When the FBI Raids a Data Center: A Rare Danger

The FBI's recent seizure of servers at a Dallas, Texas, co-location facility affected dozens of businesses. Could it happen to you? Experts say that power outages and network disruptions are the far more likely threat, but add that cloud computing complicates the situation.

As part of coordinated raids in early April, FBI agents seized computers from a data center at 2323 Bryan Street in Dallas, Texas, attempting to gather evidence in an ongoing investigation of two men and their various companies accused of defrauding AT&T and Verizon for more than US$6 million.

The FBI's target in the data center raid -- one of five seizures conducted that day -- is simply listed as Cabinet 24.02.900 in the affidavit and search warrant.

Cabinet 24.02.900 allegedly held the computers and data used to serve voice-over-IP clients for the companies at the center of the case. Yet, it was also home to the digital presence of dozens of other businesses, according to press reports. To LiquidMotors, a company that provides inventory management to car dealers, the servers held its client data and hosted its managed inventory services. The FBI seizure of the servers in the data center rack effectively shut down the company, which filed a lawsuit against the FBI the same day to get the data back.

"Although the search warrant was not issued for the purpose of seizing property belonging to Liquid Motors, the FBI seized all of the servers and backup tapes belonging to Liquid Motors, Inc.," the company stated in its court filing. "Since the FBI seized its computer equipment earlier today, Liquid Motors has been unable to operate its business."

The court denied the company's attempt to get its data back, but the FBI offered to copy the data to blank tapes to help the company restart its services, according to a report in Wired.

The incident has worried IT managers, especially those with a stake in cloud computing, where a company's data could be co-mingled with other businesses' data on a collection of servers.

"The issue, I think, is one of how search and seizure laws are being interpreted for assets hosted in third-party facilities," James Urquhart, manager of Cisco Systems' Data Center 3.0 strategy, said in a recent blog post. "If the court upholds that servers can be seized despite no direct warrants being served on the owners of those servers-or the owners of the software and data housed on those servers-then imagine what that means for hosting your business in a cloud shared by thousands or millions of other users."

Yet, a careful reading of the case suggest that such issues are unlikely, says attorney and former Department of Justice prosecutor James M. Aquilina, who argues that the FBI and the judges took the correct actions.

"Probably cause to search is probably cause to search," says Aquilina, who is the executive managing director and deputy general counsel for Stroz Friedberg, a digital forensics and intellectual property advisory firm. "That being said, federal law enforcement agents, prosecutors, and magistrate judges alike remain sensitive to the realities of co-mingled data encountered at hosting providers."

Typically, judges and law enforcement agents will attempt to work with co-location and data center providers to hone a search to specific data, he says. However, two factors in the current case changed that policy. Most importantly, the co-location firm was a suspect in the case. In addition, the firm's owner had stated that it "was transitioning from the service provider business to the Venture Capital business and they only had a handful of telecommunications customers," according to the FBI's affidavit. Such an assertion could make a judge less likely to limit a search and seizure, says Aquilina.

Such determinations will become more difficult as virtualization technologies and cloud computing become more prevalent, says Scott Gode, vice president of product management for Azaleos, a managed service provider for Microsoft services. Virtual machines and nebulous temporal instances of applications divorced from physical machines could turn law enforcement's job into a game of whack-a-mole, he says. Even today's state of partial progress toward cloud computing, with dedicated machines running multi-tenant applications could still lead to massive collateral damage, if the company operating the data center is considered a suspect, Gode says.

"Even with that dedicated box, there are tons of shared components within the data center," he says. "For a SAN storage unit, there is still a lot of caching devices, a lot of those are used ubiquitously by other components in the data center."

Yet for the most part, larger companies contracting with larger providers are not the ones at the most risk, Gode says. Such firms usually will usually not be hosted alongside fly-by-night firms and will likely get more consideration from law enforcement. Smaller firms are the ones that more often cut costs and corners, making them more likely to use an unknown service provider and more ready to consider cloud computing as a solution, he says.

"They are the ones who will take those risks," Gode says. "They will take those risks around power, they will take those risks around security and they will take those risks around FBI seizure, because otherwise, it costs them money."

Follow everything from CIO.com on Twitter @CIOonline

Join the PC World newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags policeData CentrefbiData Center

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?