Legal Issues

by Tim Cushing


Filed Under:
doj, fbi, malware, nit, playpen, rule 41, warrant



Another Court Finds FBI's NIT Warrants To Be Invalid, But Credits Agents' 'Good Faith' To Deny Suppression

from the sure,-someone-screwed-up-but-it's-not-going-to-help-you dept

Yet another court has found that the warrant used by the FBI in the Playpen child porn investigation is invalid, rendering its NIT-assisted "search" unconstitutional. As USA Today's Brad Heath points out, this is at least the sixth court to find that Rule 41's jurisdictional limitations do not permit warrants issued in Virginia to support searches performed all over the nation.

While the court agrees that the warrant is invalid, it places the blame at the feet of the magistrate judge who issued it, rather than the agents who obtained it.

That Congress has “not caught up” with technological advances does not change the fact that the target of the NIT in Werdene’s case was located outside of the magistrate judge’s district and beyond her jurisdiction under subsection (b)(1). The property to be seized pursuant to the NIT warrant was not the server located in Newington, Virginia, but the IP address and related material “[f]rom any ‘activating’ computer” that accessed Playpen. (Gov’t’s Opp., Ex. 1 Attach. A.) Since that material was located outside of the Eastern District of Virginia, the magistrate judge did not have authority to issue the warrant under Rule 41(b)(1).

So, unlike other cases, this will not result in a suppression of evidence, thanks to the "good faith exception."

Werdene claims that the Government acted with intentional and deliberate disregard of Rule 41 because the FBI misled the magistrate judge “with respect to the true location of the activating computers to be searched.” (Def.’s Mem. at 17.) This argument is belied by both the warrant and warrant application. Agent Macfarlane stated in the warrant application that the “NIT may cause an activating computer—wherever located—to send to a computer controlled by or known to the government, network level messages containing information that may assist in identifying the computer, its location, other information about the computer and the user of the computer.” With this information, the magistrate judge believed that she had jurisdiction to issue the NIT warrant. Contrary to Werdene’s assertion, this is not a case where the agents “hid the ball” from the magistrate or misrepresented how the search would be conducted.

[...]

[T]o the extent a mistake was made in this case, it was not made by the agents in “reckless . . . disregard for Fourth Amendment rights.” Davis, 564 U.S. at 238 (quoting Herring, 555 U.S. at 144). Rather, it was made by the magistrate when she mistakenly issued a warrant outside her jurisdiction.

Added to this is another wrinkle that doesn't work in the defendant's favor. The court also follows Third Circuit precedent in finding that there is "no expectation of privacy" in an IP address, even if a person has taken measures to hide that information from others.

Werdene had no reasonable expectation of privacy in his IP address. Aside from providing the address to Comcast, his internet service provider, a necessary aspect of Tor is the initial transmission of a user’s IP address to a third-party: “in order for a prospective user to use the Tor network they must disclose information, including their IP addresses, to unknown individuals running Tor nodes, so that their communications can be directed toward their destinations.” United States v. Farrell, No. 15-cr-029, 2016 WL 705197, at *2 (W.D. Wash. Feb. 23, 2016). The court in Farrell held that “[u]nder these circumstances Tor users clearly lack a reasonable expectation of privacy in their IP addresses while using the Tor network.”

The FBI is struggling to keep its many Playpen cases from falling apart, thanks to bogus warrants, a tool it refuses to discuss, and unexpected pushback from usually ultra-compliant courts. The proposed changes to Rule 41 will remove jurisdiction limits, but it isn't law yet. (Fortunately, there's an actual effort to prevent this from happening, as it would only take Congressional inactivity to see it become codified.) This outcome doesn't necessarily hurt this particular case, but yet another judge finding the warrants invalid from word one isn't exactly a confidence-builder either.


Reader Comments

The First Word

Subscribe: RSS

View by: Time | Thread


  • icon
    DannyB (profile), 24 May 2016 @ 2:11pm

    The Magistrate Judge is at fault!

    How Dare that judge allow him/her self to be misled by the FBI!

    A judge should know better than to trust the FBI. Everything they say should be suspect.

