Playpen (website)

Playpen was a darknet child pornography website that operated from August 2014 to March 2015.^[1][2] The website operated through the Tor network, which allowed users to use the website anonymously. After running the website for 6 months, the website owner, Steven W. Chase, was arrested by the FBI. After his arrest, the FBI continued to run the website for another 13 days as part of Operation Pacifier.

Playpen

Type of site	Child pornography sharing
Available in	English
Launched	August 2014
Current status	Offline (as of May 2015)

When it was shut down in March 2015, the site had over 215,000 users and hosted 23,000 sexually explicit images and videos of children as young as toddlers.^[2]

Website shutdown

The shutdown operation, called Operation Pacifier, involved the Federal Bureau of Investigation (FBI) hijacking the site and continuing to serve content for two weeks (from February 19, 2015 until March 4, 2015). During this time, the FBI used a malware-based "Network Investigative Technique" (NIT) to hack into the web browsers of users accessing the site in what is known as a watering hole attack, thereby revealing their identities. The operation led to the arrest of 956 site users and five prison sentences.

While the FBI claimed to have knowledge about the existence of the website from its inception, it was unable to track down the server locations or the site owner. This was because the website was hosted anonymously through Tor. A mishap on the part of the site owner that revealed his IP address was what finally allowed law enforcement to track down both the servers and personnel.^[1]

Convictions

The investigation led to the conviction of Steven W. Chase, a 58-year-old man from Florida who created the website, of charges of engaging in a child exploitation enterprise and advertising, transportation and possession of child pornography. He was sentenced to 30 years in prison in May 2017. His two co-defendants pleaded guilty and were sentenced to 20 years each earlier in 2017 for their involvement in Playpen.^[1]

In 2017, the FBI dropped charges against one defendant after the court for that case requested details on the NIT malware. The FBI preferred to keep the NIT malware a secret for future investigations.^[3][4][5]

Shutdown criticisms

The investigation was criticized by the Electronic Frontier Foundation because of the generality of the warrant, and because after having taken control of the website, the FBI continued to operate the website for nearly two weeks and thus distribute child pornography, thus committing exactly the same crime the bureau sought to stop.^[6] The lawyer of a defendant in the case stated that the FBI not only operated the website, but improved it so its number of visitors rose sharply while it was under their control.^[7]

Challenges were raised about the FBI's possible misuse of the initial search warrant, leading to the likely dismissal of much of the gathered evidence against one defendant.^[8][9] The warrant stated it was to be used to gather information on people in the Eastern District of Virginia only, but because the NIT malware indiscriminately infected people using the site, it was in fact used to gather information from many other areas.^[10] Before the change to Rule 41 in 2016 to allow it, this was illegal.^[11] On August 28, 2019, the Eleventh Circuit Court of Appeals ruled that the warrant was invalid but that the evidence obtained was not required to be excluded due to the good-faith exception doctrine.^[12]