Searching over 5,500,000 cases.


searching
Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

United States v. Lacey

United States District Court, D. Arizona

January 7, 2020

United States of America, Plaintiff,
v.
Michael Lacey, et al., Defendants.

          ORDER

          Honorable Susan M. Brnovich, United States District Judge.

         Pending before Court is Defendants Motion to Compel Discovery. (Doc. 643., “Mot.”) The Government filed a Response, (Doc. 696, “Resp.”), and Defendants filed a Reply, (Doc. 717, “Reply”). Oral argument concerning the manner and usability of the Government's discovery disclosures was held on October 3, 2019, (Doc. 789), October 25, 2019, (Doc. 800), and December 2, 2019 (Doc. 832). At the hearings, the Court heard testimony from Special Agent J. Patrick Cullen, William Gerken, Special Agent Matthew Frost, Agent Richard Robingson, and Tami Loehrs. The Court will deny the Motion because, as explained below, the Court finds that the disclosure of electronic data in this case was made in a reasonably useable format.

         I. BACKGROUND

         Defendants are former executives and employees of a classified ad website charged with conspiracy and facilitation of an unlawful activity under the Travel Act, Backpage.com (“Backpage”). The charges are outlined in a 100-count superseding indictment. (Doc. 231, “SI”.) At issue in this discovery dispute is the form and functionality of the disclosure of Backpage server data previously seized by the Government.[1]

         a. The Backpage Website

         The viewing of Backpage ads on the Website involved cooperation among various types of servers running on FreeBSD Unix operating systems.[2] (See generally Doc. 789 at 61-73; 82:5-8.) In a nutshell, web servers facilitated Backpage users' viewing requests by connecting database server information with image server information and displaying it in users' web browsers. (Id. at 63:24-64:17.) These web servers comprised a majority of Backpage's overall servers and evenly distributed requests by helper servers to ensure no particular server was overloaded by user traffic. (Id. at 63:19-22; 64:22-25; 65:1-5.)

         Backpage used four database servers-one “master” and three “replicates”- containing identical information to store its website data. (Id. at 62:1-4, 22-25.) Images associated with ads were separately stored on three image servers[3] because it was not as “efficient to store them in a database.” (Id. at 63:5-6.) The “master” database was “where data would get written to, ” while “the other [three databases] would replicate that information.” (Id. at 62: 6-10.) “For example, “if somebody [were] posting an ad, . . . the data that they're posting gets saved to that master server [and] [i]f somebody is viewing an ad, the data that is being retrieved to view that ad comes from the replicated [server].” (Id. at 62:11-15.) By virtue of this replication, “[a]ll four servers would have the same information on them.” (Id. at 62:6.)

         In addition to holding identical information, each database server contained (1) market databases and (2) a central database. (Id. at 70:2-14.) Each central database “stores a subset of [an] ad across all of those market databases, ” (id. at 70:10-12) and permits an individual to “find a subset of ads or . . . where a user had posted different ads among the different geographical regions, ” (id. at 70:5-9). After looking in the central database, an individual “could go to the market databases for the particular [geographical] region and find all the information about the ads posted[.]” (Id. at 71:10-13.)

         With access to both the database and image servers, a party can use SQL “to access the information that was contained on [Backpage] before it was seized, ” (id. at 83:13-17), and “[a]ll of the content related to the ad, ” (id. at 69:6-7). See Id. at 79:8-9 (“With just the database server and an image server, all of the data for an ad is there. So it is possible to query those databases, to pull up the information you need for an ad and to also retrieve the images that you need for that ad.”)). In other words, even “if you got [Backpage] totally back[] [sic] up and running, . . . it might be more convenient to look at the data, but there wouldn't be any additional data than just what you could obtain from the manual queries[.]” (Id. at 80:15-24.)

