First Playpen FBI Spyware Warrant Hits The Appeals Court Level; Is Upheld On 'Good Faith'

from the faith-based-decision-making dept

The first FBI Playpen investigation warrant challenge to reach the appellate level has been denied. Andrew Workman moved to suppress evidence obtained by the FBI's Network Investigative Technique (NIT) because warrant was deployed far outside its Eastern District of Virginia jurisdiction. Workman lives in Colorado.

The Tenth Circuit Appeals Court decision [PDF] starts with a light treatise on how technology is outpacing the law and the difficulties this poses for law enforcement agencies used to obtaining identifying information with nothing more than a subpoena.

The advent of the internet created new opportunities for viewers of child pornography, allowing immediate access to illicit websites. Use of these sites frequently leaves a computerized trail, allowing the FBI to find viewers of child pornography. But technological advances have allowed viewers of child pornography to access illicit websites without leaving a trail. To monitor access to one such website, the FBI has tried to keep up; in this case, the FBI seized and assumed control, using malware to identify and find the individuals accessing child pornography.

Though the FBI controlled the website, users lived throughout the nation. To find the users, the FBI needed a warrant. But, a paradox existed. The FBI maintained the website in the Eastern District of Virginia, but users were spread out all over the country. Finding those users could prove difficult because of geographic constraints on the FBI’s ability to obtain a warrant. Notwithstanding these constraints, the FBI obtained a warrant that led to the discovery of hundreds of viewers of child pornography. One was the defendant, who faced prosecution in the District of Colorado.

This gives the reader early notice on where the decision is heading. The lower court found [PDF] the FBI's warrant invalid because its NIT traveled far outside its authorized jurisdiction. The appeals court agrees the warrant is invalid, but says the evidence shouldn't be suppressed.

The district court shot down the government's arguments for the warrant's validity, pointing out that while the seized child porn server resided in Virginia, the information gathered by the FBI's malware was obtained from computers outside the district. The government also tried to portray the NIT as a tracking device, in hopes of putting its warrant back on firmer Rule 41 ground, but the lower court shot that down as well.

In this decision, the Appeals Court grants the FBI "good faith." While doing so, it directly contradicts the lower court's findings on both issues.

We start with the presumption that the executing agents “acted in good-faith reliance upon the warrant.” United States v. Campbell, 603 F.3d 1218, 1225 (10th Cir. 2010). This presumption is bolstered by what the executing agents would have known:

1. The software was installed in a government server located in the Eastern District of Virginia.

2. The magistrate judge, who issued the warrant, was in the Eastern District of Virginia.

3. All of the information yielded from the search would be retrieved in the Eastern District of Virginia.

With these facts, the executing agents could reasonably rely on the magistrate judge’s authority to issue a warrant authorizing installation of software and retrieval of information in the Eastern District of Virginia.

This was the lower court's finding:

I am not persuaded by the government’s argument. Rule 41(b)(2) applies to property located in the same district as the magistrate judge at the time the warrant is issued. As stated above, the NIT was designed to search “activating computers,” and, in this case, Mr. Workman’s computer was located in the District of Colorado when the warrant was issued. Further, there is no evidence that the property (information) to be seized, such as Mr. Workman’s IP address, was located in the Eastern District of Virginia at the time the warrant was issued either.

Here's the lower court on the "tracking device" argument:

While it is tempting to view the NIT as a tracking device, the reality of the technology at issue here is that the NIT did not “track the movement of . . . property” as Rule 41(b)(4) contemplates. The government did not obtain Mr. Workman’s IP address by tracking the data as it moved through various relay nodes back to Mr. Workman’s computer. Rather, the government, through the NIT, searched Mr. Workman’s computer and seized his IP address along with various other pieces of information.

In response, the appeals court just says the FBI needs to defer to the magistrate issuing the warrant because technical things are too complicated for agents to sufficiently grasp.

It is true that the affiant and magistrate judge never mentioned the term “tracking device,” and the FBI’s method differs from more conventional tracking devices. But the executing agents lacked precedents on these issues and could reasonably defer to the magistrate judge on these nuanced legal issues.

In fact, it's ignorance that saves the day, as it often does when courts hand down "good faith" rulings. The less law enforcement knows, the more likely it is the evidence won't be suppressed.

We expect agents executing warrants to be “reasonably well-trained,” but we do not expect them to understand legal nuances the way that an attorney would.

