This post examines an opinion recently issued by a judge in
the U.S. District Court for the Western District of Oklahoma: U.S. v.
Maurek, 2015 WL 5472504 (20150. The Judge begins by explaining that
Gregory Maurek has been indicted for
receipt, distribution, and possession of child pornography. He moves to
suppress all evidence acquired in the search of his computer . . . on the
grounds that (1) law enforcement's use of the `Torrential Downpour’ software
program to access files from his computer constituted a warrantless search; and
(2) the warrant authorizing the search lacked probable cause because the
supporting affidavit neither disclosed the fact that `Torrential Downpour’ was
only accessible to law enforcement, nor did it describe the software's
technical or scientific reliability. The government filed its brief in
opposition and an evidentiary hearing was held September 14, 2015.
U.S. v. Maurek, supra.
For an overview of how the Fourth
Amendment applies to law enforcement’s searching for and seizing evidence,
check out this Wikipedia entry.
The judge begins the substantive part of his opinion by
explaining that
[a]s previously noted in this Court's
Order of August 31, 2015 . . ., BitTorrent is a peer-to-peer (`P2P’) file
sharing network that is used to distribute large amounts of data over the
Internet. BitTorrent is one of the most popular P2P networks used by
individuals, as well as Ares, KaZaA, eDonkey, DirectConnect and Gnutella. Warner
Bros. Records, Inc. v. Does 1–4, 2007 WL 1960602 (U.S. District Court forthe District of Utah July 5, 2007).
As one court explained, since its
release over ten 10 years ago:
`BitTorrent has allowed users to share
files anonymously with other users. Instead of relying on a central server to
distribute data directly to individual users, the BitTorrent protocol allows
individual users to distribute data among themselves by exchanging pieces of
the file with each other to eventually obtain a whole copy of the file. When
using the BitTorrent protocol, every user simultaneously receives information
from and transfers information to one another. In the BitTorrent vernacular, individual
downloaders/distributors of a particular file are called “peers.” The group of
peers involved in downloading/distributing a particular file is called a
“swarm.” A server which stores a list of peers in a swarm is called a
“tracker.” A computer program that implements the BitTorrent protocol is called
a “BitTorrent client.”’ First Time
Videos, LLC v. Does 1–76, 276
F.R.D. 254 (U.S. District Court for the Northern District of Illinois 2011) (citations
omitted).’
U.S. v. Maurek, supra.
The District Court Judge went on to point out that
`[a]lso prominent in the BitTorrent
lexicon are “torrents,” small files which describe the file being
shared/distributed. Third Degree Films, Inc. v. Does 1–47, 2012 WL
4005842, at *1 (U.S. District Court for the District of Colorado Sep.12, 2012).
Torrents contain information such as how the file is divided and other
information needed for its distribution (e.g., name, description, etc.). New Sensations, Inc. v. Does 1–426,
2012 WL 4675281 at *2 (U.S. District Court for the Northern District of California Oct.1, 2012). People may search for torrents for a specific work on
the Internet; after a person finds a torrent, they may open the file with their
BitTorrent client, and they then join the “swarm.” New Sensations, Inc.
v. Does 1–426, supra. In turn, as each peer receives portions of the
file being downloaded, that peer usually makes those portions available to
other peers in the swarm. New Sensations, Inc. v. Does 1–426, supra. Consequently,
each peer in the swarm is simultaneously copying and distributing pieces of the
file. New Sensations, Inc. v. Does 1–426, supra. One swarm may last
for months up to well over a year, depending on the popularity of the work, and
people may leave and re-enter the same swarm at any time. New
Sensations, Inc. v. Does 1–426, supra.’
U.S. v. Maurek, supra.
He then took up the search warrant being challenged in this
case, noting that it
was based on an affidavit in which Kari
Newman, a Special Agent with Homeland Security Investigations, asserted that an
investigation of the activities of an IP address registered to Defendant's
residence established probable cause to believe someone at that address had
received, possessed, and/or distributed child pornography over a P2P network.
