Thursday, March 28, 2013

Canadian Supreme Court holds that general warrant cannot be used to obtain prospective text messages

 No comments

If you're interested, be sure to check out a recent Canadian case holding that a general warrant for prospective text messages was improper because the messages were being intercepted, requiring an interception order. The Crown was arguing that obtaining the messages from the phone company was not an interception of real-time communications because they were in a database and could therefore be acquired under the general warrant power. By an American law comparison, the court was essentially holding that interception of future text messages required a wiretap order as opposed to a search warrant or 2703(d) order.

Here's an excerpt from the main opinion (there was also a concurring and a dissenting opinion):
Text messaging is, in essence, an electronic conversation. The only practical difference between text messaging and the traditional voice communications is the transmission process. This distinction should not take text messages outside the protection of private communications to which they are entitled in Part VI. Technical differences inherent in new technology should not determine the scope of protection afforded to private communications....
When Telus copies messages to its computer database, several steps in the transmission process have yet to occur. The production schedule required by the general warrant in this case means that the police likely obtained stored copies of some text messages before they were even received by the intended recipient. Had the police acquired the same private communications directly from the transmission stream, instead of from the stored copies, the Crown concedes that a Part VI authorization would be required. The level of protection should not depend on whether the state acquires a copy of the private communication that is being transmitted or a copy that is in storage by a service provider as part of the communications process.... 
The police gained a substantial advantage by proceeding with a general warrant. They did not need the Attorney General’s request for an authorization; they did not need to show that other investigative procedures had been tried and failed; they did not need to provide any notice to the target individuals; and they did not need to identify which other individuals’ private communications may be acquired in the course of the search....

The general warrant in this case purported to authorize an investigative technique contemplated by a wiretap authorization under Part VI, namely, it allowed the police to obtain prospective production of future private communications from a computer maintained by a service provider as part of its communications process. Because Part VI applied, a general warrant under s. 487.01 was unavailable.
R. v. TELUS Communications Co., No. 34252 (Can. 2013).

Supreme Court of Canada says that wiretap order is required to obtain text messages

Read More

Maryland appeals court reverses conviction due to lay witness testimony connecting defendant to crime scene with CSLI

 No comments

In a recent Maryland case, the Court of Special Appeals found that it was improper for the trial court to use lay testimony from a detective to suggest that the defendant's cell phone was in close proximity to the location of the crime. Because the detective was not presented as an expert witness on the technology, the testimony was improper, and the conviction was reversed and remanded. Payne v. State, No. 2156 (Md. Ct. Spec. App. 2013).

The defendant had been charged and convicted of first-degree felony murder. At trial, the detective testified as to how he was able to use call records to find the cell tower in which the defendant's phone was connected at the time of the call. Defense counsel objected, arguing that the detective was "offering expert testimony without a proper foundation." The detective was allowed to testify without the proper foundation.

On appeal, the defendant argued that the cell site location information should not have been allowed from a lay witness. The state countered, "there was no 'opinion' testimony, lay or otherwise, in this case and, even if it did constitute opinion testimony, there was no need for the State to produce an expert to testify regarding the facts relating to appellants' cell phone records."

Ultimately, here's what caused the appeals court to take issue with the testimony:
Subsequent to the court's ruling, Detective Edwards testified that a telephone call from Bond's cell phone registered off of a cellular tower "at a latitude and longitude of 39.350854 by negative 76.696565 located on Menlo Drive" which was approximately one and one half to two miles away from the crime scene at approximately the time when the crime occurred. At approximately 1:00 a.m. on August 27, 2007, another call had been placed from Bond's cell phone registering off of a cellular tower at latitude and longitude 39.34364 by negative 76.72851, a location known as Balmoral Towers, located approximately one mile from the crime scene. Over objection, Detective Edwards then identified the map which has been generated as a mapping program that depicted the aforesaid locations. Finally, Detective Edwards testified that Paynes' cellular-phone activated off of one of the towers located in proximity to the crime scene at 10:02 a.m. on August 26, 2007.
Because the testimony was improperly allowed by a lay witness, it was in error. The court found the testimony to be "critical," and thus reversed and remanded the case.

Read More

Tuesday, March 26, 2013

Good faith exception saves location data obtained after failure to request GPS data in wiretap request

 No comments

In United States v. Barajas, No. 12-3003 (10th Cir. 2013), the Tenth Circuit refused to suppress evidence over a claim that the failure to request GPS data in a wiretap request prevented its use.

The DEA was investigating alleged drug trafficking and obtained a wiretap order for the defendant's cell phone after showing the court that other methods of surveillance had been unsuccessful. The affidavit, however, did not request GPS or cell site location data, though the actual order of the court did allow law enforcement to acquire it. At trial, the defendant filed a motion to suppress evidence that was acquired as a result of GPS pinging, but the motion was denied.

On appeal, the defendant argued "there is no probable cause for GPS pinging because the affidavits did not request GPS data." The Tenth ruled otherwise on that point, but noted that a separate probable cause determination was necessary for the GPS use as was required for the granting of the wiretap order. Ultimately on this point, the court held:
Absent an explanation of how Mr. Barajas's location would reveal information about the workings of the conspiracy—or more accurately, Mr. Barajas himself—we cannot be certain that probable cause exists.
That, of course, is not the end of the analysis. In applying the Leon good faith exception, the court held that while they "would prefer" the GPS data explanation in the affidavit, they will not hold the government to the "substantial nexus" standard for failure to do so. Further, the gap in the affadavit and order "gives [the court] more pause," but it is not clear that it was intentional. Thus, good faith saved the evidence for the government.

The defendant also argued that the wiretap evidence should have been suppressed for lack of necessity, but the court found that the government had met its burden with an explanation on why traditional investigative techniques were not sufficient.

Read More

Friday, March 22, 2013

Featured Paper: Democratic Values in a Digitized World: Regulating Internet Speech in Schools to Further the Educational Mission

Justin P. Webb  1 comment

From the Marquette Law Review - the article can be found here (by Maureen Sullivan): Democratic Values in a Digitized World: Regulating Internet Speech in Schools to Further the Educational Mission

Here's the abstract:
The Internet is a remarkable tool—so remarkable that using the word “tool” to describe it is painfully inadequate. With a click of a mouse, a few strokes on a keyboard, or a swipe on a screen, the Internet allows instant communication and transaction at any time by anyone in the world. Young people, especially, have embraced the Internet as a means of communicating with peers and interacting with the world around them. In fact, the Internet may be thought of as a social context—similar to school, church, or home—where young people’s identities are influenced and shaped. As a result, what takes place online may have implications in the off-line world. 
One of those offline places implicated by Internet expression is the public school system. Public elementary and high schools are unique institutions. They have long been recognized as playing a dominant role in maintaining our democratic society by inculcating in students certain values such as respect, honesty, citizenship, responsibility, and integrity. And, because public students enjoy less constitutional protections on school grounds and during school hours, public schools have been permitted to discourage expression and behavior that conflicts with those values. But there is a disagreement over whether public schools may discourage Internet expression that conflicts with those values. This Comment seeks to explain why permitting schools to limit certain Internet expression—regardless where or when the Internet expression occurred— promotes the educational mission of public schools.

