Cybertelecom Federal Internet Law & Policy An Educational Project

Fourth Amendment

Fourth Amendment

The right of the people to be secure in their persons, houses, papers, an effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Derived From: Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations Computer Crime and Intellectual Property Section, Criminal Division, DOJ (2009) (Remember: This is a rendition of the state of the law from law enforcement and reflects their views)

Chapter 1 Searching and Seizing Computers Without a Warrant

A. Introduction

According to the Supreme Court, a “‘seizure’ of property occurs when there is some meaningful interference with an individual’s possessory interests in that property,” United States v. Jacobsen, 466 U.S. 109, 113 (1984), and the Court has also characterized the interception of intangible communications as a seizure. See Berger v. New York, 388 U.S. 41, 59-60 (1967). Furthermore, the Court has held that a “‘search’ occurs when an expectation of privacy that society is prepared to consider reasonable is infringed.” Jacobsen, 466 U.S. at 113. If the government’s conduct does not violate a person’s “reasonable expectation of privacy,” then formally it does not constitute a Fourth Amendment “search” and no warrant is required. See Illinois v. Andreas, 463 U.S. 765, 771 (1983). In addition, a warrantless search that violates a person’s reasonable expectation of privacy will nonetheless be constitutional if it falls within an established exception to the warrant requirement. See Illinois v. Rodriguez, 497 U.S. 177, 185-86 (1990). Accordingly, investigators must consider two issues when asking whether a government search of a computer requires a warrant. First, does the search violate a reasonable expectation of privacy? And if so, is the search nonetheless permissible because it falls within an exception to the warrant requirement?

B. Fourth Amendment's Reasonable Expectation of privacy in Cases Involving Computers

1. General Principles

A search is constitutional if it does not violate a person’s “reasonable” or “legitimate” expectation of privacy. Katz v. United States, 389 U.S. 347, 361 (1967) (Harlan, J., concurring). This inquiry embraces two discrete questions: first, whether the individual’s conduct reflects “an actual (subjective) expectation of privacy,” and second, whether the individual’s subjective expectation of privacy is “one that society is prepared to recognize as ‘reasonable.’” Id. at 361. In most cases, the difficulty of contesting a defendant’s subjective expectation of privacy focuses the analysis on the objective aspect of the Katz test, i.e., whether the individual’s expectation of privacy was reasonable.No bright line rule indicates whether an expectation of privacy is constitutionally reasonable. See O’Connor v. Ortega, 480 U.S. 709, 715 (1987). For example, the Supreme Court has held that a person has a reasonable expectation of privacy in property located inside a person’s home, see Payton v. New York, 445 U.S. 573, 589-90 (1980); in “the relative heat of various rooms in the home” revealed through the use of a thermal imager, see Kyllo v. United States, 533 U.S. 27, 34-35 (2001); in conversations taking place in an enclosed phone booth, see Katz, 389 U.S. at 352; and in the contents of opaque containers, see United States v. Ross, 456 U.S. 798, 822-23 (1982). In contrast, a person does not have a reasonable expectation of privacy in activities conducted in open fields, see Oliver v. United States, 466 U.S. 170, 177 (1984); in garbage deposited at the outskirts of real property, see California v. Greenwood, 486 U.S. 35, 40-41 (1988); or in a stranger’s house that the person has entered without the owner’s consent in order to commit a theft, see Rakas v. Illinois, 439 U.S. 128, 143 n.12 (1978).

