Return to Privacy Module IV

 

Drake Law Review

2000

 

Articles

 

THE SEARCH AND SEIZURE OF COMPUTERS: ARE WE SACRIFICING PERSONAL

PRIVACY FOR THE ADVANCEMENT OF TECHNOLOGY?

 

Stephan K. Bayens [FNa1]

 

 

 

 

Copyright 2000 Drake University; Stephan K. Bayens

 

 

 

 

New technologies should lead us to look more closely at just what values the Constitution seeks to preserve.--Laurence H. Tribe, The Constitution in Cyberspace [FN1]

 

 

I. Introduction

 

It is amazing how such simple statements can embody such overwhelming notions and concepts. The Fourth Amendment states quite simply that people have the right "to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures . . . ." [FN2] Despite its simplicity, this statement continues to protect an ever-advancing society from the oppressive nature of the state. The Fourth Amendment's simplicity and flexibility has permitted the judiciary to shape and mold its prescriptions into a timeless document. The timeless nature of the Fourth Amendment, however, faces a serious challenge in present-day society technology. The Fourth Amendment has, throughout its history, not only faced technological advancement but has met technological challenges head on. The Fourth Amendment now faces its newest technological foe-computer systems.

 

This Article examines the Fourth Amendment's current ability to protect individual privacy from the rapid evolution of computer technology. Computer technology is a worthy challenger given its unique idiosyncrasies. This Article seeks first to address those idiosyncrasies inherent in computer technology and then to examine the Fourth Amendment's ability to provide adequate protections in this new computer-based world.

 

Part II of this Article examines the Fourth Amendment's touchstone "reasonable expectation of privacy" standard and its current application in various computer-based settings. Part III analyzes the Fourth Amendment's particularity requirements with regard to computers. Finally, Part IV looks at statutory provisions created especially to address problems unique to computer- based communications.

 

 

II. Technology and the Fourth Amendment: Unequal Risings?

 

In order for the protections of the Fourth Amendment to cloak the individual from intrusive government searches and seizures, a judicially construed threshold must first be crossed. The United States Supreme Court in Katz v. United States [FN3] ruled the constitutional protections embodied in the Fourth Amendment are only triggered upon the showing of a reasonable expectation of privacy. [FN4] Justice Harlan, in concurring with the majority, created a two-pronged test designed to objectively quantify this seemingly amorphous standard. [FN5] The Court subsequently adopted this test in examining all potential Fourth Amendment cases. [FN6] The first prong requires "[t]he person must have had an actual or subjective expectation of privacy." [FN7] The second prong demands that this subjective "expectation be one that society is prepared to recognize as 'reasonable."'[FN8] If a court determines either of these prerequisites are lacking, the Fourth Amendment is not triggered, and the government may search and seize without a warrant even the most rudimentary showing of reasonable suspicion is unnecessary. [FN9] The "reasonable expectation of privacy" test is a flexible one because it is dependent upon current societal expectations as to what is reasonable. [FN10] However, the test is becoming increasingly more difficult to apply consistently given the rapid advancements in technology. [FN11] As technology evolves so do societal expectations of reasonableness. But is the traditional Katz formula flexible enough to evolve along side both technology and our societal expectations?

 

 

A. The Reasonable Expectation of Privacy Formula and Employee Computers

 

In assessing an employee's expectation of privacy in the workplace, it is important to distinguish between government employers and private employers. The distinction is important because in order to trigger the Fourth Amendment the search or seizure must be by a government or state actor. [FN12] Private employers are not bound by the constraints of the Fourth Amendment [FN13] unless their actions were at the behest of government officials. [FN14] Given this important distinction, an initial examination regarding areas of Fourth Amendment jurisprudence that apply to both the government workplace and the private workplace is necessary. Only then can the unique government workplace settings be addressed.

 

 

1. The Government Workplace and the Private Workplace: Common Threads

 

A number of initial hurdles must be cleared in asserting a reasonable expectation of privacy in data stored on an employee's work computer. These initial hurdles deal with the numerous exceptions courts have carved out of the sweeping language of the Fourth Amendment. Although there are numerous exceptions to the Fourth Amendment, the plain view doctrine and consent are particularly relevant in the area of employee computers.

 

a. The Plain View Doctrine. The plain view doctrine allows for seizure of evidence without a warrant if an officer is "in a lawful position to observe the evidence, and its incriminating" nature is immediately apparent. [FN15] Justice Harlan, in his Katz concurrence, succinctly expressed the rationale behind the plain view doctrine stating, "objects, activities or statements that [one] exposes to the 'plain view' of outsiders are not 'protected' because no intention to keep them to [one]self has been exhibited." [FN16] In the computer context, e-mail or other electronic messaging that require no password for access and are open to all employees, as well as personal data stored on a work computer, may be subject to the plain view doctrine. [FN17] The plain view doctrine would likely apply in these circumstances because no reasonable expectation of privacy could be asserted when such a high number of employees would have accessto the messages sent. In reality, however, this particular situation is fairly rare. The majority of workplaces provide their employees with individual passwords in order to ensure some semblance of privacy in e-mail transmissions. [FN18] Password-based access restriction would take e-mail and other electronic communications out of the purview of the plain view doctrine, as third-party access to the transmitted material would be practically nonexistent. [FN19]

 

The other specific factual situation where the plain view doctrine may apply is "through a process of 'timesharing' in which multiple users share concurrently the resources of a single computer system." [FN20] Like e-mail messaging if the use of the timeshared computer or network is not apportioned off by the use of passwords, the computer data is likely subject to the plain view doctrine. [FN21] This is especially true if the data is saved to a communal hard drive networked throughout the business or organization. [FN22] Similar to the above discussion of e-mail, if individualized passwords are used to gain access to specific material saved by that user, and other employees could not access that material, the material would likely be taken out of the purview of the plain view doctrine. [FN23] It should additionally be noted that Fourth Amendment protections are not based solely on possessory interests in the items searched and seized. [FN24] Thus, although users of multi-user computer systems "do not own the hardware, they nevertheless maintain an expectation of privacy in the information stored on the system" [FN25] as long as appropriate privacy safeguards are in place. [FN26]

 

Therefore, in the majority of workplace situations the employee may safely store data on a work computer without fear the plain view doctrine will strip him of his constitutional rights under the Fourth Amendment. Employees should, however, inquire as to: (1) the individual password restrictions instituted by the company or government agency; (2) the appropriate place to save and store data to limit access; and (3) the number of employees that have unrestricted access to all employee computers regardless of password protections.

 

b. The Consent Exception. The consent exception to the Fourth Amendment is implicated more deeply in the workplace than in the limited factual situations discussed above concerning plain view. [FN27] The consent of "one who possesses common authority over premises or effects is valid as against the absent, nonconsenting person with whom the authority is shared." [FN28] Thus, if several people own or use a particular computer, any one of those people could possibly grant consent to search the "common area" of the computer. [FN29]

 

The greatest obstacle, however, in the consent area deals with the growing number of explicit workplace policies stating Internet use and e-mail transmissions may be monitored. [FN30] Accepting or continuing employment with a company or governmental agency that has instituted such a policy may operate as employee consent and could bar application of Fourth Amendment protections. [FN31] Initially, this possibility was just a theory among scholars. [FN32] A federal district court, however, recently removed this from the theoretical plane and placed it in established case law. [FN33]

 

In United States v. Simons, [FN34] defendant Mark Simons was employed with the Foreign Bureau of Information Services (FBIS), a division of the Central Intelligence Agency (CIA), as an electronic engineer. [FN35] The Systems Operation Center Manager, who manages the computer network for FBIS, was investigating the capabilities of a new system placed on the FBIS network that logged all computer traffic going outside the network. [FN36] A component of this program allowed the systems manager to do a keyword search of the logged material. [FN37] The systems manager, attempting to discover if the new program could unearth inappropriate Internet usage, ran the keyword "sex." [FN38] A significant number of responses were traced back to a particular workstation, later determined to belong to the defendant. [FN39] The search results indicated that the accessed Internet sites appeared to be pornographic in nature, and the frequency with which these sites were accessed dispelled any possibility of accidental activity. [FN40] Upon direction of his supervisor, the systems manager verified the sites were pornographic, accessed defendant's computer through the network and discovered over 1,000 downloaded graphic files containing pornographic material. [FN41] The systems manager copied defendant's hard drive via the network. [FN42] This copy was then handed over to the special investigation unit of the CIA where it was discovered that a number of the downloaded graphic files depicted child pornography. [FN43] A special agent obtained a search warrant permitting the agent to copy defendant's hard drive, floppy disks, documents concerning screen names, and personal correspondence. [FN44]

