After Alexander Nathan Norris was charged with “possessing child pornography under 18 U.S. Code § 2252(a)(2) and 18 U.S. Code § 2252(a)(4)(B)”, he filed a motion to suppress certain evidence. U.S. v. Norris, 2013 WL 4737197 (U.S. District Court for the Eastern District of California 2013).
The U.S.District Court Judge who has the case begins the opinion in which she rules on Norris’ motion by noting that
[s]ome of the evidence in this case was gathered through a search of Norris's apartment at 25055th Street, Apartment 243, Davis, California (`Apartment 243’). This search was authorized by a warrant issued by a United States Magistrate Judge on April 11, 2009, based on an affidavit prepared by FBI Special Agent Nicholas G. Phirippidis.
U.S. v. Norris, supra. When an officer wants to obtain a warrant, he or she submits an application and, usually, an affidavit that outlines the information the officer has gathered that shows probable cause to believe evidence of a crime will be found at the place or thing to be searched. Rule 41(d) of the Federal Rules of Criminal Procedure describes the process of applying for a federal search warrant, like the one at issue here. And if you would like to see a completed application and affidavit in support, check out this site.
The judge’s opinion goes on the note that Phirippidis explained in his affidavit that his
investigation leading to Norris began while he was working undercover and identified a user of Peer to Peer (P2P) file sharing software with the screen name `boyforboys1’ who was distributing images of child pornography. . . . (P2P file-sharing programs allow computer users to share files with each other directly, rather than through a central server). . . . Phirippidis was able to identify boyforboys1's IP address . . . as registered to AT & T Internet Services. . . . He learned from AT & T that the subscriber associated with the IP address lived at 25055th Street, Apartment 242, Davis, California (`Apartment 242’) and obtained a search warrant for Apartment 242. . . .-->
Phirippidis and other FBI agents executed the warrant on April 1, 2011, and determined that neither the apartment residents nor their regular visitors had child pornography on their computers. With consent, the agents then reviewed Apartment 242's wireless router log, which revealed that other devices had connected to Apartment 242's password-protected router. . . . A router is `a device which forwards data packets to the appropriate parts of a computer network.’ Oxford Dictionaries Online (2013).
The router log listed the Media Access Control (`MAC’) address of each device. . . . The affidavit defines a MAC address as `a unique identifier assigned to a network device for communication on a physical network. MAC addresses are most often assigned by the manufacturer of a network device.’ . . .
Two of the devices that had connected to the network were listed in the router log as `CK’ and `bootycop.’ . . . Special Agents then used software described in the affidavit as `an open-source wireless tracking utility’ that uses `a wireless antenna in a passive mode’ to determine if the `CK’ device was located in the vicinity of Apartment 242. . . . The software tracks a device's physical location through the device's MAC address. . . . Although not identified by name in the affidavit, the parties agree that the software is that known as `Moocherhunter.’
Using the software, the agents took signal strength readings from Apartment 242, from Apartment 240, which was a vacant apartment accessed with the apartment complex manager's permission, and from the outdoor common areas of the apartment complex. . . . The readings indicated that the CK device was most likely located in Apartment 243 of the same building. . . .
U.S. v. Norris, supra.
The opinion goes on to explain that on April 8, 2011, Phirippidis
signed back on to the P2P file sharing program and saw that boyforboys1 was logged in and sharing child pornography. . . . Several hours later, [he] returned to Apartment 242 and observed that `CK’ and `bootycop’ devices were both at that time, accessing Apartment 242's network. . . . `CK’ then disconnected, while `bootycop’ stayed connected, with boyforboys 1 still logged into the P2P file sharing program. . . .
Phirippidis used the Moocherhunter software program to ascertain the physical location of the bootycop device. . . . He took `numerous signal strength readings at various locations within Apartment 242 and Apartment 240,’ which was vacant and entered with the consent of the building manager. Based on the readings, the agent determined the most likely location of the `bootycop’ device was Apartment 243. . . .
U.S. v. Norris, supra.
The opinion then explains that an “FBI investigative report, submitted with the government's opposition” to Norris’ motion, described Moocherhunter as
`a free, downloadable, mobile tracking software tool, for the geolocation of wireless devices. MOOCHERHUNTER has the ability to identify the location of an 802.11–based wireless device by the traffic sent across a network. MOOCHERHUNTER enables the user to detect traffic from a wireless client passively. No data is transmitted from the computer running MOOCHERHUNTER, data is only monitored.’
`MOOCHERHUNTER does not collect packets of data, it only displays the number of packets encountered and the signal strength of each.’
U.S. v. Norris, supra. Norris and the prosecution agreed that on April 8, 2011, Phirippidis “used Moocherhunter in the passive mode described above and that no data were transmitted from the agents' device running the Moocherhunter software into Apartment 243.” U.S. v. Norris, supra.
In his motion to suppress, Norris argued that “the government's use of Moocherhunter software to detect [his] Internet transmissions constituted a warrantless search in violation of [his] 4th Amendment rights.” U.S. v. Norris, supra. As Wikipedia notes, and as I have noted in prior posts, the 4th Amendment to the U.S. Constitution creates a right to be free from “unreasonable” searches and seizures. As Wikipedia also explains, and as I have also noted in prior posts, under the Supreme Court’s decision in Katz v. U.S., 389 U.S. 347 (1967), a 4th Amendment “search” occurs when police intrudes into an area in which a person (i) has a subjective expectation of privacy (i.e., he or she believed the area was private) and (ii) society accepts that expectation as objectively reasonable (i.e., the court finds that most people would also think it was private).
