Friday, July 25, 2014

Child Pornography, BearShare and the IP Address

After he was “charged in a three-count indictment with knowingly distributing and receiving child pornography by computer, in violation of 18 U.S. Code §§ 2252 (a) and (b), and with knowingly possessing computers and external hard drives containing child pornography, in violation of 18 U.S. Code § 2252(a)(4)(B)”, Fred Wayne Dennis filed a motion to suppress certain evidence.  U.S. v. Dennis, 2014 WL 1908734 (U.S. District Court for the Northern District of Georgia 2014).
The U.S. District Court Judge who has the case referred the motion to suppress to a U.S. Magistrate Judge, who prepared a “report and recommendation” on the motion and submitted it to the District Court judge.  U.S. v. Dennis, supra.  The Magistrate Judge begins his report and recommendation by explaining how the prosecution arose:
In May of 2011, the Department of Homeland Security, Homeland Security Investigations, Immigration and Customs Enforcement (`HSI/ICE’), initiated a peer-to-peer file-sharing investigation to identify individuals in the Atlanta area involved in the distribution of child pornography via the Internet. . . . On May 20, 2011, HSI Special Agent Anthony Scott made a query of the Child Protection System (`CPS’) to obtain a list of IP addresses in Georgia that had offered to distribute known or suspected child pornography within the last 30 days. . . . Scott identified IP address 24.98.20.224, located in Fayetteville, Georgia, and later identified as associated with [Dennis] and his wife, as making available such files. . . .

On the same day, Scott utilized ShareazaLE to make a direct, single-source connection between the undercover ICE computer and [Dennis’] computer associated with IP address 24.98.20.224. . . . During the connection, [Dennis’] computer located at 24.98.20.224 transmitted a list of files it had available for public download, which consisted of 548 files `that had been previously identified as containing known or suspected child pornography.’ . . . [B]etween May 21, 2011, and May 27, 2011, [Dennis’] computer shared with the undercover ICE computer nine incomplete digital movie files that were publicly available. . . . On May 26, 2011, Agent Harris examined the partially downloaded movie files and found them to contain child pornography. . . .  The CPS last observed [Dennis’] computer sharing these files on June 16, 2011. . . .

On August 31, 2011, Special Agent Jeffrey White, with the HSI/ICE Albany, Georgia office, was conducting an online Internet investigation to identify individuals possessing and sharing child pornography using the Gnutella network. . . . White utilized peer-to-peer Undercover Investigative Software (`UIS’), which `allows downloads only from one source at a time’ and `provides the ability to identify potential subjects based on their geographic location’ as well as capturing activity that occurs over peer-to-peer networks. . . . At approximately 10:03 a.m., White, using UIS, initiated a ‘”direct connect” request to the host computer at IP number 24.99.36.225.’ . . . [T]he host computer sent White a list of files currently on the host computer that were publicly available to other users on the network for download. . . .

Of the 760 files on the host computer, White determined 166 contained file names with terms such as `pthc, pedoland, Lolita, kiddie, child porn and illegal,’ which were known to him to be consistent with child pornography. . . . White then initiated downloads from the host computer, and two files reviewed by him contained child pornography. . . . White attempted to download three additional files, but the connection with the host computer was terminated before the download could be completed. . . .

On September 6, 2011, White initiated another `direct connect’ request with the same host computer at IP address 24.99.36 .225. . . . [T]he host computer sent him a list of files currently available to others for download, and of the 961 files, approximately 162 had file names containing terms consistent with child pornography. . . . White successfully downloaded three files, all of which were found to depict child pornography. . . .

Based on this investigation and the activity from May, August, and September of 2011, Harris applied for and obtained a search warrant for 200 Carrollwood Drive, Fayetteville, Georgia, 30215 on October 6, 2011. . . . On October 12, 2011, at approximately 6:00 a.m., a team of HSI/ICE special agents arrived at [Dennis’] home, knocked on the door, and after [he] answered, pulled him aside so they could gain entry into the residence and execute the search warrant. . . . Approximately ten minutes after the agents entered the residence, Harris made contact with [Dennis] in the living room to interview him. . . .

