Rackspace illegally handed customer data to FBI

Hosting provider Rackspace acted illegally in handing over the London-based servers hosting the websites for Indymedia.org to US authorities. 

The error was revealed in documents unsealed by the Electronic Frontier Foundation (EFF) after six months of litigation. 

In October 2004 an assistant US attorney in Texas subpoenaed Rackspace to hand over log files for a series of websites belonging to Indymedia. The subpoena cited a murder investigation in Italy as the reason.

Indymedia is a collective of independent media organisations and journalists that tends to report on violations of civil liberties and human rights from a politically left viewpoint.

Although the EFF alleged that the log files in question did not exist, Rackspace handed over a complete copy of the server to the authorities and took about 20 websites offline for nearly a week.

"When Rackspace received a government demand to examine logs that did not exist, it had a responsibility to the customer and to the principles of freedom of the press to fight the order and resolve this without taking more than 20 news sites off the internet," said Kurt Opsahl, staff attorney at the EFF.

Rackspace spokeswoman Annalie Drusch confirmed to vnunet.com that the company took the Indymedia websites server offline. Rackspace claimed that it did this to guarantee the integrity of the data on the server while it looked for the requested files.

When employees were unable to find the data in time for the stated deadline, Rackspace instead decided to deliver complete copies of the drives to the authorities.

"Shortly thereafter, Rackspace succeeded in isolating and extracting the rele vant files responsive to the subpoena and immediately asked that the drives be returned by the FBI," said Drusch. She claimed that the FBI had never actually accessed the data on the drives.

• A PDF document containing the subpoena is available for download here
• The EFF has a case file on its website here