Issue Number Eight: Hacks, Leaks, and Breaches

The Illicit Aura of Information

Does the unfiltered, illicit status of a leak change the nature of information? Molly Sauter offers a consideration of the half-life of stolen data.

If a database, like an email database, is stolen or hacked by outsiders (as opposed to being leaked by insiders or extracted via the Freedom of Information Act [FOIA] or other legal mechanisms) and dropped, unfiltered and uninterpreted, on the open web, does that change the way that information is received upon its release? Would its origins and manner of release change the way the information contained within the database could be used, or the types of narratives that might be spun out of it?

In this article I suggest that when personal, private, secret, or otherwise not-public email databases are hacked and released onto the public Internet without the initial mediation of an established journalistic entity, these databases become the ideal medium for the growth and dissemination of successful and tenacious conspiracy theories. This is due in part to what I’ve called, after Benjamin, the “illicit aura of stolen information,” and the ways in which this aura cuts against norms of analysis, investigation, and interpretation, norms which professionalized journalists had until recently been in a powerful position to defend and enforce. The illicit aura shifts analytical authority from experts to amateurs, strips journalism of its role as legitimator of information and director of attention without reassigning that role, and overrides analytical distinctions between “privacy” and “secrecy.” It creates feedback loops because any actions taken by individuals caught up in these data dumps to maintain their privacy are likely to be interpreted as attempts to conceal evidence of wrongdoing. Hacktivists who wish to publish the private communications of powerful individuals should bear in mind the ways in which the data-dump model of publication encourages conspiratorial modes of analysis and has the potential to damage journalistic norms like fact-checking, translation, and contextualization.

To illustrate this aura, I focus on two cases: the 2009 Climate Research Unit email hack, known as “Climategate,” and the 2016 hack of the internal emails of the Hillary Clinton presidential campaign and the #Pizzagate conspiracy theory.

These cases have a number of points in common. They both involve the exfiltration of large email databases. These databases may contain records that fall under American and British Freedom of Information Acts, but are fundamentally the mundane interpersonal communications of professionalized in-groups, and as such the language used in them is both specialized and casual. The content of the databases in both cases initially went unnoticed by mainstream professionalized journalistic news organizations. Non-expert, non-journalist writers working independently on social media or for smaller blogs had the first interpretive crack, while mainstream news sources either reported on the fact of the hack without interpreting the content of the databases or began their reporting only after the initial conspiratorial interpretations had been made and publicized, putting them in a position to report on both the hack and the conspiratorial interpretation simultaneously. The conspiratorial interpretations stemming from these databases proved particularly influential and tenacious, repeated by politicians and other influential figures or resulting in real-world violence.

Case 1: Climategate

In 2009, more than 160 megabytes of data were exfiltrated from a server used by the Climatic Research Unit (CRU) at the University of East Anglia in the United Kingdom. Included in this cache were nearly 1,000 emails and 3,000 other documents. The cache was uploaded to a Russian server, and from there, links were distributed directly to various “climate-skeptic” sites and organizations.

Climate-change deniers became fixated on a few email threads in the cache, wherein a handful of scientists discuss how to present certain data, the deletion of data in the face of FOIA-type requests, the issue of peer review, and their general and specific disdain for climate-change deniers. One thread in particular, in which CRU director Phil Jones and Penn State Earth Systems Science Center director Michael Mann discussed using a statistical “trick” to “hide the decline” in climatic warming as indicated through tree ring data, was repeatedly cited as evidence of an international conspiracy by a cabal of scientists to suppress data that contradicted the anthropogenic theory of climate change.[1]

Climate-denier blogs provided the initial reporting on the cache, the conspiracy, and hack itself, including Anthony Watt’s Watts Up With That blog, which named the event “Climategate.”[2] Less than a week later, Telegraph columnist James Delingpole picked up the story, writing a Telegraph blog entry titled, “Climategate: The Final Nail in the Coffin of ‘Anthropogenic Global Warming’?”[3] This column set off a flood of attention, with other blogs repeating the conspiracy theory put forward by Watts Up With That and Delingpole, and mainstream news organizations subsequently reporting on the hack and commenting on the ensuing scandal.[4] The cache was the subject of an annotated, color-coded report published by the Lavoisier Group, a “climate-skeptic” organization located in Australia. Various politicians, mostly established climate-change deniers, commented publicly on the cache, including Sarah Palin and Jim Inhofe, concentrating almost exclusively on the particular lines regarding statistical “tricks” and “hid[ing] the decline.” Climate scientists at the Climatic Research Unit and other climate research centers also reported an uptick in threatening emails, phone calls, and other communications (Clynes 2012).

