{"id":965368,"date":"2023-01-22T12:00:20","date_gmt":"2023-01-22T12:00:20","guid":{"rendered":"https:\/\/theintercept.com\/?p=419804"},"modified":"2023-01-22T12:00:20","modified_gmt":"2023-01-22T12:00:20","slug":"how-to-leak-from-the-supreme-court","status":"publish","type":"post","link":"https:\/\/radiofree.asia\/2023\/01\/22\/how-to-leak-from-the-supreme-court\/","title":{"rendered":"How to Leak From the Supreme Court"},"content":{"rendered":"
Less than<\/u> two weeks ago, Supreme Court investigators looking into the leak of the Dobbs v. Jackson Women\u2019s Health Organization draft opinion had reportedly<\/a> “narrowed their inquiry to a small number of suspects.” Ten days after that news, the Supreme Court issued a report<\/a> stating that the investigation had in fact failed to determine who was behind the draft opinion leak.<\/p>\n The public report provides insights into the investigative process undertaken by the court, identifies a number of inadequate security controls, and provides recommendations to remedy the problems. That means the report is doubly instructive for would-be future leakers: It provides both a list of successful operational security techniques leakers may have employed to evade detection, as well as, thanks to the recommendations, forward-looking lessons on pitfalls to avoid in the future.<\/p>\n The investigation team used a number of techniques to attempt to identify the leaker, all of which proved to be dead ends.<\/p>\n They examined all available printer logs but found that Court printers have limited logging capabilities. The team also investigated email logs to determine if anyone had emailed the opinion draft to a third party; while staff had emailed copies of the draft to others on staff, there was no evidence that the opinion draft was emailed to anyone else.<\/p>\n The investigation looked not just at court-issued devices, but also at call and text records as well as billing statements of employees\u2019 personal devices. Though the team reported that the court\u2019s logging was rudimentary and thus did not yield any results that could identify a leaker, the key takeaway for future leakers is that much like organization-provided devices, personal devices should likewise not be used in the service of leaking. Instead, the principle of one-time use should be adopted: Temporary devices should be safely acquired<\/a> and used for acquisition and dissemination of leak materials, after which the device should promptly be disposed of by secure means.<\/p>\n Court investigators paid particular attention to reviewing the legal search histories conducted by staff, aiming to “determine whether an employee might have researched the legality of disclosing confidential case-related information.” Notably, the investigation team obtained this legal search history “directly from the service providers.” Though it\u2019s not clear which search providers were examined, the report could be referring to subscription databases like LexisNexis, highlighting the fact that leakers should be careful to avoid using third-party services, as a leak investigation may seek to obtain records from them. The report doesn\u2019t state whether the investigative team subpoenaed the service providers, whether the providers shared the search histories without a subpoena, or whether investigators were able to view the histories through internal means like staff or administrative accounts, or invoices from the search providers that could include itemized search terms.<\/p>\nInvestigative Dead Ends<\/h2>\n