2. Reasonable Expectation of privacy in Computers as Storage Devices

The most basic Fourth Amendment question in computer cases asks whether an individual enjoys a reasonable expectation of privacy in electronic information stored within computers (or other electronic storage devices) under the individual’s control. For example, do individuals have a reasonable expectation of privacy in the contents of their laptop computers, USB drives, or cell phones? If the answer is “yes,” then the government ordinarily must obtain a warrant, or fall within an exception to the warrant requirement, before it accesses the information stored inside.When confronted with this issue, courts have analogized the expectation of privacy in a computer to the expectation of privacy in closed containers such as suitcases, footlockers, or briefcases. Because individuals generally retain a reasonable expectation of privacy in the contents of closed containers, see United States v. Ross, 456 U.S. 798, 822-23 (1982), they also generally retain a reasonable expectation of privacy in data held within electronic storage devices. Accordingly, accessing information stored in a computer ordinarily will implicate the owner’s reasonable expectation of privacy in the information. See United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir. 2007) (finding reasonable expectation of privacy in a personal computer); United States v. Buckner, 473 F.3d 551, 554 n.2 (4th Cir. 2007) (same); United States v. Lifshitz, 369 F.3d 173, 190 (2d Cir. 2004) (“Individuals generally possess a reasonable expectation of privacy in their home computers.”); Trulock v. Freeh, 275 F.3d 391, 403 (4th Cir. 2001); United States v. Al-Marri, 230 F. Supp. 2d 535, 541 (S.D.N.Y. 2002) (“Courts have uniformly agreed that computers should be treated as if they were closed containers.”); United States v. Reyes, 922 F. Supp. 818, 832-33 (S.D.N.Y. 1996) (finding reasonable expectation of privacy in data stored in a pager); United States v. Lynch, 908 F. Supp. 284, 287 (D.V.I. 1995) (same); United States v. Chan, 830 F. Supp. 531, 535 (N.D. Cal. 1993) (same); see also United States v. Andrus, 483 F.3d 711, 718 (10th Cir. 2007) (“A personal computer is often a repository for private information the computer’s owner does not intend to share with others. For most people, their computers are their most private spaces.” (internal quotation omitted)).Although courts have generally agreed that electronic storage devices can be analogized to closed containers, they have reached differing conclusions about whether a computer or other storage device should be classified as a single closed container or whether each individual file stored within a computer or storage device should be treated as a separate closed container. In two cases, the Fifth Circuit determined that a computer disk containing multiple files is a single container for Fourth Amendment purposes. First, in United States v. Runyan, 275 F.3d 449, 464-65 (5th Cir. 2001), in which private parties had searched certain files and found child pornography, the Fifth Circuit held that the police did not exceed the scope of the private search when they examined additional files on any disk that had been, in part, privately searched. Analogizing a disk to a closed container, the court explained that “police do not exceed the private search when they examine more items within a closed container than did the private searchers.” Id. at 464. In a subsequent case, the Fifth Circuit held that when a warrantless search of a portion of a computer and zip disk had been justified, the defendant no longer retained any reasonable expectation of privacy in the remaining contents of the computer and disk, and thus a comprehensive search by law enforcement personnel did not violate the Fourth Amendment. See United States v. Slanina, 283 F.3d 670, 680 (5th Cir. 2002), vacated on other grounds, 537 U.S. 802 (2002), aff’d, 359 F.3d 356, 358 (5th Cir. 2004). See also People v. Emerson, 766 N.Y.S.2d 482, 488 (N.Y. Sup. Ct. 2003) (adopting intermediate position of treating computer folders rather than individual files as closed containers); United States v. Beusch, 596 F.2d 871, 876-77 (9th Cir. 1979) (holding that when a physical ledger contains some information that falls within the scope of a warrant, law enforcement may seize the entire ledger, rather than individual responsive pages).Other appellate courts have treated individual computer files as separate entities, at least in the search warrant context. See, e.g., Guest v. Leis, 255 F.3d 325, 335 (6th Cir. 2001) (approving off-site review of a computer to “separate relevant files from unrelated files”). Similarly, the Tenth Circuit has refused to allow such exhaustive searches of a computer’s hard drive in the absence of a warrant or some exception to the warrant requirement. See United States v. Carey, 172 F.3d 1268, 1273-75 (10th Cir. 1999) (ruling that agent exceeded the scope of a warrant to search for evidence of drug sales when he “abandoned that search” and instead searched for evidence of child pornography for five hours). In particular, the Tenth Circuit cautioned in a later case that “[b]ecause computers can hold so much information touching on many different areas of a person’s life, there is greater potential for the ‘intermingling’ of documents and a consequent invasion of privacy when police execute a search for evidence on a computer.” United States v. Walser, 275 F.3d 981, 986 (10th Cir. 2001).Although individuals generally retain a reasonable expectation of privacy in computers under their control, special circumstances may eliminate that expectation. For example, an individual will not retain a reasonable expectation of privacy in information that the person has made openly available. See Katz v. United States, 389 U.S. 347, 351 (1967) (“What a person knowingly exposes to the public, even in his own home or office, is not a subject of Fourth Amendment protection.”); Wilson v. Moreau, 440 F. Supp. 2d 81, 104 (D.R.I. 2006) (finding no expectation of privacy in documents user stored on computers available for public use in a public library); United States v. Gines-Perez, 214 F. Supp. 2d 205, 224-26 (D.P.R. 2002) (finding no reasonable expectation of privacy in information placed on the Internet); United States v. Butler, 151 F. Supp. 2d 82, 83-84 (D. Me. 2001) (finding no reasonable expectation of privacy in hard drives of shared university computers). Thus, several courts have held that a defendant has no reasonable expectation of privacy in files shared freely with others. See United States v. King, 509 F.3d 1338, 1341-42 (11th Cir. 2007) (holding that defendant did not have a legitimate expectation of privacy in the contents of a “shared drive” of his laptop while it was connected to a network); United States v. Barrows, 481 F.3d 1246, 1249 (10th Cir. 2007) (holding no reasonable expectation of privacy exists where defendant networked his computer “for the express purpose of sharing files”); United States v. Stults, 2007 WL 4284721, at *1 (D. Neb. Dec. 3, 2007) (finding no reasonable expectation of privacy in computer files that the defendant made available using a peer-topeer file sharing program). Similarly, in United States v. David, 756 F. Supp. 1385 (D. Nev. 1991), agents looking over the defendant’s shoulder read the defendant’s password from the screen as the defendant typed his password into a handheld computer. The court found no Fourth Amendment violation in obtaining the password because the defendant did not enjoy a reasonable expectation of privacy “in the display that appeared on the screen.” Id. at 1390. See also United States v. Gorshkov, 2001 WL 1024026, at *2 (W.D. Wash. May 23, 2001) (holding that defendant did not have a reasonable expectation of privacy in use of a private computer network when undercover federal agents looked over his shoulder, when he did not own the computer he used, and when he knew that the system administrator could monitor his activities). Nor will individuals generally enjoy a reasonable expectation of privacy in the contents of computers they have stolen or obtained by fraud. See United States v. Caymen, 404 F.3d 1196, 1200 (9th Cir. 2005); United States v. Lyons, 992 F.2d 1029, 1031-32 (10th Cir. 1993).