Multiple independent reviews, including those performed by FactCheck, the House of Commons Science and Technology Committee, Penn State University, the U.S. Environmental Protection Agency, the U.S. Chamber of Commerce, and the National Science Foundation, found no misconduct or inappropriate manipulation or mishandling of data had occurred, and the use of the words “trick” and “hide” were professionalized, in-group language referring to normal statistical manipulations. However, when interpreted out of context by non-experts and outsiders (particularly outsiders with a specific interpretive bias), these words were seized upon as evidence of intentional concealment and deception. This conspiratorial interpretation became more tenacious because it was repeated by those promoting it and by mainstream news organizations reporting on the “scandal.”

Case 2: DNC/Podesta Email Hack and #Pizzagate

During the 2016 election, the personal Gmail account of John Podesta, a former White House chief of staff and the chairman of Hillary Clinton’s 2016 presidential campaign, was spear-phished, its contents exfiltrated and passed to Wikileaks. The hack took place in March 2016, and WikiLeaks published a selection of Podesta’s emails in a series of drops in October and November 2016.

From the Podesta emails emerged what would become the defining conspiracy theory of the 2016 campaign. The #Pizzagate conspiracy theory alleged that John Podesta, Hillary Clinton, and other prominent Democrats were involved in a pedophilic sex trafficking ring run out of the basement of a popular Washington, DC, restaurant and event venue, Comet Ping Pong. The theory was incubated on 4chan, 8chan, and two subreddits, r/The_Donald and r/pizzagate.[5] #Pizzagate spread quickly through the rightwing/libertarian blogosphere, pro-Trump “fake news” sites,[6] and Twitter. It made the jump to mainstream press coverage on December 4, 2016, when a 28-year-old man walked into Comet Pizza with an AR-15–style rifle and fired several shots in the restaurant. He later claimed that he was there to “self-investigate” the #Pizzagate theory and the claims that the restaurant was a front for child sex trafficking.

#Pizzagate sprang from a close reading of emails within the Podesta cache that mention performance art star Marina Abramovic, rock shows, pizza, Italian food, or handkerchiefs. The conspiracists allege that the Podesta emails contain a code wherein “cheese pizza” or other Italian food items are actually veiled references to child pornography or trafficked children or different sex acts. The theory extended beyond Comet Ping Pong to include allegations that various symbols on different storefronts on Comet Ping Pong’s block were also references to a secret pedophilia ring, that bands who had played at the venue were involved in the enterprise, or that the Instagram account of the restaurant’s owner (which was set to private after it began to attract abusive attention from Pizzagaters) contained incriminating images.

Most dramatically, #Pizzagate led to the arrival of the “self-investigating” gunman at Comet Ping Pong in early December, but also inspired ongoing protests outside the restaurant; visits from (unarmed) individuals who sought to film, take pictures, or livestream from inside the restaurant; angry and harassing phone calls to Comet Ping Pong, other businesses implicated in the theory, and to individuals associated with these businesses; and acts of online harassment and doxxing. The theory is still evolving, having since grown to include the Crisis Actor conspiracy arc[7] to explain the shooting incident on December 4.

