Is a vendetta by the FBI keeping an innocent man in jail, or has DOJ just lost its mind altogether?

I’ve had enough. Actually, I’ve had more than enough. I should have written this post months ago.

Last week I received notice from Twitter Legal that they had been served with a grand jury subpoena for my account information. Also listed in the grand jury subpoena were four other Twitter accounts, only one of which I recognized. So why would a grand jury in Texas want my details from Twitter? And why should they be able to get them?

Suppose I told you that the only basis for them seeking my information was that someone added me to a conversation that I wasn’t in, and sent me a smiley emoji. I hadn’t replied, but that seemed to be enough for the grand jury to want to know more about me.

If it sounds outrageous to you, let me tell you that my lawyers inform me —- from a safe distance so that I don’t throw something at them — that it’s perfectly legal for grand juries to do this.

It would not be legal in the World According to Dissent. And it doesn’t really make good sense in any world, as Mike Masnick of TechDirt articulates so well in his post on this insanity.

What the Northern District of Texas and Judge Toliver have done to Justin Shafer is outrageous. This subpoena for my info is infuriating, of course, but let’s talk about Shafer, because it is his case the subpoena relates to.

Regular readers of my site will recognize Shafer’s name from his research uncovering leaking patient data and his collaboration with me in filing an FTC complaint that Henry Schein settled via a consent order and payment of a $250,000 fine to the FTC.

This blogger has been reporting on Shafer since December, 2013. On a good day, he can be impulsive, brash, obsessive-compulsive, and offensive, but that doesn’t make him a criminal nor justify repeated raids on him or treating him like a criminal. And it doesn’t justify keeping him in jail for months because he lost his temper after all of the FBI’s perceived harassment of him and his family.

Unfortunately, it appears that some entities he embarrassed by revealing their security failures tried to deflect blame by accusing him of hacking them. And it appears that the FBI agent involved  may have believed them. Beginning in March, 2013, according to Shafer, Special Agent Nathan Hopp treated him like a black hat or grey hat, when all he had done was find exposed data and try to report it so patients would be notified. Entities may not like to be publicly embarrassed but there is nothing illegal in Shafer going to the media to call attention to data leaks that he uncovers.

Over the next four years, Shafer would feel repeatedly harassed by the Dallas FBI and Special Agent Nathan Hopp. And who wouldn’t feel harassed when he was repeatedly raided and there were never any criminal charges because he had never done anything illegal? The only criminal charge they ever levied was harassment after he lost his temper with Agent Hopp after years of perceived FBI harassment.

Instead of a grand jury investigating Shafer, someone should investigate why the Dallas FBI covered up or suppressed evidence that Shafer was a white hat who was trying to help them, because they certainly didn’t tell the federal court about all the help he had offered them and I doubt they ever told the grand jury about Shafer’s attempts to help, either.

So grab your favorite beverage and sit back while I show you some of the evidence that the federal court was not shown when the FBI tried to get Shafer charged with stalking an FBI agent with intent to harass or intimidate.

On March 31, 2017, in his affidavit in support of the criminal complaint alleging stalking and intent to harass or intimidate an FBI special agent and his family, Special Agent Ronnie Buentello left out important context and history for assessing Shafer’s conduct and intent, but he also indicated (Paragraphs 10 and 11 of the affidavit) that Shafer was also being investigated as a co-conspirator of the blackhats known as TheDarkOverlord. Perhaps someone thought that making Shafer out to be some criminal hacker would boost their claims that he was some kind of dangerous stalker, but the Dallas FBI had evidence to show that Shafer was actually trying to help the FBI catch TheDarkOverlord.

As part of his affidavit (obtained from PACER while it was briefly unsealed), SA Buentello stated that the FBI had found a copy of a stolen database from Missouri when they raided Shafer’s home in January, 2017. That database had allegedly been hacked by TheDarkOverlord and had been put up for sale on the dark web. The implication seemed to be that if Shafer was in possession of a database that had been hacked and put up for sale by TheDarkOverlord, then he likely was involved in the hack or was conspiring with the hackers:

From the affidavit in support of a criminal complaint alleging stalking.

What the FBI did not tell the court was that Shafer had emailed that very database to the FBI in July, 2016, telling the FBI that TheDarkOverlord gave it to him, unsolicited, duing a chat on Twitter.

