Michael Fluckiger, known as “Administrator 2” in the administration of the child pornography site PlayPen, pleaded guilty to his crimes in December 2015. In early January, a judge sentenced the man to 20 years in prison for engaging in a child exploitation enterprise. The Indiana man, after being arrested in April 2015, pleaded not guilty to sexual exploitation and other charges that related to online child pornography, yet opted to remain in custody.
During the course of the PlayPen investigation, the FBI agent who tracked down Fluckiger—Special Agent Daniel Alfin—linked Administrator 2’s IP address to that of a Comcast address in Indiana. At the time, few knew the method the FBI used to track down PlayPen member IP addresses. After further cases broke and documents surfaced, the true scope of the FBI’s investigation and suspect identification via a form of malware became public knowledge.
The FBI received a warrant that allowed the mass-hacking of internet users across the globe. Judges in the US, numerous times, ruled against the FBI in the PlayPen investigation dubbed “Operation Pacifier.” Government officials, privacy advocates, and even some federal prosecutors protested, or at least acknowledged, that the FBI lacked the authority to invade the privacy of so many people.
“The order granted the FBI the ability to implement a piece of malware called a Network Investigative Technique or NIT for short. The code, once activated, effectively deanonymized users of Tor. Initially, as the FBI led both courts and the public to believe, the NIT warrant outlined a clear investigative scope. Recently released documents from United States District Court for the Western District of Washington vs. David Tippens, Gerald Lessan, and Bruce Lorente—three men in the FBI’s indictment—revealed otherwise.”
The FBI agent, in the Criminal Complaint, reported that he traced Fluckiger across three child pornography websites. Fluckiger used the same username on all three websites and, at one point, revealed his first name to another member of a child pornography website. Comcast responded to an FBI subpoena and revealed the name behind the IP address—or name of the Comcast account owner.
Law enforcement then performed physical surveillance on the suspect. They watched him and the house tied to his IP address—as well as the internet traffic to and from the computers in his house. On March 2, 2015, authorities reported that “Administrator-2 logged into Website-1 less than one-hour after Fluckiger arrived home.” The co-admin then landed in jail and faced charges related to advertising child pornography with other PlayPen viewers.
According to cyberscoop, Alfin testified against the man in court last year “The NIT was deployed against users who accessed posts in the ‘Preteen Videos—Girls Hardcore’ forum because users accessing posts in that forum were attempting to access or distribute or advertise child pornography. At the point where a user in that forum accessed a post, we can affirmatively state that a user has attempted to access child pornography.”
The other two administrators, or co-administrators—Steven Chase and David Browning—recently stood trial for similar roles. Jurors found Steven Chase guilty and David Browning accepted a plea deal.