As part of a crackdown on U.S. companies that sell drug paraphernalia, the U.S. Drug Enforcement Administration has taken control of six domain names previously used to market the goods.
The Department of Justice announced on Monday that, in cooperation with the DEA and other agencies, they had shut down 11 paraphernalia-selling websites as part of "Operation Pipe Dreams." At a press conference, Attorney General John Ashcroft told reporters that people attempting to visit the companies' websites would be redirected to a government website informing them of the indictment.
The 35 indictments together mention an actual total of 13 domain names, which also appear in a press release from the DOJ. 2600 investigated these domains, and discovered that some but not all of the doman registrations have been modified in an unusual manner as part of the crackdown.
Four domains registered through Register.com, and two which are registered through GoDaddy Software, have had their original DNS name server entries removed and replaced with a single name server: NS.PIPEDREAMS.DEA.GOV. The ownership and contact information of the domains did not appear to have been modified, however.
This places the action by the DOJ in somewhat uncharted legal territory. The domains were not seized outright, still listing their original owners as the registrants of record. However, these registrants, who have not yet been convicted of any crime, are clearly no longer in control of their domain names. Such control is instead in the hands of the DEA, or whoever controls the NS.PIPEDREAMS.DEA.GOV name server.
By redirecting these domains to a government web site, its operators are able to collect information about visitors coming to the site. This includes not only a user's IP address, but more specific information (cookies) which the original site may have stored on the user's computer during previous visits. Both types of information have the potential to personally identify users who naively attempt to visit the shut down sites.
U.S. Attorney General John Ashcroft
"It's one thing to post an asset seizure notice, but it's another thing to
actually redirect traffic to the DEA, especially when it is known that DEA
captures IP addresses of visitors," said Richard Glen Boyre, legal counsel for the Center for Cognitive Liberty and Ethics. Boyre says he's concerned about what information the DEA might collect, and has contacted the American Civil Liberties Union in regards to the government's actions.
Yet, at press time, visiting these domains did not reveal any web page, no less the notice which Ashcroft had spoken of. Upon further analysis, the IP address of NS.PIPEDREAMS.DEA.GOV is currently listed by the registrars as 10.1.24.2, which is a "non-routable" IP address intended only for private networks. Such IP addresses should never appear on the public Internet, where their meaning is inconsistent at best. A technician at Register.com was able to confirm that the address appeared in their database, but did not know why.
For the moment, the invalidity of the DEA address causes the domains to be essentially non-working. Earlier however, the address of NS.PIPEDREAMS.DEA.GOV was listed as 220.127.116.11, a working IP address registered to the DEA. The government-hosted Ashcroft notice can still be seen here.
To make things even stranger, the remaining seven domains, registered through Network Solutions, did not seem to be modified at all. The websites at these domains were all still reachable at press time. This suggests that Register.com and GoDaddy Software, registrars for the six modified domains, may have been coerced into making the modifications without a court order.
Regardless of the exact process by which the domains were modified, the Department of Justice's actions create an unnecessary potential for violating Internet users' privacy.
Lisette Zarnowski, a press spokeswoman at Register.com in New York, said today that she was not aware of the situation. The Register.com legal department did not return telephone calls at press time, nor did the press office at the Department of Justice. Representatives of GoDaddy Software and Network Solutions were not reachable for comment.