Thursday, February 28, 2013

Cop's 1st Amendment retaliation claim fails; court does hold emails to news outlets were speech as citizen

In Smith v. County of Suffolk & Richard Dormer, CV 10-1397 (E.D.N.Y. Feb. 27, 2013), a federal district court held that a police officer's emails to outside news entities, which resulted (in part) in disciplinary actions against him, could not sustain a 1st Amendent retaliation claim under 42 U.S.C. 1983, the 1st Amendment itself, and Article 1, Section 8 of the New York Constitution. The "plaintiff claim[ed] he was retaliated against for his use of a police computer 'to speak his mind and express his opinion to members of the news media' about (1) the Department's policy of arresting unlicensed drivers and whether that policy contributed to racial profiling, and (2) the Martin Tankleff case."

First, it should be noted that these types of claims rarely succeed, because of the litany of elements a plaintiff must prove. The court summarized the test as follows:
Where, as here, a public employee brings a First Amendment retaliation claim, he must "bring forth evidence showing that he has engaged in protected First Amendment activity, he suffered an adverse employment action, and there was a causal connection between the protected activity and the adverse employment action." . . . If plaintiff can produce evidence supporting these three elements, the defendants can, nonetheless, prevail on their motion for summary judgment if the defendants are able to establish (1) that the same adverse employment action would have occurred "even in the absence of the protected speech," Mount Healthy City School Dist. Bd. of Educ. v. Doyle, 429 U.S. 274, 278, 97 S. Ct. 568, 50 L. Ed. 2d 471 (1977); . . ., or alternatively, (2) that the employee's speech was likely to disrupt the government's activities and the harm caused by the disruption outweighs the First Amendment value of the plaintiff's speech . . .The latter defense is known as the Pickering balancing test and is a question of law for the court. . . . Finally, even if the defendants prevail in the Pickering balance, plaintiff may still "carry the day" if he can show that the motivation for the adverse action was "retaliation for the speech itself, rather than for any resulting disruption." Reuland v. Hynes, 460 F.3d 409, 415 (2d Cir. 2006).
The interesting part of this case is that the plaintiff actually survived the Garcetti portion of the analysis; the court held that the plaintiff's communications to outside media organizations were done outside the scope of his employment and thus the speech was that of a citizen. This despite the fact that the information he was providing was about events intertwined with the police, and that he used the department's technology resources to "tip-off" outside media sources. The conduct in question was:
In the course of the forensic investigation, Sergeant Luciano discovered that a large number of e-mails from plaintiff's Departmental e-mail account were sent to various outside sources, including the news media, for non-business and/or personal reasons. . . . One such e-mail was to Christine Armario of Newsday on May 29, 2007, wherein plaintiff stated that with respect to the Suffolk County Police Department's policy concerning the arrests of unlicensed drivers, the Police Department was about to undertake a program that would lead to ethnic discrimination. . . In a further e-mail to Christine Armario on July 8, 2007, plaintiff criticized the Police Department and Chief Ponzo, stating "[y]ou let Chief Ponzo get away with that one in six comment and you've now given him a platform to perpetuate this myth. This has always been about racial profiling and you've been bamboozled into believing it's a safety issue. That is an obvious lie." . . . The investigation also uncovered an e-mail sent by plaintiff on January 16, 2007 to Jeffrey Toobin, a CNN commentator, giving him a "tip" about the Martin Tankleff case wherein he stated that the homicide detective may have helped planned the murder, orchestrated the cover up and had committed perjury; that the district attorney was up to his ears in ethical conflicts and appeared to be protecting the actual murderers; and that there was a long history of abuses by the Suffolk County Police Homicide Squad. . . .Plaintiff signed each of these e-mails as "Lieutenant Raymond F. Smith, Sixth Precinct." . . . 
The court quickly dispensed with the analysis of whether the speech involved matters of public concern, citing to a case holding that: "Where a public employee's speech concerns a government agency's breach of the public trust, as it does here, the speech relates to more than a mere personal grievance and therefore falls outside Garcetti's restrictions." The court then went on to analyze whether the emails to outside news organizations were speech as a citizen, or as an employee. The Court utilized the framework given in the 2nd Circuit case Weintraub, noting at the outset the major dilemma of whether "the speech at issue . . . was made 'pursuant to' plaintiff's official duties as a police officer or as a citizen":
On the one hand, Smith's speech occurred in the workplace, utilizing a police computer during work hours, bore an official signature reflecting plaintiff's position as Lieutenant Raymond F. Smith in the Sixth Precinct, and related to information concerning the plaintiff's employment as a police officer. On the other hand, Smith engaged in speech for which there is a "relevant citizen analogue" when he sent external e-mails outside the chain of command to the press and media. Weintraub, 593 F.3d at 203. In addition, the content of the speech was not directed toward the proper performance of plaintiff's own ability to execute his specific job duties as a police officer, but rather can be characterized as a broader policy-related commentary on the Department's policies and operations.
The court found it pertinent that "plaintiff's e-mails  referred to alleged misconduct, inefficiencies and corruption extending outside his own personal duties, and in the case of the e-mail regarding Martin Tankleff, affected a closed case in another department with which he had no personal interaction or job connection." The question is, does that really make the speech fall outside of his official duties as a police officer? The court said yes. In doing so, the court stated that the argument that "Smith's speech cannot be protected by the First Amendment because he used information acquired from his employment" was misplaced. As justification for this, and relying on Griffin v. City of New York, 880 F. Supp. 2d 384, 2012 WL 3090295(E.D.N.Y. 2012), the court opined:
the fact that a member of the general public would not have inside knowledge of alleged misconduct was "exactly the point[]"[in Griffin] because "[s]uch speech must necessarily be protected by the First Amendment to protect the public's significant First Amendment interest in receiving information about the functioning of government, to which they otherwise would not be privy." . . .Were [public employees] not able to speak on [the operation of their employers], the community would be deprived of informed opinions on important public issues. The interest at stake is as much the public's interest in receiving informed opinion as it is the employee's own right to disseminate it.  
To me, this is quite an expansive reading of Garcetti and the related jurisprudence in the area. The justification that the speech could be characterized as "a broader policy-related commentary on the Department's policies and operations" seems to pry open the door many thought shut after Garcetti. I like it, I just don't know how legally sound it is.