         Aside from what the Backpage servers contained, how the server data is also relevant. That is, the language and software Backpage utilized to operate bears on an assessment of the Government's current disclosure. The Backpage servers themselves employed an operating system ran a UNIX operating system called FreeBSD. (Id. at 18:1-5.) As its name suggests, FreeBSD is an open-source operating system available for download free of charge. (Id. at 170:1-3.) Operating systems manage the various hardware and software functions of a server, coordinates the servers' needs and allows it to function. An individual Backpage server, in turn, housed multiple physical hard drives that contained Backpage databases. The Backpage system also used “virtual machines” called “jails.” (Id. at 82:5-14.) “Jails” virtually group databases together and allowed an administrator to easily move a group from server to server if required. (Id.) The Backpage databases used a ZFS file system. (Id. at 173:17-22.) This open source program controls how the data is stored within the database and allows the FreeBSD operating system to interact with that data. (Id. at 82:15-17.) As with the jails system, the ZFS file system similarly allowed data on hard drives to be grouped into something called “Z pools.” (Id. at 174:14-22.)

         b. Seizing Backpage's Servers

         The Government seized Backpage's servers from three locations-thirty-two in Tucson, Arizona, nine in Amsterdam, Netherlands, and five in Dallas, Texas. (Doc. 643-5 at 2-3.) The Amsterdam and Phoenix servers contained almost identical information.[4] If the Phoenix servers failed, then the Amsterdam servers would act as a failsafe and ensure Backpage remained operational. FBI Special Agent J. Patrick Cullen assisted with seizing the Tucson servers on April 6, 2018 at Login Data Center (“Login”) pursuant to an authorized seizure warrant. Although the servers were housed at Login, DesertNet operated them. Upon arriving at Login, Special Agent Cullen was informed DesertNet's assistance was required to conduct an orderly shutdown of the Backpage servers. (Doc 789 at 17:1-19, 24:3-6.) Will Gerken and a DesertNet system administrator arrived to assist. (Id. at 17:1-2.) As DesertNet's founder, Chief Technology Officer, and the lead software developer who created Backpage, Gerken is intimately familiar with Backpage's servers and the software they employed. Gerken conducted a “soft shutdown”[5] of both the Tucson and Amsterdam servers, safeguarding the integrity of the data they contained. (Id. at 25:1-12, 75:17-20, 76:13-19.) After properly identifying and documenting Backpage's servers and Gerken's “soft shutdown, ” the Government transported the Tucson servers to a controlled facility in Phoenix. (Id. at 25:3-8.) Although the Government did not document how the Backpage servers interacted with one another before seizure, there is no indication that any Backpage data was altered or damaged in any way.[6] (See Id. at 27:1-3, 76:13-19.) Additionally, Gerken testified that he did not have a schematic drawing for the servers. (Id. at 86:24-25, 87:1-4.)

         Since seizing the Tucson servers, the Government has also seized Backpage's Dallas and Amsterdam servers.[7] The FBI transferred servers from these locations to various Special Agents for forensic examination-including Special Agent Matthew Frost-for processing, analysis, and production of discovery [production] pertinent to this case. (Id. at 158:12-18.) Special Agent Frost was called in because he has experience working with Linux/Unix systems. Frost made forensic images-exact, verified copies used for investigation-of Backpage's hard drives and databases, and provided them to Defendants. (Id. at 159: 10-11.) Special Agent Frost constantly engaged Gerken throughout this process to improve his understanding of Backpage's servers. (Id. at 219:14-16.)

         c. Procedural Background

         At a September 13, 2019 hearing set to address a variety of discovery disputes, Defendants argued the Government's discovery was not reasonably usable by comparing Exhibit J-raw Backpage ad data organized in a large spreadsheet-with Exhibit K-the administrator view of a Backpage ad from the fully-functional website referred to as an “object editor”-to demonstrate the inadequacy of the Government's discovery. (Doc. 761 at 32:1-19.) Repeating an argument from their Motion, Defendants proffered Exhibit J demonstrated the manifest issues with the Government's disclosure. Represented as the Government's disclosure of imaged data for a single Backpage ad, Defendants showed the Court a “series of spreadsheets, containing more than 500 data fields and cross-references to information and images contained in other files.” (Mot. at 6.) Given the divergent, intransigent positions of both parties, [8] the Court ordered an evidentiary hearing to determine the form and functionality of the Governments disclosure. (See Doc. 761 at 32-47.)

         Three days of evidentiary hearings followed. (See Doc. 789, “Oct. 3 Hearing”; Doc. 800, “Oct. 25th Hearing”; Doc. 832, “Dec. 2 Hearing.”) Both parties' witnesses broadly testified concerning the seizures of the Backpage servers, how they operated, the Government's form of disclosure, and alternative forms of disclosure.

         II. ...


Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.