No, we don't expect law enforcement officers to be lawyers but we do expect them to be aware of the same jurisdictional limits the FBI was petitioning the government to have lifted. It's inconceivable the agent requesting the warrant -- an agent the government uses as an expert witness -- didn't know the reach of the NIT would extend far beyond the jurisdiction it was approved for.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 28 Jul 2017 @ 12:15pm

    Good Faith needs to stop

    Good Faith means nothing and can be used to justify anything.

    There is a reason that good faith is not codified in the Constitution because good faith can me easily used against anyone and anything. Any bad actor can take a genuinely "decent" member of law enforcement and feed them loads of misinformation. And because of "good faith" on the part of the law enforcement patsy, all manor of unconstitutional evil can be justified.

    Good faith should never have been allowed as a crutch for terrible law enforcement practices and activities. I can think of many ways to rest an entire nations head upon a pike on "good faith"!

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jul 2017 @ 12:19pm

      Re: Good Faith needs to stop

      What's more disturbing than when evidence doesn't get tossed due "good faith" is that even when there was no "good faith" the next step isn't to prosecute the LEOs.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 28 Jul 2017 @ 12:43pm

        Re: Re: Good Faith needs to stop

        Agree, but why just the Leo's?

        Why are they not charging Judges with criminal contempt of the law for willfully facilitating massive constitutional violations.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 28 Jul 2017 @ 1:02pm

          Re: Re: Re: Good Faith needs to stop

          Yeah, I don't think it is restricted to LEO's just the one I hear about the most.

          reply to this | link to this | view in chronology ]

        • identicon
          Nebagamon, 28 Jul 2017 @ 1:56pm

          Why not punish these Judges

          ...silly boy -- you think you live in some utopian constitutional democracy where your government officials are limited in their actions against you by strict rules & enforcement

          NEWSFLASH: Your humble government officials (politicians & bureaucrats) make & break ALL the rules at their discretion, not yours. They make up the rules as they go along.... in their favor

          Courts greatly distorted/ignored those quaint Constitutional "rules" from 1789.
          Government judges (legal bureaucrats) do so because they are a major part of the very federal government those "rules" are supposed to limit. In general, judges and those who appoint them have no reason to want to limit government (which is THEM). Like most people they want to live in a society that meets THEIR desires and self-interest... and they have much power to structure society.

          Judges are a product of the very same political process that gives us crappy legislators and presidents. What President would appoint judges who would restrict his power and agenda? What Senators would confirm a judicial candidate who tells them that most everything they have ever done in office is unconstitutional? There's no reason to trust judges any more than Congressmen or Presidents or FBI/NSA/CIA/FCC/IRS Chiefs.

          'Public Choice Economics' tells us the real incentives of government actors... and we see that sad reality demonstrated every day. Americans somehow place great trust in costumed government legal bureaucrats (judges)-- and pay a great price for that misplaced trust.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 28 Jul 2017 @ 3:52pm

            Re: Why not punish these Judges

            "constitutional democracy"

            We are a Constitutional Republic, NOT a democracy like so many ignorantly think. We neither directly or indirectly control what laws are established or how they are created.

            "NEWSFLASH: Your humble government officials (politicians & bureaucrats) make & break ALL the rules at their discretion, not yours. They make up the rules as they go along.... in their favor"

            Of this I am aware.

            "Americans somehow place great trust in costumed government legal bureaucrats (judges)-- and pay a great price for that misplaced trust."

            Yep completely agree. I am one of the few people around here unwilling to let government regulate everything into a monopoly.

            reply to this | link to this | view in chronology ]

            • icon
              Matthew Cline (profile), 28 Jul 2017 @ 5:18pm

              Re: Re: Why not punish these Judges

              We neither directly or indirectly control what laws are established or how they are created.

              1) If the elected official want to be re-elected, they have to please their electorate. That's a form of indirect control (except for when the official can't be re-elected due to term limits).

              2) In the choice between two different candidates running for the same office, the different candidates will act differently if they get into office. The electorate choosing one over the other is a form of indirect control.

              reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 28 Jul 2017 @ 5:45pm

                Re: Re: Re: Why not punish these Judges

                In grade school I learned the pledge of allegiance, which began with "I pledge allegiance to the flag of the United States of America, and the republic for which it stands..."

                reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 29 Jul 2017 @ 5:25am

                Re: electorate

                "...they have to please their electorate"

                No way! You are very naive. All our U.S. elected officials take office with only a minority vote from the electorate.
                politicians don't have to please the majority.

