Can you justify keeping client records on DNMs? F**k no.

Posted by: Allen Hoffmann, JD

December 16, 2015

From the very first day of Silk Road, the word from atop mount DPR was clear and non negotiable; thou shalt not retain client information after processing orders.

So, it’s a little concerning that word has been getting around the DNMs recently that a vendor may have leaked an annoyed client’s first initial, after threatening, jokingly or not, to send a large quantity of drugs to that client’s home. No doubt, some will say “ayyyy, she probably deserved it”, whilst others will be aghast that, shock and horror of all horrors, their vendor of choice maybe isn’t, in fact, getting rid of their details straight after the order ships. The title of DNM vendor is not in any way similar to a lawyer-client relationship, where one risks being unceremoniously stripped of the right to earn an income by the peak regulator, if one were to break the rules; indeed, there is really no effective punitive manner in which marketplaces can enforce, or audit, compliance with the ‘no keeping client records’ rule. Get kicked off one market for a data breach? Simple – head to another market, and change your name, or maybe even don’t change your name. Not a very effective disincentive, is it?

It’s the stuff of nightmares – Imagine if every vendor on a DNM was secretly developing a blackmail file as a second source of income for after their time as a vendor winds down. Not everyone has a drop and a fake name through which goods can be shipped… a name and an address are more than enough to tie someone’s online purchasing to their real life, with potentially catastrophic consequences. I’d like to think this is unlikely to be the case for reasons which will come to light as we progress (at least from a practical standpoint, ignoring the ethical issues initially). What if the vendor’s criminal ethical codex does not include the age old wisdom that ‘snitches get stitices’, and they’ve purposefully been accumulating client information with a view to using it as a bartering tool to assist LE and get themselves out of a jam?

Anonymity and security in the world of DNMs specifically, and indeed, criminal enterprises generally, will only ever be as good as the weakest link. You can get away from a murder scene, destroy the murder weapon, be certain you weren’t caught on CCTV and didn’t leave any living witnesses, and all of it may come to nothing, if you talk about it later and it is overheard and makes its way into the LE intelligence pipeline. The best PGP communications discipline, stealth shipping methodologies, all of it, might prevent you from being “caught in the act”, but leaving materials lying around to be back investigated later by someone who manages to compromise your data, simply reeks of a lack of professionalism. Getting caught up owing to your inability to maintain a clean house ‘after the fact’ is something which has ruined more than one seemingly professional organization. Forget the supposed Libertarian ethos of the original SR if you wish, and concentrate on the money, and perhaps even allow yourself a chuckle at those who follow such concepts, but seriously, don’t even consider retaining your client data.

Why you shouldn’t keep identifiable client data at all, from a practical standpoint.

By compiling identifiable client information and either directly, indirectly or tacitly admitting you perhaps keep it (by admitting you have it, losing it in a leak, or hinting that you have it by making veiled threats), you are giving LE another incentive to bust your operation; it will give them intelligence likely to help facilitate further investigations and prosecutions of your buyers, which, as long time readers will know, is part of the game for LE… they don’t want to have to go back to cutting speeding tickets, either as an individual or as a larger group, so there is incentive to either investigate all the material, or at least acquire it for some civilian underling to dig through. Additionally, it will allow them to back investigate the transactions more effectively, and produce a stronger case against you, perhaps by seeking cooperation from clients. Its also unlikely to look good in court if the prosecution can say that you managed to land your product in “X” number of states.

Even if you don’t hint at the fact that you’re holding onto client data, you need to take a risk averse approach and consider worst case scenario if you want to be anything approaching professional; LE is at your door and ripping out the dry wall, and somehow, perhaps using some James Bond, “TEMPEST” shit, managed to snag a copy of the password protecting your ‘business files’. This belies a better approach – If you don’t have client files, THEY CAN’T BE RECOVERED, James Bond shit or not.

So leaving aside the practicalities, let’s look at it from the ethics side of things. Your clientele is rewarding you, the vendor, with both their trust and their cash; let’s be realistic, there’s a high degree of probability that your operation is not the only show in town at which they can buy what you’re selling. If you’re vending on most DNMs, you’ve agreed as a component of their terms and conditions, in a non legally enforceable context (seeing as they ARE regarded as criminal enterprises, after all) that you aren’t going to hold on to client data. Agora, for example, set the bar high on this point – client privacy is sacrosanct. If clients can’t trust you, clients can’t, in theory, trust other vendors, or that whole marketplace, or, indeed, the whole DNM concept as a whole.

Keeping records of your clientele, whatever the reason, is deplorable. But there’s one little thing that holding onto client details gives vendors, which they effectively don’t have any other way… and for that reason, its likely to stay. It may be their only available doorway to coercion, and I’ll talk about it in depth next time.

Updated: 2015-12-16