However, in the end, it did not matter because the court found that prior disciplinary actions against the plaintiff showed that the adverse employment decisions undertaken against him would have occurred regardless of the media contact noted above. So, a giant free speech win for a public employee, followed by the typical outcome in these types of cases - loss on summary judgment.

Thursday, February 21, 2013

Ohio appellate court finds that failure to make motion to suppress over GPS search was ineffective assistance

In State v. Allen, 2013 Ohio 434 (Ohio Ct. App 2013), the Ohio Court of Appeals reversed and remanded  a conviction after trial counsel failed to make a motion to suppress evidence derived from the use of a GPS device on the defendant's car. 

The GPS device was used for a period of two days. At trial, defense counsel failed to make a motion to suppress, and the defendant appealed arguing ineffective assistance of counsel. Finding that "trial counsel had an obligation to raise the GPS issue in a motion to suppress all evidentiary items obtained by the police officers," the court found that the defense counsel's performance "fell below an objective standard of reasonableness."

As to whether or not the outcome would have been different, the court found that there was a reasonable probability of a different outcome. The appellate court ruled that good faith did not save the search because there was no binding appellate legal precedent on the GPS issue. Further, despite an argument to the contrary by the state, the court held that the evidence could not have been acquired through inevitable discovery.

Thus, the case was reversed and remanded and trial counsel ordered to file a motion to suppress.

Wednesday, February 20, 2013

US cybersecurity firm releases report on Chinese army hacks of American companies

Mandiant, a United States cybersecurity firm, released a report on Tuesday detailing its findings of what it believes to be a series of hacks conducted by the Chinese army. They believe they have detected the hacks of "141 companies spanning 20 major industries."

Here's an except from the executive summary:
The activity we have directly observed likely represents only a small fraction of the cyber espionage that APT1 has conducted. Though our visibility of APT1’s activities is incomplete, we have analyzed the group’s intrusions against nearly 150 victims over seven years. From our unique vantage point responding to victims, we tracked APT1 back to four large networks in Shanghai, two of which are allocated directly to the Pudong New Area. We uncovered a substantial amount of APT1’s attack infrastructure, command and control, and modus operandi (tools, tactics, and procedures). In an effort to underscore there are actual individuals behind the keyboard, Mandiant is revealing three personas we have attributed to APT1. These operators, like soldiers, may merely be following orders given to them by others.
Our analysis has led us to conclude that APT1 is likely government-sponsored and one of the most persistent of China’s cyber threat actors. We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support. In seeking to identify the organization behind this activity, our research found that People’s Liberation Army (PLA’s) Unit 61398 is similar to APT1 in its mission, capabilities, and resources. PLA Unit 61398 is also located in precisely the same area from which APT1 activity appears to originate.
Mandiant also released a video demonstrating a method used by APT1 to hack American companies.

A Chinese foreign ministry spokesperson responded, "To make groundless accusations based on some rough material is neither responsible nor professional."

