Security concerns in the digital world are a valid area of focus, and many both before and after the Snowden epic elected to use encrypted email services over the more typical Gmail and Outlook offerings. One such mail service is TorMail, namesake of the popular onion-routing Tor (though an independent project), which offers anonymous messaging. According to court documents that recently surfaced, the FBI has cloned the entire email database.
The cloning of TorMail’s database was unintentional, according to the documents, something that happened while investigating Freedom Hosting. Rather than purging the extraneous content, the Bureau elected to hold on to the database. Such information was revealed by court documents during the prosecution of a Florida man over the alleged selling of counterfeit credit cards.
As part of the investigation against this individual, it was noted messages sent from a Gmail account went to a TorMail address. With this info, the FBI got a search warrant for that TorMail account and executed it using the cloned database the agency acquired. Though the FBI searched based on a warrant, the info will prove disconcerting for those using a service that is supposed to be anonymous.
By holding its own clone of the database, searching through emails and accounts becomes extraordinarily simple for the federal agency — even if the searches are only ever conducted with a search warrant. While some users on Tor and other services use them in an effort to conceal illegal activities, others use them for legitimate purposes, including journalists and those pertaining to human rights, and it poses a threat to data privacy.