Read More

Ohio Court of Appeals: No Katz argument for GPS use where defendant was "several times removed" from the renter

 No comments

In State v. Rich, 2013 Ohio 857 (Ohio Ct. App. 2013), the Ohio Court of Appeals held that because the defendant was "'several times removed' from the person who rented the vehicle," he could not make a Katz argument to show that the use of a GPS device violated the Fourth Amendment.

Police were investigating a drug operation. The detective rented a vehicle, attached a GPS device, and gave the vehicle to a confidential informant. The informant picked up the suspects, and one of them later took over as the driver of the vehicle. Police later pulled the vehicle over, and cocaine was found. The defendant moved to suppress the evidence, arguing that the use of the GPS device violated the Fourth Amendment.

The Court of Appeals quickly shot down an argument that the use violated Jones. Because the device was placed prior to the defendant gaining possession of the vehicle, there was no trespass. However, the defendant made a Katz argument that he had a subjective expectation of privacy. Again, the court didn't buy it:
The facts show that Rich received permission to use the [vehicle] from one of his co-conspirators, Bernabe, who had received permission to use the vehicle from another of their co-conspirators, Rubio, who had received permission to use the vehicle from the [confidential informant], who had received the vehicle from Detective Thompson. We agree with the trial court that under these circumstances in which Rich was "several times removed" from the person who rented the vehicle, i.e., Detective Thompson, Rich did not have an objectively reasonable expectation of privacy in the vehicle.
The court also noted that the use would have also been upheld under the good faith exception in Davis.

Read More

Thursday, March 21, 2013

CP conviction reversed after improper search of probationer's computers for images depicting cruelty to animals

 1 comment

In State v. Purtell, No. 2012AP1307-CR (Wis. Ct. App. 2013), the Wisconsin Court of Appeals reversed a child pornography conviction because the state did not have reasonable grounds to search the probationer's computers.

The defendant was on probation for two counts of cruelty to animals. As a result of his conviction, he was forbidden from possessing a computer. Upon telling his probation agent that he had two computers and a MySpace account and giving up his password, it was discovered that he had posted images of "animals that were partially human." From this alone, the computers were seized and searched because, as the state argued, the "probation agent had 'reasonable grounds' to believe that Purtell's computers contained 'contraband,'" with "contraband" meaning images depicting cruelty to animals. Images of child pornography were found on his computer, and he was convicted for possession.

The court disagreed that reasonable grounds existed. First, Purtell was not prevented under the terms of probation "from possessing images depicting cruelty to animals or the mutilation of animals." Also, there were no reasonable grounds to believe "the computers contained something that was otherwise illegal to possess ... [nor] evidence of a crime." The behavior was simply "suspicious."

Thus, the defendant's conviction for eight counts of possession of child pornography was reversed and remanded.

Read More

Wednesday, March 20, 2013

Updated: GPS Tracking Case (Katzin) Oral Argument Posted

Justin P. Webb  No comments

The Oral Argument audio for United States v. Katzin can be found below:

Read More

House holds hearing on ECPA revisions, new Senate bill seeks to require probable cause for content

 No comments

If you missed yesterday's House hearing on the Electronic Communications Privacy Act, the testimony is available here by video and here by written testimony. Witnesses included Elana Tyrangiel (DOJ), Orin Kerr (GW Law), Richard Littlehale (Tenn. Bureau of Investigation), and Richard P. Salgado (Google).

Here's a brief summary of each witness's testimony:
  • Tyrangiel - The 180-day rule under the ECPA should be abolished, and opened emails should not be treated differently from those which are unopened. Also, addressing information in e-mails should be available with a subpoena similar to that of telephone calls. The standard for 2703(d) orders should be clarified (must a court issue the order with specific and articulable facts or can probable cause be required?). "It is important that any proposed changes to ECPA take into account the ability of civil regulators and litigators to compel disclosure of information from providers."
  • Kerr - Outlined five problems with the statute, including the 180-day rule, the fact that there is no protection for search engine requests, the uncertain scope of warrant requirements (through court opinions like Theofel and Jennings), the statute's failure to satisfy the Fourth Amendment, and the need for particularity, minimization, and non-disclosure rules.
  • Littlehale - Carriers should be required to keep all communications for one year. "There can be no question that some of that information holds the keys to finding an abducted child, apprehending a dangerous fugitive, or preventing a terrorist attack." Any attempt to require probable cause "should be accompanied by provisions that ensure accountability and prompt response by service providers."
  • Salgado - ECPA should be updated, abolishing the 180-day rule and adopting Warshak's warrant requirement for e-mail content.
Also in ECPA news yesterday, Senators Patrick Leahy (D) and Mike Lee (R) filed legislation to update the statute, abolishing the 180-day rule, requiring probable cause to obtain content, and ordering notification to individuals within 10 days of disclosure.

Read More

Monday, March 18, 2013

Case Prep (all briefs & materials): US v. Katzin - GPS case before Third Circuit on Tuesday 3/19/13

Justin P. Webb  1 comment

Tomorrow (3/19/13), the Third Circuit is set to hear oral arguments in US v. Katzin, No. 12-2548,  a GPS tracking case the government appealed after a federal district court ruled (post-Jones) that the good faith exception did not apply to the conduct in this case because, inter alia, there was no Third Circuit precedent allowing warrantless GPS tracking to begin with but merely a disagreement between other circuits.