So here’s “Exhibit A” for you:  the email Justin Shafer sent on July 1, 2016 to this blogger and the Dallas FBI with the database the FBI would later claim supported a suspicion that he was a “co-conspirator:”

On July 1, 2016, Shafer emailed the Dallas FBI a copy of a database TheDarkOverlord had given him via Twitter. On March 31, 2017, the FBI claimed they found it during a raid of his home in January and never mentioned that he had provided it to them voluntarily in July, 2016.

At another point, the FBI’s affidavit also claimed that during the second raid (January, 2017), the FBI found evidence of a chat session between Shafer and TheDarkOverlord:

The affidavit claimed that a chat session was observed on Shafer’s computer.

The affidavit referred to a chat session, but did not indicate whether it was a file copy of an old chat session or a new one in progress at the time of the raid. In fact, Shafer did have a number of private (DM) conversations on Twitter with TheDarkOverlord that Shafer logged. He often reviewed the logs afterwards, looking for additional clues in the material.  Shafer generally shared his logs of the chats with this blogger and with others – including the FBI.

So now view “Exhibit B:” an email Shafer sent on July 3, 2016  to an NHS unit in the U.K. to warn them that they had been hacked by TheDarkOverlord. Shafer had been told about the hack in a private conversation with TheDarkOverlord and then tried to contact the NHS so that they could secure their data and warn patients. Shafer also cc:d Dallas FBI on that email, and included part of the chat log between him and TheDarkOverlord:

When Shafer learned that TheDarkOverlord hacked the NHS, he tried to notify the NHS and cc:d the Dallas FBI.
Part of the chat log between Shafer and TheDarkOverlord that was emailed to the Dallas FBI to alert them. The FBI would later suggest that finding chat logs on Shafer’s computers was somehow evidence that he was a co-conspirator.  

So was the presence of chat logs evidence of conspiracy? I would argue that it was actually evidence that Shafer was collecting information on TheDarkOverlord which he was then promptly sharing with law enforcement to assist them.

It seems the FBI couldn’t tell a white hat from a black hat. Or perhaps the Dallas FBI failed to share the information he was providing to them with the Atlanta and Missouri regions of the FBI and other regions investigating TheDarkOverlord. Despite TheDarkOverlord’s bizarre attempts to implicate Shafer or tease him, Shafer had always helpfully provided information to the FBI. What co-conspirator does that?

And do note that Shafer offered this help to the Dallas FBI in July, 2016 – even after they had raided him in May, 2016 and upset his children and damaged his property (he claims). He was still being a whitehat. What a shame that the Dallas FBI did not respond to him that way.

Now consider “Exhibit C:” If Shafer was a co-conspirator, why was he running around the internet trying to get TheDarkOverlord patient data dumps removed?  Here’s an email from  in February, 2017 thanking Shafer for notifying them and saying they suspended TDO’s account. It was not the first time Shafer had contacted them. And once again, Dallas FBI was cc:d.

File-sharing site thanked Shafer for alerting them to a data dump of sensitive information.

So beginning in July, 2016 and thereafter, Dallas FBI received evidence that Shafer provided to try to help them catch TheDarkOverlord.  Does any of the evidence above look like someone conspiring with TheDarkOverlord or does it look like someone trying to help law enforcement catch TheDarkOverlord?

The FBI seized Shafer’s devices. They almost certainly have copies of all of the evidence cited above on his devices, plus other evidence of his attempts to help them and his complaints about Agent Hopp’s attitude towards him.

Why did the FBI withhold all of this evidence from the court? Why did they try to suggest that Shafer might be some kind of dangerous master blackhat criminal or dangerous stalker? Why didn’t they tell the court that there was history between the Special Agent and Shafer going back to 2013 that provided important context for any harassment charges? Simply noting that the agent was involved in two raids on Shafer does not even come close to telling the whole story of why Shafer might have engaged in what he may have considered verbal harass-back activities.

Shafer repeatedly tried to help law enforcement catch TheDarkOverlord. Instead of appreciating his efforts and help, DOJ has maliciously tried to keep him in jail, depriving his children of their father and his family of their income-earner. And for what? Because he got ticked off at an agent who he felt had been giving him a rough time for four years?


Update:  Ken White (@Popehat), another one of us presumed “Gang of Five” also blogged about this.  When it comes to this subpoena, at least I’m in good company….

About the author: Dissent