On many filesharing-type sites there is great camaraderie and friendship to be found between site operators and their staff. Because of this, some believe that security only exists to protect against outsiders. It’s a dangerous assumption.
The ongoing extradition battle of former TVShack admin Richard O’Dwyer has made big headlines recently, particularly due to the support he’s receiving from Wikipedia founder Jimmy Wales. What hasn’t received any attention is how O’Dwyer came to be identified and have evidence collected against him by U.S. authorities in the first instance.
Perhaps unsurprisingly considering the developments in the SurfTheChannel case, two people O’Dwyer appears to have trusted were working with ICE Homeland Security Investigations in the United States prior to the British student’s arrest.
The revelations appear in U.S. court documents which reference the activities of two individuals named “CC-1” and “CC-2”. CC-1 worked as a moderator on TVShack while CC-2 worked on technical aspects of the site.
CC-1 told Special Agent Marcello Di Laura of Homeland Security Investigations (HSI) that he communicated with O’Dwyer on email and MSN via the address [email protected], an address also linked to O’Dwyer’s Facebook page. CC-1, who received his TVShack login as far back as December 2007, gave HSI a copy of at least one email showing O’Dwyer’s Hotmail address, but he was to provide much more information.
CC-1 said that O’Dwyer lived and attended school in the UK and used the alias “Duffman” on TVShack. He also shared a picture given to him by O’Dwyer which showed the TVShack admin’s Mini Cooper. HSI inquiries with UK police confirmed that O’Dwyer owned such a car.
CC-2, who worked on the technical side of TVShack, was also very helpful to U.S. authorities. He too confirmed that O’Dwyer used the Hotmail account detailed above but also used a second Gmail account. CC-2 shared emails from that account with HSI which allowed them to cross-reference another website domain to O’Dwyer. This domain led to a second Gmail account and Google subsequently provided HSI with information including IP addresses cross-referenced to the first Gmail account.
According to the documents, O’Dwyer was aware that having a Gmail account might lead to his details being handed over to the authorities by Google. In September 2010 he wrote the following to CC-2:
hi, i’m looking to change the site email address from gmail as i think govt. can access that right? can you setup like [email protected]? also make it so i can reply without my ip going with the mail i reply to? atm i dont reply to any emails on the gmail account due to that.
But in addition to working with and getting paid by O’Dwyer, CC-2 was already working with HSI.
O’Dwyer allegedly owed CC-2 money for work he’d carried out on TVShack but had experienced some kind of problem with the bank. O’Dwyer told CC-2 he’d have to use PayPal to make the transfer – HSI were informed and Special Agent Marcello Di Laura told CC-2 to go ahead and accept the money. Subsequent HSI inquiries with PayPal revealed connections between several accounts allegedly operated by O’Dwyer.
Even though they are listed as O’Dwyer’s co-conspirators, court documents reveal that CC-1 and CC-2 worked with ICE Homeland Security Investigations with the aim of entering into “non-prosecution agreements” with the U.S. government. Whether they will walk away from this free men remains to be seen, but there is no indication thus far that either man has been charged with anything.