First, for some background, Jeffrey has mentioned this case more than once. His relevant posts can be found here:

Government appeals GPS case to Third Circuit; groups file amicus arguing that warrant is required (about Katzin itself)

District court okays warrantless pre-Jones GPS use, holds that good faith rule doesn't require binding precedent (about United States v. Baez, another GPS tracking case where evidence was not suppressed; it includes a discussion of the Davis good faith rule as well as a paragraph on Katzin)

Second, here are some write-ups on the case itself from the media & amici:

From Wired (posted today, 3/18/13): Feds: No Warrant Needed to Track Your Car With a GPS Device
From the ACLU: ACLU in Federal Appeals Court Tuesday Arguing Against Warrantless GPS Tracking
From the EFF (authored by Hanni Fakhoury & Marcia Hoffman): Jones Meant What it Said: EFF Urges Court to Stop Warrantless GPS Tracking

Finally, here are all of the documents related to the case (for those who like to review all of the materials) in chronological order. This includes an updated version of the government's brief:

 5/09/12 - E.D. PA Memorandum Granting Suppression of the GPS Evidence
10/25/12 - Brief for Appellee Harry Katzin
11/05/12 - Brief of Appellee Mark Katzin
11/13/12 - Amicus Brief from EFF, ACLU, ACLU PA Chapter, and Nat'l Assoc. of Criminal Defense Lawyers
12/03/12 - Reply Brief for Appellant United States of America

Read More

Friday, March 15, 2013

Latest stories about cybercrime/cyberlaw

Justin P. Webb  No comments

Read More

Wednesday, March 13, 2013

Video from House Judiciary Committee’s Subcommittee on Crime, Terrorism, Homeland Security and Investigations re: CFAA

Justin P. Webb  No comments

The video of the hearing today can be seen here. It includes commentary from Orin Kerr regarding the Nosal holding of the 9th Circuit and his recommendation that Congress act to amend the CFAA to clarify the ambiguity in the statute regarding "unauthorized access" and "exceeds authorized access" which has led to a circuit split on the statute's reach.

There is also an interesting discussion about hacking back.

Here is a link to the House Judiciary Committee's page with materials about the hearing: "Investigating and Prosecuting 21st Century Cyber Threats"

Read More

Nosal on remand - another reading of CFAA's "exceeds authorized access"; court denies motion to dismiss

Justin P. Webb  No comments

Update 3 - 12:19pm: I re-read Nosal (en banc), and I believe the court, here, failed to contemplate the following words from the en banc opinion:
Similarly, Facebook makes it a violation of the terms of service to let anyone log into your account. See Facebook Statement of Rights and Responsibilities § 4.8 http://www.facebook.com/legal/terms (“You will not share your password, . . . let anyone else access your account, or do anything else that might jeopardize the security of your account.”) (last visited Mar. 4, 2012). Yet it’s very common for people to let close friends and relatives check their email or access their online accounts. Some may be aware that, if discovered, they may suffer a rebuke from the ISP or a loss of access, but few imagine they might be marched off to federal prison for doing so. 
I am unable to understand how the above scenario differs from the CFAA count against Nosal the court wrangles with, below. Here, an employee logged into a computer they had access rights to and then handed that over to another person who proceeded to download sensitive information. Of course this is a violation of an Acceptable Use Policy/Terms of Use, and there is (likely) liability under theft of trade secrets (and other torts), but is this a federal crime deserving of prison? Judge Kozinski's words in Nosal (en banc) seem to contradict the district court's holding, below.

Also, I am not convinced the court gets the circumventing technological access barriers analysis correct. Nosal did not employ trickery, tools, exploits, or anything else malicious to gain access to the information. He used another human being. Yes, passwords are technological barriers to information. But, he didn't circumvent that in a commonly understood (and contemplated manner) - i.e. password guessing, cracking, logical flaws, etc. The court's holding, here, expands the CFAA less than a year after the 9th Circuit reduced its scope.

 Update 2 - 11:34am: For those of you, like me, who like to dig a little deeper, here are: Nosal's Motion to Dismiss, the government's Memo in Opposition, and Nosal's reply.

1/17/13 - Nosal's Amended Motion to Dismiss Remaining CFAA Counts And Supporting Memorandum Of Points And Authorities
1/30/13 - USA Memorandum in Opposition to Motion to Dismiss (and Exhibits)
2/13/13 - Nosal's Reply to USA Memo in Opposition (and Exhibits)

 Update 1 - 11:07am: In regards to the DMCA language, it may have originated from Jennifer Granick's EFF proposal for changing the language of the CFAA to define "access without authorization" consistent with the DMCA. Orin Kerr has similar language in his proposal (see this Kerr post for a link and thoughts about Granick's proposal), but it was not (to my knowledge) lifted from the DMCA. I think the defense attorney, here, missed the point that these were proposed reforms to the CFAA's statutory language; reading the DMCA language into the statute isn't possible under its current iteration.

******************************************************************************************
In United States v. Nosal, No. CR-08-0237 EMC (N.D. Cal. March 12, 2013), on remand from the en banc opinion of the 9th Circuit, and addressing additional counts, Judge Edward M. Chen denied Nosal's motion to dismiss the remaining CFAA counts (5 were dismissed previously). Nosal argued that the en banc opinion clarified application of the CFAA, requiring dismissal; Chen did not buy it, and provided an interesting take on what Nosal meant, but more importantly, what it didn't mean. I excerpt the relevant analysis portion from Judge Chen's order at length, below, because it is worth it to read the entire thing.

Of note, also, is the fact that in his motion to dismiss the remaining counts, Nosal tried to have "hacking" defined by reading a portion of the DMCA into the CFAA. I thought this was an interesting, albeit totally unworkable and unsound argument. It had to have been conjured understanding that it was a "reach" argument; otherwise, the tactic was distracting and silly owing to the fact that courts rarely read in definitions from completely unrelated statutes, passed many years apart.

First, for some background, see our previous posts on Nosal:

Jeffrey Brown, Ninth Circuit en banc adopts narrow reading of CFAA
Justin P. Webb, Why Nosal's dissent is surprisingly persuasive

Also, see Orin Kerr's testimony to the House Judiciary Committee’s Subcommittee on Crime, Terrorism, Homeland Security and Investigations, which he is giving today, and which references the 9th Circuit's en banc decision in Nosal