 

Simons claimed the searches were conducted in violation of the Fourth Amendment and therefore, all evidence should be suppressed. [FN45] In denying defendant's motion to suppress, the court relied heavily on the FBIS's official policy regarding computer use. [FN46] In light of this specific policy, the court ruled defendant had no reasonable expectation of privacy regarding his Internet usage. [FN47] "The Court [gave] significant weight to the portion of the policy stating that audits shall be implemented to support identification, termination and prosecution of unauthorized activity. The Court also [gave] weight to the part [of the policy] providing that audits would be capable of recording web sites visited." [FN48] Based on the ruling of the Simons court many workers may now "be expected to consent to monitoring if they decide that earning a livelihood is more important than enjoying privacy protections in the workplace." [FN49] Although this is a troubling conclusion, governmental employees may at least have some degree of protection from this practice. [FN50]

 

 

2. Issues Unique to the Government Workplace

 

Given the Fourth Amendment's applicability to searches by government employers, the Supreme Court created an exception to the Fourth Amendment designed to ensure the government's ability to properly and effectively supervise, control, and run the government workplace. [FN51] If the Court had not created such an exception, a government supervisor would have to obtain a valid search warrant every time she searched an employee's workstation for a missing file. [FN52] Thus, in O'Connor v. Ortega, [FN53] the Court ruled two types of workplace searches were exempt from the auspices of the Fourth Amendment: (1) a non-investigatory, work-related intrusion and (2) an investigation into work-related employee misfeasance. [FN54]

 

The Court, however, did not intend to institute a carte blanche rule permitting the warrantless search of all items in an employee's workstation. Personal items, such as a handbag or brief case, were explicitly excluded from those items an employer could search. [FN55] This exclusion of personal items from workplace searches presents an interesting dilemma in regard to items that could conceivably serve a dual purpose, like a floppy disk. [FN56] A floppy disk has the capability of being either an integral part of the workplace or an extremely personal container of intimate thoughts. Courts, however, will likely find it reasonable to assume that floppy disks located at the workplace fall within the workplace context, thus resolving the amorphous nature of a computer disk. [FN57]

 

In theory at least, government employees receive greater constitutional protections against workplace searches and seizures of their computers than their private sector counterparts. Yet, given the workplace exception carved out in O'Connor [FN58] and the apparent assumption that items capable of storing electronic data immediately fall in the workplace context, [FN59] these additional protections are limited.

 

 

B. The Reasonable Expectation of Privacy Standard and the Internet

 

"The Internet is not a physical or tangible entity, but rather a giant network which interconnects innumerable smaller groups of linked computer networks." [FN60] The Internet is an overwhelming mass of information that has no centralized administrator, storage location, or control point. [FN61] "It exists and functions as a result of the fact that hundreds of thousands of separate operators of computers and computer networks independently decided to use common data transfer protocols to exchange communications and information with other computers (which in turn exchange communications and information with still other computers)." [FN62] By the close of 1999, an estimated 200 million people will be using the Internet. [FN63] Many methods can be used in communicating on the Internet. Those that best contemplate Fourth Amendment protections are real time communications (chat rooms) and one-to-one messaging (e-mail). [FN64]

 

 

1. Chat away . . . the Government Is Listening

 

The use of-real time communication on the Internet permits the computer user to engage in instantaneous dialog with another person or an entire group of people. [FN65] These real time communications "allow[ ] two or more [people] to type messages to each other that almost immediately appear on the others' computer screens." [FN66] Those wishing to discuss similar topics of interest can utilize "chat rooms," which are electronic meeting places that allow people with a mutual interest to electronically discuss a chosen topic. [FN67] The range of subjects is innumerable, and new chat rooms are created daily. [FN68]

 

In order to assert the protections of the Fourth Amendment in electronic dialogs, participants would have to demonstrate a subjective expectation of privacy that society is prepared to recognize as reasonable. The primary difficulty in asserting the Fourth Amendment in a chat room setting is the previously discussed plain view exception. [FN69] In a public chat room, it would be difficult to claim a reasonable expectation of privacy as the contents of the discussion are open for all in the chat room to read. [FN70] An Ohio federal district court squarely addressed this issue in United States v. Charbonneau. [FN71]

 

In Charbonneau, an agent with the FBI began perusing various chat rooms posing as a pedophile. [FN72] The agent operated primarily in private chat rooms titled "BOYS" and "PRETEEN." [FN73] The agent did not actively engage in conversation with the other members of the chat room; rather he passively observed and recorded the dialog between members. [FN74] Child pornography was often exchanged by using information gained during these electronic communications. [FN75] The agent identified one of those involved in the distribution of the child pornography by his screen name. [FN76] The agent then obtained defendant's true identity through the use of a search warrant. [FN77] Defendant sought suppression of the statements he made while in the chat room as well as the e-mail messages he sent to other users. [FN78]

 

The court, in denying defendant's motion to suppress, ruled when defendant engaged in chat room conversations, he essentially assumed the risk that one of his fellow users could possibly be a law enforcement official. [FN79] The court further ruled defendant could not have a reasonable expectation of privacy because he was aware of the operating procedures in the chat room and continued to use the chat room despite its open nature. [FN80] Thus, there is no recognizable expectation of privacy in publicly accessible chat rooms.

 

 

2. E-mail: Akin to Telephone Calls and First Class Mail?

 

E-mailing someone is essentially the same as sending someone a written letter, except that the written letter has been reduced to electronic form and sent to the recipient's e-mail address. [FN81] This electronic letter can be sent to one person or a host of different people by simply including the e-mail addresses of the additional people. [FN82] Any particular message can be forwarded to another person by adding the appropriate address. [FN83] "The message then crosses the Internet, moving from node to node until it reaches its destinations." [FN84] In attempting to apply the reasonable expectation of privacy standard to this relatively new form of communication, courts analogize e-mail to other forms of communication. [FN85] In United States v. Maxwell, [FN86] the United States Court of Appeals for the Armed Forces likened e-mail to both first class mail and telephone calls. [FN87]

 

In Maxwell, FBI agents received several e-mails and graphic files discussing and depicting child pornography from a concerned citizen, along with the screen names of the users that sent the messages and material. [FN88] Based on this information, the agent sought a search warrant permitting him to unearth the true identity of the users by obtaining the master list of users and screen names from the Internet service provider. [FN89] Upon discovering the true identity of those involved, agents discovered the defendant was in the Air Force. [FN90] The Air Force Office of Special Investigations sought a warrant to search the defendant's quarters. [FN91] A number of graphic files depicting child pornography were located on his computer. [FN92] He subsequently sought suppression of all physical evidence recovered during the various searches. [FN93]

 

The court, in addressing whether the defendant could properly litigate the issue, ruled e-mail was similar to first class mail in that "if a sender of first-class mail seals an envelope and addresses it to another person, the sender can reasonably expect the contents to remain private and free from the eyes of the police absent a search warrant founded upon probable cause." [FN94] The court additionally ruled e-mail maintained some qualities of telephone calls as "the maker of a telephone call has a reasonable expectation that police officials will not intercept and listen to the conversation." [FN95] Relying on these parallels, the court found "the transmitter of an e-mail message enjoys a reasonable expectation that police officials will not intercept the transmission." [FN96] The court, however, proceeded to narrowly define its ruling by stating "once the [e-mail] is received and opened, the destiny of the letter then lies in the control of the recipient of the letter, not the sender, absent some legal privilege." [FN97] The court further narrowed its holding stating:

Expectations of privacy in e-mail transmissions depend in large part on the type of e-mail involved and the intended recipient . . . . [E]-mail that is "forwarded" from correspondent to correspondent lose[s] any semblance of privacy. Once these transmissions are sent out to more and more subscribers, the subsequent expectation of privacy incrementally diminishes. [FN98]

 

The court, in addressing the government's claim defendant disclosed the information to the Internet service provider thereby eliminating the protections of the Fourth Amendment, denoted that although the service provider would always have ultimate access to messages stored on its computers, it was in a radically different position. [FN99] To use the mail and telephone analogy, "[t]he post office cannot indiscriminately intercept the letters it transmits, and neither may the telephone company routinely eavesdrop on the conversations occurring on its lines." [FN100] Thus, defendant was permitted to litigate the issue because he had a reasonable expectation of privacy in the e-mail messages, despite the service provider's ability to access the contents of any particular message. [FN101]

 

The Charbonneau court, relying on the narrowing factors in Maxwell, ruled not only did defendant's chat room conversations lack Fourth Amendment protection, but his e-mail messages sent to others in the chat room and the e-mail sent or forwarded to the undercover agents also lacked Fourth Amendment protection. [FN102] Defendant lacked a reasonable expectation of privacy in the e-mail sent to other members of the chat room because his privacy interests exponentially diminished based on his forwarding of messages from correspondent to correspondent. [FN103] Furthermore, defendant bore the risk that one of his fellow users in the chat room could possibly be a law enforcement official. [FN104] Thus, those items actually forwarded or sent to the officers had no Fourth Amendment protection. [FN105] Subject to certain restrictions, courts are willing to recognize a reasonable expectation of privacy in e-mail. [FN106] Yet, that recognition can be quickly dashed once the recipient accesses the e-mail or if it is forwarded to a relatively large number of people.

