This case will be discussed in two posts.
In
United States v. Weindl, __ F.Supp __ (D. N.M.I. Nov. 20, 2012), a Northern Mariana Islands federal district court denied suppression of evidence obtained when spyware installed on school-owned laptop (assigned to an FBI agent's son and later used by the principal) sent child pornography (CP) reports (alerts) to the FBI agent - evidence that led to charges against the school principal (two counts of receiving CP and two counts of possession of CP). There are three relevant issues in the case: (1) whether the act of "accidental" failure to remove the spyware resulted in an "inadvertent search" or an intentional one, (2) whether the FBI agent was acting under the color of law when he opened and later investigated the reports he received from the spyware, and (3) whether Weindl had standing to assert a reasonable expectation of privacy in the spyware reports.
I believe this case was wrongly decided on the
all three issues. I contacted David Banes, the lawyer for Weindl, and he (not surprisingly) agrees as well. He indicated that his client "fully intend[s]" to appeal this denial of suppression after the case goes to trial (it does not look like the judge will allow a conditional plea).
In this first post, I will give a summary of the case. In the second post, I will argue why the court erred in its holding.
Summary
The defendant Thomas Weindl ("Weindl") was a school principal at Whispering Palms public school in Saipan, Mariana Islands. The FBI agent whose actions gave rise to this case is Joseph Auther ("Auther"). Auther's eldest son was enrolled at Whispering Palms, and was assigned a laptop during his time there. Auther kept an eye on his son's use of the laptop by purchasing and installing
eBlaster on the laptop (without his son's knowledge). eBlaster sent email reports directly to Auther, with keystrokes, internet sites visited, and a plethora of other information. The report in Auther's inbox "would give the subject as 'Report,' followed by the date and time span of covered activity."
Auther was reassigned to a different FBI office in April 2012 and as part of the moving process, returned the laptop to the school, and more specifically, handed it over to Weindl. Auther did not tell Weindl about eBlaster, apparently assuming that it had been removed, but had told Weindl (prior to turning it in) that he would wipe the machine. Auther did in fact attempt to wipe the machine, but failed. The court describes Auther's actions as follows:
The first step Auther took to service the laptop was to bring it into the FBI office and ask fellow agents for advice on how to wipe it clean. They tried to remove all the files but were unsuccessful. Next, . . . Auther asked a local computer store to repair a scratched screen and wipe off all the files on the laptop's hard drive. The store's service order (Ex. 1) lists the work to be done as "Reimage" and the work performed as "Clean out files." Auther did not tell the technician about eBlaster, but he expected that the cleaning would eliminate the program.
As stated previously, eBlaster was not, in fact, removed. After handing the laptop over, Auther did not receive any emails from eBlaster for over six days. On the seventh day, Auther received four emails from eBlaster indicating someone was using the laptop to access child pornography. The emails had subject lines, as described above, that clearly indicated that they were regarding activity that occurred
after Auther turned in the laptop. Auther viewed all four emails, nonetheless. Auther hypothesized that the activity could be from a virus, another student using the laptop, or Weindl himself. He thought of Weindl because the pornography searched for was of young asian children with older adults and Weindl had recently married a Korean woman and now had an 11-year-old stepdaughter.
At this point, Auther
did not report the results of the reports to authorities, but instead called Weindl under false pretenses, acting as if he would like to purchase the laptop. Weindl indicated that he had given it back to the school laptop agency (PSS), and that Auther wouldn't be able to buy it.