                The "Electorate" is the total body of citizens eligible to vote. But in typical U.S. elections a third to half the electorate does not vote. Even worse in Primary elections, where over 80% of the specific electorate does not vote. All modern U.S. Presidents took office without the votes/consent of ~two-thirds of the electorate. And have you ever heard of gerrymandering?

                reply to this | link to this | view in chronology ]

                • icon
                  Matthew Cline (profile), 29 Jul 2017 @ 4:57pm

                  Re: Re: electorate

                  All our U.S. elected officials take office with only a minority vote from the electorate. politicians don't have to please the majority.

                  The "Electorate" is the total body of citizens eligible to vote. But in typical U.S. elections a third to half the electorate does not vote.

                  Alright, fine, I'll be more precise in my phrasing. Politicians have to please the set of likely voters in order to be re-elected, thus giving those likely voters an indirect control over the government.

                  reply to this | link to this | view in chronology ]

                • icon
                  Matthew Cline (profile), 29 Jul 2017 @ 5:43pm

                  Re: Re: electorate

                  Also, you said earlier that when the U.S. was founded that the founders intended it for it to not be a democracy, even indirectly. But when the U.S. was founded there was presumably a higher voting rate and less gerrymandering, meaning they would have to have set things up so that even with high voting rates and in the absence of gerrymandering the voting public still wouldn't have any indirect influence on the government. Meaning that, if you're correct, that low voting rates and gerrymandering are irrelevant.

                  Or did the founders intend for there to be low voting rates and gerrymandering?

                  reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Aug 2017 @ 4:55pm

      Re: Good Faith needs to stop

      You need to have a government you believe in before you can have anyone wirking for justufied b good faith. Not one that has been usurped by worldmongers that are hoping to rule the world and trashing everythinyg America once stood for.

      reply to this | link to this | view in chronology ]

  • icon
    TechDescartes (profile), 28 Jul 2017 @ 12:28pm

    What Did They Know and When Did They Know It?

    This presumption is bolstered by what the executing agents would have known:

    1. The software was installed in a government server located in the Eastern District of Virginia.
    2. The magistrate judge, who issued the warrant, was in the Eastern District of Virginia.
    3. All of the information yielded from the search would be retrieved in the Eastern District of Virginia.

    Apparently they did not also know that the "internet" extends beyond the Eastern District of Virginia, as shown by this recently uncovered transcript:

    "Hey, boss. We got some data from outside the Eastern District of Virginia."

    "How's that even possible?"

    "I don't know. It seems this Internet-thingy extends outside the district."

    "Really? How far?"

    "At least to Colorado."

    "No way! Who knew the tubes went that far?"

    "Tubes? It's a bridge, man. We upgraded years ago."

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jul 2017 @ 12:29pm

    Good faith is a one way street.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jul 2017 @ 12:31pm

    using malware to identify and find the individuals accessing child pornography.

    Interesting that the judge called NIT malware, which could raise all sorts of questions about the reliability of what was found on the suspects computer.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jul 2017 @ 12:44pm

    Good faith?

    Why is it that "good faith" only seems to work in the government's favor and not the other way around?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jul 2017 @ 12:58pm

    Defendant's good faith

    Defendant assessed childporn in good faith on that assumption that this being a government run server, that the childporn was government approved.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jul 2017 @ 1:12pm

    The wording here doesn't reflect technical reality

    An IP address doesn't have a location.

    A computer which is currently assigned a given IP address MAY be located somewhere: physical computers obviously are, virtual ones aren't. But even in the former case, the IP of a computer on the Internet is global: that is, it is visible to all other computers on the Internet. If that computer submits email to a mail server I run, I'll see its address. If it visits a web site I run, I'll see its address. If it queries a DNS server I run, I'll see its address.

    In all such cases, I don't have to go looking for the address: it's presented to me as part of the underlying IP protocol. It's not "here" or "there", it's everywhere.

    Note that I'm distinguishing between the IP address and the computer to which it's currently assigned. A search of the latter would require a warrant that's valid in the jurisdiction in which the computer is located. But I don't think that's true of an IP address.