Agent Newman's affidavit described how P2P file sharing works, how a user can
search for specific files and connect directly with another user's computer,
and then download that file directly from the other user. She explained, in
specific detail, the technological methods used by law enforcement to track down,
identify, and arrest suspected users/distributors of child pornography on P2P
networks. Lastly, Agent Newman explained how digital media devices were being
used to store child pornography and the requisite skill and knowledge necessary
to search these devices for evidence.
The affidavit recounted the
investigative steps that were taken to identify Defendant's computer. Agent
Newman attested that on March 18, 2015, Detective Chris Lamer of the Moore
Police Department conducted an online undercover investigation and he was able
to connect with a computer with IP address 68.97.10.183 and download numerous
files. Based on Agent Newman's review of the files, as well as her training and
experience, she determined that the files depicted children under the age of
eighteen engaged in sexually explicit conduct and thus constituted `child
pornography’ as that term is defined in 18 U.S. Code § 2256(8).
U.S. v. Maurek, supra.
The opinion goes on to explain that
[a]t the evidentiary hearing, the Court
heard testimony from Robert Erdely, who teaches courses in online
investigations of child pornography and participated in the development of
Torrential Downpour. He testified that Torrential Downpour is a law enforcement
surveillance software that is used exclusively by law enforcement. It is used
to track, investigate, and eventually arrest those sharing child pornography
through various P2P sharing networks.
Mr. Erdely testified that Torrential
Downpour is `somewhat unique’ in that (1) it is designed to target and download
files from a single IP address, as opposed to multiple sources, and restrict
downloads to come from only that particular address (this is called a `single
source download’); (2) Torrential Downpour creates a detailed log of events for
evidentiary purposes; and (3) Torrential Downpour does not share files. Mr.
Erdely provided additional testimony on the overall nuances of Torrential
Downpour and its role in the field of P2P file sharing. Of particular note, he
stated Torrential Downpour's direct connection capabilities were no different
from other commercially available versions of BitTorrent and it (Torrential
Downpour) had no rate of error.
U.S. v. Maurek, supra.
And, finally, the judge explained that
[t]hrough a subpoena, Detective Lamer
discovered the street address corresponding with the aforementioned IP address
at the date and time of the downloads. He then conducted a search of the
Oklahoma Department of Motor Vehicles records and confirmed that Defendant had
a valid Oklahoma Driver's License which listed him as residing at the same
street address. The search warrant application was granted and upon execution
of the warrant, agents seized and confiscated several digital storage devices
from Defendant's residence. Child pornography, consisting of both videos and
still images, was found on a computer.
U.S. v. Maurek, supra.
He went on to point out that the purpose of a court’s
holding a suppression hearing is
`to determine preliminarily the admissibility
of certain evidence allegedly obtained in violation of defendant's rights under
the Fourth and Fifth Amendments.’ U.S. v. Merritt, 695 F.2d 1263 (U.S.Court of Appeals for the 10th Circuit 1982). `The proper inquiry is whether
[the challenged action] violated the Fourth Amendment rights of [the] criminal
defendant making the challenge. U.S. v.
Allen, 235 F.3d 482 (U.S. Court of Appeals for the 10th Circuit 2000) (quoting U.S.
v. Erwin, 875 F.2d 268 (U.S. Court of Appeals for the 10th Circuit 1989) (paraphrasing
in original)).
`The proponent of a motion to suppress
has the burden of adducing facts at the suppression hearing indicating that his
own rights were violated by the challenged search.’ U.S. v. Eckhart, 569
F.3d 1263, 1274 (U.S. Court of Appeals for the 10th Circuit 2009) (quoting U.S.
v. Allen, supra). The controlling burden of proof at a suppression hearing
is proof by a preponderance of the evidence. U.S. v. Matlock, 415U.S. 164 (1974).
U.S. v. Maurek, supra.