Here, the prosecution argued that “there was no violation of [Norris’] 4th Amendment rights because there was no trespass onto [his] property, and [Norris] had no reasonable expectation of privacy in the signals transmitted through his neighbor's wireless internet connection.” U.S. v. Norris, supra. The judge took up the issues in that order.
As to trespass, Norris argued that using Moocherhunter to
`sniff the air waves coming from inside Norris' bedroom, to discover the location of a computer inside his bedroom that otherwise could not have been seen without actually being in the home, intrudes into areas of his home that he has a reasonable expectation of privacy will not be trespassed.’ . . . The government contends no trespass occurred as the Moocherhunter was only `passively’ detecting Internet traffic coming from [Norris’] home.
U.S. v. Norris, supra.
The judge agreed with the prosecution, explaining that Norris
relies heavily on the recent case of Florida v.Jardines, 133 S.Ct. 1409 (2013). In Jardines, the police used a drug-sniffing dog on a suspect's front porch without a search warrant. . . . The Court held this use was a search, explaining that the front porch `is the classic exemplar of an area adjacent to the home’ and is considered the home's `curtilage,’ which has been widely protected by the 4th Amendment. . . . By using the drug-sniffing dog in this area, the police made an unwarranted physical intrusion. . . .
In this case, however, law enforcement made no physical intrusion into [Norris’] property or anything equivalent to the curtilage; rather, agents obtained permission to use Moocherhunter only passively while standing with permission in other apartments or in common areas. . . . Thus, no physical trespass onto [his] property occurred.
U.S. v. Norris, supra.
The judge then took up the issue of whether Norris had a reasonable expectation of privacy “`in the signals transmitted through his neighbor's wireless internet connection.’” U.S. v. Norris, supra. Norris argued that he had such an expectation of privacy “in his bedroom, and a reasonable expectation of privacy in the location of his computer within that bedroom.” U.S. v. Norris, supra. The prosecution argued claimed he had no such “expectation of privacy because [he] `knowingly and intentionally transmitted radio signals from inside his apartment to a location defendant knew had to be outside his apartment[.]’” U.S. v. Norris, supra.
The judge began her analysis by explaining that in the Katz case, cited above, the Supreme Court held that Katz had a reasonable expectation of privacy in a conversation he had while he was in a phone booth because (i) he believed the conversation was private (that being part of the function of a phone booth) and (ii) society accepted that belief as objectively reasonable because that was part of the reason for putting doors on phone booths. U.S. v. Norris, supra.
She also explained that in Smith v. Maryland, 442 U.S. 735 (1979), the Supreme Court held that law enforcement’s using a
pen register to record the phone numbers a suspect dialed on his telephone, without a warrant, was not a violation of the 4th Amendment. Smith v. Maryland, supra. The Court reasoned, `petitioner voluntarily conveyed numerical information to the telephone company and “exposed” that information to its equipment in the ordinary course of business. In so doing, [he] assumed the risk that the company would reveal to police the numbers he dialed.’ Smith v. Maryland, supra. In Smith, the Court distinguished Katz based on the fact that unlike the listening device used by the authorities in Katz, pen registers do not obtain the contents of the conversations.
U.S. v. Norris, supra.
The judge then found that
[h]ere, the use of Moocherhunter is more analogous to the use of the pen register in Smith than the listening device used in Katz, in that Moocherhunter does not capture the contents of the target user's Internet activity, only the strength of the target signal. . . . [Norris] had no expectation of privacy when he initiated a wireless signal from his computer to the wireless router located in Apartment 242, as he `assumed the risk’ his information would be conveyed to law enforcement by Apartment 242's occupants.
U.S. v. Norris, supra. (As I have noted in prior posts, the Katz Court’s test for determining whether a reasonable expectation of privacy exists is often referred to as the “assumption of risk” test.)
She also noted that
societal interests do not support recognizing [Norris’] reasonable expectation of privacy in data transmitted without authorization to Apartment 242's password protected wireless router. In U.S. v. Caymen, the defendant obtained a laptop from a store through the use of a fraudulent credit card. 404 F.3d 1196 (U.S. Court of Appeals for the 9th Circuit 2005). Police later recovered the laptop, and obtained the store's permission to search [it]. U.S. v. Caymen, supra. Police recovered child pornography from the laptop and the defendant was charged.
In denying the defendant's motion to suppress the evidence obtained from the computer, the court reasoned `one who takes property by theft or fraud cannot reasonably expect to retain possession and exclude others from it once he is caught. Whatever expectation of privacy he might assert is not a legitimate expectation that society is prepared to honor.’ U.S. v. Caymen, supra.
Similar to the defendant in Caymen, [Norris] transmitted information through an internet connection he did not have permission to use. . . . Specifically, [he] hacked into Apartment 242's wireless Internet router and used the Internet without those occupants' consent. . . .The agents used Moocherhunter to detect the router activity with permission of the router's owners. . . . Any expectation of privacy the defendant may have had is trumped by the lawful owners' authorization given to the government. See U.S. v. Caymen, supra.
The judge therefore denied Norris’ motion to suppress. U.S. v. Norris, supra.
If you would like to read about another case involving the use of MoocherHunter, check out this prior post.