Here is the relevant excerpt from the order denying Nosal's motion to dismiss from Judge Chen of the Northern District of California, mentioned above(the entire order is here (and above): Chen Order denying motion to dismiss) (I have marked in red parts I feel are important/interesting):
D. Application to Remaining CFAA Counts 
1. Defendant's Definition of Hacking 
Defendant now argues that the Ninth Circuit's opinion in Nosal limits the applicability of the CFAA to not just unauthorized access but to hacking crimes where the defendant circumvented technological barriers to access a computer. Thus, Defendant argues, the remaining CFAA claims must be dismissed because they do not include allegations that Defendant or his co-conspirators circumvented any technological access barriers. 
The Ninth Circuit acknowledged that the CFAA was passed "primarily to address the growing problem of computer hacking." Id. at 858. The court further rejected the government's argument that accessing a computer "without authorization" was intended to refer to hackers, while accessing a computer in a way that "exceeds authorized access" necessarily refers to authorized users who access a computer for an unauthorized purpose. 
it is possible to read both prohibitions as applying to hackers: "[W]ithout authorization" would apply to outside hackers (individuals who have no authorized access to the computer at all) and "exceeds authorized access" would apply to inside hackers (individuals whose initial access to a computer is authorized but who access unauthorized information or files). This is a perfectly plausible construction of the statutory language that maintains the CFAA's focus on hacking rather than turning it into a sweeping Internet-policing mandate. 
Id. at 858 (emphasis in original). The court noted that the Defendant's "narrower interpretation [of the CFAA] is also a more sensible reading of the text and legislative history of a statute whose general purpose is to punish hacking – the circumvention of technological access barriers – not misappropriation of trade secrets – a subject Congress has dealt with elsewhere." Id. at 863. 
The court did not, however, explicitly hold that the CFAA is limited to hacking crimes, or discuss the implications of so limiting the statute. For example, the court did not revisit the elements of crimes under § 1030(a)(4) as articulated in Brekka, where it held the elements of a violation of that provision were: (1) accessing a protected computer; (2) without authorization or exceeding such authorization that was granted; (3) knowingly and with intent to defraud; and thereby (4) furthering the intended fraud and obtaining anything of value. Brekka, 581 F.3d at 1132. Nowhere does the court's opinion in Nosal hold that the government is additionally required to allege that a defendant circumvented technological access barriers in bringing charges under § 1030(a)(4). Instead, Nosal holds only that it is not a violation of the CFAA to access a computer with permission, but with the intent to use the information gained thereby in violation of a use agreement. 676 F.3d at 863-64. The court did not address limits on liability under the CFAA based on the manner in which access is limited, whether by technological barrier or otherwise. Id. Thus, Defendant's interpretation is not a fair reading of Nosal on this front is simply incorrect. Hacking was only a shorthand term used as common parlance by the court to describe the general purpose of the CFAA, and its use of the phase "circumvention of technological access barriers" was an aside that does not appear to have been intended as having some precise definitional force. 
Even if Nosal added a "circumventing technological access barriers" element to crimes under § 1030(a)(4), the indictment sufficiently alleges such circumvention. As the government points out "password protection is one of the most obvious technological access barriers that a business could adopt." Gov.'s Opp. at 1. Faced with this reality, Defendant acknowledges that the Ninth Circuit did not offer a definition of hacking, and urges this Court to look to the definition in the Digital Millenium Copyright Act, which provides that to "'circumvent a technological measure' means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner." 17 U.S.C. § 1201(a)(3)(A). However, there is no legal basis to incorporate into the CFAA the Digital Millenium Copyright Act which was passed 14 years after the CFAA and which concerned matters separate and distinct from the CFAA. Moreover, it is noteworthy that neither the CFAA nor the Digital Millenium Copyright Act employs the term "hacking." In any event, even if the Digital Millenium Copyright Act's definition of "circumvent a technological measure" were to inform the scope of the CFAA, as noted above, the actions alleged in the indictment fall within it. Use of another's password "avoids" and "bypasses" the technological measure of password protection. 
Defendant argues that the remaining CFAA claims fail because they do not allege "J.F.'s password was obtained illegally or without her consent." Def.'s Mot. at 5. Defendant's argument is premised in part on the notion that because J.F. allowed Defendant's co-conspirators to use her credentials to access the Korn/Ferry system, the co-conspirators cannot be said to be acting "without authorization" in accessing the Searcher database. In Brekka, however, the Ninth Circuit made clear that it is the actions of the employer who maintains the computer system that determine whether or not a person is acting with authorization. Brekka, 581 F.3d at 1135 ("The plain language of the statute therefore indicates that 'authorization' depends on actions taken by the employer."). Further, the CFAA appears to contemplate that one using the password of another may be accessing a computer without authorization, as it elsewhere provides penalties for anyone who "knowingly and with intent to defraud traffics in any password or similar information through which a computer may be accessed without authorization." 18 U.S.C. § 1030(a)(6). 
Additionally, Defendant argues that the CFAA does not cover situations where an employee voluntarily provides her password to another by analogizing to the law of trespass with regards to physical property: "Just as consensual use of an employee's key to gain physical access is not trespass, consensual use of an employee's computer password is not hacking." Def.'s Mot. at 6. Defendant argues that the court in Nosal held that "the CFAA was based on principles of trespass." Id. This is a mischaracterization of the opinion in Nosal, which merely noted that the CFAA was passed to address the growing problem of hacking, and quoted a Senate report that stated "[i]n intentionally trespassing into someone else's computer files, the offender obtains at the very least information as to how to break into that computer system." Nosal, 676 F.3d at 858 (quoting S.Rep. No. 99-432, at 9 (1986), 1986 U.S.C.C.A.N. 2479, 2487 (Conf. Rep.)). Aside from these passing comments positing an analogy, Defendant points to nothing in the wording of the CFAA or interpretive case law to support its construction. If the CFAA were not to apply where an authorized employee gave or even sold his or her password to another unauthorized individual, the CFAA could be rendered toothless. Surely, Congress could not have intended such a result.

2. "Access" 
The factual scenario presented in count nine, does, however, raises the question of how to interpret the term "access" in the CFAA. Defendant argues that J.F. was the individual "accessing" the Korn/Ferry system when she logged in using her password, and that M.J.'s use of the system after the login does not constitute unauthorized "access" within the meaning of the statute. The government, on the other hand, argues that "access" encompasses ongoing use, including M.J.'s unauthorized use of the system after J.F. logged in. 
In support of its argument, the government cites to two Senate Reports from the CFAA's legislative history. The first, from the 1996 amendments to the CFAA, notes that "the term 'obtaining information' includes merely reading it." Sen. Rep. No. 104-357, at 7 (1996). The government argues that just as "obtaining information" may include merely reading, so too may access be as simple as reading the materials in question.5 The second Senate Report, associated with the 1986 version of the CFAA, notes the intention to criminalize "knowingly trafficking in other people's computer passwords." Sen. Rep. No. 99-432, at 3 (1986). This comment, however, seems to be in reference to § 1030(a)(6) of the CFAA, which criminalizes trafficking in passwords, and is not at issue in the current case. See id. at 13. 
The Court need not opine on whether § 1030(a)(4) should be read so broadly as to encompass the situation where an unauthorized person looks over the shoulder of the authorized user to view password protected information or files. The allegation in Count Nine is that J.F. logged on to the computer using her credentials, then handed over the computer terminal to M.J., who ran his own searches through the Korn/Ferry database and then downloaded files therefrom. 
Functionally and logically, this is no different than if J.F. gave M.J. the password, and M.J. typed in the password himself. The only distinction differentiating the two scenarios is one based on a constrained and hypertechnical definition of "access" in which access focuses solely on the moment of entry and nothing else. Not only would such a definition produce a non-sensical result; it is not supported by the language of the statute. The crime under § 1030(a)(4) is "accessing" a protected computer, or not "entering" or "logging on to" a protected computer. 18 U.S.C. § 1030(a)(4). Nothing in the CFAA suggests anything other than a common definition of the term "access," applies. The Oxford English Dictionary defines "access" as, inter alia, "[t]he opportunity, means, or permission to gain entrance to or use a system, network, file, etc." See Oxford English Dictionary, www.oed.com (emphasis added); see also Black's Law Dictionary (defining access as, inter alia, "[a]n opportunity or ability to enter, approach, pass to and from, or communicate with"). The common definition of the word "access" encompasses not only the moment of entry, but also the ongoing use of a computer system. Under the facts alleged in the indictment, M.J. "proceeded to query Korn/Ferry's Searcher database and download information, after obtaining initial access." SI ¶ 19o. That J.F. entered the password for him rather than having M.J. type it himself does not alter the fact that in common parlance and in the words of the CFAA, M.J. accessed the protected computer system, and he did not have authorization to do so.
I would love comments on this.

