This post examines an opinion from the U.S. District Court for the Northern District of Texas: U.S.
v. Perdue, 2017 WL 661378 (2017). The judge begins the opinion by
explaining that
[t]he instant motions to suppress and
dismiss the indictment challenge the Federal Bureau of Investigation's (`FBI's’)
seizure of a computer server that hosted a child pornography website called
`Playpen,’ and the FBI's ensuing operation of the website on a government
server.
U.S. v. Perdue, supra.
The Judge goes on to explain why, and how, the prosecution
arose:
The facts of this case that are
material to the court's decision are undisputed. In early 2015, acting on a tip
from a foreign law enforcement agency, the FBI located and seized a computer
server that contained a child pornography website called Playpen. Playpen
existed as a hidden website on the Tor Network, also known as the dark
web. Through sophisticated encryption, the Tor Network anonymizes and actively
conceals identifying information about website users, including a user's true
Internet Protocol (`IP’) address. To access Playpen, it was necessary for users
to know the website's address on the Tor Network. Users could not, for example,
stumble upon Playpen while browsing the Internet. Once on the Playpen website,
users logged in with dedicated usernames and passwords. Playpen offered users
various forums for different child pornography topics, including `Incest’ and
`Toddlers.’ Inside each forum were discussion posts, images, and videos related
to the particular topic.
Because the Tor Network anonymizes its
users, the FBI could not uncover who was operating or accessing the Playpen
website through normal investigative techniques. The FBI devised a plan to
investigate Playpen's users, who would normally be untraceable. The plan called
for the FBI to copy the Playpen server and continue to operate the Playpen
website on the FBI server. While operating the website, the FBI would use a network
investigative technique (`NIT’) that allowed it to retrieve information from
the computers of the persons who logged in to the Playpen website. The
NIT—computer code developed by the FBI—would be attached to various files
uploaded to Playpen. When the website user downloaded a file, the NIT would
force the user's computer to send to the FBI the user's actual IP address and
other identifying information. With the actual IP address, the FBI could
identify and locate the user.
Acting according to the plan, the FBI
copied the Playpen server and brought it to a government facility located in
the Eastern District of Virginia. On February 20, 2015 the FBI applied for and
obtained from a United States Magistrate Judge of the Eastern District of Virginia
a search warrant (the `NIT Warrant’) authorizing the FBI to deploy the NIT
program for a period of up to 30 days.
On or about February 23, 2015, Perdue
accessed the Internet from his residence using a personal computer. Using the
Tor Network, he logged in to the Playpen website and clicked on a post
entitled, `8 Year Old Blonde,’ which contained child pornography. As the content
from this post downloaded onto the computer, the NIT computer code was sent
automatically. The NIT relayed Perdue's IP address and other information back
to the FBI in the Eastern District of Virginia.
Based on this information, the FBI
issued a subpoena to AT & T, the Internet service provider connected with
Perdue's IP address, and learned that Perdue was the account holder associated
with the address. The FBI obtained a warrant to search Perdue's residence, and
it found (1) a computer containing child pornography, and (2) a flash drive
containing an 80–page Microsoft Word document containing links to child
pornography websites. Perdue subsequently confessed to accessing Playpen and
using the Tor Network to obtain child pornography.
U.S. v. Perdue, supra.
The federal judge goes on to point out that
[t]he grand jury later indicted Perdue for the offenses
of receipt of child pornography, in violation of 18 U.S. Code §2252A(a)(2)(A), and possession of child pornography involving a prepubescent
minor, in violation of 18 U.S. Code § 2252A(a)(5)(B). Perdue moves to
suppress all evidence obtained from the NIT, alleging that the authorizing
warrant was made without jurisdiction under 28 U.S. Code §636(a) and Fed. R. Crim. P. 41. He also moves to dismiss the
indictment. The government opposes both motions.
U.S. v. Perdue, supra. This opinion only examines the
court’s analysis of Perdue’s motion to suppress.
The District Court Judge began his analysis of the issues in
the case with Perdue’s motion to suppress evidence, in which he argued that the
evidence at issue was obtained in violation of the Fourth Amendment. U.S. v.
Perdue, supra. He began the
analysis by explaining that
[t]he general rule under the Fourth
Amendment is that searches of private property are reasonable if conducted
pursuant to a valid warrant issued upon probable cause. See, e.g., Katzv. United States, 389 U.S. 347, 357 (1967). `A defendant normally bears the
burden of proving by a preponderance of the evidence that the challenged search
or seizure was unconstitutional.’ United States v. Waldrop, 404
F.3d 365, 368 (5th Cir. 2005 (citing United States v.
Guerrero–Barajas, 240 F.3d 428, 432 (5th Cir. 2001)). `The exclusionaryrule prohibits introduction at trial of evidence obtained as the result of an
illegal search or seizure.’ United States v. Runyan, 275 F.3d 449,
466 (5th Cir. 2001). The exclusionary rule also `encompass[es] evidence that is
the indirect product or ‘fruit” of unlawful police conduct.’ Id. (citing WongSun v. United States, 371 U.S. 471, 488 (1963)).
The judge goes on to explain that Perdue argued that the
magistrate judge in the Eastern
District of Virginia who issued the NIT Warrant lacked authority under
both Fed. R. Crim. P. 41(b) (2015) and § 636(a) of the Federal
Magistrate Judges Act, 28 U.S.C. § 636(a), to authorize the search of
a computer in Texas. The government responds that the NIT is functionally a
tracking device that `was used to track the movement of [information] both within
and outside of Virginia.’ Gov't Br. 10. According to the government, `[t]he NIT
program, by way of operation, used [a communication stream between the
government's server in Virginia and Perdue's computer in Texas] to track from
where Perdue's computer signal emanated.’ Id.