    If this isn't clear yet, consider this example: many large consumer networks, e.g.., Comcast, have allocated chunks of network space to their users. In lots of places, those allocations overlay multiple states, e.g., NY/NJ/CT. A given IP address might be assigned to a computer in NY one day, and in NJ the next. Thus a warrant granted in NY and only applicable in NY wouldn't apply on that second day...if we accept that IP address have the property "location". Add to this the occasional shifting of allocations -- which can move an entire chunk of network space from one state to another -- and it should be clear, I think, that trying to apply the location validity of search warrants to IP addresses is a square-peg-round-hole situation.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jul 2017 @ 1:22pm

      Re: The wording here doesn't reflect technical reality

      In this case, TOR was in use to hide IP addresses, so a search of the computer was required, by malware according to the court, to find the IP address, as all the server had was the IP of the last relay in the chain to it.

      reply to this | link to this | view in chronology ]

      • icon
        MyNameHere (profile), 29 Jul 2017 @ 4:13am

        Re: Re: The wording here doesn't reflect technical reality

        The issue of course is that without the actual information, they have no idea. A lack of specific knowledge as to who was accessing the site supports the idea of Good Faith.

        For that matter, let's just say that the warrant process in regards to computer services is still a bit in the grey. To be honest, they seem to have touched all the bases, the site was in the state, the agency was operating in the state, etc. Not clear what they exactly are suppose to do beyond what is there already.

        reply to this | link to this | view in chronology ]

  • icon
    Ninja (profile), 28 Jul 2017 @ 1:14pm

    This decision sounds like an exception state at work, "because this important exception law doesn't need to be followed". Repeat ad nauseam. And it's frightening how frequently governments are skipping the law because "reasons".

    The govt recently doubled the tax on fuel here via decree and it went into effect the next day. Except that there is a 90-day window that must be respected and tax raises must pass through the congress. So a guy sued and got an injunction suspending the raise because obviously illegal stuff. A day after another judge struck down the injunction because "omg, economic woes, tax must prevail". And the tax increase is alive and well while democracy dies a slow agonizing death.

    Sounds familiar?

    reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 28 Jul 2017 @ 2:17pm

    "We also don't expect lawyers or judges to know that either..."

    We expect agents executing warrants to be “reasonably well-trained,” but we do not expect them to understand legal nuances the way that an attorney would.

    Which is why there are those individuals called 'judges' who are expected to know more and act as a check when agents screw it up.

    I'm pretty sure "I didn't know I was violating the law" wouldn't allow me to get a pass if I broke the law, and it definitely wouldn't allow my illegal actions and those actions based upon them to be made retroactively legal due to my ignorance, so it's absurd that that seems to be what's happening here.

    Not expecting agents, police other other actors of the state to know the law perfectly is a reasonable position, so long as their ignorance doesn't allow them to do things that they otherwise wouldn't be able to.

    Ignorance of the law should not be a benefit to those 'enforcing' the law and a detriment for those on the receiving end of said 'enforcement'. The proper response here would have been to toss out anything resulting from the invalid warrant, and if that scuttles the case then that's just too bad, get it right next time.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jul 2017 @ 5:50pm

      Re: "We also don't expect lawyers or judges to know that either..."

      We expect agents executing warrants to be “reasonably well-trained,” but we do not expect them to understand legal nuances the way that an attorney would.

      I doubt the defendant would get away by claiming "How was I supposed to know? I'm not a lawyer!"

      reply to this | link to this | view in chronology ]

    • icon
      orbitalinsertion (profile), 30 Jul 2017 @ 9:57am

      Re: "We also don't expect lawyers or judges to know that either..."

      The other funny thing is that the FBI has lawyers. And the DOJ is just chock full of them. Wonder what they are for...

      reply to this | link to this | view in chronology ]

      • icon
        That One Guy (profile), 30 Jul 2017 @ 2:15pm

        Re: Re: "We also don't expect lawyers or judges to know that either..."

        Oh that's easy, loophole finders/creators.

        "We want to bend/twist/break this law, what's the best way we can go about that and get away with it?"

        reply to this | link to this | view in chronology ]

  • icon
    Wyrm (profile), 28 Jul 2017 @ 3:04pm

    Scope

    As I see it, the "good faith" exception should never be used to salvage evidence. Evidence obtained through illegal means should be thrown out, period. Anything else encourages ignorance... and ignorance can't even argued against. (How can you force an agent to admit he knew the warrant was invalid? After all, a judge signed it. Same for the judge: How can you force him to admit he knew the cop lied about the causes and scope of the warrant?)

    I can at most accept the "good faith" exception as a defense against charges against the agent for exceeding the scope of a warrant. And even then, the good faith must be proved (the cop must be assumed to know the law he enforces, the opposite would be just crazy and open to abuse). Then, any failure to prove "good faith" should result in charges and trial for abuse of power or anything of that order.