Auther did not indicate that he had received CP reports, or that eBlaster was apparently still on the computer. Auther's reasoning was:
. . .that he did not want to raise concerns in Weindl's mind about who was using the computer or about a possible investigation involving Whispering Palms teachers and students. . . . [H]e was concerned that the Internet activity might mean that a child molester was operating at Whispering Palms. He was aware that a former coach at Pennsylvania State University had just been convicted on child molestation charges, and he was determined not to allow similar conduct to go undetected at Whispering Palms. (emphasis added)
Three days later, instead of handing the case over to the authorities, Auther then proceeded to start an investigation into what was going on with the laptop. Flashing his FBI badge at the offices of the the laptop program agency (PSS), he inquired if the laptop had actually been returned, and found that it hadn't. Auther then inquired with his ISP about the IP address noted in the reports, attempting to find out where the computer was being used. Auther indicated to the court that he may have shown his FBI badge to the ISP. The ISP refused to tell him anything, but he was able to decipher that the computer usage was not from an IP at his house.
On the same day as the trip to PSS and the ISP, Auther received two more emails indicating that the computer was being used to access CP. He decided to drive by the school on his way to report everything to the FBI. He noticed Weindl's car in the parking lot and called Weindl on his cellphone. Auther asked about the laptop and Weindl said he was investigating some "hanky panky" going on at PSS. Auther knew he was lying since PSS did not have the laptop, and grew much more suspicious. He reported what was going on and his suspicion about Weindl to a special agent with the FBI (Ewing). He also asked that child protective services be sent to Weindl's house to check on his 11-year-old stepdaughter.
Over a week later, Ewing and Auther went to Weindl's office to speak with him. During the conversation, Weindl admitted he lied about returning the laptop to PSS and admitted to viewing child pornography. He also confessed that he had taken the laptop out into the jungle and smashed it. He was arrested outside the school a short time later. Prior to trial, Weindl filed a motion to suppress the eBlaster evidence arguing that it was obtained in violation of his Fourth Amendment rights.
The court, in denying suppression of the eBlaster evidence, began by declaring that to have a Fourth Amendment violation, there needed to be state action and standing (a reasonable expectation of privacy). Addressing the state action portion, the court laid out the standard relating to an off-duty officer - whether Auther was acting under color of state law, where his actions "in some way related 'to the performance of his official duties'" or "pursuant to [a] government or police goal." The court held that when Auther installed eBlaster he was acting as a private citizen, and not as an FBI agent. Despite the circumstances changing when Auther returned the laptop (that Auther wasn't acting as a concerned parent anymore), the court held that it was an inadvertent search not under color of state law because Auther did not intentionally leave eBlaster on the computer.
In reaching that result, the court was not persuaded by Weindl's argument that even if the presence of eBlaster was inadvertent, Auther opening and reading the eBlaster reports turned something inadvertent into intentional. The court reasoned that "[t]he search was the gathering of information by eBlaster, not the viewing of the contents." The court also dismissed the argument that "the initial eBlaster reports come under the Fourth Amendment via the two-part test for private-party searches."
So, to clarifiy, the original four emails from eBlaster sent to Auther,
and him viewing them, were not the "product of a search conducted under color of state law."
The court did find a search, however, relating to the two eBlaster reports Auther received after he called Weindl to inquire about the laptop. The court stated:
By that time, Auther knew that someone may have been viewing illicit material on the laptop. He suspected Weindl even before he called him. When he did call, he hid his real concern about the laptop's usage behind a pretense that he was interested in purchasing the computer. After the call, he did not uninstall or disable eBlaster, even though as a private citizen he was under no obligation to continue monitoring an unknown person's offensive Internet activities. He did not immediately call his colleagues at the FBI and hand the investigation over to them — conduct that might have indicated Auther wanted to maintain a separation between his private self and his public persona as a law enforcement officer. . . . [instead] Auther continued his investigation into the child pornography website searches. . . . At the PSS offices, he showed his FBI badge. At the Internet service provider, he relied on the fact that he was known to be an FBI agent to seek information about IP addresses. The totality of the circumstances shows that at this point, Auther's actions were related to his official duties and in pursuit of a police goal. Although a formal FBI investigation had not been opened yet, Auther was now acting under color of law.