    (at least that is one message out of this)

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 May 2016 @ 2:17pm

    The good faith exception

    How is it that this exception only benefits the prosecution and not the defense? I thought that was how the whole justice system was setup? There was no good faith in this operation. They could have gotten warrants for every state and covered themselves, but they didn't bother since their mistakes are considered "Good faith".
    They could have obtained the IP's of the accused without using NIT's if they.... No wait, the accused took steps to make make their activities private, as they constitutionally are allowed to do. The NIT's used are not legal unless the defense gets to study them and verify that they do what and only what they are supposed to be able to do. The chain of custody honestly should be questioned since the government is admitting that they had the ability to control the suspects computer including adding files.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 May 2016 @ 2:31pm

    [T]o the extent a mistake was made in this case, it was not made by the agents in “reckless . . . disregard for Fourth Amendment rights.”
    This is true.

    The mistake was made in deliberate disregard for Fourth Amendment rights

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 May 2016 @ 2:55pm

    Re: Aside from providing the address to Comcast,

    Got that backwards. Depending on architecture, the address is allocated from the provider to the end node, typically using either DHCP or LCP options. Layer 3 protocol transparency is native to the communication, and its use does not offer consent any more than the ability to hold ones breath under water offers consent to being forcibly drowned.

    Note that this used to be less of an issue since lease times used to expire regularly, changing addresses. Carriers like Comcast changed their lease intervals to provide more consistent addressing layer 2 to layer 3 maps. This is probably to stop gamers from bitching about renumbering their firewalls, and to make snooping easier.

    Really this is busted at OSI layer 2, since Ethernet MAC addressing is a known problem in a number of ways and has been for a decade.

    But yeah, judge needs to nerd harder. The end node did not GIVE anything to anybody, other than the terminating node for the communication. Consenting data interchange occurs at layer 4. Everything below that is only available due to technical limitations. Availability isn't consent.

    The way you know that is the courthouse steps are available to receive a flaming bag of poo. Yet one isn't there. The steps did not consent by daring to exist.

    reply to this | link to this | view in chronology ]

  • identicon
    Beech, 24 May 2016 @ 3:09pm

    Scam

    Seems like quite the scam. 1) Have clueless judge that will sign anything handed to them sign unconstitutional warrant. 2) When shit hits the fan, blame clueless judge for being clueless. 3) Since it's the clueless judge's fault, the cops are acting in good faith, evidence can stick. 4) Repeat.

    What kind of system is it where one branch can violate your rights, and it can still be used against you?

    reply to this | link to this | view in chronology ]

    • identicon
      DogBreath, 24 May 2016 @ 6:34pm

      Re: Scam

      What kind of system is it where one branch can violate your rights, and it can still be used against you?

      It's a whole new ballgame boys and girls. But in reality, it has always been this way.

      While "Fruit of the poisonous tree" evidence may not be used against you, "Fruit of the poisonous tree, as long as it is given authorization from a different and clueless orchard" evidence, is A-OK Number One!.

      "I was allowed to gather evidence on a defective search warrant, and can not be held accountable for violating any rights of any suspects due to such warrant. And Oh, by the way, All evidence gathered under such defective search warrant still stands because the law doesn't give a damn when judges overreach and overstep their authority"

      Short version: "My daddy was dumb enough to give me a permission slip to step on your face, so too bad."

      reply to this | link to this | view in chronology ]

  • icon
    Coyne Tibbets (profile), 24 May 2016 @ 3:10pm

    Judge uses his Bic

    Oh, right, the good faith exception. Like a Bic pen: works first time, every time.

    reply to this | link to this | view in chronology ]

  • identicon
    Whoever, 24 May 2016 @ 3:33pm

    "Originalist" judges

    Can anyone tell me where the "good faith exception" is in the Constitution?