The findings have been widely reported including by the New York Times, Wall Street Journal, and ABC News.

Tuesday, February 19, 2013

Court disallows cell phone search that occurred six hours after arrest

Timing they say is everything, even when it comes to warrantless searches.

A federal district court echoed similar sentiments when it held that a warrantless search of a defendant’s cell phone six hours after arrest was unconstitutional. 

In U.S. v. Dimarco, U.S. Dist. LEXIS 16279 (S.D.N.Y. 2013), the court granted the defendant’s motion to suppress evidence obtained from the warrantless search of his cell phone because of the timing of the search and the insufficient justifications offered by the officer who conducted the search. 

The defendant, a felon, was arrested by the NYPD during an illegal gun sale. During the arrest, the defendant’s cell phone, a defaced automatic firearm and a silencer were recovered. 

More than six hours after the defendant’s arrest, a special agent from the Bureau of Alcohol, Tobacco, Firearms and Explosives examined the defendant’s cell phone. She scrolled through the pictures, text messages, and phone numbers stored on the phone. 

The agent stated that her purpose was to see if there was any evidence on the phone linking the firearm to the defendant. The agent also added that she searched through the phone without a warrant in an attempt to preserve the evidence because she was unsure of the arresting officer's evidence preservation methods. 

The warrantless search yielded about four pictures depicting a firearm that was the same color and same shape as the one recovered from the defendant during the arrest.  The agent took pictures of the digital images she came across.

At trial, the government opposed the defendant’s motion, arguing that the agent’s search of the phone was acceptable because it fell within the “search incident to arrest exception” to the Fourth Amendment’s warrant requirement. 

The court rejected this argument and held that the defendant had a cognizable privacy interest in his cell phone due to the “unique and significant information-storing capabilities of the modern cell phone.” 
Given the timing of the search and the justifications offered by the agent, the court further held that the search was unreasonable and did not properly fall within the search incident to arrest exception. 

The court focused on the fact that the search occurred more than six hours after the defendant’s arrest and thus was not contemporaneous on the defendant’s arrest. The court also noted that there was not any exigent circumstance that warranted the delay.

Also, the court highlighted that the reasons stated by the agent for conducting the search were not in line with the justifications underlying the search incident to arrest exception. 

The government was neither able to prove that the cell phone presented a threat to the officers nor that the defendant would have been able to destroy the evidence on his cell phone once it was placed under police authority. 

To its likely detriment, the government failed to make a case for the possibility of automatic deletion or remote wipe (see a discussion about this issue in the comments on this earlier post). Making these arguments to the court would have bolstered its case. On the other hand, given that the search occurred more than six hours after the arrest, there was ample time to procure a warrant, which most likely would have been granted. 

But as courts dabble deeper in Fourth Amendment issues as it relates to cell phone searches, it would be interesting to see the creative techy arguments attorneys come up with. 

Thursday, February 14, 2013

Fifth Circuit reverses in CP case due to lack of evidence showing policy for inventory searches

In United States v. Vernon, No. 12-60105 (5th Cir. 2013), the Fifth Circuit reversed a motion to suppress in a child pornography case over an argument that an inventory search to find the defendant's computer was conducted improperly.

The defendant was arrested at a Mississippi casino by the United States Marshals Service. He refused to consent to a search of his vehicle, and "upon inquiry, the marshals learned that the casino officials wanted the car removed."

I want to stop the story here to explain the significance of that last sentence. They didn't have a warrant, and the defendant wouldn't consent to the search, so the officers decided that they would just try to bypass the Fourth Amendment, because well, they can. One of the exceptions to the Fourth Amendment is for an inventory search. If a vehicle is, for example, obstructing a roadway, law enforcement may use their "community caretaking" powers to seize the car and take an inventory of its contents. It cannot, however, be done as a pretext for a search - such as when law enforcement just want to search a vehicle so they tow it.

In their inquiry to the casino, I'm assuming the conversation went something like this:
Marshals - "We're arresting someone at your casino for child pornography, and they have a car in your parking lot. You might want to thinking about having it removed." 
Casino - "Okay. Yes, we should probably do that."
Marshals - "What's that? You're asking us to tow the vehicle?" 
Casino - "Oh, sure. That would be great." 
The point is, the casino never would have known the driver of the car was no longer there - they're open 24 hours a day, and the parking lot is always half full. It's fairly obvious that the "inquiry" and search were done only because they wanted to look for evidence. Regardless, the Fifth Circuit held otherwise on this point.

So the car was towed by the local sheriff's department, and the sheriff's department performed an inventory search, resulting in the find of a computer. A search warrant was obtained, and child pornography was found.

