Tech news site Motherboard obtained webinar slides by a company called SpyCloud presented to prospective customers. In that webinar, the company claimed to “empower investigators from law enforcement agencies and enterprises around the world to more quickly and efficiently bring malicious actors to justice.” The slides were shared by a source who was concerned about law enforcement agencies buying access to hacked data. SpyCloud confirmed the slides were authentic to Motherboard.
As a matter of practice, some law enforcement organisations and police units indeed occasionally buy stolen data from various sources. The data may then be used for a wide spectrum of monitoring, preventive or investigative purposes. Its usage, however, rarely becomes official and mostly serves different “in-house” purposes. Therefore, I doubt that Western law enforcement agencies would buy this stolen data from commercial companies or vendors.
These sales statements sound a bit exaggerated and overhyped. In courts of many jurisdictions, the use of stolen, or otherwise unlawfully obtained data or evidence, is expressly prohibited by law.
As for police investigation purposes, normally much of this data may be easily and lawfully subpoenaed from service providers and technology companies for the purpose of an ongoing criminal investigation. Moreover, subpoenaed data will likely be more recent, relevant, and complete, and won’t pose problems for law enforcement officers later if a defendant (hacker) can afford skilled criminal defense lawyers.