    Oh, right, it's just another example of those judges (including "originalist" judges) making stuff up.

    reply to this | link to this | view in chronology ]

  • icon
    katsai (profile), 24 May 2016 @ 4:42pm

    The "Good Faith" exception should go away

    If a warrant is invalid or improperly obtained, all evidence uncovered by that warrant should be inadmissable. That the officers were acting in good faith is meaningless. IF I'm driving down the highway at 65 MPH and believe the speed limit is 65, when it is actually 55, my action that I'm taking in good faith does not shield me from a ticket. Ignorance is no excuse from the law. Unless you're law enforcement I guess.

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 24 May 2016 @ 6:13pm

      Re: The "Good Faith" exception should go away

      Yeah, the 'Good Faith' idea is so utterly wrong it really needs to be tossed immediately. The idea that 'It doesn't matter if they broke the law, so long as they had a badge and thought they were in the right at the time' is beyond absurd, as it both guts any rules or limits and actually encourages ignorance of the law among the very people who should know it the most, those tasked with upholding it.

      Not to mention as you say it doesn't seem to apply to anyone without a badge, only to those with, and double-standards under the law should never be acceptable.

      reply to this | link to this | view in chronology ]

      • icon
        Coyne Tibbets (profile), 24 May 2016 @ 8:16pm

        Re: Re: The "Good Faith" exception should go away

        The good faith exemption originally had a good purpose, but like so much else, it has been perverted by the government.

        The problem is that the government doesn't "learn" from its "mistakes". Okay, good faith in this situation, right? Next week, the same agents, the same prosecutor bring "the same case" before the same judge, as a new case. Agents and prosecutors aren't learning? Violating rights wholesale? Rejected, right?

        Nope, same exemption.

        Good faith has no memory. The government can use the same excuse, in the same circumstances, over and over and over and never "do (it) right."

        At the very least, "good faith" needs to develop a memory of past wrongdoing.

        reply to this | link to this | view in chronology ]

        • icon
          Uriel-238 (profile), 25 May 2016 @ 12:15am

          Re: Re: Re: The "Good Faith" exception should go away

          I thought the Good Faith except was meant to allow law enforcement officers to bypass fourth-amendment protections by claiming they were acting in Good Faith.

          Is there a standard of Good Faith? Or does the officer merely have to claim it? What shows evidence of good faith, or evidence to the contrary? When is an officer acting in Bad Faith that he's not guilty of some other crime as well?

          Good Faith has always been a response to the emotionally troubling problem that whenever a police officer does not follow procedure, or whenever a new right is acknowledged by the courts (e.g. email privacy) that someone awful gets acquitted.

          That isn't stomachable by some people, hence they invented good faith, as if that were a thing that could be determined.

          I am skeptical that it is.

          reply to this | link to this | view in chronology ]

          • icon
            Coyne Tibbets (profile), 25 May 2016 @ 10:59am

            Re: Re: Re: Re: The "Good Faith" exception should go away

            Good faith was originally created to overcome the overly stringent rules the courts were imposing on LEOs. An example taken from a story I read:
            Cops got a warrant to search an apartment. While searching it, they passed through a door that, unknown to them, lead into the adjacent apartment. Evidence found in the adjacent apartment was thrown out by the court, even though the error was inadvertent.
            That's what it was for originally, inadvertent error. But it's been steadily expanded, first to not-so-inadvertent errors, then to presumptions that the law permitted an action later found by the court to be not allowed and so on.

            The latter is the case here: the DOJ presumed that they could bend rule 41 to permit a warrant to be issued covering an unknown jurisdiction. Nope, can't. But, gee, they were really trying it in good faith, weren't they?

            This case is very gray: to me, it's hard to discern the good faith, but hey, free to disagree, right? And it probably doesn't really matter in this case because SCOTUS is changing rule 41, to allow for situations like this, in what appears to me to be a reasonable change.

            But if rule 41 wasn't changed, FBI/DOJ would continue doing the same thing under good faith, in more cases: they'd change some jot or tittle in the warrant process each time, then bring it before the same judge...and he'd grant the exemption again.

            Now go back to the apartment story again: suppose the connecting door has a big sign on it saying, "Apartment 109". The cops would just say, "We thought it was a joke," and *bang* exemption.

            Basically, good faith has been watered down where it prevents neither repeated nor deliberate rights violations.

            Which is ugly.