Inventory searches require the search to be conducted using the department's standard policy as the "inventory search must not be a ruse for a general rummaging in order to discover incriminating evidence." At trial, the marshal testified about policy of the Marshals Service and admitted that their policy was not followed. No evidence was presented to show what the policy is for the local sheriff's department. As such, there is no way for the Fifth Circuit to know whether the inventory search complied and was, therefore, constitutional.

Thus, the motion to suppress was reversed, and the conviction was vacated and remanded.

Wednesday, February 13, 2013

Tidbits: Executive Order on Cybersecurity; CISPA redux; NPR discussion of "hacking back"

President Obama's Executive Order on Cybersecurity

President Obama, in his SOTU speech last night, explicitly mentioned cybersecurity and the need for more action on protecting the nation on that front (through information sharing, etc.). The President's Executive Order can be found here: Executive Order -- Improving Critical Infrastructure Cybersecurity. The Presidential Policy Directive associated with the Executive Order (PPD-21) can be found here: PRESIDENTIAL POLICY DIRECTIVE/PPD-21.

I think it is too early to tell the impact that the Executive Order will have, but overall, I do not think it is close to an overreach. Jody Westby at Forbes disagrees: Obama's Cybersecurity Action Reaches Too Far. For another take on the EO (from Information Week), see: White House Cybersecurity Executive Order: What It Means

The Re-introduction of the Cyber Intelligence Sharing and Protection Act

As expected:
Chairman Mike Rogers and Ranking Member C.A. Dutch Ruppersberger re-introduced H.R. 624, the Cyber Intelligence and Sharing Protection Act, their bipartisan cyber threat information sharing legislation, to help American businesses better protect their computer networks and corporate trade secrets from advanced cyber attacks.   The bill that was introduced today is identical to the “Cyber Intelligence Sharing and Protection Act” (H.R. 3523) that passed the House by a strong bipartisan vote of 248-168 in April 2012.
The full text of the bill can be found here: CISPA 2013 - H.R. 624

For some varying perspectives on CISPA, see:

Controversial cyber bill CISPA returns to Congress for debate, same as before - The Verge

Lawmakers: CISPA Will Help Battle Cyber Attacks From China, Iran - PC Magazine

Congress Is Trying to Kill Internet Privacy Again - Rolling Stone

NPR Discusses Hacking Back

NPR recently had a discussion about "hacking back," or more euphemistically, "proactive response" to cyberattacks; the story can be found here (with a link to the audio): Victims Of Cyberattacks Get Proactive Against Intruders 

I found a particular section in the article about hacking back to be telling of the legal implications of such tactics:
A turn toward more aggressive actions against cyberattackers, however, could be risky. Because the source of a cyberattack is often hard to identify, counterattacking is not always well-advised. 
"I will guarantee you there will be lots of mistakes made," said Rep. Mike Rogers of Michigan, chairman of the House Permanent Select Committee on Intelligence, speaking at a recent cybersecurity conference at George Washington University. "I worry about the private sector engaging in offensive [activities] ... because a lot of things are going to go wrong." 
Companies that want to go on the offense against their cyber-adversaries need to consider the legal risks such actions would involve. 
"I have only found one or two lawyers ... who have said, 'Let's consider pursuing some kind of offensive response,' " says Richard Bejtlich, chief security officer at Mandiant, a cyber-consultancy. "The corporate legal structure is very conservative when it comes to what we can allow someone to do."

My previous summation/aggregation of articles regarding the legality of hacking back can be found here: Hacking Back: are you authorized?

Tuesday, February 12, 2013

10th circuit rules that intent not required to trigger distribution sentence enhancement when a peer-to-peer system is used in child pornography case

The 10th circuit held that using a peer-to-peer network file-sharing program in downloading child pornography is sufficient to trigger the application of a distribution sentence enhancement.

In U.S. v. Ray, No. 11-3383 (10th Cir. 2013), the court held that the U.S. Sentencing Guidelines Manual does not require the government to prove that child pornography was actually transferred or that the defendant had intent to distribute the pornography in order for the distribution sentence enhancement to apply.

The defendant pled guilty to receiving materials involving the sexual exploitation of a minor. Using the U.S. Sentencing Guidelines Manual, the district court sentenced the defendant to 102 months of imprisonment followed by a seven-years term of supervised release.

During sentencing, the district court applied a two-level sentencing enhancement for the distribution of child pornography under USSG § 2G2.2(b)(3)(F). The defendant appealed this decision on the basis that the government failed to provide any evidence that showed that the defendant had distributed any child pornography or that any of the files had been transferred to another computer.