 

 

C. Not Only Will They Fix Your Computer, but They'll Fix Your Wagon As Well

 

The Fourth Amendment to the Constitution provides citizens shall be free from unreasonable searches and seizures by the government. [FN107] The Fourth Amendment, however, "is wholly inapplicable to a search or seizure, even an unreasonable one, effected by a private individual not acting as an agent of the Government or with the participation or knowledge of any governmental official." [FN108] In determining whether a private party is acting as an agent of the government, courts apply a two-pronged test. [FN109] First the court must examine whether "the [g]overnment knew of or acquiesced in the intrusive conduct. . . ." [FN110] The court must then decide whether "the private party's purpose for conducting the search was to assist law enforcement efforts or further his own ends." [FN111] Searches by private parties in the computer arena normally occur when computer technicians inadvertently stumble upon illegal material when servicing a computer. [FN112] The conversion from a private party to an agent of the government is difficult to ascertain and must be determined ad hoc. [FN113]

 

In United States v. Hall, [FN114] the defendant took the central processing unit of his computer to a local computer store for repairs. [FN115] A computer technician, in order to diagnose the particular problem with the unit, accessed a number of file directories. [FN116] In viewing these directories, the technician observed a number of files with sexually explicit titles. [FN117] The technician opened these files and discovered what he believed to be child pornography. [FN118] The employee immediately contacted local law enforcement officers who instructed him to make copies of the material. [FN119] Agents eventually procured a search warrant relying solely on the technician's affidavit; at no time did the agents review the copied material. [FN120] The search of defendant's computer and home revealed numerous graphic images of child pornography. [FN121] Defendant moved to suppress the evidence claiming an agent of the government made the discovery of the images. [FN122]

 

The Seventh Circuit denied defendant's motion ruling the technician's search was pursuant to the maintenance work performed and not at the behest of the government. [FN123] The court ruled neither of the private-actor conversion prongs were satisfied. [FN124] First, the government agents had no knowledge of the intrusive action, and second, the purpose of the intrusion was not to unearth evidence of a crime but to complete the normal course of the repair shop's business. [FN125] The government would not concede that the subsequent copying of the files at the behest of the agents converted the technician into a government agent. [FN126] However the court ruled the affidavits in support of the warrant did not rely on the unreasonable search to establish probable cause. [FN127] Thus, the copied images were independently discovered through proper channels. [FN128]

 

Similarly, in United States v. Barth, [FN129] the defendant, owner of his own accounting firm, was experiencing difficulties with his office computer and called in a computer technician to alleviate the problem. [FN130] The technician while searching for viruses by opening various files, discovered computer images of child pornography. [FN131] The technician, a confidential informant for the FBI, contacted an agent and was instructed to copy the contents of the hard drive. [FN132] The following day local law enforcement agents, without a warrant, reviewed the contents of defendant's hard drive. [FN133] Based solely on an affidavit detailing the technician's initial discovery, a state magistrate issued a warrant to search defendant's hard drive. [FN134] A forensic computer analyst was brought in to conduct the search. [FN135] Before the search began, however, the analyst was briefed about the contents of the computer and its various systemic processes. [FN136] The analyst discovered further pornographic images and defendant sought suppression of the images due to an unreasonable search and seizure under the Fourth Amendment. [FN137]

 

The court, in granting defendant's motion to suppress, ruled the initial discovery by the technician constituted a search by a private party. [FN138] The court found "no evidence that [the technician] intended to assist law enforcement officers when he initially viewed the image." [FN139] The technician's status, however, quickly changed. [FN140] As soon as the technician contacted the FBI, the government knew that a reliable confidential informant was in possession of a computer containing contraband, and thus, the government acquiesced to all further conduct by the technician. [FN141]

 

Unlike the court in Hall, the court found the independent source doctrine was not implicated. [FN142] Although the application for the warrant contained only information gained by the technician's initial discovery, the forensic computer analyst who conducted the search received information from the officers as to the computer's contents and operating system. [FN143] The court ruled "[b]ecause [the forensic computer analyst] was aware of and used the information obtained by the [officers] in their initial unlawful search, [[the analyst's] search pursuant to warrant was not a 'genuinely independent source of information and evidence."' [FN144] The court found no merit in all other asserted exceptions and granted defendant's motion to suppress. [FN145]

 

As the above cases demonstrate, private computer owners as well as business owners need to be aware of the substantial risk in seeking computer assistance. The vast majority of computer related problems could only be properly diagnosed and repaired by actually accessing specific files or file directories on the computer. Thus, the likelihood that inappropriate material will be discovered is substantial. Given this likelihood, it is no surprise that private computer technicians are rapidly becoming confidential informants for various law enforcement agencies. [FN146] Due to the growing number of these "dual purpose" technicians and the public's absolute reliance on these technicians for computer assistance, the analysis for when a private individual is converted into a government actor may need to be modified to protect privacy interests.

 

 

D. Third-Party Consent and Home Computer Systems

 

The in-home single system computer user, although free from the prying eyes of her employer who owns and maintains her workplace computer system, must still be wary of exceptions to the Fourth Amendment. One of the most common exceptions applicable to the private computer user is third-party consent. [FN147] Government officials may search premises or effects without a warrant or probable cause if a person with the proper authority has voluntarily granted consent. [FN148] The Supreme Court in United States v. Matlock [FN149] expounded upon the traditional notion of consent by ruling officers may obtain voluntary consent "from a third party who possessed common authority over or other sufficient relationship to the premises or effects sought to be inspected." [FN150]

Common authority is . . . not to be implied from the mere property interest a third party has in the property. The authority which justifies the third- party consent does not rest upon the law of property, with its attendant historical and legal refinements, but rests rather on mutual use of the property by persons generally having joint access or control for most purposes . . . . [FN151]

 

In examining third-party consent under a single computer system, [FN152] it is important to note that normally "[t]here are no formal restrictions as to privacy, although if more than one person uses the system, there may be an informal respect for each other's private files." [FN153] A third party's ability to consent to the search of a home computer will depend heavily upon the steps taken to define mutually exclusive zones of privacy. [FN154] "From this, it might be asserted that the aforementioned 'informal respect' counts for something here, to which might be added the contention that this understanding between family members takes on greater significance in light of the especially private nature of information likely to be found in computer files." [FN155] A United States district court in Illinois, however, did not find this argument convincing. [FN156]

 

In United States v. Smith, [FN157] the defendant's live-in girlfriend granted officers voluntary consent to search the computer located in their master bedroom. [FN158] Officers accessed the computer, which was not password protected, and discovered numerous graphic files containing child pornography. [FN159] At the suppression hearing, defendant's girlfriend testified her youngest daughter would occasionally use the computer, the location of the computer was open to the remainder of the house, and defendant had previously attempted to show her how to use the computer. [FN160] Defendant countered by testifying that immediately prior to the search "he had removed the passwords from the hardware but had kept the passwords in place on the software." [FN161]

 

The court, in denying defendant's motion to suppress, found defendant's girlfriend had the requisite actual authority to consent to the search of the computer. [FN162] In addition to the claims of the girlfriend, the court relied heavily on the fact that officers were not hindered in their search due to protective passwords guarding the system. [FN163] The court found this fact belying of defendant's claim he maintained exclusive and possessory control over the computer. [FN164] Given the court's emphasis on password protections, however, it is highly probable that the use of protective passwords could eliminate or at least narrow the scope of consent given by third parties. [FN165]

 

 

III. The Fourth Amendment's Particularity Requirements and Computers

 

The Fourth Amendment to the United States Constitution demands all warrants particularly describe the place to be searched and the items to be seized. [FN166] Throughout history, application of the particularity requirements has been fairly straightforward due to the obvious physical constraints of society. "But computers create a 'virtual' world where data exists 'in effect or essence though not in actual fact or form."' [FN167]