Prior to interviewing [Dennis], Harris introduced himself and Scott and told [Dennis] they would like to speak with him and asked him if that would be `all right,’ and [Dennis] responded, `Yes.’ . . .
U.S. v. Dennis, supra.  The agents Mirandized Dennis and then interviewed him; he would later move to suppress statements he made to them. U.S. v. Dennis, supra. 
In a footnote, the Magistrate Judge explained CPS is a software program that assists in
the regionalization and tracking of IP addresses. . . . The `CPS analyzes the hash values assigned to files available for download . . . and compares them to files stored in government databases that contain known child pornography. U.S. v. Dodson, 960 F.Supp.2d 689 (U.S. District Court for the Western District of Texas 2013). `Because each hash value is essentially one of a kind, it assures law enforcement officials there is a high likelihood that child pornography is contained on a computer using the identified [IP] address.’ U.S. v. Dodson, supra. The CPS identifies and logs `huge quantities of worldwide IP addresses that are identified as participating in the possession and distribution of child pornography.’ U.S. v. Dodson, supra.
U.S. v. Dennis, supra. 
And in another footnote, he explained that ShareazaLE is a
`modified version of the free downloadable “Shareaza” [ ] client software’ for law enforcement to use to `only download files from a single source-the target IP,’ whereas the public version will `download from many sources.’ . . . ShareazaLE will `log all activity and transactions that occur while connected to the target IP’ and it `adheres to the common [ ] protocols and functions exactly the same way as the free public version’ in that it `has no additional browsing or downloading capabilities over and above the free public version.’
U.S. v. Dennis, supra. 
This post is concerned with Dennis’ motion to suppress the files found on his computer because (i) “he had a reasonable expectation of privacy in” them “and did not consent to the entry into and search of his computer files” and/or (ii) “the entry into his computer equipment and the downloading of files located . . . were physical trespasses into his home and computers”. U.S. v. Dennis, supra. 
As to the first issue, as I have explained in prior posts, a “search” within the compass of the 4th Amendment violates a “reasonable expectation of privacy” in a place and/or thing.
As Wikipedia explains, in Katz v. U.S., 389 U.S. 347 (1967), the Supreme Court held that a 4thAmendment “search” occurs when a law enforcement officer (i) intrudes into a place or thing in which someone has a subjective expectation of privacy and (ii) society accepts that subjective expectation as objectively reasonable.
If law enforcement conducts a “search” and seizes property, you then have the two 4th Amendment events – a search and a seizure.  Under the 4th Amendment, searches and seizures have to be “reasonable,” i.e., conducted pursuant to a warrant or an exception to the warrant requirement.  If they are not conducted pursuant to either, then the evidence will be suppressed absent some countervailing factor, such as a reasonable mistake on the officer’s part.
Here, Dennis claimed he had a reasonable expectation of privacy in his computers
and the contents of his computers' hard drives that were located securely in his home. . . . However, the agents accessed only his publicly shared files on his computers via [his] peer-to-peer file-sharing program from a remote location, and therefore, the issue is whether [Dennis’] installation and use of this peer-to-peer program negated any expectation of privacy in those shared files he may otherwise have had.

[Dennis] attempts to meet the subjective prong of the reasonable expectation test by asserting that he exhibited an actual expectation of privacy by trying to opt out of the sharing feature of his peer-to-peer BearShare program. . . . Specifically, [Dennis] testified at the evidentiary hearing that when prompted on his computer that his files on BearShare would be shared, he clicked `no,’ . . . and he therefore asserts that `[b]y exercising this option, [he] showed his intention to refuse public access to the files located in his computers’ even though his `efforts failed due to an apparent defect in the BearShare program’. . . .