The court dismissed the government's argument to the contrary, that "even if Auther's conduct constituted state action, his discovery of the illicit Internet activity through eBlaster e-mails was accidental and therefore does not come under the Fourth Amendment." The court stated that precedent was clear that to have inadvertent discovery through plain-view doctrine, the police had to be somewhere they were justified to be. However, here, "Auther, . . . had no legitimate justification to intrude on anyone's conduct on the school laptop once it was no longer on loan to his son. Moreover, the incriminating evidence did not drop out while he was straightening the icons on the computer's desktop but came into view because of intentional spying on the keyboard and hard drive."
Addressing the argument that a violation of the federal Wiretap Act occurred, the court noted that under the criminal portion of the Act, "suppression motions are authorized only with respect to the contents of wire and oral — not electronic — communications." The court laid out that the definition of "[a] wire communication is 'any aural transfer' involving wire or like connections between the point of origin and point of reception." 18 U.S.C. § 2510(1). And that, "an 'aural transfer' is 'a transfer containing the human voice' at some point in transmission of the communication." 18 U.S.C. § 2510(18). Thus, the court held that there was "no evidence that the transmission of information from the school laptop to Auther via eBlaster entailed hearing a human voice. Therefore, the evidence that Weindl seeks to suppress is not the product of a wire communication."
Finally, the court noted that to suppress the two eBlaster reports the arrived after Auther called Weindl under false pretenses, Weindl must have Fourth Amendment standing; that he had a subjective expectation of privacy regarding his actions on the laptop, and that his expectation was objectively reasonable. The court held that
Weindl did not have standing. The court refused to accept the argument that Weindl had a property interest in the laptop. But, the court stated, the Fourth Amendment isn't solely grounded in property (note: don't tell that to Scalia), but also in privacy expectations.
Weindl argued, in that vein, that he had a legitimate expectation of privacy in the laptop because: he was the sole user, there were no warnings that his use would not be private (or that monitoring occured), he used the laptop in his own, locked office, when he was not using the laptop, he placed it in a desk drawer, and he never gave anyone else permission to use it. Not buying this argument, the court explained:
Sometimes, people delude themselves into thinking that they have a right to things that don't belong to them. . . . No evidence indicates that Weindl had a right to use, or himself had permission to use, a PSS laptop, even for school-related activities. Auther turned his son's laptop in to Weindl in Weindl's capacity as an agent for the school, not for Weindl's personal use.
Even if Weindl had a subjective (albeit unrealistic) expectation of privacy in the PSS laptop, it was not an expectation that society is prepared to endorse. An expectation of privacy does not become objectively reasonable just because a person hides someone else's property away in his office desk and does not let anyone else use it. A person cannot have a reasonable expectation of privacy in a computer he stole or obtained by fraud. See United States v. Wong, 334 F.3d 831, 839 (9th Cir. 2003) (stolen laptop); United States v. Caymen, 404 F.3d 1196, 1201 (9th Cir. 2005) (fraudulently obtained laptop). . . .
Weindl's case is similar to Wong and Caymen. Weindl misappropriated school property for his own personal use. Whatever expectation of privacy he developed in the contents of the laptop's hard drive and the keystrokes of Internet searches is not a legitimate one that society is prepared to accept. . . . The laptop was not assigned to Weindl and was not his office computer. For these reasons, Weindl lacks standing to claim a Fourth Amendment violation with respect to the eBlaster reports. (emphasis added)
Accordingly, the court held that
none of the eBlaster reports should be suppressed, because the first four were not part of a search under color of state law and the last two were searches, but Weindl lacked standing (a reasonable expectation of privacy) to challenge them.
The next post on this case will focus on the court's analysis and explain what I believe the correct holding should have been.
(There is an additional issue in this case regarding the interrogation of Weindl that occurred in his office (after it was determined that he had looked at the CP), specifically: whether the conversation constituted a custodial interrogation requiring
Miranda rights. The court held that part of the interrogation could stand, and part had to go. I believe this issue was wrongly decided as well (the entire conversation should have been tossed). However, I'm not going to address it because it is tangential to the main issue (and actually goes away if the computer evidence is suppressed because it would be fruit of the poisonous tree)).