 The record only indicated that the defendant used the peer-to-peer file-sharing software and that although its sharing function was enabled, the defendant did not actually know the software was capable of sharing.

The appellate court affirmed the lower court’s decision.  The state argued that the use of a peer-to-peer file-sharing program constituted generic distribution that triggers the application of the enhancement.
The court affirmed the lower court’s decision. It stated that the application of the enhancement does not require that the defendant know about the distribution capability.

The court reasoned that a sentencing enhancement in contrast to criminal statutes does not require  mens rea.

In my opinion, the court made the right intuitive call in this case. A peer-to-peer sharing system is intended for mass distribution. The essence of the system for users revolves around its mass distribution function and ease of access.

However, the court was silent on the appropriateness of using an implied mens rea requirement for such enhancers in the absence of a peer-to-peer sharing system.

Also, I find the court’s argument of an absence of a mens rea element or actual transfer requirement unconvincing. The actual statutory commentary definition of distributions states that:

Distribution” includes any act including possession with intent to distribute, production,   transmission, advertisement, and transportation, related to the transfer of material involving the sexual exploitation of a minor.  USSG § 2G2.2 cmt. n.1.

It will be interesting to see the line of cases that follow after this decision. 

Monday, February 11, 2013

DHS Civil Liberties office: Reasonable suspicion not required for search of electronic devices at border

The Office for Civil Rights and Civil Liberties at the Department of Homeland Security (DHS) recently released an assessment concerning border searches of electronic devices which argues that no constitutional rights are violated by such searches with or without reasonable suspicion. When first announced that such an assessment would be made, the report was ordered for completion in late 2009.

The Fourth Amendment, which protects against "unreasonable searches and seizures," has long been interpreted to not carry the same weight at our nation's border. The "border search exception" allows routine searches without suspicion and non-routine searches with some level of suspicion. Still undecided by the Supreme Court, however, is whether electronic devices may be searched at the border without suspicion. The Ninth Circuit is the only circuit to rule on the issue, finding that "reasonable suspicion is not needed ... to search a laptop ... at the international border." A Fourth Circuit court also held that such a search does not violate the First Amendment.

Under the policies adopted by DHS, the department's protector of civil liberties finds that the current search practices which allow electronic searches without the need for reasonable suspicion are constitutional.

We also conclude that imposing a requirement that officers have reasonable suspicion in order to conduct a border search of an electronic device would be operationally harmful without concomitant civil rights/civil liberties benefits....
The report also found that no special considerations are necessary for "setting specific time limits" or taking "special precautions for dealing with sensitive information, such as attorney-client materials, attorney work product, business information, trade secrets, and medical records."

However, it was made clear that searches may not be made in a discriminatory manner "on account of race, religion, or ethnicity."

An improved complaint process was suggested.

The ACLU has filed a Freedom of Information Act request for the entire assessment as DHS only released its two-page executive summary.

From October 2008 to June 2010, more than 6,500 international travelers had their electronic devices searched at the border, half of which were U.S. citizens.

Friday, February 8, 2013

CSU San Marcos student uses keylogger to gain credentials & vote for himself in online election

I recently posted this on Twitter, and it is very interesting. Tweets w/ links are below:

Student Candidate Arrested, Charged With Fraud. . Faked votes for student body pres. w/ info from keylogger.

Complaint: keylogger case @ CSU San Marcos. . Voted online 4 himself & friends, nabbed by FBI  

CSU-SM case - charged w/ wire fraud, access fraud, and CFAA violations. Used keylogger for username/pass of other students.

CA appellate court allows warrantless use of speed/braking records from car's airbag module (SDM)

In another first impression case, a California appellate court ruled that an individual has no reasonable expectation of privacy in the data recorded by a car's sensing diagnostic module (SDM), which is part of the airbag system. Therefore, the court upheld the police's actions to retrieve that information from a car that was lawfully impounded after an accident. The case is People v. Diaz, __ Cal. App. Ct. __ (Feb 6, 2013), and a copy of the opinion can be found: here.

The "main function of the SDM is to deploy the air bags. The SDM has the secondary function of recording throttle, speed, application of brakes, and transmission position." In this case it was used as evidence to prove the speed of a vehicle involved in an accident resulting in death (the driver was also intoxicated). The defendant argued that an individual has a reasonable expectation of privacy in that information, and that the police's actions to cut her carpet to get to the module, and then download the data, was a violation of the Fourth Amendment. As mentioned above, the car had been impounded after the accident, and was essentially totaled. The defendant attempted to make an appeal to United States v. Jones in her argument to no avail. The court quickly dismissed that argument, stating "the trespass theory underlying Jones has no relevance and, as the trial court aptly pointed out, the purpose of the SDM was not to obtain information for the police. Thus, Jones is not helpful to defendant."

