Attorney: Louisiana private investigator tried to hack into Trump tax returns ‘out of sheer curiosity’

Published 10:59 am Friday, October 27, 2017

BATON ROUGE (AP) — A Louisiana private investigator accused of trying to illegally obtain Donald Trump’s tax returns says he is a benevolent “white hat hacker” who tried to test and report a security flaw in a government website.

Jordan Hamlett tried to discover “out of sheer curiosity” whether Trump’s tax information could be accessed through a weakness in a U.S. Department of Education financial aid website’s data retrieval tool, his attorney said in a court filing Thursday.

Hamlett’s lawyer, Michael Fiser, also said his client tried to call and notify the IRS about that flaw last September — before the presidential election — on the same day he tried to electronically access Trump’s tax records.

Email newsletter signup

“Hamlett abandoned the attempt to notify the IRS when he could not reach a human, only recorded messages,” his attorney wrote.

Authorities have said Hamlett wasn’t able to get Trump’s tax returns.

Hamlett, 32, awaits trial in December on a charge he misused a Social Security number.

Federal prosecutors haven’t offered any possible motives for Hamlett’s alleged attempt to get Trump’s tax records. But they’re asking a judge to bar Hamlett’s lawyer from presenting any evidence of a “white hat” defense at trial.

“It is essentially nothing more than a belated excuse for a crime,” they wrote in a court filing last week. “As the law in this circuit makes clear, however, such after-the-fact excuses and self-justifications for crimes are irrelevant and immaterial.”

In a footnote, prosecutors explained the distinction between “white hat” and “black hat” hackers. Black hats are the “bad guys” who violate computer security for personal gain, while white hats are the “good guys” who employ the same methods but do it legally with permission from system owners, they wrote.

U.S. District Judge James Brady scheduled a hearing next Thursday on prosecutors’ request.

Fiser argued his client has a right to present evidence that he was a “white hat hacker” with no “intent to deceive.”

“The jury in Hamlett’s case should be allowed to determine his guilt or innocence based on all the relevant evidence, not just the evidence cherry-picked by the government,” he wrote.

Fiser said Hamlett liked to test security systems for weaknesses in his spare time and would notify system administrators if he found a system vulnerable to a security breach. Hamlett once discovered a security flaw that allowed for public access to the Livingston Parish Sheriff’s Office’s “raw” reports on open investigations and exposed personal information about police officers.

“Hamlett tipped the sheriff’s office to the flaw and was met with thanks and appreciation, not an arrest,” his attorney said.

Hamlett’s attorney has accused agents of tricking his client by luring him to a Baton Rouge hotel where they questioned him for hours last October, less than two weeks before the election.

Hamlett immediately took credit for his “genius idea” to seek Trump’s tax returns from the financial aid website, Treasury Department Special Agent Samuel Johnson has testified.

At that time, the agents did not know whether Hamlett had been successful in obtaining Trump’s tax returns, prosecutors said. The agents feared a public release of the documents could influence the election, according to a transcript of court testimony.

Court records show federal investigators also wondered if Hamlett was working with anyone or planned to sell them or release them.

Every president since Jimmy Carter has released their tax returns in what has become an American tradition during presidential elections. Trump has refused to release his.

Hamlett was arrested again in August after he allegedly violated conditions of his pretrial release. Prosecutors said he committed “numerous violations,” including hacking into email and social media accounts of a man at the request of the man’s wife. Hamlett also allegedly accessed the internet with devices that are not monitored.