Benjaminian Aura and Stolen Data

In discussing his concept of “aura” in “The Work of Art in the Age of Mechanical Reproduction,” Walter Benjamin (1969[1936]) notes the centrality of context, “[the object’s] presence in time and space” in the interpretation of a work of art, and the fundamental transformative effect of potential shifts in that context on the object’s reception and interpretation:

With the different methods of technical reproduction of a work of art, its fitness for exhibition increased to such an extent that the quantitative shift between its two poles turned into a qualitative transformation of its nature. This is comparable to the situation of the work of art in prehistoric times, when by the absolute emphasis on its cult value, it was, first and foremost, an instrument of magic. Only later did it come to be recognized as a work of art. In the same way today, by the absolute emphasis on its exhibition value the work of art becomes a creation with entirely new functions, among which the ones we are conscious of, the artistic function, later may be recognized as incidental (Benjamin 1969[1936]:225; emphasis added).

I posit that internal email databases, when exfiltrated by outsiders and dumped on the open web without the initial interpretive intervention of mainstream journalistic entities, experience an aura shift similar to the type Benjamin describes between private, secret cult objects and public, exhibition-oriented works of art. As the context of the data changes from an internal, local, in-group and personal context to a public, out-group context, different aspect of the data shift as well: its trustworthiness and reliability are affected, as well as its relationship to the people that produced it (its authors) and those people reading it (its audience).

A core aspect of the illicit aura is an assumption that the database in question was purposefully concealed from the public and required liberating. As something that was stolen to be made public, the database becomes something that was kept hidden. It wasn’t simply private, it was withheld. The database itself and the information it contains experiences a contextual shift from mundane-communications-media-archive to illegally-obtained-evidence of something.

An illicit aura affects an object’s very legibility, affecting how people and professional groups use and don’t use such databases. Whereas an unconfirmed unverifiable data dump may be functionally invisible or at least unusable by the mainstream journalistic community in the initial period after its release, these same factors make these data dumps hypervisible and hypersalient for other communities. The manner of acquisition and release of the ClimateGate and Podesta email databases changed the way the databases could be thought about and thought with, foreclosing some avenues of interpretation, legitimization, and engagement and making others more attractive and likely to be pursued.

Three factors contribute to the development of this aura: manner of acquisition, manner of release, and manner of reception. The illicit aura can develop even in cases where journalistic attention is promptly paid to these dumps: the Podesta dump did attract attention from mainstream, professionalized journalistic commentators. Wherefore, then, #PizzaGate?

Whereas for ClimateGate, the inattention of mainstream journalists allowed an interpretive vacuum to develop, one that climate-change deniers rushed into, I here argue that the development of #PizzaGate had more to do with the dramatic manner of the release. WikiLeaks began dropping the Podesta emails an hour after the release of Access Hollywood hot mic video in which then-presidential candidate Donald Trump commented on, among other things, grabbing women’s genitals without consent (Sharockman 2016). WikiLeaks’s dumps of the emails, complete with Photoshopped header and Twitter card images, occurred over multiple weeks, extending the drama of revelation and surprise. The ClimateGate dump was one event that became a central touchstone of discussion and worldbuilding for an established community; the Podesta emails were in essence many events chained together, each event a chance for journalists to lose interpretive authority. This multiple-event release model created more opportunities for conspiratorial interpretations to be repeated and gain traction among multiple audiences.

Aspects of the Illicit Aura

It is authoritative because it is raw: The illicit aura makes the untranslated nature of these databases a desirable virtue instead of a barrier to understanding. As collections of personal correspondence, in-group language abounds in these databases, along with imprecise, casual references, professional jargon and elisions, in-jokes, and other snippets of not-readily-accessible interpersonal ephemera.[8] In theory, this type of data requires translations and contextualization for outsiders to understand. But when saddled with illicit aura, any attempts at expert-led contextualization become suspect, as anyone with access to the expert knowledge needed to provide such a translation is considered compromised before the fact. In the context of the illicit aura, the “raw” database is considered “honest,” whereas any attempt at translation or contextualization would seem to open the door to interference by those who had tried to conceal the data in the first place.[9]

The modern virtue of corporate and governmental “transparency” is often interpreted as simply releasing data, lots of it, often in its rawest form. This is akin to a similar fetishization of source code as “ultimate performative utterance,” as described by Wendy Chun (2008). “Raw data” are often viewed as those that correspond most to reality, containing the least bias or interpretive contamination.[10] This view casts interpretive vacuums as somehow ideologically pure, and actively cuts against attempts at expert interpretation or curation,by casting it as unnecessary or intentionally misleading bias instead of a necessary step to aid understanding by the general public. This creates opportunities for dramatic, esoteric theories that often echo familiar narratives from popular culture to gain footholds.