The holding of the case turned on the instrumentality of crime exception to the warrant requirement, stating that: "In this case, defendant's vehicle was itself an instrumentality of the crime of vehicular manslaughter. Defendant concedes it was lawfully seized. Consistent with the California Supreme Court cases discussed above, the officers' 'subsequent examination of the [vehicle] for the purpose of examining its evidentiary value [did] not constitute a ‘search’ as that term is used in the California and federal Constitutions. [Citations.]'"

Regarding the expectation of privacy, the real interesting portion of the court's holding is below:

As the trial court pointed out, the specific data obtained from the SDM was the vehicle's speed and braking immediately before the impact. We agree that a person has no reasonable expectation of privacy in speed on a public highway because speed may readily be observed and measured through, for example, radar devices . . ., pacing the vehicle . . ., or estimation by a trained expert . . . . Similarly, a person has no reasonable expectation of privacy in use of a vehicle's brakes because statutorily required brake lights (Veh. Code, § 24603) announce that use to the public. Thus, defendant has not demonstrated that she had a subjective expectation of privacy in the SDM's recorded data because she was driving on the public roadway, and others could observe her vehicle's movements, braking, and speed, either directly or through the use of technology such as radar guns or automated cameras. In this case, technology merely captured information defendant knowingly exposed to the public—the speed at which she was travelling and whether she applied her brakes before the impact. 
We conclude there was no Fourth Amendment violation in the admission of SDM evidence.
I was unaware, until reading this case, that such information was stored on a device in cars equipped with airbags. It is a very interesting case, and I believe the court resolved it correctly. An attempt to pull Jones in to inject the ideas of "mosaic theory" and trespass was an interesting move by the defense, but knowing someone's location and tracking their every move is much different than reconstructing their speed and braking. GPS tracking can reveal much about a person's life. Speed and braking can pretty much only tell you if that person has a lead foot or rides the brakes.

New York dealt with a similar case in 2004 (which the court mentions), People v. Christmann, 776 N.Y.S.2d 437 (Just. Ct. 2004), resulting in the same outcome.

Court holds reasonably logical assumption insufficient to apply inevitable discovery rule

In a profession where reasonably logical leaps are normative, the prosecution in North Carolina was asked to push such prescriptions.

 In State v. Wells, 2013 N.C. App. Lexis 121, the appellate court held that a mere logical assumption that evidence would have eventually been discovered is insufficient to trigger an exception to the exclusionary rule for evidence derived from an unconstitutional search or seizure.  

The defendant was convicted for soliciting a child by a computer and attempted indecent liberties with a child.

During the trial, the defendant moved the court to suppress certain statements he made to the police upon arrest and to suppress evidence retrieved from his laptop computer.

On the day the defendant was arrested, detectives initially went to the defendant’s house only to find that he was not home. They also executed a search warrant authorizing the seizure of computers from the defendant’s residence.  However, upon arrival, the detectives did not find any evidence.
After contacting the defendant’s place of employment, a firehouse, the defendant opted to turn himself in to avoid been arrested at work. 

In custody, the defendant was read his Miranda rights. Detectives were able to get the defendant to admit that he owned a Dell laptop and that the laptop was located on his bed at the fire station. However, detectives were only able to elicit these statements after telling the defendant that if he were cooperative, they would inform the court and the district attorney about his cooperation. Based on the information the defendant provided, the police seized the defendant’s laptop from the fire station.

While the court granted defendant’s motion regarding his statements on the grounds that they were involuntary as they resulted from a promise, hope or reward, the court denied the motion to suppress evidence retrieved from the defendant’s laptop computer. 

On appeal, the appellate court reversed this decision. The court stated that although it was logical to assume that the police would have eventually searched the fire station for evidence, there was no evidence in the record to support this assumption apart from conclusory statements made by counsel.

I am  uneasy with such nitpicking.  Since a personal laptop was involved, there was no doubt that the police officers were eventually going to search his work place, the last known destination he was at before he was taken into custody. The facts of this case were sufficient to trigger the inevitable discovery doctrine. 

 Any future consequential concerns the appellate court had are remedied by the very nature of the doctrine itself.  It is generally accepted that inevitable discovery is to be determined on a case-to-case basis. 

The court ordered a new trial.  What a waste of the judicial system’s already strained resources. 

Your Password is Obsolete. Now What?

Be sure to check out this infographic about passwords which describes the hack of Wired writer Mat Honan, explains how hackers are able to get a person's data, discusses alternatives to passwords, and provides password advice. It's really worth a few minutes of your time.