3. Reasonable Expectation of privacy and Third-Party Possession

Individuals who retain a reasonable expectation of privacy in stored electronic information under their control may lose Fourth Amendment protections when they relinquish that control to third parties. For example, an individual may offer a container of electronic information to a third party by bringing a malfunctioning computer to a repair shop or by shipping a floppy diskette in the mail to a friend. Alternatively, a user may transmit information to third parties electronically, such as by sending data across the Internet, or a user may leave information on a shared computer network. When law enforcement agents learn of information possessed by third parties that may provide evidence of a crime, they may wish to inspect it. Whether the Fourth Amendment requires them to obtain a warrant before examining the information depends in part upon whether the third-party possession has eliminated the individual’s reasonable expectation of privacy.To analyze third-party possession issues, it helps first to distinguish between possession by a carrier in the course of transmission to an intended recipient and subsequent possession by the intended recipient. For example, if A hires B to carry a package to C, A’s reasonable expectation of privacy in the contents of the package during the time that B carries the package on its way to C may be different than A’s reasonable expectation of privacy after C has received the package. During transmission, contents generally retain Fourth Amendment protection. The government ordinarily may not examine the contents of a closed container in the course of transmission without a warrant. Government intrusion and examination of the contents ordinarily violates the reasonable expectation of privacy of both the sender and receiver. See United States v. Villarreal, 963 F.2d 770, 774 (5th Cir. 1992). But see United States v. Young, 350 F.3d 1302, 1308 (11th Cir. 2003) (holding that Federal Express’s terms of service, which allowed it to access customers’ packages, eliminated customer’s reasonable expectation of privacy in package); United States v. Walker, 20 F. Supp. 2d 971, 973-74 (S.D.W.Va. 1998) (concluding that packages sent to an alias in furtherance of a criminal scheme do not support a reasonable expectation of privacy). This rule applies regardless of whether the carrier is owned by the government or a private company. Compare Ex Parte Jackson, 96 U.S. (6 Otto) 727, 733 (1877) (public carrier), with Walter v. United States, 447 U.S. 649, 651 (1980) (private carrier).Government acquisition of an intangible electronic signal in the course of transmission may also implicate the Fourth Amendment. See Berger v. New York, 388 U.S. 41, 58-60 (1967) (applying the Fourth Amendment to a wire communication in the context of a wiretap). The boundaries of the Fourth Amendment in such cases remain hazy, however, because Congress addressed the Fourth Amendment concerns identified in Berger by passing Title III of the Omnibus Crime Control and Safe Streets Act of 1968 (“Title III”), 18 U.S.C. §§ 2510-2522. Title III, which is discussed fully in Chapter 4, provides a comprehensive statutory framework that regulates real-time monitoring of wire and electronic communications. Its scope encompasses, and in many significant ways exceeds, the protection offered by the Fourth Amendment. See United States v. Torres, 751 F.2d 875, 884 (7th Cir. 1984); Chandler v. United States Army, 125 F.3d 1296, 1298 (9th Cir. 1997). As a practical matter, then, the monitoring of wire and electronic communications in the course of transmission generally raises many statutory questions, but few constitutional ones. See generally Chapter 4.Ordinarily, once an item has been received by the intended recipient, the sender’s reasonable expectation of privacy in the item terminates. See United States v. King, 55 F.3d 1193, 1196 (6th Cir. 1995) (sender’s expectation of privacy in letter “terminates upon delivery”). More generally, the Supreme Court has repeatedly held that the Fourth Amendment is not violated when information revealed to a third party is disclosed by the third party to the government, regardless of any subjective expectation that the third parties will keep the information confidential. For example, in United States v. Miller, 425 U.S. 435, 443 (1976), the Court held that the Fourth Amendment does not protect bank account information that account holders divulge to their banks. By placing information under the control of a third party, the Court stated, an account holder assumes the risk that the information will be conveyed to the government. Id. According to the Court, “the Fourth Amendment does not prohibit the obtaining of information revealed to a third party and conveyed by him to Government authorities, even if the information is revealed on the assumption that it will be used only for a limited purpose and the confidence placed in the third party will not be betrayed.” Id. (citing Hoffa v. United States, 385 U.S. 293, 302 (1966)). See also SEC v. Jerry T. O’Brien, Inc., 467 U.S. 735, 743 (1984) (“when a person communicates information to a third party . . . he cannot object if the third party conveys that information or records thereof to law enforcement authorities”); Smith v. Maryland, 442 U.S. 735, 743-44 (1979) (finding no reasonable expectation of privacy in phone numbers dialed by owner of a telephone because act of dialing the number effectively tells the number to the phone company); Couch v. United States, 409 U.S. 322, 335 (1973) (holding that government may subpoena accountant for