 

 

A. Describing the Place to Be Searched

 

The Fourth Amendment's particularity requirement with regard to the place to be searched as well as Federal Rule of Criminal Procedure 41(a) [FN168] are ill prepared to deal with this new virtual world. Specifically, Federal Rule of Criminal Procedure 41(a) provides that "a search warrant . . . may be issued . . . by a federal magistrate, or a state court of record within the federal district, for a search of property or for a person . . . within the district . . . ." [FN169] The difficulty lies in a networked computer system where the actual material sought might be on a file server in a different "office, building, district, state, or even country." [FN170] This dilemma is even more troubling because law enforcement officials are currently only guided by way of analogy to similar problems involving the wiretapping of phones. [FN171] In these network scenarios, there are essentially two variations: (1) law enforcement knows the material is located in a place other than the one described in the warrant, and (2) the file server, unbeknownst to the government, is located outside the district. [FN172]

 

In a situation where the government knows the location of the information is in a different place than the warrant describes, The Federal Guidelines for Searching Computers encourages law enforcement officials to simply seek an additional warrant describing the other location. [FN173] This may entail going to another federal district, despite its distance, or even coordinating with their foreign law enforcement counterparts. [FN174] If officers believe the information is on a file server located in some anonymous place, The Federal Guidelines for Searching Computers instructs officers to be candid with the issuing judge concerning their belief. [FN175] Officers should support their candid claim by pointing to specific efforts aimed at uncovering the true source of the data. [FN176] The officers should also attempt to demonstrate a clear relationship between the computer they wish to search and an additional file server located elsewhere. [FN177] If, however, the executing agency fails to obtain the necessary safeguard of an additional warrant or fails to be candid with the issuing judge or magistrate, its warrantless intrusion of a file server located elsewhere may still be permitted in limited circumstances. [FN178]

 

In United States v. Judd, [FN179] officers executed a search warrant on the office suite of the defendant's business. [FN180] The warrant precisely described by number a particular office suite but officers failed to locate the items prescribed in the warrant. [FN181] Officers questioned the defendant, and he indicated the items sought were located in the company's bookkeeping suite next door. [FN182] Without a warrant, the officers went to the bookkeeping suite and seized the specified documents. [FN183] The court ruled that both suites were offices of the same business, officers reasonably misunderstood the floor plan of the corporate offices, and the warrant authorized a search of the entire corporate office. [FN184] The court, therefore, permitted the warrantless search of the second suite. [FN185] Thus, by analogy if the file server containing the information sought was located in the same set of corporate offices, a court may allow the warrant to cover the search of both places. [FN186]

 

In the second networked scenario, the file server is unknowingly located outside the district where the warrant is issued. In this situation, the true virtual nature of networked systems becomes apparent. For example, if officers were forced to access a file server outside the district to obtain authorized data, the officers would technically still be physically present in the issuing district. Yet, it could also be argued the officers essentially made a virtual leap into the other district via the computer network. This example truly exposes the limits of a physically-based rule. In attempting to resolve this quandary, however,courts may turn to a similar issue involving federal wiretap statutes. [FN187] Similar to the district limitation in Federal Rule of Criminal Procedure 41(a), 18 U.S.C. 2518(3) permits a judge to enter an order "authorizing or approving interception of wire, oral, or electronic communications within the territorial jurisdiction of the court in which the judge is sitting . . . ." [FN188] Given this definitional similarity, cases involving the location of wiretaps outside the issuing judge's district may prove useful in making an inferential leap to computer networks.

 

With regard to the interception of communications by wiretap, the United States Court of Appeals for the Second Circuit ruled a wiretap occurs in two locations simultaneously. [FN189] The wiretap occurs at the place where the tapped phone is located and at the place where the communication is first heard by law enforcement. [FN190] The court reached this conclusion by turning to the statute's definition of interception. [FN191] Section 2510(4) defines interception as "the aural or other acquisition of the contents of any . . . communication . . . ." [FN192] The court reasoned that because the definition included "'aural' acquisition of the contents of the communication, the interception must also be considered to occur at the place where the redirected contents are first heard." [FN193] Thus, the court ruled that although the wiretap was issued in the Southern District of New York, the tapped phone was located in New Jersey, and the officers were redirecting the tapped phone back to New York for interception; the district court had jurisdiction to authorize the wiretap. [FN194] The court additionally relied on policy reasons for permitting all monitoring to occur in a single jurisdiction. [FN195] The court found a single court could better assess the wiretapping techniques of law enforcement, thus more adequately protecting individual privacy interests. [FN196]

 

The Fifth Circuit has concurred with the Second Circuit, finding "interception includes both the location of a tapped telephone and the original listening post, and that judges in either jurisdiction have authority . . . to issue wiretap orders." [FN197] Similarly, the Seventh Circuit relying on United States v. Rodriguez [FN198] and United States v. Denman, [FN199] found permission to intercept communications from mobile devices could be issued "regardless of where the phone or listening post was." [FN200] The court reasoned a "narrow, literal interpretation would serve no interest in protecting privacy, since the government can always seek an order from the district court for the district in which the listening post is located authorizing nationwide surveillance of cellular phone calls." [FN201]

 

Turning to data searches of networks, courts could rely on the above wiretap analogies to support the notion that these types of searches can occur in more than one place. [FN202] Based on that rationale, two different districts could potentially issue the warrant-the district where the officers are located and the district where the file server is located. Thus, a court may find the particularity requirement of the Fourth Amendment as well as Federal Rule of Criminal Procedure 41(a) are satisfied based solely on the officers' location when the search occurs. This would alleviate the difficulty of a file server unknowingly located in another district. Courts could possibly resolve the previously posited quandary by finding the officer's presence in the issuing district, as well as accession of the particularly described computer terminal, is sufficient to meet both the enumerated constitutional and statutory protections.

 

 

B. Describing with Particularity the Items to Be Seized

 

The Fourth Amendment demands a search warrant define the items to be seized with sufficient particularity [FN203] to avert "general, exploratory rummaging in a person's belongings." [FN204] "The requirement of particularity [historically] arises out of a hostility to the [British] Crown's practice of issuing 'general warrants' taken to authorize the wholesale . . . search of contraband or evidence." [FN205] Particularity of a warrant, as to the items sought, encompasses two general problems: (1) the warrant must provide sufficiently specific information to guide the officer's judgment in selecting what to seize, and (2) the warrant's breadth must be sufficiently narrow to avoid seizure of purely unrelated items. [FN206] The seizure of computer equipment is especially vulnerable to the two prongs of the particularity requirement. [FN207] Due to a computer's ability to store vast amounts of information, [FN208] the potential difficulty in accessing particular files in a computer, [FN209] and the fact that simple file titles do not satisfactorily indicate the substance of that file, [FN210] it is often difficult to meet the constraints of the Fourth Amendment.

 

 

1. Specificity in Guiding Officer Discretion

 

In determining whether items have been sufficiently described in the warrant, the test is one of practicality and will be guided by traditional notions of common sense. [FN211] Thus, a description is sufficiently specific if it "enables the searcher to reasonably ascertain and identify the things authorized to be seized." [FN212] In certain cases generic classifications will be permitted when more precise descriptions are not possible given the circumstances and the nature of the activity investigated. [FN213]

 

In Davis v. Gracey, [FN214] plaintiffs claimed the use of the generic term "equipment" in the warrant was not sufficiently explicit to cover the search of their computers and external CD-ROM drives. [FN215] The court guided its examination of this claim by positing two questions: "[D]id the warrant tell the officers how to separate the items subject to seizure from irrelevant items, and were the objects seized within the category described in the warrant?" [FN216] The court answered both questions in the affirmative. [FN217] The warrant permitted officers to seize "'equipment . . . pertaining to the distribution or display of pornographic material in violation of state obscenity law . . . ."' [FN218] The court found the delineating language of the warrant sufficiently specific to guide the officers; thus the items were legally seized. [FN219]

 

In United States v. Kow, [FN220] however, the Ninth Circuit found no such delineating language. [FN221] In Kow, the warrant permitted the seizure of essentially every computer-generated document relating to the defendant's business. [FN222] The language of the warrant made only illusory references to the suspected criminal conduct, [FN223] and "[t]he government did not limit the scope of the seizure to a time frame within which the suspected criminal activity took place." [FN224] Based on the overwhelming errors, the court ruled that "[a]s drafted, the warrant simply was not sufficiently particular." [FN225]

 

 

2. Over-Breadth

 