Here's the introduction:
Some say 2012 may have been the year the password broke. With password leaks and dumps becoming common occurrences our lives are simply too easy to crack. That string of characters you use as a password can't protect you anymore.

Wednesday, February 6, 2013

Breaking: WI Sup Ct upholds GPS tracking, dissent alleges 4th Amendment "trespass" occured

State v. Brereton has been released, today. A PDF of the decision can be found: here. I will have analysis up in a bit, but here is some pertinent text from the majority's holding:

First, we conclude that the seizure of Brereton's vehicle was supported by probable cause that the vehicle was, or contained, evidence of a crime, and was therefore permissible under the Fourth Amendment.  The seizure was supported by witnesses' reports that a car matching the make, model, and license plate number of that particular vehicle had been seen at the locations of recent burglaries in the area.  Additionally, after officers lawfully stopped Brereton and his co-defendant Brian Conaway in the suspect vehicle, they discovered that the vehicle identification number (VIN) did not match the license plate, and that the occupants of the vehicle were notably similar to the two men seen at multiple recent burglaries.  Accordingly, the three-hour seizure of Brereton's vehicle, whereby officers were able to install the GPS device, did not constitute an unreasonable seizure under the Fourth Amendment, as applied to automobiles.  Moreover, in light of Brereton's Fourth Amendment interest in avoiding government usurpation of his property for the purpose of conducting surveillance on him, the officers' decision to obtain a warrant prior to conducting the GPS search was proper. 
¶3   We also conclude that the technology used in conducting the GPS search did not exceed the scope of the warrant allowing GPS tracking of Brereton's vehicle.  Judge Carlson issued the warrant based on the probable cause set forth through the facts recited in a detective's affidavit.  The affidavit and warrant's language contemplated the installation of a GPS device that would track the vehicle's movements.  That the device provided officers with real-time updates of those movements did not alter the kind of information to be obtained under the warrant, or the nature of the intrusion allowed.  Therefore, the officers' execution of the warrant was not unreasonable.  Accordingly, we affirm the decision of the court of appeals.

Judge Abrahamson's dissent states, inter alia, that:

I conclude that in the present case, as in Jones, the State committed a common law trespass.  I further conclude that the trespass (seizure) was not reasonable under the circumstances of the present case.[28]  The majority explains that to determine the reasonableness of a seizure, a court must balance the public interest in investigating and thwarting crime against the private interests in maintaining dominion over one's possessions.  Majority op., ¶28.  Unfortunately, the majority does not conduct this balancing test.    
¶70  In applying the test of objective reasonableness to the seizure and its continuation, I conclude that under the circumstances of the present case, the State's dominion over the defendant's vehicle was prolonged beyond a reasonable time and was not reasonably related in scope to the circumstances which, according to the majority opinion, justified the initial and continuing seizure of the vehicle. 
¶84  All told, this case needs far more careful discussion and analysis by the majority opinion of the State's invasion of the defendant's possessory and privacy interest in the vehicle and the defendant's privacy interest with respect to surveillance of the movements of the vehicle before a reader is persuaded that the State has overcome the presumption that the warrantless seizure of the vehicle is a violation of the Fourth Amendment.

Tuesday, February 5, 2013

Federal District Court finds reasonable expectation of privacy in packages mailed with fake recipient and sender

Confronted with an issue of first impression, a federal district court held that the sender of packages labeled with fictitious sender and recipient information retained a reasonable expectation of privacy in the contents of those packages. The case is United States v. Williams, ___ F. Supp. 3d ___ (W.D. Tenn Dec. 6, 2012). The court's decision was based primarily on the Seventh Circuit's opinion in United States v. Pitts, 322 F.3d 449 (7th Cir. 2003), since there was no controlling precedent from the Sixth Circuit.

The facts of the case are quite simple - an informant was working with the DEA to facilitate methamphetamine buys, and when the drugs for two deals were shipped to the informant, the DEA intercepted them before delivery, and confirmed that they were in fact drugs. The defendant argues that the evidence should be suppressed, because he retained a Fourth Amendment right against search of the packages by the DEA (since they never ended up with the recipient). The government argued, alternatively that by using the fictitious names, the packages were essentially abandoned. With respect to the reasonable expectation of privacy component, the court relied on Pitts extensively, quoting a large section of language. The gist was that there are legitimate reasons for using false names, like a literary pseudonym, and those individuals should not lose their expectation of privacy due to the nefarious actions of people who abuse the system. The court quoted Pitts further, for the general point that:
Unlike the theoretical burglar in Rakas, who is plying his trade in a summer cabin during the off-season and who is wrongfully present on someone else's property, Pitts and Alexander had a right to use false names in sending and receiving mail. There is nothing inherently wrong with a desire to remain anonymous when sending or receiving a package, and thus the expectation of privacy for a person using an alias in sending or receiving mail is one that society is prepared to recognize as reasonable. A person using this means of maintaining privacy runs the risk that if the mail is undeliverable, as occurred here, it might become irretrievable. Pitts and Alexander took that risk and ended up losing - indeed, abandoning - control of their property. Having abandoned the package, they surrender their Fourth Amendment claim.
I think the court's decision here was a no-brainer. What isn't so clear is why the court would reach the issue in the first place, since in the next paragraph, the opinion notes that the defendant lacked Fourth Amendment standing to begin with, since the expectation of privacy ended upon delivery to the DEA.