client information given to accountant by client because client retains no reasonable expectation of privacy in information given to accountant).Courts have applied these principles to electronic communications. For example, in United States v. Horowitz, 806 F.2d 1222 (4th Cir. 1986), the defendant emailed confidential pricing information relating to his employer to his employer’s competitor. After the FBI searched the competitor’s computers and found the pricing information, the defendant claimed that the search violated his Fourth Amendment rights. The Fourth Circuit disagreed, holding that the defendant relinquished his interest in and control over the information by sending it to the competitor for the competitor’s future use. See id. at 1224- 26. See also Guest v. Leis, 255 F.3d 325, 333 (6th Cir. 2001) (stating that sender of email “would lose a legitimate expectation of privacy in an e-mail that had already reached its recipient; at this moment, the e-mailer would be analogous to a letter-writer, whose ‘expectation of privacy ordinarily terminates upon delivery’ of the letter”); United States v. Meriwether, 917 F.2d 955, 959 (6th Cir. 1990) (defendant had no reasonable expectation of privacy in message sent to a pager); United States v. Charbonneau, 979 F. Supp. 1177, 1184 (S.D. Ohio 1997) (stating that a sender of an email “cannot be afforded a reasonable expectation of privacy once that message is received.”).Defendants will occasionally raise a Fourth Amendment challenge to the acquisition of account records and subscriber information held by Internet service providers where law enforcement obtained the records using less process than a search warrant. As discussed in Chapter 3.D, the Stored Communications Act permits the government to obtain transactional records with an “articulable facts” court order and specified subscriber information with a subpoena. See 18 U.S.C. §§ 2701-2712. These statutory procedures comply with the Fourth Amendment because customers of communication service providers do not have a reasonable expectation of privacy in customer account records maintained by and for the provider’s business. See United States v. Perrine, 518 F.3d 1196, 1204 (10th Cir. 2008) (“Every federal court to address this issue has held that subscriber information provided to an internet provider is not protected by the Fourth Amendment’s privacy expectation.”); Guest v. Leis, 255 F.3d 325, 336 (6th Cir. 2001) (finding no Fourth Amendment protection for network account holder’s basic subscriber information obtained from communication service provider). This rule accords with prior cases finding no Fourth Amendment protection in customer account records. See, e.g., United States v. Fregoso, 60 F.3d 1314, 1321 (8th Cir. 1995) (telephone records); In re Grand Jury Proceedings, 827 F.2d 301, 302-03 (8th Cir. 1987) (Western Union customer records). Similarly, use of a pen register to capture email to/from address information or Internet Protocol addresses of websites provided to an Internet service provider for routing communications does not implicate the Fourth Amendment. See United States v. Forrester, 512 F.3d 500, 510 (9th Cir. 2008) (email and Internet users have no reasonable expectation of privacy in to/from addresses of their messages or in IP addresses of websites visited).Although an individual normally loses a reasonable expectation of privacy in an item delivered to a recipient, there is an exception to this rule when the individual can reasonably expect to retain control over the item and its contents. When a person leaves a package with a third party for temporary safekeeping, for example, she usually retains control of the package and thus retains a reasonable expectation of privacy in its contents. See, e.g., United States v. James, 353 F.3d 606, 614 (8th Cir. 2003) (finding that defendant retained Fourth Amendment rights in sealed envelope containing computer disks which he had left with a friend for storage); United States v. Most, 876 F.2d 191, 197- 98 (D.C. Cir. 1989) (finding reasonable expectation of privacy in contents of plastic bag left with grocery store clerk); United States v. Barry, 853 F.2d 1479, 1481-83 (8th Cir. 1988) (finding reasonable expectation of privacy in locked suitcase stored at airport baggage counter); United States v. Presler, 610 F.2d 1206, 1213-14 (4th Cir. 1979) (finding reasonable expectation of privacy in locked briefcases stored with defendant’s friend for safekeeping).In some cases, the sender may initially retain a right to control the third party’s possession, but may lose that right over time. The general rule is that the sender’s Fourth Amendment rights dissipate as the sender’s right to control the third party’s possession diminishes. For example, in United States v. Poulsen, 41 F.3d 1330 (9th Cir. 1994), overruled on other grounds, United States v. W. R. Grace, 526 F.3d 499 (9th Cir. 2008) (en banc) computer hacker Kevin Poulsen left computer tapes in a locker at a commercial storage facility but neglected to pay rent for the locker. Following a warrantless search of the facility, the government sought to use the tapes against Poulsen. The Ninth Circuit held that the search did not violate Poulsen’s reasonable expectation of privacy because under state law Poulsen’s failure to pay rent extinguished his right to access the tapes. See id. at 1337. See also United States v. Allen, 106 F.3d 695, 699 (6th Cir. 1997) (“Once a hotel guest’s rental period has expired or been lawfully terminated, the guest does not have a legitimate expectation of privacy in the hotel room.” (internal quotation marks omitted)).