The problem with a warrant being overly broad is that it authorizes the seizure of material with no true nexus to the criminal activity. [FN226] This nexus, however, can be overcome in limited factual circumstances. [FN227] "A generalized seizure of business documents may be justified if the government establishes probable cause to believe that the entire business is merely a scheme to defraud or that all the business's records are likely to evidence criminal activity." [FN228] This general exception has hesitantly been applied to individuals as well, but courts are extremely cautious in applying the "all records" doctrine to the home. [FN229] Courts find it difficult to prove that a criminal activity so permeates an individual's life that all computer records found in the home would be subject to seizure. [FN230] "Without such unusual proof, the broad categories of items that may be seized pursuant to an 'all records' search of a home must be sufficiently linked to the alleged criminal activity so as to distinguish them from innocent, personal materials." [FN231] In United States v. Lacy, [FN232] the Ninth Circuit did not find the seizure of defendant's entire computer system to be overly broad. [FN233] There the court found probable cause to believe the entire computer system was likely to evidence criminal activity and a more precise description was impossible. [FN234]

 

Thus, a warrant for computer searches must contain descriptive guides, approved by a neutral magistrate, to protect citizens from sweeping searches. [FN235] These guidesare especially important with society's growing dependence on computers. Businesses keep a plethora of information on their computer systems, including financial records, customer lists, inventory, and employee files. Individuals also use computers to track their finances, balance their checkbook, or even document their daily lives. Thus, the potential for abuse is great and the level of intrusion overwhelming. Additionally, computer records, unlike hard copies, "are extremely susceptible to tampering, hiding, or destruction, whether deliberate or inadvertent." [FN236] This provides even more reason for the judiciary to carefully proscribe the limits of government intrusion, and as technology continues to grow more advanced the level of intrusion grows exponentially. A prime example is United States v. Upham. [FN237]

 

In Upham, officers obtained a search warrant for the defendant's home computer. [FN238] Using a utilities program, agents were able to undelete nearly 1,400 files containing child pornography, [FN239] despite defendant reformatting the hard drive of the computer. [FN240] "But until the deleted information is actually overwritten by new information, the old information can often be recovered by a specialized utility program, which is what the government did in this case." [FN241] The court, in denying defendant's motion to suppress, found the recovery of all unlawful images to be within the plain language of the warrant no matter the method of retrieval. [FN242] The court likened the government's actions to decoding an encrypted message or pasting together pieces of a torn-up paper. [FN243]

 

The First Circuit, in its seemingly brief analysis of the issue, has now permitted the government to resurrect "ghost" files for use in the active prosecution of its citizens. [FN244] Upham is a truly harrowing example of the dangers created by computers. Although indispensable to modern society, computers have created an environment extremely susceptible to a slippery slope of governmental abuse.

 

 

IV. Statutory Protections and Bulletin Board Systems

 

Electronic bulletin board systems (BBSs) function in a manner similar to traditional notions of bulletin boards. [FN245] They are an electronic location were users can post and read messages. [FN246] Unlike a traditional bulletin board, however, a BBS allows users to privately communicate through e-mail, to engage in real time communications in "chat rooms," to upload or download computer files, and to share information on a wide variety of topics. [FN247] A system operator, or "sysop," manages the bulletin board, and users can access it via normal phone lines. [FN248] BBSs can be dedicated to illegal activity-"pirate bulletin boards"-or may be an important platform for citizens to disseminate protected First Amendment speech. [FN249] Obviously, the most difficult types of BBSs to address are those hybrid bulletin boards that commingle protected First Amendment speech and illegal activities. [FN250] The commingled bulletin board is difficult to address because BBSs are in some circumstances afforded statutory protections that, at least in theory, exceed the Constitution. [FN251]

 

 

A. The Privacy Protection Act

 

The Privacy Protection Act (PPA) [FN252] provides:

Notwithstanding any other law, it shall be unlawful for a government officer or employee, in connection with the investigation or prosecution of a criminal offense, to search for or seize any work product materials [or documentary materials] possessed by a person reasonably believed to have a purpose to disseminate to the public a newspaper, book, broadcast, or other similar form of public communication . . . . [FN253]

 

The purpose of the statute was to provide additional protections for those who are not directly involved in the criminal activities for which the material is sought and for those who are dedicated to the dissemination of constitutionally protected materials. [FN254] This general proposition creates a number of issues, however, that demand further review. These issues include: (1) the reasonably believed element of the statute; (2) the exceptions and exemptions to those exceptions; (3) what constitutes other public communication; and (4) what happens when the BBS contains legal and illegal material.

 

 

1. The Reasonably Believed Element

 

A critical element of the PPA is that officers must have reason to believe that the property seized would be work product materials as defined by the PPA. [FN255] In Steve Jackson Games, Inc. v. United States Secret Service, [FN256] the Secret Service received information that hackers had accessed Bell South's computer system and were distributing sensitive material gained from the intrusion on Bulletin Boards. [FN257] Eventually, investigators received information implicating an employee of Steve Jackson Games. [FN258] Steve Jackson Games, Inc. was a company involved in publishing "books, magazines, box games, and related products." [FN259] Additionally, Steve Jackson Games, Inc. operated a computer bulletin board system where information was posted about the products, employees and game enthusiasts traded information, and users could send and receive e-mail. [FN260] The employee implicated in the theft was a systems operator of the Jackson Bulletin Board System and had authority to delete information from it. [FN261] Agents then obtained a warrant authorizing the search of computer software and hardware relating to the computer attacks. [FN262] The agents seized two computers, numerous floppy disks, a printer, and various other computer components. [FN263] Included in the material seized was a book intended for immediate publication, drafts of magazine articles, contracts between Steve Jackson Games, Inc. and the authors of these articles, as well as all the publications that appeared on the bulletin board. [FN264]

 

In finding the agents violated the PPA, the court found the original seizure of the items did not implicate the PPA because the agents did not have "reason to believe that property seized would be the work product materials of a person believed to have a purpose to disseminate to the public a newspaper, book, broadcast or other similar form of public communications." [FN265] The court found this despite the fact agents could have discovered this information with minimal investigative effort. [FN266] The court went on to rule that the agents did posses the requisite knowledge once they learned of the contents and failed to return the work product materials to Steve Jackson Games, Inc. [FN267] Thus, it appears that officers purposefully remaining ignorant of the particular bulletin board system they wish to search could potentially limit the applicability of the PPA. Yet "reasonably believed" is an elastic standard that is open to a multitude of interpretations, and courts would likely interpret it to prevent agents from relying on purposeful ignorance to circumnavigate the rule.

 

 

2. Exceptions and Exemptions to Exceptions

 

The first exception to the PPA concerns the definition of what constitutes work product materials and documentary materials under the PPA. [FN268] The PPA specifically excludes "contraband or the fruits of [the] crime" as falling within these categories. [FN269] The PPA excludes these materials because they "are so intimately related to the commission of a crime, and so often essential to securing a conviction, that they should be available for law enforcement purposes, and, therefore, must fall outside the no search rule that is applied to work product." [FN270] Second, the protections of the PPA are not implicated if officers have "probable cause to believe that the person possessing such materials has committed or is committing the criminal offense to which the materials relate." [FN271] This exception was intended to "protect from search only those persons involved in First Amendment activities who are themselves not implicated in the crime under investigation, and not to shield those who participate in crime." [FN272] Offenses, however, regarding "the receipt, possession, communication, or withholding of such materials" are expressly covered by the PPA and do not fall into the criminal activity exception. [FN273] This exemption from the exception was designed to prevent the government from end-running the PPA by simply classifying work product material as stolen goods. [FN274] The final exception allows officers to seize otherwise protected materials if it "is necessary to prevent the death of, or serious bodily injury to, a human being." [FN275]

 

 

3. What Constitutes Other Public Communication?

 

Whether a computer bulletin board system alone can constitute a protected form of public communication is an unresolved issue under the PPA. No court has addressed the application of the PPA solely to a computer bulletin board system. [FN276] Given its potential for mass dissemination of constitutionally protected materials, courts in the future will likely have to make an ad hoc determination as to the relative constitutional value of material contained on any one bulletin board system.