    Funny how ignorance of the law is only a defense for those charged with enforcing it. That's an imbalance in power in favor of those who already have (too much?) power on their side.

    reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 28 Jul 2017 @ 8:44pm

    "Finding those users could prove difficult because of geographic constraints on the FBI’s ability to obtain a warrant."

    Oh that's right, the FBI only has offices & power EAST of the Mississippi.

    Warrants are hard, they wanted CP, so we'll let them not reveal how the information was obtained and allow it to be used in court.

    This is trying to salvage a clusterfuck, and bending that silly bedrock of rights to get the win. Otherwise people might ask how fing stupid they were KNOWING they would have contacts GLOBALLY accessing the site & new content would be produced & posted on servers fully under control of the FBI.

    There is no good faith. There is allowing law enforcement to violate the law & logic and saying no foul.

    Their targets might be the scum of the fucking earth, but god damn we can't let their rights be scrapped. If we won't demand scum get fair and equal treatment, how can we demand we get fair and equal treatment?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Jul 2017 @ 3:06am

    The advent of the internet created new opportunities for viewers of information, allowing immediate access to licit websites. Use of these sites frequently leaves a computerized trail, allowing the FBI to find viewers of whistleblower information. But technological advances have allowed viewers of whistleblower information to access licit websites without leaving a trail. To monitor access to one such website, the FBI has tried to keep up; in this case, the FBI seized and assumed control, using malware to identify and find the individuals accessing whistleblower information.

    Though the FBI controlled the website, users lived throughout the nation. To find the users, the FBI needed a warrant. But, a paradox existed. The FBI maintained the website in the Eastern District of Virginia, but users were spread out all over the country. Finding those users could prove difficult because of geographic constraints on the FBI’s ability to obtain a warrant. Notwithstanding these constraints, the FBI obtained a warrant that led to the discovery of hundreds of viewers of whistleblower information. One was the defendant, who faced prosecution in the District of Colorado.

    reply to this | link to this | view in chronology ]

  • identicon
    Hugo, 29 Jul 2017 @ 5:16am

    And that's why the EFF/ACLU et al are so important

    So, we've had trans-district networks for at least 50 years (ARPA-NET). Why have the courts not had a think about this and come up with a considered opinion about this in the next decade? Because that's not their job, until they are forced to do so. They implement and interpret law, but interpretation requires controversial cases to be brought before them.

    And that is exactly what the ACLU, EFF et al do. And, the thing I love about them is that they don't give up. They regularly, heavily disagree with court decisions and push "interpretations" up the stack (to use a networking analogy).

    I recall that other evidence via NIT outside of the boundaries of the warrant issuing court has also been rejected. Thus, we can expect this to reach the supreme court as we end up with differing judgements at the appellate courts.

    Interesting times ahead.

    reply to this | link to this | view in chronology ]

  • identicon
    CHRoNo§§, 29 Jul 2017 @ 7:07am

    @ all the above

    to the idiot that thinks he doesnt live in a democracy allow me to educate you a little on forms of gov't

    DEMOCRACY - Government by the people , I.E. , the established body of citizens , whether through direct role ( ancient greece ) or elected representatives ( see other forms of democracy below)

    Republic - A government by representative of an established electorate that rule on behalf of the electorate.

    Constitutional Monarchy - Where the monarch is a figure head and a democracy is in fact in rule.

    Todays education we will show you some forms you actually might say hey our govt kinda fits here.....

    AUTOCRACY - Government which rest in self-derived , absolute power , typified by a KING or EMPEROR.

    DICTATORSHIP - Government which rest in one person...does not have to be a king or emperor.

    MILITOCRACY - gov't run by the military and armed forced in general.

    OLIGARCHY - A government run be a very few ( usually absolute) rulers who are co equals....

    PLUTOCRACY - Govnernment by the wealthy

    THEOCRACY - Govnerment by forms of religions....

    SYNDICRACY - government by a body of syndics , each representing some business interest.

    PEDOCRACY - govt by learned ones and science related people and scholars.

    GYNARCHY - govt run by females

    matriarchy - govt run by eldest females of whatever social units exist.

    FEODAILTY - a govt which is feudal in nature, where each layer above derives power from that below

    NOW ill say the usa is technically a DEMOCRATIC REPUBLIC

    its kinda like the north koreans calling themselves a republic when in fact its a dictatorship

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Show Now: Takedown
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.