4. Private Searches

The Fourth Amendment “is wholly inapplicable to a search or seizure, even an unreasonable one, effected by a private individual not acting as an agent of the Government or with the participation or knowledge of any governmental official.” United States v. Jacobsen, 466 U.S. 109, 113 (1984) (internal quotation marks omitted). As a result, no violation of the Fourth Amendment occurs when a private individual acting on his own accord conducts a search and makes the results available to law enforcement. See id. According to Jacobsen, agents who learn of evidence via a private search can reenact the original private search without violating any reasonable expectation of privacy. What the agents cannot do without a warrant is “exceed[] the scope of the private search.” Id. at 115. See also United States v. Miller, 152 F.3d 813, 815-16 (8th Cir. 1998); United States v. Donnes, 947 F.2d 1430, 1434 (10th Cir. 1991). But see United States v. Allen, 106 F.3d 695, 699 (6th Cir. 1997) (stating in dicta that Jacobsen does not permit law enforcement to reenact a private search of a private home or residence). This standard requires agents to limit their investigation to the scope of the private search when searching without a warrant after a private search has occurred. Where agents exceed the scope of the private warrantless search, any evidence uncovered may be vulnerable to a motion to suppress.Private individuals often find contraband or other incriminating evidence on computers and bring that information to law enforcement, and the private search doctrine applies in these cases. In one common scenario, an individual leaves his computer with a repair technician. The technician discovers images of child pornography on the computer, contacts law enforcement, and shows those images to law enforcement. Courts have agreed that such searches by repairmen prior to their contact with law enforcement are private searches and do not implicate the Fourth Amendment. See United States v. Grimes, 244 F.3d 375, 383 (5th Cir. 2001); United States v. Hall, 142 F.3d 988, 993 (7th Cir. 1998); United States v. Anderson, 2007 WL 1121319 at *5-6 (N.D. Ind. Apr. 16, 2007); United States v. Grant, 434 F. Supp. 2d 735, 744-45 (D. Neb. 2006); United States v. Caron, 2004 WL 438685, at *4-5 (D. Me. Mar. 9, 2004); see also United States v. Kennedy, 81 F. Supp. 2d 1103, 1112 (D. Kan. 2000) (concluding that searches of defendant’s computer over the Internet by an anonymous caller and employees of a private ISP did not violate Fourth Amendment because there was no evidence that the government was involved in the search).One private search question that arises in computer cases is whether law enforcement agents must limit themselves to only files examined by the repair technician or whether all data on a particular storage device is within the scope of the initial private search. The Fifth Circuit has taken an expansive approach to this question. See United States v. Runyan, 275 F.3d 449, 464-65 (5th Cir. 2001) (police did not exceed the scope of a private search when they examined more files on privately searched disks than had the private searchers). Under this approach, a third-party search of a single file on a computer allows a warrantless search by law enforcement of the computer’s entire contents. See id. Other courts, however, may not follow the Fifth Circuit’s approach and instead rule that government searchers can view only those files whose contents were revealed in the private search. See United States v. Barth, 26 F. Supp. 2d 929, 937 (W.D. Tex. 1998) (holding, in a pre-Runyan case, that agents who viewed more files than private searcher exceeded the scope of the private search). Even if courts follow the more restrictive approach, the information gleaned from the private search will often provide the probable cause needed to obtain a warrant for a further search.Importantly, the fact that the person conducting a search is not a government employee does not always mean that the search is “private” for Fourth Amendment purposes. A search by a private party will be considered a Fourth Amendment government search “if the private party act[s] as an instrument or agent of the Government.” Skinner v. Railway Labor Executives’ Ass’n, 489 U.S. 602, 614 (1989). The Supreme Court has offered little guidance on when private conduct can be attributed to the government; the Court has merely stated that this question “necessarily turns on the degree of the Government’s participation in the private party’s activities, . . . a question that can only be resolved ‘in light of all the circumstances.’” Id. at 614-15 (quoting Coolidge v. New Hampshire, 403 U.S. 443, 487 (1971)).In the absence of a more definitive standard, the various federal Courts of Appeals have adopted a range of approaches for distinguishing between private and government searches. About half of the circuits apply a “totality of the circumstances” approach that examines three factors: whether the government knows of or acquiesces in the intrusive conduct; whether the party performing the search intends to assist law enforcement efforts at the time of the search; and whether the government affirmatively encourages, initiates, or instigates the private action. See, e.g., United States v. Pervaz, 118 F.3d 1, 6 (1st Cir. 1997); United States v. Smythe, 84 F.3d 1240, 1242-43 (10th Cir. 1996); United States v. McAllister, 18 F.3d 1412, 1417-18 (7th Cir. 1994); United States v. Malbrough, 922 F.2d 458, 462 (8th Cir. 1990). This test draws a line between situations where the government is a mere knowing witness to the search and those where the government is an active participant or driving force. However, this line can be difficult to discern. For example, in United States v. Smith, 383 F.3d 700 (8th Cir. 2004), police detectives participating in “parcel interdiction” at Federal Express removed a suspicious package from a conveyer belt, submitted it to a canine sniff, and delivered the package to the Federal Express manager, telling the manager that “if she wanted to open it that would be fine.” However, because the police did not actually ask or order the manager to open the package, and because there was no evidence that the manager felt obligated to open the package, the Court found that the manager was not a “government agent” for Fourth Amendment purposes. Id. at 705. See also United States v. Momoh, 427 F.3d 137, 141-42 (1st Cir. 2005) (DHL employee’s desire to comply with FAA regulations did not make her a government agent absent “affirmative encouragement”). By contrast, in United States v. Souza, 223 F.3d 1197 (10th Cir. 2000), the Court found that a UPS employee was a government agent. In Souza, the police identified and removed the package from the conveyer belt, submitted it to a canine sniff, and told the UPS employee that they suspected it contained drugs. The police then told the employee that they could not tell her to open the package, but they pointed to it and said “but there it is on the floor.” Id. at 1200. The employee began to open the package, but when she had difficulty, the police assisted her. While the officers’ actual aid in opening the package made this an easy case, the Court’s analysis suggests that the officers’ other actions—identifying the package and encouraging the employee to open it—might have made the employee a government agent, particularly without evidence that the employee had an independent motivation to open it. See id. at 1202.Other circuits have adopted more rule-like tests that focus on only the first two factors. See, e.g., United States v. Miller, 688 F.2d 652, 657 (9th Cir. 1982) (holding that private action counts as government conduct if, at the time of the search, the government knew of or acquiesced in the intrusive conduct, and the party performing the search intended to assist law enforcement efforts); United States v. Paige, 136 F.3d 1012, 1017 (5th Cir. 1998) (same); United States v. Lambert, 771 F.2d 83, 89 (6th Cir. 1985) (holding that a private individual is a state actor for Fourth Amendment purposes if the police instigated, encouraged, or participated in the search, and the individual engaged in the search with the intent of assisting the police in their investigative efforts).Two noteworthy private search cases involve an individual who hacked into computers of child pornographers for the purpose of collecting and disclosing evidence of their crimes. The hacker, who refused to identify himself or meet directly with law enforcement, emailed the incriminating evidence to law enforcement. In both cases, the evidence was admissible because when it was gathered, the individual was not an agent of law enforcement. In the first case, United States v. Steiger, 318 F.3d 1039 (11th Cir. 2003), the court had little difficulty in determining that the search did not implicate the Fourth Amendment. Because the relevant searches by the hacker took place before the hacker contacted law enforcement, the hacker was not acting as a government agent, and the private search doctrine applied. See id. at 1045. In the Steiger case, a law enforcement agent thanked the anonymous hacker, assured him he would not be prosecuted, and expressed willingness to receive other information from him. Approximately a year later (and seven months after his last previous contact with law enforcement), the hacker provided to law enforcement information he had illegally obtained from another child pornographer, which gave rise to United States v. Jarrett, 338 F.3d 339 (4th Cir. 2003). In Jarrett, the court ruled that although “the Government operated close to the line,” the contacts in Steiger between the hacker and law enforcement did not create an agency relationship that carried forward to Jarrett. Id. at 346-47. Moreover, although the government created an agency relationship through further contacts with the hacker during the second investigation, that agency relationship arose after the relevant private search and disclosure. See id. at 346. Thus, the hacker’s private search in Jarrett did not violate the Fourth Amendment.