Data dumps negate traditional sources of legitimization: Because the illicit aura contains an inherent skepticism of expertise as an interpretive asset, it also unseats the need for legitimation, particularly the role of the press as a legitimator and designator of information in the public interest.

A database that is dropped onto the open web and not picked up as an analytical source by news organizations can signal against its reliability as a primary source to other mainstream journalistic news organizations and simultaneously signal its attractiveness to conspiracy theorists by virtue of its being rejected by those organizations. While a newspaper that adheres to the professionalized ethics of journalism may ask “Is this source trustworthy?” or “Are the privacy violations inherent here justified by the value of the data?” or even banal considerations such as “Is there anything newsworthy here to begin with?” amateur analysts might see the refusals to take up the data as evidence of the database being suppressed, and go looking for what secrets it may contain.

At the point of release, decisions to filter or curate are themselves interpretive moves, as is the decision not to. Interpretive space is limited; each attempt to offer an interpretation claims ground that can then be considered “occupied territory” in the minds of a given audience. Intentionally holding that interpretive space open by declining to provide an interpretation upon the release of data that can be reasonably expected to be controversial is rhetorically similar to “just asking questions.” Those in the position to respond to such unfiltered data dumps the most quickly (with the most narratively complete story), and thus stake out the interpretive high ground, are those least bound by professionalized ethics and their attendant timelines.

The illicit aura cuts against the value of experts, but leave their role unfilled. It implicitly encourages each individual coming into contact with the information to “judge for themselves” its relevance and meaning. This is similar to Benjamin’s observations on the dissolution of barriers between the author, the audience, and the critic:

And today there is hardly a gainfully employed European who could not, in principle, find an opportunity to publish somewhere or other comments on his work, grievances, documentary reports, or that sort of thing. Thus, the distinction between author and public is about to lose its basic character…. At any moment the reader is ready to turn into a writer. As expert, which he had to become willy- nilly in an extremely specialized work process, even if only in some minor respect, the reader gains access to authorship…. Literary license is now founded on polytechnic rather than specialized training and thus becomes common property (Benjamin 1969[1936]:232).

Excising the expert leaves a void which those who are already disinclined to believe experts and distrust established journalistic organizations, or who have pre-formed, usually negative opinions about the target of the data dump, rush into. But because the aura has rejected the ideas of experts, translation, and contextualization, the type of judgment it encourages tends towards deeply personal, first principles–based styles of logical reasoning that both demand empirical experience and makes accessing the testimony of that experience (those of the in-group that produced the database) nearly impossible on an intellectual level.

I note here that recognizing the interpretive role of the press is not antithetical to the hacktivist ethos. Attacking social and civil norms is not a core function of hacktivism: there is nothing about data exfiltration that requires the delegitimization of expertise as an analytical resource. The Snowden/Greenwald relationship, joint projects between WikiLeaks and various established newspapers, and the collaboration between the Panama Papers leaker(s) and the International Consortium of Investigative Journalists are a few examples of hacktivist data exfiltrations or leaks that productively involved journalists to contextualize and translate reams of specialized, in-group data to the general public. Furthermore, performative hacktivist collectives such as Anonymous have implicitly acknowledged the role of the media as a legitimator for political activism, making space for that role in their actions, establishing #press channels on operation IRC servers or making their actions legible to the press through announcements and other releases.

Although hacktivists have at times endorsed the unfiltered data dumping practices critiqued here, it was not due solely to their identification as hacktivists or with hacktivist practices. Delegitimating experts or the press within civil society is not a core aspect of hacktivist practice. When groups claiming the hacktivist mantle engage in tactics that undermine these roles or gesture at hacktivist politics to justify their use of these tactics, the audience would do well to question more closely why such tactics were chosen.