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 26 May 2016 @ 3:50am

              Re: Re: Re: Re: Re: The "Good Faith" exception should go away

              I like to consider prior actions of an agency when it comes to stuff like this.

              If they had good credibility that they were always doing things lawfully and made the odd mistake then good faith could be accepted. We both know this agency lies, cheats, steals and murders to get what they want. Not a chance in hell they do anything on good faith.

              reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 May 2016 @ 4:55pm

    Read the order first

    The judge didn't deem the warrant "invalid" else suppression would have been ordered. He acknowledged it violated rule 41 and then used some erroneous and specious reasoning to award Good Faith status to the violation. This reasoning is the meat of this story. The judge compared the NIT to a pen register and wrote that because an IP address is not protected by the 4th amendment then the NIT doesn't even count as a "search". He has clearly been bamboozled by the FBI's obfuscation, even while specifically declaring in the order to the contrary. It is obvious he has no idea that the not-a-search took place on the defendant's computer and has declared that an IP address can be obtained by any means without a warrant, even hacking into remote computers. It is an absurd and utterly clueless ruling.

    reply to this | link to this | view in chronology ]

  • icon
    Anonymous Anonymous Coward (profile), 24 May 2016 @ 6:05pm

    Separation of Church and State

    I understand that that concept rarely means what one hopes it means, but what the hell is faith doing in a situation that is supposed to be fact based?

    reply to this | link to this | view in chronology ]

    • icon
      Wyrm (profile), 24 May 2016 @ 8:30pm

      Re: Separation of Church and State

      That's easy to answer:
      Arguing facts is only as strong as what you can prove.
      Arguing faith is as strong as you say it is.

      When you lack proof, just pretend repeatedly that you really believe it's the truth. Your argument will become stronger the more it is repeated. (At least to some people.)

      reply to this | link to this | view in chronology ]

      • icon
        Uriel-238 (profile), 25 May 2016 @ 12:20am

        Re: Re: Separation of Church and State

        Would any justice accept the argument that a citizen could be punished or imprisoned merely because a police officer believes that person to be bad?

        Would any justice convict when the only evidence is that a police officer believes the suspect is guilty?

        If so that is a considerable flaw in the notion that individual humans serve to judge criminal cases, let alone the legal systems within the United States.

        reply to this | link to this | view in chronology ]

  • icon
    Wyrm (profile), 24 May 2016 @ 8:24pm

    once again, good faith saves the day

    I could have understood the concept of "good faith" as an immunity to being sued for someone else's mistake. Even when the good faith here is far from obvious.
    But that shouldn't save the whole prosecution because evidence is only as strong as the weakest link in the chain of events that brings it to a trial.
    It might not have been the FBI's fault (then again, I'm not convinced, but let's give then that much for now), but the chain does contain a completely invalid warrant, so the evidence is invalid.
    Same as if a lab assistant had switched samples to be tested: not the cops' fault but still broken evidence.

    Trust in the judicial system comes from the rules. If LEO and judges consider that rules don't apply to themselves, why are they surprised that people don't trust them anymore?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 25 May 2016 @ 3:38am

    They broke the law but are rewarded for it. They are going to go after people they just do not like but have broken no laws now that they know they won't be punished.

    reply to this | link to this | view in chronology ]

  • identicon
    David, 25 May 2016 @ 5:33am

    Renaming needed.

    I think the "fruit of the poisoned tree doctrine" is in need of renaming since one can safely and successfully keep partaking of the fruit until (and if) one notices a first adverse reaction.

    Maybe "fruit of the sometimes slightly allergenic tree doctrine"?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 25 May 2016 @ 7:13am

    I understand your concept. It's a radical new ballgame young men and young ladies. In any case, actually, it has dependably been like this.

    reply to this | link to this | view in chronology ]

  • icon
    John Fenderson (profile), 25 May 2016 @ 7:31am

    If exception exist

    If exceptions to rules like "you have to have a valid warrant" are ignored because of some nebulous notion of "good faith", then the rules may as well not exist at all.

    This is yet another piece of evidence pointing to how the "justice system" is anything but just.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.