The Judge then took up the critical issue: “whether use of the `Torrential Downpour’
software constituted a warrantless search” under the Fourth Amendment. U.S. v. Maurek, supra. He began by explaining that the Fourth
Amendment
protects only reasonable expectations
of privacy. Katz v. U. S., 389 U.S. 347, (1967) (Harlan, J., concurring). Whether a defendant's Fourth Amendment
rights were violated by a challenged search turns on the classic Fourth
Amendment test: (1) whether the defendant manifested a subjective expectation
of privacy in the area searched and (2) whether society is prepared to
recognize that expectation as objectively reasonable. U.S. v. Barrows, 481
F.3d 1246, 1248 (U.S. Court of Appeals for the 10th Circuit 2007). `What a person knowingly exposes to the
public, even in his own home or office, is not a subject of Fourth Amendment
protection.’ U.S. v. Katz, supra; see
also Smith v. Maryland, 442 U.S. 735 (1979) (`a person has
no legitimate expectation of privacy in information he voluntarily turns over
to third parties’).
U.S. v. Maurek, supra (emphasis
in the original).
Next, the judge explained that the U.S. Court of Appeals for
the 10th Circuit, whose decisions are binding authority on the
District Courts in Oklahoma (among other states),
and numerous other federal courts,
including this Court, have uniformly held there is no reasonable expectation of
privacy in files made available to the public through peer-to-peer file-sharing
networks. See U.S. v. Brese,
2008 WL 1376269, at *2 (U.S. District Court for the Western District of
Oklahoma Apr.9, 2008) (`The Court finds that, notwithstanding any subjective
expectation that Defendant may have had in the privacy of his computer, it was
not reasonable for him to expect privacy in files that were accessible to
anyone else with LimeWire (or compatible) software and an internet connection’); U.S.
v. Perrine, 518 F.3d 1196 (U.S. Court of Appeals for the 10th Circuit 2008) (`Furthermore,
as [defendant] conceded, he had peer-to-peer software on his computer, which
permitted anyone else on the internet to access at least certain folders in his
computer.
To the extent such access could expose
his subscriber information to outsiders, that additionally vitiates any
expectation of privacy he might have in his computer and its contents’); U.S.
v. Abston, 401 Fed. App'x 357 (U.S. Court of Appeals for the 10th
Circuit Nov.5, 2010) (`An individual who has “enabled peer-to-peer file sharing
on his computer, thereby giving anyone with internet access the ability to gain
entrance to his computer . . . holds no reasonable expectation of privacy that
the Fourth Amendment will protect.’”) (quoting U.S. v. Perrine, supra ).
As one court stated, `[r]ather than
evidencing a subjective expectation of privacy, Defendant's participation in
the BitTorrent swarm demonstrates the exact opposite. By using peer-to-peer
file sharing BitTorrent software, Defendant opened up his computer to allow
other users of BitTorrent to access certain files to download. By opening
his computer to the public, Defendant negates any claim he may have to
subjective expectation of privacy in the files he made accessible to BitTorrent
users online.’ U.S. v. Palmer, 2015 WL 4139069, at *12 (U.S. District Court for the Middle District of Florida July 8, 2015).
U.S. v. Maurek, supra.
The judge then applied the standards outlined above to this
case, explaining that
[Maurek] does not dispute that the
files downloaded from his computer were found and shared over the BitTorrent
P2P network. [He], therefore, has not established a reasonable, subjective
expectation of privacy and his Motion to Suppress is overruled on this ground. [Maurek’s]
attempt to distinguish the law enforcement version of the software as somehow
different, or more invasive, than standard P2P programs does not alter the fact
that he allowed public access to the files on his computer which contained
images of child pornography, and thus compels no different conclusion.
U.S. v. Maurek, supra.