U.S. v. Perdue, supra.
The District Court Judge went on to explain that
Rule 41(b)(4) provides that `a
magistrate judge with authority in the district has authority to issue a
warrant to install within the district a tracking device; the warrant may
authorize use of the device to track the movement of a person or property
located within the district, outside the district, or both.’ A `tracking
device’ is `an electronic . . . device which permits the tracking of the movement
of a person or object.’ 18 U.S. Code § 3117; see also Rule
41(a)(2)(E) (incorporating definition in § 3117). And the rules indicate
that `property’ includes `information.’ Rule 41(a)(2)(A).
The courts that have considered the NIT
Warrant have split on the issue. See United States v. Torres,
2016 WL 4821223, at *4 (W.D. Tex. Sept. 9, 2016) (collecting cases).
Courts that have held that Rule 41(b) was not violated have concluded
that the defendants `voluntarily and deliberately came to the Eastern District
of Virginia when [they] took affirmative steps to log into the Playpen website
by entering a username and password.’ United States v. Sullivan,
––– F.Supp.3d ––––, ––––, 2017 WL 201332, at *6 (N.D. Ohio Jan. 18, 2017); see
also United States v. Anzalone, 208 F.Supp.3d 358, 370 (D.
Mass. 2016) (collecting cases). It was therefore permissible for the
magistrate judge to authorize affixing a tracking device—i.e., the NIT code—to
the defendants' computers once they were present in the district. Courts that
have held that the magistrate judge violated Rule 41(b) have reasoned
that the government's defense of the magistrate judge's authority stretches the
Rule. See, e.g., United States v. Hammond, ––– F.Supp.3d ––––,
––––, 2016 WL 7157762, at *4 (N.D. Cal. Dec. 8, 2016) (`[Defendant's]
computer is a physical object that at all times remained in his home in the
Northern District of California, and the download, too, occurred here and not
‘virtually’ in the Eastern District of Virginia.’).
U.S. v. Perdue, supra.
The judge goes on to explain that the
court agrees with the courts that have
concluded that Rule 41(b)(4) does not extend to the NIT Warrant.
Although caselaw suggests that the court is to construe Rule 41broadly, see United States v. N.Y. Tel. Co., 434 U.S. 159, 169 (1977) (holding that Rule
41(b) `is sufficiently flexible to include within its scope electronic
intrusions authorized upon a finding of probable cause’), it cannot render it
meaningless. As one court has explained:
`[i]f the “installation” occurred on
the government-controlled computer, located in the Eastern District of
Virginia, applying the tracking device exception breaks down, because [defendant]
never controlled the government-controlled computer, unlike a car with a
tracking device leaving a particular district. If the installation occurred on
[defendant's] computer, applying the tracking device exception again fails,
because [defendant's] computer was never physically located within the Eastern
District of Virginia.’
United States v. Michaud, 2016
WL 337263, at *6 (W.D. Wash. Jan. 28, 2016). Accordingly, the court holds that
the NIT Warrant exceeded the magistrate judge's authority under Rule 41(b) by
authorizing the search of a computer in Texas.
U.S. v. Perdue, supra.
The judge then took up the issue of whether, since the
magistrate exceeded his/her authority by authorizing the search, the evidence
should be suppressed. U.S. v. Perdue,
supra. He began his analysis of this
issue by explaining that the
exclusionary rule precludes the
government from relying on illegally-seized evidence. United States v.
Houltin, 566 F.2d 1027, 1030 (5th Cir. 1978). `The purpose of the
exclusionary rule is to deter unlawful police conduct.’ United States
v. Pope, 467 F.3d 912, 916 (5th Cir. 2006). This purpose will not be
served, and thus the rule is inapplicable, where evidence is obtained in `objectively
reasonable good-faith reliance upon a search warrant.’ Id. (citations
and internal quotation marks omitted). `Under the good-faith exception,
evidence obtained during the execution of a warrant later determined to be
deficient is admissible nonetheless, so long as the executing officers'
reliance on the warrant was objectively reasonable and in good faith.’ United
States v. Payne, 341 F.3d 393, 399 (5th Cir. 2003) (citing United States v. Leon, 468 U.S. 897, 921–25 (1984)). The good-faith exception
cannot apply if `the issuing magistrate/judge was misled by information in an
affidavit that the affiant knew was false or would have known except for reckless
disregard of the truth[.]’ Id. at 399 (quoting United
States v. Webster, 960 F.2d 1301, 1307 n.4 (5th Cir. 1992) (per curiam)). `The “good faith inquiry is confined to the objectively ascertainable
question whether a reasonably well-trained officer would have known that the
search was illegal despite the magistrate's authorization.”’ Pope,
467 F.3d at 917 (quoting Leon, 468 U.S. at 922 n.23, 104 S.Ct.
3405).
In the context of a Rule 41 violation,
`where there is no constitutional
violation nor prejudice in the sense that the search would likely not have
occurred or been as abrasive or intrusive had Rule 41 been followed,
suppression ... is not appropriate if the officers concerned acted in the
affirmative good faith belief that the warrant was valid and authorized their
conduct.’
United States v. Comstock, 805
F.2d 1194, 1207 (5th Cir. 1986). This is because the balance of interests
inherent in an exclusionary rule analysis `weighs much less heavily [when] the
[Rule 41] violation is neither of constitutional dimensions nor intentional.’ Id. at
1210.
U.S. v. Perdue, supra.
For these and other reasons, the judge denied Perdue’s
motion to suppress evidence and his motion to dismiss the indictment against
him. U.S. v. Perdue, supra.
No comments:
Post a Comment