5. Use of Specialized Technology to Obtain Information

The government’s use of innovative technology to obtain information about a target can implicate the Fourth Amendment. See Kyllo v. United States, 533 U.S. 27 (2001). In Kyllo, the Supreme Court held that the warrantless use of a thermal imager to reveal the relative amount of heat released from the various rooms of a suspect’s home constituted a search that violated the Fourth Amendment. In particular, the Court held that where law enforcement “uses a device that is not in general public use, to explore details of the home that would previously have been unknowable without a physical intrusion, the surveillance is a ‘search’ and is presumptively unreasonable without a warrant.” Id. at 40. Whether a technology falls within the scope of the Kyllo rule depends on at least two factors. First, the use of technology should not implicate Kyllo if the technology is in “general public use,” see id. at 34, 39 n.6, although courts have not yet defined the standard for determining whether a given technology meets this requirement. Second, the Supreme Court restricted its holding in Kyllo to the use of technology that reveals information about the interior of the home. See id. at 40 (“We have said that the Fourth Amendment draws a firm line at the entrance to the house.” (internal quotation marks omitted)).

Defendants have occasionally—and unsuccessfully—invoked Kyllo in cases in which the government used cell tower information or an electronic device to locate a cell phone. For example, in United States v. Bermudez, 2006 WL 3197181 (S.D. Ind. June 30, 2006), aff’d 509 F.3d 820 (7th Cir. 2007), the court rejected a Kyllo challenge to the use of an electronic device to locate a cell phone because cell phones are used to transmit signals to parties outside a home. In rejecting the defendant’s Kyllo argument, the court explained that “the cell phone signals were knowingly exposed to a third-party, to wit, the cell phone company.” Id. at *13.