For the first time, an individual user can disseminate their point of view to a large number of geographically separated people without having the message filtered by the editorial process of a newspaper or broadcaster. To deprive this type of system of the protections of the PPA would distort the plain meaning of "public communication." Protecting BBSs under the PPA would be consistent with congressional intent, since its legislative history provides explicitly that Congress intended that "form of public communication" have "a broad meaning." [FN277]

 

As a result of this information technology revolution, the scope of the PPA may become more expansive. [FN278]

 

 

4. Commingled Material

 

The final problem created by the PPA and BBSs is where legal and illegal material are commingled on a single BBS, making it nearly impossible to seize the illegal material without violating the PPA. [FN279] Given a computer's ability to store vast numbers of pages, criminals can bury their illegal material with constitutionally protected material, thus subjecting the government to a PPA violation. [FN280] Although nocases expressly recognize this dilemma, courts have ruled there are times when simply no alternative exists but to seize all items and sort non-evidentiary items out at a later time. [FN281] The judiciary or legislative branch will ultimately have to address this situation. The appropriate remedy appears to be that taken by those courts addressing the commingling issue. That remedy would permit the government to seize all the information, promptly sort it, and then return all non-evidentiary items to the owner. [FN282] Currently, the plain language of the PPA would not permit this resolution. Rather than the judiciary substantially altering the plain meaning of the statute, the legislative branch should enact an amendment permitting the complete seizure of commingled items upon neutral review by a magistrate. Finally, it should be noted that the appropriate remedy for a PPA violation is not the exclusionary rule but rather civil damages. [FN283] Additionally, nothing in the PPA prevents the government from seeking forfeiture of computers or CD-ROMs containing commingled material. [FN284]

 

 

B. The Electronic Communications Privacy Act

 

The Electronic Communications Privacy Act of 1986 (ECPA) [FN285] was created "'to update and clarify Federal privacy protections and standards in light of dramatic changes in new computer and telecommunications technologies."' [FN286] The ECPA consists of two parts: Title I prohibits the interception of electronic communications by any person without authorization, [FN287] and Title II prohibits access to stored electronic communications and data by any person without authorization. [FN288]

 

 

1. Title I: Interception of Electronic Communications

 

Title I of the ECPA prohibits the interception and disclosure of electronic communications. [FN289] It essentially extends the Federal Wiretap Act to include those communications transmitted in "whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system that affects interstate or foreign commerce." [FN290] The most glaring issues regarding Title I include: (1) the definition of interception; [FN291] (2) the interstate commerce requirement; [FN292] (3) the exceptions to the blanket rule; [FN293] and (4) the appropriate remedy for a violation of this rule. [FN294]

 

a. The Definition of Interception. Section 2510(4) defines "intercept" as "the aural or other acquisition of the contents of any . . . electronic . . . communication through the use of any electronic, mechanical, or other device." [FN295] Courts have determined that the term does not apply to the electronic storage of e-mail or data prior to its receipt. [FN296] Thus, as presently interpreted, interception of an electronic communication under Title I can only occur if it is actually intercepted in route from the sender to the server storage area. [FN297] It is arguable, however, whether this is the correct interpretation of the ECPA. [FN298] Section 2701(a) under Title II of the ECPA-the storage of electronic communications-excludes application of the storage protections to conduct authorized under 2518 of Title I. [FN299] Section 2518 outlines the proper procedures law enforcement officials must follow in intercepting electronic communications. [FN300]

Congress included section 2518 of the Federal Wiretap Act as an exception to illegal access of a Stored Communication. This indicates that, if the proper warrant is obtained, the government may legally intercept an electronic communication in electronic storage. Therefore, as the language of section 2518 clearly states, stored electronic communications are subject to interception under the Federal Wiretap Act. [FN301]

 

b. The Interstate Commerce Requirement. Section 2510(12) requires the electronic transmission affect interstate commerce. [FN302] The interstate commerce requirement does not require the actual communication to pass through various states; rather the communication need only take place on a system that affects interstate commerce. [FN303] Thus, Internet communications fall within the definition regardless of the sender's or recipient's location. [FN304] Additionally, any type of network, BBS, or business computer linked over state lines fall within the definition. [FN305] The more difficult question concerns intrastate computer networks and their applicability under the ECPA. The legislative history of the ECPA specifically provided private networks and intra-company communications protection under the ECPA. [FN306] It additionally sought to grant protection to internal communications of a company, if that company's activities affect interstate commerce. [FN307] Thus if courts adhere to the legislative intent of the ECPA, a fairly broad range of communications will be protected.

 

c. The Exceptions. The broad protections enumerated in the ECPA are limited by some substantial limitations. The first exception permits system providers to monitor communications when misuse is suspected. [FN308] The statute does not permit "random monitoring except for mechanical or service quality control checks." [FN309] The second exception provides that those communications readily accessible to the public are not covered by the ECPA. [FN310] Courts may equate readily accessible to the plain view doctrine employed in traditional Fourth Amendment analysis. [FN311] Finally, the ECPA exempts material inadvertently discovered by the operator of the computer system. [FN312] "When an electronic communications provider inadvertently obtains the contents of a transmission, and the communication appears to relate to the commission of an ongoing criminal activity, the provider may divulge the contents of the transmission to law enforcement agencies." [FN313] The scope of many of these exceptions has not been defined by the judiciary, and is open to broad interpretation. With the growing use of electronic communications, it will only be a matter of time before courts are forced to address the inherent ambiguities created by these exceptions.

 

d. The Appropriate Remedy. In the case of intercepted electronic communications, the available remedies are inexplicably limited. Section 2518(10)(a) provides, "[a]ny aggrieved person . . . may move to suppress the contents of any wire or oral communication intercepted pursuant to this chapter." [FN314] This section does not provide for the suppression of electronic communications. The exclusion of electronic communications is not explained by legislative history and seems to be somewhat of an enigma. Although suppression is not expressly available under the statute, there may be ulterior grounds for suppression. "First, many interceptions of electronic communications which violate the ECPA will also violate the Fourth Amendment, subjecting them to the Fourth Amendment's exclusionary rule." [FN315] Additionally, 2520(b)(1) provides that appropriate remedies include "such preliminary and other equitable or declaratory relief as may be appropriate." [FN316] Thus, in extremely egregious situations this catch-all provision could support a motion to suppress.

 

 

2. Title II: Storage of Electronic Communications

 

Title II of the ECPA prohibits the unauthorized intentional access of "a facility through which an electronic communication service is provided . . . and thereby obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage." [FN317] The ECPA additionally proscribes that "a person or entity providing an electronic communication service [or remote computing service] to the public shall not knowingly divulge to any person or entity the contents of a communication while in electronic storage by that service." [FN318] These two provisions, like their Title I counterpart, contain various intricacies that demand analysis. They include: (1) procedural steps for law enforcement access; [FN319] (2) exceptions to the provisions; [FN320] (3) the definition of a public communication service; [FN321] and (4) the key difference between Title II and Title I. [FN322]

 

a. Procedural Steps for Law Enforcement Access. The procedural constraints on governmental invasions are perhaps the most important aspects of the ECPA. The government's ability to access stored electronic communications depends upon how long the particular communication has been electronically stored. [FN323] If the government attempts to compel a provider to disclose electronic communications that have been stored less than 180 days, they must obtain a warrant issued by a neutral and detached magistrate. [FN324] If the electronic communication has been stored more than 180 days, the government has two alternatives. [FN325] The first alternative permits the government to proceed without notice to the provider or customer if a warrant was obtained under the Federal Rules of Criminal Procedure. [FN326] The second permits access of the material by the government with notice to the provider or customer by obtaining an administrative subpoena, grand jury subpoena, or trial subpoena. [FN327] One necessary clarification involves the definition of "electronic storage," which is "any temporary, intermediate storage of . . . [[an] electronic communication incidental to the electronic transmission thereof." [FN328] Thus, 2703 only protects an electronic communication while it is intermediately stored on the server. "Once a message is opened, however, its storage is no longer 'temporary' nor 'incidental to . . . transmission' and it thus takes on the legal character of all other stored data." [FN329]

 

b. Exceptions to the Provisions. The only exception to the prohibition of intentional unauthorized access under 2701(a) is that a system operator may routinely monitor and maintain the system. [FN330] Additionally, "if system operators inadvertently discover incriminating information that affect the users of the system, the system operator may take appropriate disciplinary action." [FN331] The system operator cannot further divulge that information unless an exception applies under 2702(b). [FN332]

 

The exceptions under 2702(a) prohibition of divulging information by a service provider are limited. The provider may divulge the electronic communication "to an addressee or intended recipient of such information" or "with the lawful consent of the originator or an addressee or intended recipient of such communication." [FN333] Additionally, the provider may divulge electronic communication to law enforcement if it was "inadvertently obtained" and its subject matter appears "to pertain to the commission of a crime." [FN334] The legislative history indicates that such evidentiary electronic communication must relate to an ongoing crime. [FN335] Thus, evidence pertaining to a past crime should not be disclosed under the ECPA.