Secret things are always relevant: The illicit aura taints private with secret. The personal and the incidental are invested with importance because they are interpreted as having been intentionally concealed. Email correspondence is made of minutiae. The everyday communications of most people, even important people, are boring. They are cluttered with material relevant primarily to their existence as people, rather than to their power. However, the taint of secrecy renders the mundane extraordinary by interpreting everything through the lens of political power.

The illicit aura favors an interpretation that things are concealed only because they are incriminating. As #PizzaGate progressed, believers began to target people involved with the Comet Ping Pong, including bands that had performed there, which induced several of them to lock down their online presences or move offline entirely. “Going dark” may be viewed as a reasonable reaction to strangers suddenly accusing you of running a child sex ring. But #Pizzagaters interpreted privatizing of Instagram accounts, deleting Twitters, or altering of signs and websites to be evidence: evidence of guilt, evidence of concealment, evidence of something (Reply All 2016), anything other than the normal, emotional, self-preserving reaction of individuals suddenly targeted by a mob.

In this interpretive mode nothing is accidental, but also nothing is merely personal or social. Similarly, the privatization of social media account is not a reestablishing of privacy, but is only an attempt to establish antidemocratic secrecy (Hofstadter 1964). There is a third concept at play in this eliding of the personal and the secret: gossip, particularly gossip as informal social control and resistance. James C. Scott discusses gossip as “a kind of democratic ‘voice” (Scott 1985:282) through which social and political norms are both identified and defended:

Although it is by no means a respecter of persons, malicious gossip is a respecter of the larger normative order within which it operates. Behind every piece of gossip that is not merely news is an implicit statement of a rule or norm that has been broken. It is in fact only the violation of expected behavior that makes an event worth gossiping about. The rule or norm in question is often only formulated or brought to consciousness by the violation itself (Scott 1985:282; emphasis added).

The data dump provides the raw, irresistible material for gossip, and is cast as a resource to be mined for proof of the violations the illicit aura assumes are already there. The aura further implies a certain relationship between the audience, the stolen dataset, and its originators: Hey you, Average Joe! Find out what the guys in power don’t want you to know. As Scott notes, only violations are worth gossiping about. The dataset is only worthy of attention if it contains transgressions, and as it is being presented as worthy of attention, it must therefore contain transgressions. The illicit aura creates an assumption of wrongdoing before any analysis takes place.

Molly Sauter is a PhD student at McGill University in Art History and Communication Studies, and the author of The Coming Swarm: DDoS Actions, Hacktivism, and Civil Disobedience on the Internet, published by Bloomsbury in 2014.


Benjamin, Walter. 1969 (1936). “The Work of Art in the Age of Mechanical Reproduction.” In Illuminations, edited by H. Arendt (pp. 217-253). New York: Schocken.

Booker, Christopher. 2009. “Climate Change: This Is the Worst Scientific Scandal of Our Generation.” The Telegraph, November 28. Available at link
Chun, Wendy Hui Kyong. 2008. “On ‘Sourcery’ or Code as Fetish.” Configurations 16(3):299–324.

Clynes, Thomas. 2012. “The Battle Over Climate Science.” Popular Science, June 21. Available at link.

Delingpole, James. 2009. “Climategate: The Final Nail in the Coffin of ‘Anthropogenic Global Warming?’” Global Climate Scam, November 21. Available at link.

Eilperin, Juliet. 2009a. “Hackers Steal Electronic Data from Top Climate Research Center.” Washington Post, November 21. Available at link.

———. 2009b. “Climate Scientist at Center of E-Mail Controversy to Step Down.” Washington Post, December 1. Available at link.

Gitelman, Lisa. 2013. Raw Data is an Oxymoron. Cambridge, MA: MIT Press

Hofstadter, Richard. 1964. “The Paranoid Style in American Politics.” Harpers, November.

Johnson, Clay. 2012. The Information Diet. Sebastopol, CA: O’Reilly Media

Reply All. 2016. “Episode 83: Voyage into PizzaGate.” Gimlet Media, December 8. Available at link.

