Investigators at the FBI and the US Department of Homeland Security (DHS) are exposing the identities of victims of child abuse, Forbes has discovered.
The discovery was made by looking closely at court filings, in which the government discloses teenagers’ initials and their Facebook identifying numbers – a unique code linked to each Facebook account. You can find yours here at this lookup service. After you plug in your user name, it will return a Facebook ID that links directly to your profile, along with, of course, your name, when you input the number after the URL https://www.facebook.com/.
I did it just now to my own profile. Well, that was easy. So much for protecting the identity of child abuse victims, or, for that matter, of any other victim whose identity is supposed to be redacted but whose Facebook profile ID – in other words, their identity – is there for all to see.
Forbes likewise found that it could find accounts belonging to minors, along with their names and other personal information, by simply entering the Facebook profile IDs entered into court documents.
The magazine did just that and found two identities that were supposed to be redacted from court cases unsealed this month. Thomas Brewster reports that it was as simple as copying and pasting Facebook IDs from the court filings into Facebook’s web address. The publication withheld their names and other identifying information in order to protect the victims’ identities.
In one such case, a recently unsealed case in Nebraska, the FBI search warrant gave away the initials and Facebook profile number of a then 14-year-old girl, plus the detailed, lewd conversations she had with a 28-year-old man.
Facebook had intercepted the chats, then sent them in as a tip to the National Center for Missing & Exploited Children (NCMEC). From there, the chats went to the police, who requested and obtained details about the two accounts from Facebook.
Forbes reports that those same chats were disclosed in an unsealed complaint against the perpetrator, who’s since pleaded guilty and who was sentenced to 36 months in prison last year. That same complaint described how the victim sent 27 explicit images of herself to the guy who was grooming her.
Who knows how many federal law agencies and investigators are guilty of this casual, clumsy use of profile IDs in court documents?
The FBI for one, and the DHS for two, at the very least. Forbes came across another search warrant application from a DHS investigator in Wisconsin. The warrant disclosed three Facebook IDs of girls whom the investigators believed to be targets of grooming in the Philippines.
The warrant also included details of the 63-year-old man who used Facebook to find the girls and to groom them, as well as transcripts of private Facebook chats between him and what were presumably underage minors.
Anybody home?
Forbes contacted the Department of Justice (DOJ) regarding both cases. As of Wednesday, when it published its report, the publication hadn’t received a reply.
Nor had the DOJ sealed the court documents that revealed the Facebook profile IDs that are a snap to connect to victims’ identities. Those court documents were still displaying sexual abuse victims’ identities, along with the details of their victimization, serving it all up on a silver platter to anybody who has the interest to look for it… and the skills to navigate the Public Access to Court Electronic Records (PACER) system, which serves as an entryway to researching court documents.
You can see why the DOJ, FBI and DHS would be mired in inertia when it comes to responding to something like this. Who reads court documents, after all? Searching the finicky PACER portal isn’t easy, or consistent, and the results it renders up don’t come anywhere close to the easy-to-understand narrative you’d get from a news article.
Be that as it may, Forbes isn’t the first newshound that’s surfaced these blunders after sticking its arm into the PACER swamp of legal records. Nor is it the first to walk head-on into a wall of silence when trying to get the DOJ to stop inadvertently exposing people’s identities.
Brewster talked to Seamus Hughes, a part-time consultant and expert on searching PACER. Hughes said that he’s found similar cases. He’s a court records geek who teaches news reporters how to mine breaking news out of PACER. His expertise at doing so means that Hughes is constantly coming up with breaking news that’s escaped most people’s attention. Just one of the many news nuggets he’s dragged out: what was supposed to be the US’s secret charges filed against Julian Assange that prosecutors mistakenly revealed.
Hughes said that the inadvertent exposure of victims’ real identities happens “with too much regularity.” He thinks the DOJ should be taking their responsibility to redact victims’ personal information more seriously.
It’s not like he hasn’t tried to get somebody’s attention: Hughes told Forbes that over the past six months, he’s contacted attorneys’ offices across three different districts to alert them to the problem.
Nobody’s responded.