Read More

Monday, March 11, 2013

Second Circuit denies en banc review in CP case; Chief Judge dissents with six arguments for review

 No comments

Early last month, the Second Circuit denied en banc review in United States v. Broxmeyer (original case, en banc denial). Second Circuit Chief Judge Jacobs had dissented in the original (re-)appeal and also now dissented in the denial of en banc review.

The case involved a high school coach convicted of possessing, producing, and attempting to produce child pornography, and transporting a minor across state lines with the intent to engage in criminal sexual activity. For some time, he harassed one of the students on his hockey team asking for sexually explicit images of the girl. Ultimately, dozens of such images of adolescent females were found on the defendant's computers. The defendant was also accused of raping several of his students.

The chief's arguments are in the least at least interesting to read. I won't belabor the background if for no other reason than the lack of importance of these arguments given the procedural posture.
  • The district court piled on enhancements under the United States Sentencing Guidelines ("U.S.S.G." or "Guidelines") that were arguably applicable to this case only in a hyper-technical (almost perverse) way. For example, the sentence was enhanced for use of a minor to produce child pornography because the 17-year old photographed herself. It cannot be procedurally reasonable to apply enhancements when the conduct giving rise to those enhancements does not alter the "evil of the offense." United States v. Broxmeyer (Broxmeyer II), 699 F.3d 265, 300 (2d Cir. 2012) (Jacobs, J., dissenting).
  • The majority opinion holds that two instances suffice to form a "pattern" of sexual misconduct, and that one such instance can be the offense of conviction itself. Id. at 285. The Guidelines do allow for the pattern to emerge by counting an act that "occurred during the course of the instant offense," U.S.S.G. § 4B1.5 cmt. n.4(B)(ii), but it would seem a step beyond (and a tautology) to discern a "pattern"—with a severe impact on sentencing—based on adding a single instance to the conduct underlying the conviction.
  • I dissented because the offense of conviction cannot justify a sentence that exceeds the statutory minimum of 15 years. The majority disagreed: "This is not a case in which a defendant succumbed to temptation on one occasion to use one girl in an attempt to produce one image of child pornography, conduct that would nevertheless have required a 15-year sentence." Broxmeyer II, 699 F.3d at 292. The natural reading of this language is to reserve the mandatory minimum for borderline offenses, and thereby altogether foreclose meaningful review for substantive reasonableness for all but the least culpable instances.
  • Compared to cases with similar facts, Broxmeyer's sentence is disproportionately longer. See, e.g., United States v. Puglisi, 458 F. App'x 31 (2d Cir. 2012) (affirming sentence of fifteen years where defendant had sexual relationship with sixteen-year-old girl and solicited lewd pictures of her via text message). Moreover, crimes far worse involving children much younger have resulted in sentences significantly shorter. See United States v. Beardsley, 691 F.3d 252 (2d Cir. 2012) (reducing fifteen year sentence for receiving and possessing child pornography); United States v. Dorvee, 616 F.3d 174 (2d Cir. 2010) (vacating a twenty-year sentence as substantively unreasonable where defendant possessed thousands of images of child pornography and attempted to meet in person with someone he thought was a fourteen-year-old boy); United States v. Pulsifer, 469 F. App'x 41 (2d Cir. 2012) (affirming 121-month sentence for distributing child pornography). Enforcing this punishment would therefore impair the purpose and consistency of sentencing. As my dissent points out, the Guidelines range arrived at in this case yielded the same sentence (life) imposed on Jeffrey Dahmer, who killed people, and ate them. Broxmeyer II, 699 F.3d at 303 (Jacobs, J., dissenting).
  • The offense of conviction for which Broxmeyer was sentenced was a single instance of attempted sexting. In explaining its reasoning at the resentencing, the district court did not rely on any specific conduct underlying the convictions at issue here. Instead, the district court leaned on Broxmeyer's "extensive history of sexually abusing children," (Resentencing Tr., 24, Dec. 22, 2010)— conduct for which Broxmeyer was not convicted in this case. Thus the district court and the majority opinion decouple the sentence from the offense of conviction and premise a 30-year sentence on a sort of comprehensive moral accounting. See Broxmeyer II, 699 F.3d at 298 (Jacobs, J., dissenting).
  • The majority opinion allows a federal court to inflict punishment overwhelmingly on account of conduct that would be purely state offenses. It is not the role of the federal courts to exact punishment for conduct that has escaped state prosecution or that (it is thought) the state has punished inadequately, and thereby augment federal sentencing policy with a bit of Dexter.

Read More

Friday, March 8, 2013

Breaking: 9th Circuit holds reasonable suspicion needed for forensic search of laptop at US border