 

c. The Definition of a Public Communication Service. Section 2702(a)(1) prohibits an electronic communication service to the public from divulging communications. [FN336] The statute does not expound on the definition of public. The term "public" generally "means available to all who seek the service, even if there is some requirement, such as a fee." [FN337] The term may be limited in the business context. A business network that limits access to employees would not seem to fall under this definition. [FN338] "If that business network is connected to the Internet (an extensive world-wide network), it may be part of a 'public' system, but this does not necessarily mean that the corporate LAN (local-area network) becomes a 'public' service." [FN339]

 

d. The Key Difference Between Title II and Title I. The requirements for interception under Title I are far more stringent than the required threshold to gain access to stored electronic communications under Title II. [FN340] Section 2518(1) demands that to permit interception, law enforcement officials must detail before the court six comprehensive elements that exceed the requirements for a traditional search warrant. [FN341] Section 2703 of Title II only requires a warrant if the electronic information is stored less than 180 days, and a simple administrative subpoena if more than 180 days. [FN342] Although the level of protection varies greatly between Title II and Title I, the practical results are nominal. Whether officers simultaneously intercept the material or simply wait a split second until the communication is stored is of little consequence to officers. Thus, the protections under Title I are essentially non-existent in practice. Intelligent government officials will simply wait the split second for the information to be stored given the markedly lower threshold in stored communication. Thus in reality, Title I is a hollow statute providing very little additional protections in the electronic communications field.

 

 

V. Conclusion

 

The Fourth Amendment is one of the few remaining bastions of freedom. Although detractors argue the Fourth Amendment has become riddled with judicially-created exceptions, it continues as one of the last standing protections against the tyranny of an oppressive government. Yet, in many respects it appears as though the Fourth Amendment has finally met its match in technology.

 

Computer technology becomes obsolete in a matter of months. The law cannot be expected to formulate appropriate responses to these advancements with similar alacrity. The technological issues facing the Fourth Amendment are not easily answered. It requires the judiciary to constantly redefine protections created over 200 years ago in response to tyrannical English rule. Traditional notions of privacy and possessory interests have become increasingly difficult to apply with the amorphous world of networks and the Internet.

 

The impossibility of asserting reasonable privacy interests is a product of society's dependence on electronic forms of communication. It has now reached a point where even deleting material or encrypting data may not be sufficient to protect the individual. Even relatively novice computer users understand that employers, Internet service providers, and hackers can easily monitor electronic transmissions. However, this recognition should not operate as a bar to Fourth Amendment protections. Electronic communication in its various forms is a practical necessity despite its inherent dangers. Thus, the judiciary or the legislature must acknowledge this dilemma and formulate appropriate responses. The Privacy Protection Act and the Electronic Communications Privacy Act are examples of such legislative responses, yet the actual protections created by these statutes are specious at best.

 

Advancing computer technology has created enormous opportunities, has immeasurably increased our productivity, and is currently indispensable, but with these benefits come natural consequences. The primary consequenceis a sacrifice of privacy rights. The growing capabilities of computers, the Fourth Amendment's inability to rapidly evolve, and the reduction of human existence to digital and electronic forms permit the government to intimately display the contents of one's life by simply accessing a computer hard drive or e-mail account. The potential for governmental abuse and deeply intrusive conduct is the price society pays for technological advancement. Yet one thing remains certain, technology will continue to advance like a whirlwind, and the coveted constitutional protections embodied in the Fourth Amendment will continue to ineptly protect citizens in the face of this storm.

 

 

[FNa1]. B.A., Central College, 1996; J.D., Drake University, 1999. The author is presently an attorney clerk for the Honorable Michael Streit of the Iowa Court of Appeals. The views expressed in this Article are solely those of the author and should not be attributed to the Iowa state judiciary or any of its members.

 

 

[FN1]. Laurence H. Tribe, The Constitution in Cyberspace: Law and Liberty Beyond the Electronic Frontier, The Humanist, Sept.-Oct. 1991, at 15, 16.

 

 

[FN2]. U.S. Const. amend. IV.

 

 

[FN3]. Katz v. United States, 389 U.S. 347 (1967).

 

 

[FN4]. See id. at 350-52, 360.

 

 

[FN5]. Id. at 361 (Harlan, J., concurring).

 

 

[FN6]. See, e.g., Smith v. Maryland, 442 U.S. 735, 740-41 (1979) (ruling pen registers installed by telephone companies do not constitute a search).

 

 

[FN7]. United States v. Simons, 29 F. Supp. 2d 324, 326 (E.D. Va. 1998) (citing Katz v. United States, 389 U.S. at 361 (Harlan, J., concurring)).

 

 

[FN8]. Katz v. United States, 389 U.S. at 361 (Harlan, J., concurring).

 

 

[FN9]. See generally id. (expressing "objects, activities, or statements" exposed to outsiders are not protected from search and seizure because there is no intent to keep them private).

 

 

[FN10]. See id.

 

 

[FN11]. 1 Wayne R. LaFave, Search and Seizure 2.6, at 70 (3d ed. Supp. 1999).

 

 

[FN12]. Computer Search & Seizure Working Group, U.S. Dep't of Justice, Federal Guidelines for Searching and Seizing Computers 17 (1994) [hereinafter Computer Guidelines].

 

 

[FN13]. Id.

 

 

[FN14]. See generally United States v. Hall, 142 F.3d 988, 993 (7th Cir. 1998) (explaining the court must decide if a private individual was acting as an "instrument or agent of the state").

 

 

[FN15]. See Computer Guidelines, supra note 12, at 8. See generally Horton v. California, 496 U.S. 128, 133 (1990) (stating if evidence is in plain view, then observing it or seizing it would not infringe on the right of privacy).

 

 

[FN16]. Katz v. United States, 389 U.S. 347, 361 (1967) (Harlan, J., concurring).

 

 

[FN17]. See Bohach v. City of Reno, 932 F. Supp. 1232, 1234-35 (D. Nev. 1996); see also Scott A. Sundstrom, Note, You've Got Mail! (and the Government Knows It): Applying the Fourth Amendment to Workplace E-mail Monitoring, 73 N.Y.U. L. Rev. 2064, 2085 (1998) (citing Bohach v. City of Reno, 932 F. Supp. at 1234-35 in support of a similar proposition involving privacy and paging systems).

 

 

[FN18]. See Sundstrom, supra note 17, at 2085.

 

 

[FN19]. Id. at 2086.

 

 

[FN20]. 1 LaFave, supra note 11, 2.6, at 71. Examples of timesharing include: "[T]he commercial sale of computer time, provision of computer resources to faculty and students by a university, and provision of such resources to employees by a business organization." 1 Id.

 

 

[FN21]. See 1 id.; see also Sundstrom, supra note 17, at 2085-86 (stating e- mail messages that have no password are in plain view and open to all employees).

 

 

[FN22]. Cf. 1 LaFave, supra note 11, 2.6, at 71 (discussing how computer users are not usually restricted to their own files, but may have access to any records stored on the computer they are using. Users are either not restricted by the system set-up or they are able to circumvent file protections). For example, the Drake University Law Review has six computers that are linked to the university network. All law review material is saved to a networked hard drive that is specifically set-up for law review use. All members of the law review can access this networked hard drive and save personal or law review related material to this drive. Even though a password is required to initially access the particular computer station, the material saved to that networked drive is essentially shared by all law review staff. Thus, an unscrupulous law review member that was saving child pornography to this networked drive would have no reasonable expectation of privacy in those images given the large number of people that have access to that drive. See generally Randolph S. Sergent, Note, A Fourth Amendment Model for Computer Networks and Data Privacy, 81 Va. L. Rev. 1181, 1197-200 (1995) (discussing under the risk-analysis approach, a person would not have a reasonable expectation of privacy if that data would be knowingly exposed to others or there was no way to exclude others from viewing the material).

 

 

[FN23]. See Sergent, supra note 22, at 1197-200. The computer system at the Drake Law Review is also illustrative of this proposition. When initially accessing a particular computer station in the law review office, a password is required. Once that password has been properly entered, that particular computer immediately installs previously saved preferences unique to that user. One such preference is a computer file folder, which is created specifically for that user to place saved material. Entering that user's assigned password can only access this computer file folder. In this situation, that same unscrupulous law review member could likely assert a reasonable expectation of privacy in the pornographic images because other members could not access the material.

 

 

[FN24]. Rakas v. Illinois, 439 U.S. 128, 149 & n.17 (1978).

