FBI Palantir glitch allowed unauthorized access to private data
A computer glitch in a secretive software program used by
the FBI allowed some unauthorized employees to access private data for more
than a year, prosecutors revealed in a new court filing.
The screw-up in the Palantir program a software created by a
sprawling data analytics company co-founded by billionaire Peter Thiel was
detailed in a letter by prosecutors in the Manhattan federal court case against
accused hacker Virgil Griffith.
Data recovered from Griffith’s Facebook and Twitter
accounts, which was obtained through a federal search warrant in March 2020,
was accessed on Palantir for more than a year by at least four FBI employees,
all of whom work outside New York and were not investigating the case,
prosecutors wrote.
The FBI case agent assigned to Griffith’s case was alerted
to the unauthorized access earlier this month, when another agent emailed him
and said an analyst accessed the search warrant material on Palantir, according
to the letter.
“An FBI analyst, in the course of conducting a separate
investigation, had identified communications between the defendant and the
subject of that other investigation by means of searches on the Platform that
accessed the Search Warrant Returns,” the feds wrote in the letter filed
Tuesday.
Federal prosecutors in Manhattan determined the FBI
employees three analysts and an agent were able to view the material because it
was entered in Palantir through the program’s default settings.
“When data is loaded onto the Platform, the default setting
is to permit access to the data to other FBI personnel otherwise authorized to
access the Platform,” prosecutors wrote in the letter.
The material was accessed at least four times from May 2020
to August 2021, according to the letter.
The employees who accessed the data told prosecutors that
they did not recall using the information in their investigations.
Manhattan prosecutors instructed Palantir employees to
delete the data on Aug. 17 and said they do not intend on using the information
in their case against Griffith, according to the letter.
The mishap could suggest a wider issue with the FBI’s use of
Palantir, said Albert Fox Cahn, the founder of Surveillance Technology
Oversight Project, a privacy and civil rights group.
“Since this same issue will happen whenever documents are
uploaded with the default settings, and since there doesn’t seem to be any sort
of automated notice when they have been improperly accessed, this suggests that
it’s happening a lot more than just this one case,” he said.
Griffith is accused of violating international sanctions by
traveling to North Korea and delivering a speech about cryptocurrency.
He pleaded not guilty after his arrest in 2019 and was
subsequently ordered held in jail pending his trial this year, according to
court filings.
An attorney for Griffith, Brian Klein, said he is looking at
legal options regarding the error.
“We are very troubled by what happened. We are looking into
the legal remedies,” Klein said in an email.
Comments
Post a Comment