C. Exceptions to the Warrant Requirements in Cases Involving Computers

 

Law

• 47 CFR s 15.9 Prohibition Against Eavesdropping

History

Olmstead v. United States, 277 U.S. 438 (1928) (telephone calls not protected by Fourth Amendment, Olmstead was a bootlegger) Katz v. United States, 389 U.S. 347 (1967) (overturned Olmstead, Fourth Amendment applies to people, not places - Fourth Amendment applies to telephone calls where there is an expectation of privacy) Omnibus Crime Control and Safe Streets Act of 1968, Title III, Pub. L. No. 90-351, Title III, 82 Stat. 212 (1968) (authorizing courts to issue warrants for wiretaps). See S. Rep. No. 1097, 90th Cong., 2d Sess. 66 (1968) Application of the United States for Relief, 427 F.2d 639 (9th Cir. 1970) (holding that while the government could get a warrant for a wiretap, it could not compel the telephone company to assist the government in the tap). 1970 Amendment to 18 USC 2518(4) directing telecommunications carriers to provide police all information, facilities, and technical assistance necessary for the tap. Smith v Maryland (1979) (no privacy interest in transaction information - trap and trace) Electronic Communications Privacy Act of 1986, Pub. L. No. 99-508, 100 Stat. 1848 (1986)

• extending wiretap authority to include electronic communications, created Pen Register Statute 18 USC s 3121,
• Created Stored Communications Act, 18 USC s 2701

Communications Assistance for Law Enforcement Act of 1994, Pub. L. No. 103-414, 108 Stat. 4279 (1994). See also H.R. Rep. No. 827, 103d Cong., 2d Sess., pt. 1 (1994); Police Access to Advanced Communications Systems: Joint Hearings Before the Subcomm. on Technology and the Law of the Senate Comm. on the Judiciary and the Subcomm. on Civil and Constitutional Rights of the House Comm. on the Judiciary, 103d Cong., 2d Sess., 1994 WL 223906 (Mar. 18, 1994) ; Telecommunications Carrier Assistance to the Government H.R. Rep. No. 103-827, pt 1 (1994), reprinted in 1994 U.S.C.C.A.N. 3489

Third Party Doctrine

If an individual discloses information to a third party, the individual loses a 4th Amendment expectation of privacy in that disclosed information.

“the Fourth Amendment does not prohibit the obtaining of information revealed to a third party and conveyed by him to Government authorities, even if the information is revealed on the assumption that it will be used only for a limited purpose and the confidence placed in the third party will not be betrayed." - United States v. Miller, 425 U.S. 435, 443 (1976)

• Lopez v. United States, 373 U.S. 427 (1963).On Lee v. United States, 343 U.S. 747 (1952).
• Daniel J. Solove, A Taxonomy of Privacy, 154 U. Pa. L. Rev. 477 (2006)

European Commission

• Creating a Safer Information Society by Improving the Security of Information Infrastructures and Combating Computer-related Crime, COMMUNICATION FROM THE COMMISSION  TO THE COUNCIL, THE EUROPEAN PARLIAMENT,  THE ECONOMIC AND SOCIAL COMMITTEE AND  THE COMMITTEE OF THE REGIONS 26.1.2001
• The European Commission would like to invite comments from all interested parties on the issues addressed in this Communication. Comments may be sent up to 23 March 2001 via e-mail to the following address: infso-jai-cybercrime-comments@cec.eu.int Request for Comments

Caselaw

• See ECPA Caselaw
• US v Arnold, No. 06-50581 (9th Cir. Apr. 21 2008) (suspicionless searches of laptops at borders upheld), 9th Cir 5/7/2008

Links

• NCSL States' Electronic Surveillance Laws

Books

• Fishman & McKenna, WIRETAPPING AND EAVESDROPPING (2d ed. 1995 & 2001 Supp.)

• USG
  • Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations Computer Crime and Intellectual Property Section, Criminal Division, DOJ (2009) US DOJ Search ManualSecret Service:  Best Practices for Seizing Electronic Evidence Secret Service: Best Practices for Seizing Electronic Evidence (2002)
  • DOJ: Field Guidance on New Authorities that Relate to Computer Crime and Electronic Evidence Enacted in the USA Patriot Act of 2001
  Ronald Standler, Should Disclosure of Information Always Destroy Privacy of Information (Oct 2007) Best Practices for Online Service Providers, EFF 2/15/2005Orin Kerr, Search Warrants in an Era of Digital Evidence, SSRN 2/25/2005 Cyber Crime Course Course Description and Syllabus University of Oregon School of Law Spring Semester 2004 Adjunct Professor Sean B. Hoar CHARLES H. KENNEDY, PETER P. SWIRE, State Wiretaps and Electronic Surveillance After September 11, SSRN 9/12/03Computer Records and the Federal Rules of Evidence Orin S. Kerr USA Bulletin (March 2001)  Stevens & Doyle, Privacy: An Overview of Federal Statutes Governing Wiretappping and Electronic Eavesdropping, CRS REP.NO. 98-327A (Aug. 8, 2001)
• Recognizing and Meeting Title III Concerns in Computer Investigations Robert Strang USA Bulletin (March 2001) 
• Raymond L. Hogge, Jr, An Introduction For Virginia Employers To The Federal Wiretapping Act And The Electronic Communications Privacy Act - or why they tell you -this call may be monitored for quality control purposes" January 2001 Peter Unger, Fulbright & Jaworski, E-Data Management: Complying with Data Requests from Government Webcast, December 10, 2001 Powerpoint slides Tapping the Net: A Study of the Wiretap Debates Karin Cheung Paper for MIT 6.805/STS085: Ethics and Law on the Electronic Frontier, Fall 1999 Keep Big Brother's Hands Off The Internet  By Senator John Ashcroft  USIA Electronic Journal, Vol. 2, No. 4, October 1997 DOJ, Criminal Resource Manual: 1053 Exceptions to the Prohibitions -- Interceptions by Providers of Wire or Electronic Communications Services (1997)
• James X. Dempsey, Communications Privacy In The Digital Age: Revitalizing The Federal Wiretap Laws To Enhance Privacy Albany Law Journal Of Science & Technology, Volume 8, Number 1, 1997