Justin P. Webb  1 comment

The decision is United States v. Cotterman, __ F.3d __ (9th Cir. 2013), and the case summary is below:
The en banc court reversed the district court’s order suppressing evidence of child pornography obtained from a forensic examination of the defendant’s laptop, which was seized by agents at the U.S.-Mexico border in response to an alert based in part on a prior conviction for child molestation. 
The en banc court explained that a border search of a computer is not transformed into an “extended border search” requiring particularized suspicion simply because the device
is transported and examined beyond the border. The en banc court wrote that the fact that the forensic examination occurred 170 miles away from the border did not heighten the
interference with the defendant’s privacy, and the extended border search doctrine does not apply, in this case in which the defendant’s computer never cleared customs and the defendant never regained possession. 
The en banc court held that the forensic examination of the defendant’s computer required a showing of reasonable suspicion, a modest requirement in light of the Fourth Amendment. The en banc court wrote that it is the comprehensive and intrusive nature of forensic examination– not the location of the examination – that is the key factor triggering the requirement of reasonable suspicion here. The en banc court wrote that the uniquely sensitive nature of data on electronic devices, which often retain information far beyond the perceived point of erasure, carries with it a significant expectation of privacy and thus renders an exhaustive exploratory search more intrusive than with other forms of property.  
The en banc court held that the border agents had reasonable suspicion to conduct an initial search at the border (which turned up no incriminating material) and the forensic
examination. The en banc court wrote that the defendant’s Treasury Enforcement Communication System alert, prior child-related conviction, frequent travels, crossing from a country known for sex tourism, and collection of electronic equipment, plus the parameters of the Operation Angel Watch program aimed at combating child sex tourism, taken collectively, gave rise to reasonable suspicion of criminal activity.  
The en banc court wrote that password protection of files, which is ubiquitous among many law-abiding citizens, will not in isolation give rise to reasonable suspicion, but that
password protection may be considered in the totality of the circumstances where, as here, there are other indicia of criminal activity. The en banc court wrote that the existence
of password-protected files is also relevant to assessing the reasonableness of the scope and duration of the search of the defendant’s computer. The en banc court concluded that the examination of the defendant’s electronic devices was supported by reasonable suspicion and that the scope and manner of the search were reasonable under the Fourth Amendment.  
Concurring in part, dissenting in part, and concurring in the judgment, Judge Callahan (with whom Judge Clifton joined and with whom Judge M. Smith joined as to all but Part II.A) wrote that the majority’s new rule requiring reasonable suspicion for any thorough search of electronic devices entering the United States flouts more than a century
of Supreme Court precedent, isunworkable and unnecessary, and will severely hamstring the government’s ability to protect our borders. 
Judge M. Smith (with whom Judges Clifton and Callahan joined with respect to Part I) dissented. Judge Smith wrote that the majority’s decision to create a reasonable suspicion
requirement for some property searches at the border so muddies current border search doctrine that border agents will be left to divine on an ad hoc basis whether a property search is sufficiently “comprehensive and intrusive” to require suspicion, or sufficiently “unintrusive” to come within the traditional border search exception. Judge Smith also wrote that the majority’s determination that reasonable suspicion exists under the exceedingly weak facts of this case undermines the liberties of U.S. citizens generally – not just at the border, and not just with regard to our digital data – but on every street corner, in everyvehicle, and wherever else we rely on the doctrine of reasonable suspicion to safeguard our legitimate privacy interests.



Read More

What the Stored Communications Act would look like after Rep. Lofgren's ECPA reform bill (H.R. 983)

Justin P. Webb  No comments

I wrote previously about Rep. Lofgren (and others) proposing a modification to the Stored Communications Act (SCA) as well as an addition to the ECPA regarding disclosure of geolocation information; that post can be found, here: Quick details on H.R. 983, the ECPA reform bill announced today.

I decided to update the relevant portions of the SCA (18 U.S.C. 2701-2705) with the modifications in H.R. 983. You can see the bill and my markup, below (original from Cornell's LII):

18 USC § 2701 - Unlawful access to stored communications
(a) Offense.— Except as provided in subsection (c) of this section whoever—
(1) intentionally accesses without authorization a facility through which an electronic communication service is provided; or
(2) intentionally exceeds an authorization to access that facility;
and thereby obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage in such system shall be punished as provided in subsection (b) of this section.
(b) Punishment.— The punishment for an offense under subsection (a) of this section is—
(1) if the offense is committed for purposes of commercial advantage, malicious destruction or damage, or private commercial gain, or in furtherance of any criminal or tortious act in violation of the Constitution or laws of the United States or any State—
(A) a fine under this title or imprisonment for not more than 5 years, or both, in the case of a first offense under this subparagraph; and
(B) a fine under this title or imprisonment for not more than 10 years, or both, for any subsequent offense under this subparagraph; and
(2) in any other case—
(A) a fine under this title or imprisonment for not more than 1 year or both, in the case of a first offense under this paragraph; and
(B) a fine under this title or imprisonment for not more than 5 years, or both, in the case of an offense under this subparagraph that occurs after a conviction of another offense under this section.
(c) Exceptions.— Subsection (a) of this section does not apply with respect to conduct authorized—
(1) by the person or entity providing a wire or electronic communications service;
(2) by a user of that service with respect to a communication of or intended for that user; or
(3) in section 27032704 or 2518 of this title.

18 USC § 2702 - Voluntary disclosure of customer communications or records
(a) Prohibitions.— Except as provided in subsection (b) or (c)—
(1) a person or entity providing an electronic communication service to the public shall not knowingly divulge to any person or entity the contents of a communication while in electronic storage by that service; and
(2) a person or entity providing remote computing service to the public shall not knowingly divulge to any person or entity the contents of any communication which is carried or maintained on that service—
(A) on behalf of, and received by means of electronic transmission from (or created by means of computer processing of communications received by means of electronic transmission from), a subscriber or customer of such service;
(B) solely for the purpose of providing storage or computer processing services to such subscriber or customer, if the provider is not authorized to access the contents of any such communications for purposes of providing any services other than storage or computer processing; and
(3) a provider of remote computing service or electronic communication service to the public shall not knowingly divulge to any governmental entity the contents of communication covered by subsection (a) of section 2703 or any a record or other information pertaining to a subscriber to or customer or user of such service (not including the contents of communications covered by paragraph (1) or (2)) to any governmental entity.
(b) Exceptions for disclosure of communications.— A provider described in subsection (a) may divulge the contents of a communication—
(1) to an addressee or intended recipient of such communication or an agent of such addressee or intended recipient;
(2) as otherwise authorized in section 25172511 (2)(a), or 2703 of this title;
(3) with the lawful consent of the originator or an addressee or intended recipient of such communication, or the subscriber in the case of remote computing service;
(4) to a person employed or authorized or whose facilities are used to forward such communication to its destination;
(5) as may be necessarily incident to the rendition of the service or to the protection of the rights or property of the provider of that service;
(6) to the National Center for Missing and Exploited Children, in connection with a report submitted thereto under section 2258A;
(7) to a law enforcement agency—
(A) if the contents—
(i) were inadvertently obtained by the service provider; and
(ii) appear to pertain to the commission of a crime; or
[(B) Repealed. Pub. L. 108–21, title V, § 508(b)(1)(A),Apr. 30, 2003, 117 Stat. 684]
(8) to a governmental entity, if the provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure without delay of communications relating to the emergency.
(c) Exceptions for Disclosure of Customer Records.— A provider described in subsection (a) may divulge a record or other information pertaining to a subscriber to or customer of such service (not including the contents of communications covered by subsection (a)(1) or (a)(2))—
(1) as otherwise authorized in section 2703;
(2) with the lawful consent of the customer or subscriber;
(3) as may be necessarily incident to the rendition of the service or to the protection of the rights or property of the provider of that service;
(4) to a governmental entity, if the provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure without delay of information relating to the emergency;
(5) to the National Center for Missing and Exploited Children, in connection with a report submitted thereto under section 2258A; or
(6) to any person other than a governmental entity.
(d) Reporting of Emergency Disclosures.— On an annual basis, the Attorney General shall submit to the Committee on the Judiciary of the House of Representatives and the Committee on the Judiciary of the Senate a report containing—
(1) the number of accounts from which the Department of Justice has received voluntary disclosures under subsection (b)(8); and
(2) a summary of the basis for disclosure in those instances where—
(A) voluntary disclosures under subsection (b)(8) were made to the Department of Justice; and
(B) the investigation pertaining to those disclosures was closed without the filing of criminal charges.

