According to a survey conducted in the year 2012, a host of law enforcement officials believe that social media platforms are concrete avenues for solving criminal cases. The study intimated that 80 percent of police respondents have employed social media in investigations at some point in their careers.
In the latest reports, it was revealed that Facebook procured the services of cybersecurity experts in creating a hacking tool that was then shared with the Federal Bureau of Investigation (FBI). The shared tool was meant to assist agents in targeting a user that was reportedly using Facebook to commit crimes.
For years, the suspect Buster Hernandez systematically extorted, threatened and harassed underage victims using Facebook, email and messaging applications. He extorted the young girls for their nude photographs and videos, and sent hordes of threat messages involving rape and death.
In the extreme case, Hernandez was accused of sending graphic details of his threats to orchestrate school bombings where his targets studied if they failed to meet his demands.
Investigators revealed that the suspect used the online username “Brian Kil”, and that he had become a very persistent threat to his victims.
Using Tails to Hide Identity
Further, it was reported that Hernandez had used Tails, a systems that is used by online surfers to anonymize their identity, and has become popular in the criminal world and in global destinations where freedom of expression is not guaranteed.
Hernandez had perfected the art of hiding his real identity on Facebook that the social media giant took the initiative to assist the FBI collect evidence ahead of his arrest and conviction. Still, this was not easy as a Facebook spokesperson told Business Insider about how his organization and the FBI struggled to discover where the suspect was located.
Reportedly, Facebook sought the services of a third-party cybersecurity firm and paid them about $100,000 to collaborate with one of its experts to create a “zero-day” exploit for Tails that would enable an external actor to compromise a software vulnerability that was beyond the knowledge of its software developers.
The toll was then forwarded to the FBI in a rather unprecedented and controversial case in which the social media company chose to assist authorities hack a target.
Burner Hernandez was eventually arrested in August 2017 and faced a host of charges levelled against him – including production of child sex abuse material, coercion of a minor, distribution and the receipt of child sex abuse material, threats to use explosives, extortion, issuance of death and kidnap threats, and obstruction of justice.
The federal charges considered the suspect’s activity from the year 2012 all the way to his time of arrest in 2017. He pleaded guilty to the charges and now faces life in prison.
The Ethical Question
The case of a partnership between a Silicon Valley social media firm and the FBI to meet law enforcement has underscored the technical capacities of Facebook. The fact that the social media company collaborated with law enforcement and a cybersecurity firm raises critical ethical questions.
In a nutshell, the above scenario makes all us wonder about the limits to such similar operations, about when and whether it is in fact appropriate for private entities to be used by government agencies in hacking their own users.
As mentioned already, Facebook and the FBI used an exploit in the privacy-focused Tails system. The zero-day exploit succeeded in automatically routing Hernandez’s internet traffic through anonymity networks, and exposed the suspect’s real identity.
While this case leaves very many questions unanswered, the best response given by a Facebook spokesperson was that the social media firm “found the outcome acceptable”.