Based on [Dennis’] limited testimony that he intended to and attempted to opt out of the sharing feature of the BearShare program, the Court will assume for purposes of his motions that he has satisfied the subjective prong of the test. However, for the following reasons, the Court finds [he] has failed to satisfy the objective prong that the `privacy expectation be one that society is prepared to recognize as reasonable.’ U.S. v. Bushay, 859 F.Supp.2d 1335 (U.S. District Court for the Northern District of Georgia 2012).
U.S. v. Dennis, supra.
The Magistrate Judge then explained that other federal courts, including the U.S. Court of Appeals for the 11th Circuit, have found that “a defendant's utilization of a peer-to-peer file-sharing program that allows other public users of such software to access the shared files on that defendant's computer negates any reasonable expectation of privacy in those shared files” and that this is “true even in situations where a defendant may not have knowingly enabled the sharing feature, or even where he affirmatively attempted to opt out.”  U.S. v. Dennis, supra. 
He therefore found that here, Dennis “utilized the file-sharing program BearShare, and despite his alleged efforts to prevent the public at large from accessing those files, they were still entirely exposed to the public for downloading and viewing without the need to employ any special means to access them other than using a compatible file-sharing program.”  U.S. v. Dennis, supra.  In reaching this result, the Magistrate Judge relied on U.S. Court of Appeals for the 9th Circuit’s decision in U.S. v. Borowy, 2010 WL 537501, which you can read about here.  U.S. v. Dennis, supra.  So he held that the agents’ accessing the files on Dennis’ computer was not a 4th Amendment search because he had no reasonable expectation of privacy in them. U.S. v. Dennis, supra. 
The Magistrate Judge also rejected Dennis’ argument that the officers “trespassed” into his computer in violation of the 4th Amendment, citing the Supreme Court’s decision in U.S. v. Jones, 132 S.Ct. 945 (2012). U.S. v. Dennis, supra.  He explained that in Jones,
the Court considered whether the warrantless installation of a GPS tracking device on the defendant's vehicle violated his 4th Amendment rights. . . . [T]he Court found. . . . that the defendant's vehicle was an `effect’ and that the warrantless physical trespass of that `effect’ to obtain information constituted an unreasonable search under the 4th Amendment. . . .

Thus, the Supreme Court made clear that the 4th Amendment is implicated where the `[g]overnment physically occupie[s] private property for the purpose of obtaining information.’ . . .  However, as noted by the government, . . . the Supreme Court also confirmed that `[s]ituations involving merely the transmission of electronic signals without trespass would remain subject to [the] Katz analysis[.]. . . .
U.S. v. Dennis, supra.  The text of the 4th Amendment refers to “the right of the people to be secure in their persons, houses, papers, and effects” against unreasonable searches.
The Magistrate Judge explained that
`[s]everal courts have rejected the application of Jones to the investigation of file sharing programs,’ U.S. v. Brashear, 2013 WL 6065326 (U.S. District Court for the Middle District of Pennsylvania 2013), and the Court finds the reasoning of these cases persuasive. The government did not use a tracking device, . . . as . . . in Jones; instead, it merely obtained information publicly available on shared files via a software program that connected with [Dennis’] computer on which [he] had installed a file-sharing program. Thus, there was no 4th Amendment violation tied to common law notions of trespass in this case.

Indeed, `the contents of the shared folder on [Dennis’] computer were knowable to law enforcement without physical intrusion to [his] house because this information was also available to members of the public.” Norman, 448 F. App'x at 897; see also Russell v. U.S., 2013 WL 5651358 (U.S. District Court for the Eastern District of Missouri 2013) (defendant was `using a file-sharing program that broadcast the contents of his computer to the internet and invited users to search those contents. Thus no government trespass into [Dennis’] home or effects occurred’). . . .  Because `”[t]his investigation involve[d] the transmission of electronic signals without trespass,”’ it did not ‘”implicate [his] 4th Amendment rights under Jones. under Jones,’” U.S. v. Brashear, supra . . . and [Dennis’] argument in this regard is without merit. . . .
U.S. v. Dennis, supra. 

For these and other reasons, the Magistrate Judge recommended that Dennis’ motion to suppress be denied.  U.S. v. Dennis, supra.  The District Judge adopted the Magistrate Judge’s report and recommendation as its order and therefore held that Dennis’ motion to suppress should be, and was, denied.  U.S. v. Dennis, supra. 

No comments: