The alleged pedophile “LuvEmYoung” had worked to stay anonymous in the chatrooms where he bragged about sexually abusing children. A criminal affidavit said he covered his tracks by using TeleGuard, an encrypted Swiss messaging app, to share a video of himself last month with a sleeping 4-year-old boy.

But the FBI had a new strategy. A foreign law enforcement officer got TeleGuard to hand over a small string of code the company had used to send push alerts — the pop-up notifications that announce instant messages and news updates — to the suspect’s phone.

An FBI agent then got Google to quickly hand over a list of email addresses this month linked to that code, known as a “push token,” and traced one account to a man in Toledo, an affidavit shows. The man, Michael Aspinwall, was charged with sexual exploitation of minors and distribution of child pornography and arrested within a week of the Google request.

The breakthrough relied on a little-known quirk of push alerts, a basic staple of modern phones: Those tokens can be used to identify users and are stored on servers run by Apple and Google, which can hand them over at law enforcement’s request.

But the investigative technique has raised alarms from privacy advocates, who worry the data could be used to surveil Americans at a time when police and prosecutors have used cellphone data to investigate women for potentially violating state abortion bans.

“This is how any new surveillance method starts out: The government says we’re only going to use this in the most extreme cases, to stop terrorists and child predators, and everyone can get behind that,” said Cooper Quintin, a technologist at the advocacy group Electronic Frontier Foundation.

“But these things always end up rolling downhill. Maybe a state attorney general one day decides, hey, maybe I can use this to catch people having an abortion,” Quintin added. “Even if you trust the U.S. right now to use this, you might not trust a new administration to use it in a way you deem ethical.”

The data has become prized evidence for federal investigators, who have used push tokens in at least four cases across the country to arrest suspects in cases related to child sexual abuse material and a kidnapping that led to murder, according to a Washington Post review of court records. And law enforcement officials have defended the technique by saying they use court-authorized legal processes that give officers a vital tool they need to hunt down criminals.

Joshua Stueve, a spokesman for the Justice Department, said, “After determining that non-content push notification metadata may help arrest offenders or stop ongoing criminal conduct, federal law enforcement investigators fully comply with the U.S. Constitution and applicable statutes to obtain the data from private companies.”

The Post found more than 130 search warrants and court orders in which investigators had demanded that Apple, Google, Facebook and other tech companies hand over data related to a suspect’s push alerts or in which they noted the importance of push tokens in broader requests for account information.

Those court documents — which were filed in 14 states, as well as the District of Columbia — were related to suspects in a range of criminal charges, including terrorism, sanction evasion, guns, drugs, covid relief fraud and Somali piracy. Some of the cases involved the pro-Trump mob that stormed the U.S. Capitol on Jan. 6, 2021.

Three applications and court orders reviewed by The Post indicate that the investigative technique goes back years. Court orders that were issued in 2019 to Apple and Google demanded that the companies hand over information on accounts identified by push tokens linked to alleged supporters of the Islamic State terrorist group.

But the practice was not widely understood until December, when Sen. Ron Wyden (D-Ore.), in a letter to Attorney General Merrick Garland, said an investigation had revealed that the Justice Department had prohibited Apple and Google from discussing the technique.

Apple confirmed the government restriction in a statement that month to The Post but said it intended to provide more detail about its compliance with the requests in an upcoming report now that the method had become public. Google said in a statement then that it shared Wyden’s “commitment to keeping users informed about these requests.”

Unlike normal app notifications, push alerts, as their name suggests, have the power to jolt a phone awake — a feature that makes them useful for the urgent pings of everyday use. Many apps offer push-alert functionality because it gives users a fast, battery-saving way to stay updated, and few users think twice before turning them on.

But to send that notification, Apple and Google require the apps to first create a token that tells the company how to find a user’s device. Those tokens are then saved on Apple’s and Google’s servers, out of the users’ reach.

In effect, Wyden said, that technical design made Apple and Google into a “digital post office” able to scan and collect certain messages and metadata, even of people who wanted to remain discreet. David Libeau, a developer and engineer in Paris, wrote last year that the ubiquitous feature had become a “privacy nightmare.”

In one of the cases found by The Post, an FBI agent said in an affidavit that New York police officers had obtained a “dual-factor authentication push token” for a suspect from Talkatone, a service for making phone calls over the internet. Prosecutors said the suspect had used the service to lure food-delivery driver Peng Cheng Li to a location in Queens, where they abducted him. Later, they allegedly killed him.

FBI headquarters.© Matt McClain/The Washington Post

The officers used the Talkatone token to ask Apple whose account had been linked to it, the affidavit said. The company offered up the iCloud information for one of the two suspects later charged in the victim’s killing. Mike Langberg, a spokesman for Ooma, which owns Talkatone, said the company complies with “subpoenas and court orders as required by law.”

In two other cases, prosecutors were able to find Michigan men sharing child abuse images after demanding that the encrypted messaging app Wickr share information on push tokens for users who sent the images through its app. One of the men, John Garron, has pleaded guilty to sexually exploiting children and distributing child sexual abuse material; he is scheduled to be sentenced next month. Garron’s lawyer did not respond to a request for comment.

In a June hearing in the case, Assistant U.S. Attorney Christopher Rawsthorne cited the push-notification data as a critical way of identifying the defendant.

“It used to be that Wickr was something where it was impossible to figure out the identity … of the person using it,” Rawsthorne said. “And it’s only recently been that we’ve been able to figure it out.”

Wickr, which is owned by Amazon, shut down its free consumer-oriented app in December. Wickr and Amazon say on their websites that they respond to lawful requests from law enforcement. (Amazon founder Jeff Bezos owns The Washington Post.)

In the case of “LuvEmYoung,” federal investigators tracked the man through his messaging app of choice, TeleGuard, an affidavit shows. Though the app had promoted itself as saving no user data, its developers had nevertheless allowed for the creation of a piece of data that linked back to users through their push alerts.

In chats with an unidentified international law enforcement agent and an undercover FBI operative, known as an “online covert employee,” Aspinwall had shared explicit photos and videos and said he had sexually abused children known to him while they slept, the affidavit alleged.

To track him down, the operative worked with the international law enforcement agent and was given a push token linked to the suspect’s Android device, the affidavit said. The document says only that the investigator “provided” the token “as received from TeleGuard,” without explaining how.

Earlier this month, an FBI agent asked Google to hand over all data connected to that push token as part of what’s known as an “exigent,” or emergency, request. Google responded with information including the names of six accounts, one of which included Aspinwall’s name, as well as the IP addresses associated with those accounts.

Some of those IP addresses were linked to AT&T, which told the FBI that they had been used by Aspinwall’s neighbor, the affidavit shows. Aspinwall later told agents he had used his neighbor’s WiFi and admitted to the crime, the FBI affidavit alleged.

Aspinwall’s attorney declined to comment. TeleGuard’s owner, Swisscows, did not respond to requests for comment.

Google has said it requires court orders to hand over the push-related data. Apple said in December that it, too, would start requiring court orders, a change from its previous policy of requiring only a subpoena, which police and federal investigators can issue without a judge’s approval.

But in three of the four cases reviewed by The Post, Apple and Google handed over the data without a court order — probably as a result of the requests being made on an emergency, expedited or exigent basis, which the companies fulfill under different standards when police claim a threat of imminent harm.

Daniel Kahn Gillmor, a senior technologist at the American Civil Liberties Union, worried that the range of account information connected to a push token could allow it to be used to uncover other data. Down the road, he said, law enforcement could use the tactic to infiltrate a group chat for activists or protesters, whose push tokens might give them away.

“This is not just U.S. law enforcement,” Gillmor said. “This is true of all the other law enforcement regimes around the world as well, including in places where dissent is more heavily policed and surveilled.”

 The FBI’s new tactic: Catching suspects with push alerts (msn.com) 

  The patterns were similar enough that FBI analyses of the church’s responses yielded seven rules, basically, an institutional guide to covering up abuse. Here are seven principles the jurors note:

1. Make sure to use euphemisms rather than real words to describe the sexual assaults in diocese documents. Never say”rape”; say “inappropriate contact” or “boundary issues.”
2. Don’t conduct genuine investigations with properly trained personnel. Instead, assign fellow clergy members to ask inadequate questions and then make credibility determinations about the colleagues with whom they live and work.
3. For an appearance of integrity, send priests for “evaluation” at church-run psychiatric treatment centers. Allow these experts to “diagnose” whether the priest was a pedophile, based largely on the priest’s “self-reports” and regardless of whether the priest had actually engaged in sexual contact with a child.
4. When a priest does have to be removed, don’t say why. Tell his parishioners that he is on “sick leave,” or suffering from”nervous exhaustion.” Or say nothing at all.
5. Even if a priest is raping children, keep providing him housing and living expenses, although he may be using these resources to facilitate more sexual assaults.
6. If a predator’s conduct becomes known to the community, don’t remove him from the priesthood to ensure that no more children will be victimized. Instead, transfer him to a new location where no one will know he is a child abuser.
7. Finally, and above all, don’t tell the police. Child sexual abuse, even short of actual penetration, is and has for all relevant times been a crime. But don’t treat it that way; handle it like a personnel matter, “in house.”

https://qz.com/1356796/how-the-catholic-church-concealed-priests-sexual-abuse-of-children/  

The FBI has a long history of political prosecutions. Jane Edgar Hoover was a low-level bureaucrat who built an organization based on disreputable behavior. He used taxpayer money to gain power for himself and his narrow vision of acceptable federal crimes (murder is not a federal crime). 

No one publicly outed his homosexuality until after his death. No one publicly discussed his practice of hiring and promoting his lover to the Assistant Director. He had cross dressing parties in his office during his long tenure as the FBI Director. The FBI needs to rename its headquarters, The Jane Edgar Hoover Building. 

The FBI acts like law enforcement agencies nationwide are " partners" just like J. Edgar's lover Clyde Tolson. Law enforcement agencies have no fear of any real oversight by their FBI partners. Anyone looking for justice against law enforcement officers is wasting their hopes on this organization. The FBI are a bunch of "special agents" who are proud of working with crooked police officers and third-rate talent with a grand view of themselves. 

The FBI Agents are nobody special. They hide from crime unless big money interests are victims. They refuse to hold law enforcement murderers to account. The FBI talks about a good game, but they need political pressure to do any real work. 

We asked the FBI to work on two issues. We asked them to investigate the criminal behavior committed by Sheriff Donnie Pope, aka Barney Fife of Jasper County, Georgia. Sheriff Pope attempted to incarcerate Dennis for his outspoken advocacy for victims of child sex crimes. In addition, we asked them to investigate the corrupt behavior of Sheriff Ezell Brown of Newton County, GA. He conducted himself like a common criminal in the death investigation of Kimberly Cox and David Montgomery.  

The FBI has refused to give us their files and tapes of our request for justice under the Freedom of Information Act in both cases. 

Special Agent David J. LeValley

FBI, Atlanta Field Office

3000 Flower Road South

Atlanta, GA 30341

February 28, 2018

Dear Special Agent David J. LeValley,

  We are a victim’s advocacy organization in need of some help with two corrupt Sheriffs. We have made multiple phone calls and one visit to your Atlanta office. Your Special Agents have refused to help us with the issues we have discussed. We have put together a Face Book Page, Good Enough for Government Work, to highlight your Agency.

  We will be sending out invitations to the renaming of the J. Edgar Hoover Building. The celebration of the Jane Edgar Hoover Building can be a wonderful tribute to the first gay man to have a Federal Building named after him. Since he was rumored to have liked dressing in his mother’s garments, we will entertain the best look for his new official photo. Naturally, we will be celebrating his relationship with the Assistant Director as a part of the celebration. Our horses will make a special visit to entertain the children.

  In an effort to be accurate, under the Freedom of Information Act, we want to get a copy of both phone calls and our visit made to your Atlanta office. Our interview was conducted by Special Agent Michael McKinney. He seemed to have a difficult time focusing on either of our complaints. Since we have not been able to confirm his continued presence in Atlanta, we will be transferring the Atlanta contact person to Special Agent Branich from your Macon office. She will be the new contact person to help with the celebration. She can see the lack of Federal crimes without speaking to the victim.

  We are disgusted with your Agency’s failure to hold corrupt Sheriffs accountable.  It seems that you see yourself as partners with these criminals instead of their Investigators of criminal activity. The longer you take to look into credible allegations, the more criminal cases can be compromised. Illegal behavior by a Sheriff can  result in the dismissal of numerous criminal cases. It is obvious that you Agency has no respect for victims of criminal behavior by local law enforcement.

Sincerely.

Dennis Horion