CINCINNATI -- The spyware code the FBI used to hack into the world’s largest child pornography site and make hundreds of arrests nationwide will stay secret, a federal judge in Cincinnati ruled.
A Fairfield man who was arrested in 2015 in the government’s massive sting operation known as “Operation Pacifier” had asked a judge to force the FBI to turn over the entire code to the secret spyware it used to hack into his computer.
RELATED: Fairfield man caught up in notorious FBI child porn operation demands secret hacking code
But U.S. District Judge Michael Barrett ruled against the attempt by Richard Stamper, 34, who is charged with possessing and receiving child pornography, to gain access to the secret spyware.
“(He) has not shown sufficient evidence of wrongdoing to outweigh the government’s need to protect the information,” Barrett wrote in his March 9 order.
Federal prosecutors had argued that if the FBI were forced to turn over the entire code to the secret spyware it would jeopardize other criminal investigations. And Barrett agreed.
The FBI secretly took over the Playpen, which was believed to be the world’s largest child pornography website, for two weeks in early 2015. It resulted in nearly 900 arrests worldwide.
Five men from southern Ohio, including Stamper, were arrested from 2015 to 2017 in the government’s massive sting operation.
Richard Stamper, 34, of Fairfield is awaiting trial on two federal child pornography charges.
The probe was controversial from the beginning.
“We’re finding a lot of the most aggressive surveillance and hacking techniques are coming up in these child porn cases,” said Colin Fieman, a Tacoma federal public defender who has handled several of these cases.
The FBI used secret spyware – a Network Investigative Technique, or NIT -- to learn the identity of website visitors who normally navigated the dark web anonymously.
“These are interesting test cases as to the limit of the government’s ability to search computers -- when it doesn’t know whose computer it is going to search,” said University of Cincinnati law professor Donald Caster.
In September 2015, FBI agents raided Stamper’s Fairfield home armed with a search warrant. At the time, Stamper, who was convicted in Butler County for the rape of a child under age 13 in 2003, received weekend visits from his 7-year-old son and 8-year-old stepdaughter, according to court documents.
The raid stemmed from an alleged visit that Stamper had made to the Playpen website on March 4, 2015, when FBI agents captured his information.
The FBI says Stamper logged into the Playpen site as “billnyepedoguy,” for a total of more than four hours, according to court documents.
During the search, FBI agents confiscated Stamper’s laptop and found more than 100 videos and thousands of photos depicting mostly girls, some younger than age 5, being raped and molested by men, according to the arrest warrant.
Stamper’s attorney, Richard Monahan, insists the FBI made major mistakes. Not only did their malware identify the wrong computer address and operating system, he says it also altered the time-stamping component of Stamper’s computer.
“The NIT undoubtedly malfunctioned and got the MAC address and operating system wrong, or worse yet, crossed wires with the hundreds of computers it was infecting and associated another user’s computer with Mr. Stamper,” Monahan wrote in a recent motion.
More than 6,000 pornographic images that the FBI found on Stamper’s computer had been saved to the hard drive before Stamper had purchased the computer, Monahan wrote.
Stamper was using a virtual machine that could have masked his computer address, and he also upgraded his software, according to FBI testimony in a Jan. 22 hearing about Stamper’s case.
Agents also testified that the spyware is not capable of making changes to a computer or altering files.
“On the defendant’s computer, there is an open window. He doesn’t know about it, but the government does,” FBI agent Daniel Alfin testified at the hearing.
“So the open window is the exploit, and we send a NIT through it,” Alfin testified. “The window was open when we got there. The window was open when we left. We didn’t make any changes when we left.”
Barrett was not persuaded by Stamper’s argument that he needed the FBI’s spyware code to test whether his computer had been damaged.
He noted that Stamper had an “uphill battle” since most federal judges involved in Playpen cases nationwide had ruled in favor of the FBI to protect the spyware.
Barrett denied all three of Stamper’s motions to either suppress evidence in his case or get access to the spyware code.
His jury trial is scheduled to begin March 26.
