April 18, 2012 FBI Server Seizure - FAQ for May First/People Link Members

We've prepared this page to answer questions that our fellow MFPL members may have about this incident, how it affects MFPL members, what to expect and how to protect oneself if similar incidents occur in the future.

What happened?

On Wednesday, April 11, MFPL was first visited by the FBI. We immediately communicated with our members about this incident.

One week later on April 18, at approximately 16:00 Eastern Time, the situation was escalated beyond our expectations. U.S. Federal authorities removed a server from a colocation facility shared by Riseup Networks and May First/People Link in New York City. Read more from our official press release here.

Finally, MFPL issued its own statement, communicating our commitment to return service to the seized server, continuing to protect our members' data, and fighting for the right to anonymous communication online.

Which MFPL members have been affected by the seizure?

The server containing the anonymous remailer service is managed by the European Counter Network (ECN) and hosted by Riseup, who is a MFPL partner. The seized server contained no MFPL member data. We have reviewed the other MFPL and Riseup servers located in the same facility as the ECN server and have found no evidence that any other servers were compromised in this incident.

Although no MFPL members have been directly affected by the seizure, hundreds of other people and organizations were. Disrupted in this seizure were academics, artists, historians, feminist groups, gay rights groups, community centers, documentation and software archives and free speech groups. The server included the mailing list "cyber rights" (the oldest discussion list in Italy to discuss this topic), a Mexican migrant solidarity group, and other groups working to support indigenous groups and workers in Latin America, the Caribbean and Africa. In total, over 300 email accounts, between 50-80 email lists, and several other websites have been taken off the Internet by this action.

What's a remailer?

Anonymous remailers work by connecting to other anonymous remailers in a chain, and every one in that chain removes the mail header information making it impossible to find the real sender. The Tor project maintains a list of typical users of this and other anonymity systems, and the Mixmaster home page


Can I expect my service to be interrupted by future seizures?

Unfortunately, there's no way for us to predict whether or not the federal government will obtain additional warrants to access, tamper with, or seize additional servers. According to the news, the bomb threats continue to arrive at University of Pittsburgh after the seizure of the ECN server.

Organizations in the broader network of internet and human rights defenders are circulating our press release and statements of support to ensure that pressure is put on the US government to stop threatening us and preserve internet rights in accordance with the Internet Rights Charter.

One such statement is here.

What do I do if I think my email, website, or other service has been interrupted?

We understand that the recent server seizure is enough to put any user of our services on alert! But the steps we recommend for reporting a problem or regaining access to your services remains the same:

  1. Don't panic.
  2. Check the service advisory page. Any expected, routine, or other interruptions will be reported here.
  3. Open a support ticket. We receive immediate notice of any new support requests. In all cases, you can expect a response from us right away.

How do I backup my MFPL data to protect myself from data loss?

MFPL already backs up the web pages, email, databases, and other data that you store on our servers, but that doesn't mean you shouldn't also prepare your own backups!

We use a three-prong approach to backup MFPL member data:

  • All servers have redundant disks. If one disk fails, the server continues un-interrupted.
  • We backup all servers nightly to an onsite backup server that keeps 5 days worth of data.
  • We also backup all servers nightly to an off site backup server that overwrite the previous days backup every night.

However, there are good reasons for MFPL members to create their own additional backups:

  • Our backups are designed primarily for disaster recover (the entire machine goes down). We cannot provide file recovery for accidental deletions or other mistakes.
  • No backup is fool proof. It's always a good idea for triple or quadruple redundancy.
  • Only system administrators can restore data from a backup.

See the full FAQ pages on this subject: Does May First/People Link backup my data? and How can I backup my own data?

What sections of our contract with the server co-location center were exercised in the server seizure?

The Highwinds contract (formerly Bandcon) contract has only one section that refers to cooperating with the law and that is section 5.2 Compliance with Law and AUP, which specifically references the Acceptable Use Policy (AUP), which can be changed at any time by Highwinds. The AUP has three relevant sections to the actions taken by the FBI, specifically sections f. Cooperation with Law Enforcement and section j. Email.

As a MFPL member, if a server I'm on is seized, will I have data loss?

As a political organization protection of data is a key part of our mission, knowing that many of our members are active in different social movements we know that the potential exists for the authorities of the state to attempt to seize such data. As we have seen in the last year alone the many different states have or have attempted to seize data from different organizations (i.e. wikileaks, Bradley Manning, Megaupload to name a few). Since our membership is central to the organization we have contingency plans in place for data loss (as mentioned above), but we are human and cannot guarantee 100% that all data loss is fully recoverable, but as a political organization we will do the best of our abilities to restore any data loss relating to the servers.

Questions we plan to answer soon:

What does this mean for us as members of the MFPL network?

Political approach, standing against surveillance and repression

How is data on MFPL servers protected against seizure?

Explain hard disk encryption as explained in the draft privacy policy and perhaps elsewhere: "All servers used by May First/People Link use hard disk encryption. That means that the contents of the hard disks cannot be read without a password. Disk encryption creates an obstacle to anyone attempting to access information on a May First/People Link server by seizing the physical server."

Last modified 10 years ago Last modified on Apr 24, 2012, 7:09:18 PM