News

• NSA Shields Government Networks With More Secret AT&T Rooms, Wired 7/7/2009
• Dozens of AT&T/Verzion Wiretap Suits Dismissed - Meet the new boss, same as the old boss..., dslreports 6/5/2009
• NSA Still 'Overcollecting' American Data - Even after laws were changed to broaden their mandate..., dslreports 4/16/2009
• Jewel v. NSA Roundup: The Media on Obama's Position on State Secrecy and Warrantless Wiretapping, EFF 4/16/2009
• Obama Administration Embraces Bush Position on Warrantless Wiretapping and Secrecy, EFF 4/7/2009
• Vast Spy System Loots Computers in 103 Countries, NYT 3/31/2009
• Bush Administration Claimed Fourth Amendment Did Not Apply to NSA Spying, EFF 3/3/2009
• Judge doesn't buy state secrets privilege, OKs wiretap suit, Ars Technica 1/7/2009
• Colbert on NSA Spying, EFF 10/21/2008
• U.S. Allegedly Listened In on Calls of Americans Abroad, Wash Post 10/10/2008
• NSA Spying on Americans in the Green Zone, CDT 10/10/2008
• American Citizen Detained At Border Due To Drawing Of An SUV, Techdirt 10/10/2008
• EFF Sues NSA, President Bush, and Vice President Cheney to Stop Illegal Surveillance, EFF 9/22/2008
• EFF Sues The Gov't Twice In One Day: Over Surveillance And ACTA, Techdirt 9/22/2008
• Laptop Searches in Airports Draw Fire at Senate Hearing, NYT 6/26/2008
• EFF Asks Appeals Court To Rehear Case On Laptop Searches At The Border, Techdirt 6/17/2008
• Congress worries that .gov monitoring will spy on Americans, CNET 2/28/2008
• EFF Asks For Details On Border Laptop & Mobile Phone Searches, Techdirt 2/11/2008
• National Dragnet Is a Click Away, Wash Post 3/7/2008
• Bush Wants Spy Law Changes Set in Stone, Ecommerce Times 9/21/2007
• Verizon Says It Turned Over Data Without Court Orders, Wash Post 10/18/2007
• FBI's Wiretap Platform Unveiled - Carnivore is a total wimp..., DSLreports 8/29/2007
• Telecom Firms Helped With Government's Warrantless Wiretaps, Wash Post 8/28/2007
• Ma Bell Was 80 Years Ahead of Me, Tech Lib Front 8/14/2007
• Congress Votes to Expand Warrantless Wiretapping, CDT 8/8/2007
• Your Help Needed in Analyzing FBI Docs, eweek 7/27/2007
• FBI remotely installs spyware to trace bomb threat, CNET 7/18/2007
• Verizon: Spying On You a First Amendment Right - Government working hard to have surveillance cases dismissed..., Broadband Reports 5/8/2007
• Verizon Says It Has A First Amendment Right To Illegally Give Your Call Records To The Government, Techdirt 5/8/2007
• Feds, AT&T Urge for Dismissal of Wiretap Trial, Ecommerce Times 3/14/2007
• Revealed: FBI Internet Surveillance More Extensive Than Previously Known, Democracy Now 2/1/2007
• Did Shaquille O'Neal Raid The Wrong Home For Child Porn Over Mistaken IP Address?, Techdirt 10/24/2006
• Internet wiretaps pose risks, challenges: experts, AFP 6/14/2006
• \DOJ, ISPs: No Deal on Data Retention - No agreement reached, no follow-up meeting set, Broadband Reports 6/6/2006\
• U.S. wants Web usage info saved, MSNBC 6/2/2006
• FBI wants Internet records kept 2 years, Reuters 6/2/2006
• Why Privacy Matters Even for the Innocent, IP Democracy 5/19/2006
• One day I can say “I called it…”, Privacy Clue 5/16/2006
• Tracking of calls sparks furor in U.S., Globe and Mail 5/12/2006
• Anger grows over NSA surveillance report, CNET 5/12/2006
• Mandatory Labeling, ISP Data Retention Proposal Raises Concern, CDT 4/24/200
• 6ISP snooping gaining support, CNET 4/14/2006
• CDT and EFF Oppose Unprecedented Wiretapping Scheme for In-Flight Communications, CDT 8/5/2005
• Court: No warrant needed to search your work PC, CNET 1/7/2005
• Feds try again for wiretapping conviction, CNET 9/7/2004
• Police raid Internet cafés, NYTimes 5/14/2004