Revkin, Andrew C. 2009a. “Hacked E-Mail Is New Fodder for Climate Dispute.” New York Times, November 20. Available at link.

———. 2009b. “Hacked E-Mail Data Prompts Calls for Changes in Climate Research.” New York Times, November 28. Available at link.

Scott, James C. 1985. Weapons of the Weak: Everyday Forms of Peasant Resistance. New Haven, CT: Yale University Press.

Sharockman, Aaron. 2016. “It’s True: Wikileaks Dumped Podesta Emails Hour After Trump Video Surfaced.” Politifact, December 18. Available at link.

Watts, Anthony. 2009. “Breaking News Story: CRU Has Apparently Been Hacked—Hundreds of Files Released” Watts Up With That? November 19. Available at link.

[1] The “tree-ring divergence problem,” or the conflict between instrumental temperature data and tree ring data, is a well-documented and thoroughly discussed issue in the study of historical climate data, and not generally considered to be a scientific counterargument to the anthropogenic theory of climate change.

[2] The moniker first appears in the comment thread on the November 19, 2009, post “Breaking News Story: CRU Has Apparently Been Hacked—Hundreds of Files Released” (Watts 2019). A user called “Bulldust” comments, “Hmmm I wonder how long before this is dubbed ClimateGate?”

[3] Originally published here, the article has since been removed. It is mirrored at various climate-denier blogs such as Global Climate Scam (Delingpole 2009).

[4] Some examples of the mainstream press coverage: The New York Times picked up the story on November 20, not using the “ClimateGate” moniker, in an article titled “Hacked Email is New Fodder for Climate Dispute” (Revkin 2009a). The article notes the “trick” email, quotes climate scientists calling critics “idiots,” and quotes a Cato Institute–affiliated climate “skeptic” as saying, “This is not a smoking gun; this is a mushroom cloud.” The first article to use the “ClimateGate” name was published on November 27 (Revkin 2009b). Since 2009, the Times has published 84 articles citing ClimateGate.

The Washington Post picked up the story on November 21, again quoting the “trick” email, and quoting climate-denier sources like the Competitive Enterprise Institute tit-for-tat as it quoted the scientists defending their private comments (Eilperin 2009a). The Post continued coverage on December 1, when Phil Jones, one of the participants in the “hide the decline” thread, announced he was stepping down from the Climate Research Unit. The Washington Post quoted Marc Marano, identified as the editor of a “climate skeptic blog,” as writing “One Down: ClimateGate Scientist Phil Jones to temporarily step down… pending investigation into allegations that he overstated case for man-made climate change” (Eilperin 2009b).

[5] The PizzaGate subreddit was eventually shut down by Reddit, inadvertently contributing to a central conspiratorial narrative of persecution by those in power with something to hide.

[6] The term “fake news” is used here to refer to purported news websites that sprung up during the 2016 election, often with the goal of producing salacious, compelling articles, predominantly pro-Trump, to attract clicks and social media shares.

[7] The Crisis Actor conspiracy arc is an overarching theory invoked to claim that any given tragedy (most notably the Sandy Hook massacre and 9/11) were actually dramatic performances, complete with actors playing the victims, victims’ families, and law enforcement, staged by the government to justify crackdowns on civil liberties and constitutional rights.

[8] In the Podesta cache, examples of these interpersonal ephemera include family recipes for walnut pizza, risotto, and Marina Abramovic’s “Soul Cooking” fundraising dinner.

[9] This predisposition is readily apparent in climate-denier treatments of the CRU emails and response of the scientific community to the theft. On November 28, the Telegraph published a column in which climate-denier Christopher Booker called the scientific community in consensus on anthropogenic climate change “Our hopelessly compromised scientific establishment” and calling the Royal Society “ a shameless propagandist for the warmist cause” (Booker 2009).

[10] For an example of this epistemic perspective, see Johnson (2015), who advises that 25% of your daily “information diet” be “raw information.” For a rebuttal, see Gitelman (2013).