And it means our GS tech had actively scan (go out of his way), rather than just fix the machine.
It also means it’s inconclusive, since that kind of stuff can end up in your webcache through malware vectored through advertising. CSAM is weaponized in malware. Heck, there are CSAM images in the Bitcoin blockchain file (or were, if they found a way to scour them). Not that innocent websurfers have not been falsely convicted due to invisible crap in their cleared webcache, but we should know better by now.
It does raise a question about what you believe regarding the limits of our civil rights. Do you believe evidence illegally obtained by law enforcement should be wholly admissible if the crime is heinous enough? SCOTUS does, and ruled that even drug possession discovered during an illegal search should be admissible. But that pretty much means you and I cannot rely on constitutional protections from unreasonable search and seizure.
Here in the States, preserving our protections and our privacy sometimes means defending the worst people. See, it’s supposed to be a penalty against the state for poorly executing the law when someone can’t be convicted due to inadmissible evidence. If a guilty citizen is improperly treated by law enforcement (according to the legal theory that supposed Blackstone’s ratio) then they should be acquitted, and the public has only the incompetence of state actors to blame.
Law enforcement is supposed to respect your protections, and if we let them conduct illegal searches (such as buying data from brokers, or using IMSI spoofers without a warrant, or asking Google for everyone within a mile and an hour of a criminal incident) then they’re going conduct those same illegal searches when you’re working with your mutual aid organization or are protesting against injustice. If serial killers and child molesters aren’t protected from overpolicing, then you aren’t either, and if you happen to be nonwhite, LGBT+ or part of another marginalized group (Juggalos!) then you’re in far more danger of illegal searches, false convictions and prison time, assuming you’re just not the victim of an officer-involved homicide.
If you live in the US, it’s very difficult not to commit crimes, particularly federal felonies. There but for your privacy (and / or the grace of prosecutorial discretion) goes your freedom and reputation.
That said, the FBI has been super sloppy in its pursuit to hunt down CSAM traders, even letting their high-end malware leak into the public to be dissected and used by black-hats, and interests of rival nations.
No, that’s not the case I mean. I mean I personally worked at Best Buy and knew a person who worked GS who made a report to the FBI. I don’t know the outcome of that report or even if it lead to any kind of prosecution.
Reporting a crime you observed first-hand is not an encroachment on anyone’s civil rights. Is that what you meant to say here? If it is, I wholeheartedly disagree.
I remember recent discussions on Mastodon I was half following where admins of certain instances where posting directions on how to make FBI reports if/when they find users posting things like CP. Are those admins encroaching on their users 4th amendment rights by reporting a crime? I think not.
With that said, I think there is a line between reporting a crime you happen across and a systematized search of user’s private files encouraged and paid for by government entities.
From your link,
For the record, THAT is a problem, in my eyes and not what my original comment was about.