18 USC § 2703 - Required disclosure of customer communications or records
(a) Contents of Wire or Electronic Communications in Electronic Storage.— A governmental entity may require the disclosure by a provider of electronic communication service or remote computing service of the contents of a wire or electronic communication, that is in electronic storage in an electronic communications system for one hundred and eighty days or less, that is stored, held, or maintained by that service, only pursuant to a warrant issued using the procedures described in the Federal Rules of Criminal Procedure (or, in the case of a State court, issued using State warrant procedures) by a court of competent jurisdiction. Within three days after a governmental entity receives such contents from a service provider pursuant to this subsection, the governmental entity shall serve upon, or deliver by registered or first-class mail, or other means reasonably calculated to be effective as specified by the court issuing the warrant to the subscriber, customer, or user a copy of the warrant and a notice that includes the information referenced in section 2705(a)(4)(A) and (B)(i), except that delayed notice may be provided, pursuant to section 2705 of this title. A governmental entity may require the disclosure by a provider of electronic communications services of the contents of a wire or electronic communication that has been in electronic storage in an electronic communications system for more than one hundred and eighty days by the means available under subsection (b) of this section.
(b) Contents of Wire or Electronic Communications in a Remote Computing Service.—
(1) A governmental entity may require a provider of remote computing service to disclose the contents of any wire or electronic communication to which this paragraph is made applicable by paragraph (2) of this subsection—
(A) without required notice to the subscriber or customer, if the governmental entity obtains a warrant issued using the procedures described in the Federal Rules of Criminal Procedure (or, in the case of a State court, issued using State warrant procedures) by a court of competent jurisdiction; or
(B) with prior notice from the governmental entity to the subscriber or customer if the governmental entity—
(i) uses an administrative subpoena authorized by a Federal or State statute or a Federal or State grand jury or trial subpoena; or
(ii) obtains a court order for such disclosure under subsection (d) of this section;
except that delayed notice may be given pursuant to section 2705 of this title.
(2) Paragraph (1) is applicable with respect to any wire or electronic communication that is held or maintained on that service—
(A) on behalf of, and received by means of electronic transmission from (or created by means of computer processing of communications received by means of electronic transmission from), a subscriber or customer of such remote computing service; and
(B) solely for the purpose of providing storage or computer processing services to such subscriber or customer, if the provider is not authorized to access the contents of any such communications for purposes of providing any services other than storage or computer processing.
(c) Records Concerning Electronic Communication Service or Remote Computing Service.—
(1) A governmental entity may require a provider of electronic communication service or remote computing service to disclose a record or other information pertaining to a subscriber to or customer of such service (not including the contents of communications) only when the governmental entity—
(A) obtains a warrant issued using the procedures described in the Federal Rules of Criminal Procedure (or, in the case of a State court, issued using State warrant procedures) by a court of competent jurisdiction;
(B) obtains a court order for such disclosure under subsection (d) of this section;
(C) has the consent of the subscriber or customer to such disclosure;
(D) submits a formal written request relevant to a law enforcement investigation concerning telemarketing fraud for the name, address, and place of business of a subscriber or customer of such provider, which subscriber or customer is engaged in telemarketing (as such term is defined in section 2325 of this title); or
(E) seeks information under paragraph (2).
(2) A provider of electronic communication service or remote computing service shall disclose to a governmental entity the—
(A) name;
(B) address;
(C) local and long distance telephone connection records, or records of session times and durations;
(D) length of service (including start date) and types of service utilized;
(E) telephone or instrument number or other subscriber number or identity, including any temporarily assigned network address; and
(F) means and source of payment for such service (including any credit card or bank account number),
of a subscriber to or customer of such service when the governmental entity uses an administrative subpoena authorized by a Federal or State statute or a Federal or State grand jury or trial subpoena or any means available under paragraph (1).
(3) A governmental entity receiving records or information under this subsection is not required to provide notice to a subscriber or customer.
(d) Requirements for Court Order.— A court order for disclosure under subsection (b) or (c) may be issued by any court that is a court of competent jurisdiction and shall issue only if the governmental entity offers specific and articulable facts showing that there are reasonable grounds to believe that the contents of a wire or electronic communication, or the records or other information sought, are relevant and material to an ongoing criminal investigation. In the case of a State governmental authority, such a court order shall not issue if prohibited by the law of such State. A court issuing an order pursuant to this section, on a motion made promptly by the service provider, may quash or modify such order, if the information or records requested are unusually voluminous in nature or compliance with such order otherwise would cause an undue burden on such provider.
(e) No Cause of Action Against a Provider Disclosing Information Under This Chapter.— No cause of action shall lie in any court against any provider of wire or electronic communication service, its officers, employees, agents, or other specified persons for providing information, facilities, or assistance in accordance with the terms of a court order, warrant, subpoena, statutory authorization, or certification under this chapter.
(f) Requirement To Preserve Evidence.—
(1) In general.— A provider of wire or electronic communication services or a remote computing service, upon the request of a governmental entity, shall take all necessary steps to preserve records and other evidence in its possession pending the issuance of a court order or other process.
(2) Period of retention.— Records referred to in paragraph (1) shall be retained for a period of 90 days, which shall be extended for an additional 90-day period upon a renewed request by the governmental entity.
(g) Presence of Officer Not Required.— Notwithstanding section 3105 of this title, the presence of an officer shall not be required for service or execution of a search warrant issued in accordance with this chapter requiring disclosure by a provider of electronic communications service or remote computing service of the contents of communications or records or other information pertaining to a subscriber to or customer of such service.