The court then goes on to assume, arguendo, that the defendant did not lack standing, and tackles the issue of whether the DEA intercepting the packages before arriving at the designated recipient (the informant, who knew where to pick them up, despite the fictitious recipient name) was a valid search due to the lack of the warrant. Here, I think the opinion arrives at its muddiest point. The court concedes a fact that I think draws the entire section just mentioned into question (CS is the informant):
While it is not entirely clear that the agents ever received express consent from the CS, they at minimum had the CS's implied consent.
So, the DEA never had consent, expressly, to search the packages, and the informant was not even aware that they would be intercepted. The court finds implied consent from the informant's relationship and cooperation with the DEA, the fact that the packages were purchased with DEA money, and that the informant allowed his telephone conversations to be recorded. However, that is not enough, in my opinion. The court goes on to analogize the case to a Fourth Circuit case aptly named United States v. Williams, 106 F.3d 1173 (4th Cir. 1997). The court describes the similarities with that case and the present as follows:
The present case is similar to United States v. Williams, 106 F.3d 1173, 1177 (4th Cir. 1997). There, a confidential informant made three separate, DEA-monitored purchases of methamphetamine by mail from the defendant. The methamphetamine packages were mailed by the defendant to the informant at a post office box under the control of the DEA. The defendant argued that the agents violated his Fourth Amendment rights by opening the packages without a warrant. The Court of Appeal rejected this argument, holding that
 We are of opinion that the admission of the contents of the three envelopes did not constitute error at all, much less plain error. Even assuming Williams had standing to challenge the admissibility of the envelopes, the record indicates that [the informant's] consent was implied from his conduct during the investigation. [The informant] had the right to open, or given consent to open, the envelopes because they were addressed to him. Also at this time, [the informant] . . . and the Task Force agents who actually opened the packages were cooperating. [The informant] had agreed to buy methamphetamine using government money. . . . We believe this evidence of the relationship between [the informant] and the Task Force agents establishes [the informant's] implied consent. Accordingly, the agents' search of the packages did not violate Williams' constitutional rights as sender of the package. (my underlining added)
I think there is an easy distinction to be made between the Fourth Circuit case, Williams, and this case; namely, that the DEA owned the post office box in Williams, or had control over it, which makes it easier to jump to the implied consent conclusion - i.e. the informant knew the mail would arrive there and it was not his personal mailbox (so the assumption that the DEA would open it would be clear). Here, the box was intercepted without the knowledge of the informant, without his consent, and in route, instead of at the point of delivery (where the reasonable expectation of privacy ends, per the courts own reasoning). So the court must leap from CS acting as an agent --> assumption that he would consent to interception --> interception was OK prior to delivery (but still during the time that the court concedes there is a reasonable expectation of privacy in the package).

I don't think the distinction above is a condemnation of the opinion, but more a "why include such a long section of dicta which weakens the argument?" If the case really can be resolved on grounds of standing, it is against notions of clarity and narrowness of holding to even include this discussion in the opinion.

Monday, February 4, 2013

Australian man to be sentenced for drug activities on Silk Road

According to Australian newspaper The Age, an Melbourne man has pleaded guilty to drug crimes after being caught purchasing and selling drugs including cocaine, LSD, and methamphetamine on the black market website Silk Road.

The website is hidden behind the Tor network and is a marketplace for nearly all types of contraband. According to Wikipedia, the site's monthly sales are estimated at about $1.2 million. Sales are conducted using Bitcoin, an online currency providing anonymity to transactions.

The defendant began using the site due to financial pressure from having to close another business. He claims to have learned of Silk Road from an article published in a newspaper (which leads me to wonder if us continuing to write about Silk Road is just going to convince you to become account holders). The defendant faces up to 25 years in prison.

Silk Road has been a tough one to crack for governments around the world. Read more about what little is known of the U.S. government's response here.