Even though the judge found that Maurek’s “failure to show a
reasonable expectation of privacy effectively completes this Court's analysis”,
he noted that
out of interests of completeness, the
Court addresses his second proposition that the affidavit failed to establish
probable cause due to deliberate or reckless omissions regarding the use of
Torrential Downpour, namely, the fact it is only accessible to law enforcement
and there was nothing that attested to the program's technical or scientific
reliability.
U.S. v. Maurek, supra.
The judge went on to explain that
`[a] search warrant can issue only upon
a showing of probable cause.’ U.S. v. Long, 774 F.3d 653 (U.S.
Court of Appeals for the 10th Circuit 2014). . . . `The supporting affidavit
must provide a substantial basis to conclude that there is a fair probability
that contraband or evidence of a crime will be found in a particular place.’ U.S.
v. Long, supra (quoting U.S. v. Nolan, 199 F.3d 1180
(U.S. Court of Appeals for the 10th Circuit 1999) (internal quotations
omitted)). Courts examine the `totality of the circumstances’ in the affidavit
provided to determine whether it provided a substantial basis for finding a
fair probability that contraband or other evidence of a crime would be found at
the searched premises. U.S. v. Myers, 106 F.3d 936 (U.S. Court
of Appeals for the 10th Circuit 1997). `[T]he Court must show deference to the
magistrate's finding of probable cause and must interpret the affidavit in a “common
sense and realistic fashion.”’ U.S. v. Taylor, 2013 WL 2149644 (U.S.District Court for the Northern District of Oklahoma May 16,
2013) (quoting U.S.v. Grimmett, 439 F.3d 1263 (U.S. Court
of Appeals for the 10th Circuit 2006)).
A search warrant must be voided where a
court: (1) finds that the affiant knowingly or recklessly included false
statements in or omitted material information from an affidavit in support of a
search warrant; and (2) concludes, after excising such false statements and
considering such material omissions, that the corrected affidavit does not
support a finding of probable cause. U.S. v. Garcia–Zambrano, 530
F.3d 1249 (U.S. Court of Appeals for the 10th Circuit 2008).
U.S. v. Maurek, supra.
The judge then pointed out that information that is
omitted from an affidavit is material
only if it affects a finding of probable cause. U.S. v. Kennedy, 131
F.3d 1371 (U.S. Court of Appeals for the 10th Circuit 1997) In other words, `[w]hether
the omitted statement was material is determined by examining the affidavit as
if the omitted information had been included and inquiring if the affidavit
would still have given rise to probable cause for the warrant.’ Stewart v.
Donges, 915 F.2d 572, 582 n .13 (U.S. Court of Appeals for the 10th
Circuit 1990). . . .
In U.S. v. Chiardio, 684
F.3d 265 (U.S. Court of Appeals for the 1st Circuit 2012), the FBI undertook an
undercover investigation to search for child pornography, which involved using
the `LimeWire' software, which, like BitTorrent, is a commercially available
P2P file sharing program that enables users to transmit files to and from other
members of the LimeWire network. Like BitTorrent, LimeWire users can search for
files made available by other users, browse all the files made available by a
particular user, and download desired files. U.S. v. Chiardio, supra. They can also make their own files accessible
for download by designating a folder on their computers that would
automatically share its contents with the network. U.S. v. Chiardio, supra.
U.S. v. Maurek, supra.
Next, the he outlined more of the facts in U.S. v. Chiardio, explaining that the
FBI developed and employed a special
version of LimeWire, known as `enhanced peer-to-peer software’ (EP2P), which
was customized to assist child pornography investigations. The EP2P software
differed from LimeWire in three principal respects:
First, when a user of the commercially
available version of LimeWire tries to download a file, the program seeks out
all the users who are sharing the same file and downloads different pieces of
that file from multiple locations in order to optimize download speed. EP2P
eliminates that functionality; it allows downloading from only one source at
a time, thus ensuring that the entire file is available on that source's
computer. Second, in its commercially available iteration, LimeWire
responds to a search term by displaying basic information such as the names of
the available files, file types, and the file sharers' Internet Protocol (IP)
addresses. EP2P displays not only that data but also the identity of the
Internet Service Provider (ISP) and the city and state associated with the IP
address sharing a particular file. Third, EP2P has been modified so that an
agent can easily compare the hash value (essentially, the digital fingerprint)
of an available file with the hash values of confirmed videos and images of
child pornography. Taken together, these three modifications permit
agents to download a file from a single source, learn the general
location of the source, and facilitate the identification of child pornography
as such.