18 USC § 2704 - Backup preservation
(a) Backup Preservation.—
(1) A governmental entity acting under section 2703 (b)(2) may include in its subpoena or court order a requirement that the service provider to whom the request is directed create a backup copy of the contents of the electronic communications sought in order to preserve those communications. Without notifying the subscriber or customer of such subpoena or court order, such service provider shall create such backup copy as soon as practicable consistent with its regular business practices and shall confirm to the governmental entity that such backup copy has been made. Such backup copy shall be created within two business days after receipt by the service provider of the subpoena or court order.
(2) Notice to the subscriber or customer shall be made by the governmental entity within three days after receipt of such confirmation, unless such notice is delayed pursuant to section 2705 (a).
(3) The service provider shall not destroy such backup copy until the later of—
(A) the delivery of the information; or
(B) the resolution of any proceedings (including appeals of any proceeding) concerning the government’s subpoena or court order.
(4) The service provider shall release such backup copy to the requesting governmental entity no sooner than fourteen days after the governmental entity’s notice to the subscriber or customer if such service provider—
(A) has not received notice from the subscriber or customer that the subscriber or customer has challenged the governmental entity’s request; and
(B) has not initiated proceedings to challenge the request of the governmental entity.
(5) A governmental entity may seek to require the creation of a backup copy under subsection (a)(1) of this section if in its sole discretion such entity determines that there is reason to believe that notification under section 2703 of this title of the existence of the subpoena or court order may result in destruction of or tampering with evidence. This determination is not subject to challenge by the subscriber or customer or service provider.
(b) Customer Challenges.—
(1) Within fourteen days after notice by the governmental entity to the subscriber or customer under subsection (a)(2) of this section, such subscriber or customer may file a motion to quash such subpoena or vacate such court order, with copies served upon the governmental entity and with written notice of such challenge to the service provider. A motion to vacate a court order shall be filed in the court which issued such order. A motion to quash a subpoena shall be filed in the appropriate United States district court or State court. Such motion or application shall contain an affidavit or sworn statement—
(A) stating that the applicant is a customer or subscriber to the service from which the contents of electronic communications maintained for him have been sought; and
(B) stating the applicant’s reasons for believing that the records sought are not relevant to a legitimate law enforcement inquiry or that there has not been substantial compliance with the provisions of this chapter in some other respect.
(2) Service shall be made under this section upon a governmental entity by delivering or mailing by registered or certified mail a copy of the papers to the person, office, or department specified in the notice which the customer has received pursuant to this chapter. For the purposes of this section, the term “delivery” has the meaning given that term in the Federal Rules of Civil Procedure.
(3) If the court finds that the customer has complied with paragraphs (1) and (2) of this subsection, the court shall order the governmental entity to file a sworn response, which may be filed in camera if the governmental entity includes in its response the reasons which make in camera review appropriate. If the court is unable to determine the motion or application on the basis of the parties’ initial allegations and response, the court may conduct such additional proceedings as it deems appropriate. All such proceedings shall be completed and the motion or application decided as soon as practicable after the filing of the governmental entity’s response.
(4) If the court finds that the applicant is not the subscriber or customer for whom the communications sought by the governmental entity are maintained, or that there is a reason to believe that the law enforcement inquiry is legitimate and that the communications sought are relevant to that inquiry, it shall deny the motion or application and order such process enforced. If the court finds that the applicant is the subscriber or customer for whom the communications sought by the governmental entity are maintained, and that there is not a reason to believe that the communications sought are relevant to a legitimate law enforcement inquiry, or that there has not been substantial compliance with the provisions of this chapter, it shall order the process quashed.
(5) A court order denying a motion or application under this section shall not be deemed a final order and no interlocutory appeal may be taken therefrom by the customer.

18 USC § 2705 - Delayed notice
(a) Delay of Notification.—
(1) A governmental entity acting under section 2703 (b) 2703(a) of this title may—
(A) where a court order warrant is sought, include in the application a request, which the court shall grant, for an order delaying the notification required under section 2703(b) 2703(a) of this title for a period not to exceed ninety days, if the court determines that there is reason to believe that notification of the existence of the court order warrant may have an adverse result described in paragraph (2) of this subsection; or
(B) where an administrative subpoena authorized by a Federal or State statute or a Federal or State grand jury subpoena is obtained, delay the notification required under section 2703 (b) of this title for a period not to exceed ninety days upon the execution of a written certification of a supervisory official that there is reason to believe that notification of the existence of the subpoena may have an adverse result described in paragraph (2) of this subsection.
(2) An adverse result for the purposes of paragraph (1) of this subsection is—
(A) endangering the life or physical safety of an individual;
(B) flight from prosecution;
(C) destruction of or tampering with evidence;
(D) intimidation of potential witnesses; or
(E) otherwise seriously jeopardizing an investigation or unduly delaying a trial.
(3) The governmental entity shall maintain a true copy of certification under paragraph (1)(B).
(4) Extensions of the delay of notification provided in section 2703 of up to ninety days each may be granted by the court upon application, or by certification by a governmental entity, but only in accordance with subsection (b) of this section.
(5) Upon expiration of the period of delay of notification under paragraph (1) or (4) of this subsection, the governmental entity shall serve upon, or deliver by registered or first-class mail or other means reasonably calculated to be effective as specified by the court issuing the warrant to, the customer or subscriber a copy of the process or request warrant together with notice that—
(A) states with reasonable specificity the nature of the law enforcement inquiry; and
(B) informs such customer or subscriber—
(i) that information maintained for such customer or subscriber by the service provider named in such process or request was supplied to or requested by that governmental authority and the date on which the supplying or request took place;
(ii) that notification of such customer or subscriber was delayed;
(iii) what governmental entity or court made the certification or determination pursuant to which that delay was made; and
(iv) which provision of this chapter allowed such delay.
(6) As used in this subsection, the term “supervisory official” means the investigative agent in charge or assistant investigative agent in charge or an equivalent of an investigating agency’s headquarters or regional office, or the chief prosecuting attorney or the first assistant prosecuting attorney or an equivalent of a prosecuting attorney’s headquarters or regional office.
(b) Preclusion of Notice to Subject of Governmental Access.— A governmental entity acting under section 2703, when it is not required to notify the subscriber or customer under section 2703 (b)(1), or to the extent that it may delay such notice pursuant to subsection (a) of this section, may apply to a court for an order commanding a provider of electronic communications service or remote computing service to whom a warrant, subpoena, or court order is directed, for such period as the court deems appropriate, not to notify any other person of the existence of the warrant, subpoena, or court order. The court shall enter such an order if it determines that there is reason to believe that notification of the existence of the warrant, subpoena, or court order will result in—
(1) endangering the life or physical safety of an individual;
(2) flight from prosecution;
(3) destruction of or tampering with evidence;
(4) intimidation of potential witnesses; or
(5) otherwise seriously jeopardizing an investigation or unduly delaying a trial.

Read More
Subscribe to: Posts (Atom)