W.D.Wash.: The govt didn’t violate the 4A by hacking into a child porn server and running it for two weeks, forwarding all user info to another govt computer

The government took over a child pornography website in Washington state and ran it for two weeks via a Title III warrant from a USMJ in the Eastern District of Virginia. They sent all information of visitors to that website back to Virginia. “While controlling Website A, the FBI sought to identify the specific computers, and ultimately the individuals, accessing the site, by deploying a network investigating technology (‘NIT’) that ‘cause(d) an activating computer—wherever located—to send to a computer controlled by or known to the government, network level messages containing information that may assist in identifying the computer, its location, [and] other information[.]’ Dkt. 47-1, at 34. Prior to deploying the NIT, on February 20, 2015 the FBI sought and obtained a warrant (‘the NIT Warrant’), which was issued by a magistrate judge in the Eastern District of Virginia. Id.” The warrant from the Eastern District of Virginia did not preclude essentially hacking into the Washington computer, planting the software to gather information about users and send it back to Virginia. It was also not a general warrant. United States v. Michaud, 2016 U.S. Dist. LEXIS 11033 (W.D.Wash. Jan. 28, 2016):

The warrant explicitly invites the magistrate judge to “give its location” in the blank space provided, wherein the phrase, “See Attachment A,” is inserted. Attachment A, subtitled “Place to be Searched,” authorizes deployment of the NIT to “all activating computers,” defined as “those of any user or administrator who logs into [Website A] by entering a username and password.” Id. Attachment A refers to the Eastern District of Virginia as the location of the government-controlled computer server from which the NIT is deployed. Id. A reasonable reading of the NIT Warrant’s scope gave the FBI authority to deploy the NIT from a government-controlled computer in the Eastern District of Virginia against anyone logging onto Website A, with any information gathered by the NIT to be returned to the government-controlled computer in the Eastern District of Virginia.

The warrant application reinforces this interpretation, which is objectively reasonable. The warrant application, when detailing how the NIT works, explains that the NIT “may cause an activating computer—wherever located—to send to a computer controlled by or known to the government [in the Eastern District of Virginia], network level messages containing information that may assist in identifying the computer, its location, and other information[.]” Dkt. 47-1, at ¶46 (emphasis added). The execution of the NIT Warrant is also consistent with and supports this interpretation. See Dkt. 47-5, at ¶¶13-18. Because this interpretation is objectively reasonable, execution of the NIT Warrant consistent with this interpretation should be upheld, even if there are other possible reasonable interpretations. Bergquist v. County of Cochise, 806 F.2d 1364 (9th Cir. 1986) (abrogated on other grounds by City of Canton, Ohio v. Harris, 489 U.S. 378, 109 S. Ct. 1197, 103 L. Ed. 2d 412 (1989).

. . .

As a threshold matter, it appears that even if Mr. Michaud was correct in arguing that the NIT Warrant is unconstitutional because it is a general warrant, suppression may not be required because the officers acted in good faith when executing the warrant. See supra, II(c)(3). See also, United States v. Negrete Gonzales, 966 F.2d 1277, 1283 (9th Cir. 1992) (citing to United States v. Leon, 468 U.S. 897, 104 S. Ct. 3405, 82 L. Ed. 2d 677 (1984)). The NIT Warrant does not, however, lack sufficient specificity. The warrant states with particularity exactly what is to be searched, namely, computers accessing Website A. Dkt. 47-1, at 37. According to the warrant application upon which the NIT Warrant was issued, Website A is unmistakably dedicated to child pornography. Although the FBI may have anticipated tens of thousands of potential suspects as a result of deploying the NIT, that does not negate particularity, because it would be highly unlikely that Website A would be stumbled upon accidentally, given the nature of the Tor network.

The second factor, breadth, considers whether the NIT Warrant exceeded the probable cause on which it was issued. While the warrant application certainly provides background facts not found in the NIT Warrant itself, compare Dkt. 47-1, at 2-36 and Dkt. 47-1, at 37-40, the NIT Warrant does not authorize anything beyond what was requested by the warrant [*15] application. In fact, the NIT Warrant language found in Attachment A and Attachment B is identical to the scope of the warrant requested. Id., at 4, 5, 37, 38. Both the particularity and breadth of the NIT Warrant support the conclusion that the NIT Warrant did not lack specificity and was not a general warrant.

c. Whether the NIT Warrant violates Fed. R. Crim. P. Rule 41(b).

Concerning Fed. R. Crim. P. Rule 41(b), Mr. Michaud makes three primary arguments: (1) the NIT Warrant violates the plain text of Rule 41(b), (2) the Rule 41(b) violation requires suppression, because the violation was the result of an intentional and deliberate disregard of Rule 41(b), and results in prejudice to Mr. Michaud, and (3) the good faith exception does not “save” the Rule 41(b) violation because it does not apply. Dkt. 26, at 8-16; Dkt. 69, at 3-11.

. . .

III. CONCLUSION

“The Fourth Amendment incorporates a great many specific protections against unreasonable searches and seizures. The contours of these protections in the context of computer searches pose difficult questions.” United States v. Adjani, 452 F.3d 1140, 1152 (9th Cir. 2006) (internal quotations and citations omitted). What was done here was ultimately reasonable. The NIT Warrant was supported by probable cause and particularly described the places to be searched and the things to be seized. Although the NIT Warrant violated Rule 41(b), the violation was technical in nature and does not warrant suppression. Mr. Michaud suffered no prejudice, and there is no evidence that NIT Warrant was executed with intentional and deliberate disregard of Rule 41(b). Instead, the evidence shows that the NIT Warrant was executed in good faith. Mr. Michaud’s motions to suppress should be denied.

This entry was posted in Computer and cloud searches, F.R.Crim.P. 41, Overbreadth. Bookmark the permalink.

Comments are closed.