U.S. v. Maurek, supra
(quoting U.S. v. Chiardio, supra, (emphases in the original)).
The Maurek judge explained
that, in Chiardo, the FBI used the
EP2P software
to trace child pornography to a computer
owned by the defendant, and he was subsequently indicted and convicted for
possessing and distributing child pornography.
On appeal, the defendant contended, as
here, that the search warrant affidavit lacked probable cause because it was
based on `largely untested’ software and the government did not sufficiently
demonstrate the software's reliability pursuant to Daubert v. MerrellDow Pharm., Inc., 509 U.S. 579 (1993). The court overruled the
motion by first noting that the Federal Rules of Evidence do not apply to
proceedings surrounding the issuance of a search warrant, U.S. v. Chiardio, supra (citing Federal Rule ofEvidence 1101(d)(3)), and that `probable cause ‘does not require scientific
certainty.’ Id. (quoting Roche v. John Hancock Mut. Life Ins. Co., 81
F.3d 249 (U.S. Court of Appeals for the 1st Circuit 1996)). The court found the
issuing magistrate had made a sensible determination, based on a detailed
affidavit, that a search of the defendant's residence was likely to turn up
illicit images. U.S. v. Chiardio, supra. This, the court determined, was sufficient to find probable
cause.
U.S. v. Maurek, supra.
He also noted that the Chiardio
court rejected the defendant’s second contention,
which also mirrors
Defendant's challenge to Torrential Downpour, that the affidavit contained
knowing or reckless material omissions about the reliability of EP2P. The First
Circuit held the alleged omissions in the supporting affidavit were not
material and had they been included, they would not have diluted the
affidavit's showing of probable cause, but rather `had the affiant included the
additional statements describing what was known about EP2P's reliability, those
statements would have served no purpose except to strengthen the affidavit. It
would be wildly illogical to suppress the fruits of a search on the ground that
the warrant application omitted statements that, if included, would have increased the
affidavit's persuasive force.’ U.S. v. Chiardio, supra (citation omitted, emphasis in
original).
U.S. v. Maurek, supra.
The judge then articulated his ruling, which overruled
Maurek’s argument:
The material fact law enforcement was
obligated to disclose was its use of investigative technology to track,
identify, and download the files from [Maurek’s] computer. This fact was fully
disclosed. More exacting details and disclosures simply were not required to
establish probable cause. See U.S. v. Biglow, 562 F.3d 1272 (U.S.
Court of Appeals for the 10th Circuit 2009) (`probable cause is a matter
of ‘probabilities and common sense conclusions, not certainties’). . . . Defendant
confuses the test for determining the admissibility of evidence from an expert
witness at trial under Federal Rule of Evidence 702 with the more
flexible and less demanding standard for evidence necessary to establish
probable cause. See also Maryland v. Pringle, 540 U.S.366 (2003) (`The probable-cause standard is incapable of precise
definition or quantification into percentages because it deals with
probabilities and depends on the totality of the circumstances’).
And, as the court observed in Chiardio, had
more information about the intricacies of Torrential Downpour been included,
these additional disclosures would not have affected the determination of
probable cause because they would have merely provided the magistrate judge
with further information regarding the source and capabilities of the automated
software. Under the totality of the circumstances, the affidavit provided a
substantial basis for the magistrate's conclusion that there was probable cause
for issuing the challenged warrant.
U.S. v. Maurek, supra.
He therefore denied Maurek’s motion
to suppress. U.S. v. Maurek, supra.
No comments:
Post a Comment