 

 

[FN25]. Raphael Winick, Searches and Seizures of Computers and Computer Data, 8 Harv. J.L. & Tech. 75, 83 (1994); see also 1 LaFave, supra note 11, 2.6(f) (stating users of multi-user systems still maintain an expectation of privacy despite the fact that those who operate the system may need to access that user's information in order to appropriately bill the user and to make occasional back-ups of the information to protect against accidental data loss).

 

 

[FN26]. See Winick, supra note 25, at 83 (recognizing the ability to exclude others from saved data is an integral part of establishing a reasonable expectation of privacy).

 

 

[FN27]. The notion of consent in this particular section will be strictly limited to its application in the workplace. The effect of consent on private in-home users will be discussed infra Part III.A.

 

 

[FN28]. United States v. Matlock, 415 U.S. 164, 170 (1974). The Court further noted "common authority" is not defined by traditional notions of property law, but: rests rather on mutual use of the property by persons generally having joint access or control for most purposes, so that it is reasonable to recognize that any of the co-inhabitants has the right to permit the inspection in his own right and that the others have assumed the risk that one of their numbers might permit the common area to be searched. Id. at 171 n.7.

 

 

[FN29]. See Computer Guidelines, supra note 12, at 13. The breadth of the "common area" as to a computer may be difficult to ascertain. "[C]ourts may honor claims to privacy where the defendant has taken some special steps to protect his personal effects from scrutiny of others, and others lack ready access." Id. at 14. Thus, the common area of a computer will likely depend on the degree of individualized password protection on that particular computer. Id. at 15. If each user has complete access to all files on a workplace computer, then the common area of the computer would likely encompass the entire computer. See id. However, if each individual employee could only access her data through the use of an individualized password, then the common area may be limited to only those items on the desktop. Id. The use of an individualized password would seem to satisfy the special steps courts have recognized in limiting the scope of the consent. The scope of consent is also limited to the type of evidence involved in the suspected offense. United States v. Turner, 169 F.3d 84, 87 (1st Cir. 1999). In United States v. Turner, the court ruled that officers exceeded the scope of the defendant's consent by searching the hard drive of his personal computer when they were only investigating an assault. Id. at 88. The court stated: "We think that an objectively reasonable person assessing in context the exchange between [the defendant] and these detectives would have understood that the police intended to search only in places where an intruder hastily might have disposed of any physical evidence of the . . . assault . . . ." Id. The court continued by finding the officers were limited to searching those plausible areas where physical evidence of an assault could be located, and that a computer hard drive clearly was not one of those areas. Id.; see also United States v. Carey, 172 F.3d 1268, 1272-73 (10th Cir. 1999) (discussing the bounds of consent in the computer area).

 

 

[FN30]. See Sundstrom, supra note 17, at 2090.

 

 

[FN31]. Id.

 

 

[FN32]. Id.

 

 

[FN33]. See United States v. Simons, 29 F. Supp. 2d 324, 327 (E.D. Va. 1998).

 

 

[FN34]. United States v. Simons, 29 F. Supp. 2d 324 (E.D. Va. 1998).

 

 

[FN35]. Id. at 325.

 

 

[FN36]. Id.

 

 

[FN37]. Id. at 326.

 

 

[FN38]. Id.

 

 

[FN39]. Id.

 

 

[FN40]. Id.

 

 

[FN41]. Id.

 

 

[FN42]. Id.

 

 

[FN43]. Id.

 

 

[FN44]. Id.

 

 

[FN45]. Id.

 

 

[FN46]. Id. at 327. The applicable section of the FBIS policy is as follows: Audits. Electronic auditing shall be implemented within all FBIS unclassified networks that connect to the Internet or other publicly accessible networks to support identification, termination, and prosecution of unauthorized activity. These electronic audit mechanisms shall . . . be capable of recording:

-- Access to the system, including successful and failed login attempts, and logouts;

-- Inbound and Outbound file transfers;

-- Sent and received e-mail messages;

-- Web sites visited, including uniform resource locator (URL) of pages retrieved;

-- Date, Time, and user associated with each event.

Id.

 

 

[FN47]. Id.

 

 

[FN48]. Id.

 

 

[FN49]. See Sundstrom, supra note 17, at 2091.

 

 

[FN50]. See Perry v. Sindermann, 408 U.S. 593, 597 (1972). Courts could possibly view the waiver of constitutional rights as an unconstitutional condition of government employment. See Sundstrom, supra note 17, at 2091. [E] ven though a person has no 'right' to a valuable governmental benefit and even though the government may deny him the benefit for any number of reasons, there are some reasons upon which the government may not rely. It may not deny a benefit to a person on a basis that infringes his constitutionally protected interests . . . . Perry v. Sindermann, 408 U.S. at 597.

 

 

[FN51]. O'Connor v. Ortega, 480 U.S. 709, 720-21 (1987).

 

 

[FN52]. See Computer Guidelines, supra note 12, at 17.

 

 

[FN53]. O'Connor v. Ortega, 480 U.S. 709 (1987).

 

 

[FN54]. Id. at 725-26.

 

 

[FN55]. Id. at 716.

 

 

[FN56]. See Computer Guidelines, supra note 12, at 18.

 

 

[FN57]. See Williams v. Philadelphia Hous. Auth., 826 F. Supp. 952, 954 (E.D. Pa. 1993) (permitting the warrantless workplace search of a computer disk containing both personal and work-related items); see also Computer Guidelines, supra note 12, at 18 (stating employers may reasonably assume that floppy disks found at an office are part of the workplace, in most cases).

 

 

[FN58]. See O'Connor v. Ortega, 480 U.S. at 702-21.

 

 

[FN59]. See Williams v. Philadelphia Hous. Auth., 826 F. Supp. at 954.

 

 

[FN60]. ACLU v. Reno, 929 F. Supp. 824, 830 (E.D. Pa. 1996).

 

 

[FN61]. Id. at 832.

 

 

[FN62]. Id.

 

 

[FN63]. Id. at 831.

 

 

[FN64]. See id. at 834. Other forms of Internet communication include one-to-many messaging (list services), newsgroups, real-time remote computer utilization, and remote information retrieval. Id. For a cursory discussion on these varying forms of communication see id. at 834-36.

 

 

[FN65]. Id. at 835.

 

 

[FN66]. Id.

 

 

[FN67]. See id.

 

 

[FN68]. See id.

 

 

[FN69]. See supra notes 15-26 and accompanying text.

 

 

[FN70]. See United States v. Maxwell, 45 M.J. 406, 419 (C.A.A.F. 1996) (stating in dicta "[m]essages sent to the public at large in the 'chat room' . . . lose any semblance of privacy"); see also Note, Keeping Secrets in Cyberspace: Establishing Fourth Amendment Protection for Internet Communication, 110 Harv. L. Rev. 1591, 1603 (1997) ("Because police have the right to 'go' on the Internet anywhere that members of the public may go, an open listserv, newsgroup, chat room, telnet-able file, or Web page with no restrictions on its use is in plain view and cannot be considered private for Fourth Amendment purposes.") [hereinafter Keeping Secrets]; Brian I. Simon, Note & Comment, The Tangled Web We Weave: The Internet and Standing Under the Fourth Amendment, 21 Nova L. Rev. 941, 959-60 (1997) (presenting a chat room hypothetical and the difficulty in asserting Fourth Amendment standing in such a situation).

 

 

[FN71]. United States v. Charbonneau, 979 F. Supp. 1177 (S.D. Ohio 1997).

 

 

[FN72]. Id. at 1179.

 

 

[FN73]. Id.

 

 

[FN74]. Id.

 

 

[FN75]. Id. The child pornography was distributed by using a "list." Id. The court explained: A user generally would create the list by identifying all users in a private room; the user then would enter screen names of the identified users onto an "e-mail" message and create a list of recipients. The sender of the pornographic pictures would next send an e-mail to the recipients identified on the list. The e-mail often would contain a brief message and an attached graphic file containing child pornography. Id.

 

 

[FN76]. Id.

 

 

[FN77]. Id.

 

 

[FN78]. Id. at 1183.

 

 

[FN79]. Id. at 1185.

 

 

[FN80]. Id.

 

 

[FN81]. ACLU v. Reno, 929 F. Supp. 824, 834 (E.D. Pa. 1996).

 

 

[FN82]. Keeping Secrets, supra note 70, at 1592.

 

 

[FN83]. Id.

 

 

[FN84]. Id.

 

 

[FN85]. See United States v. Maxwell, 45 M.J. 406, 417-18 (C.A.A.F. 1996).

 

 

[FN86]. United States v. Maxwell, 45 M.J. 406 (C.A.A.F. 1996).

 

 

[FN87]. Id. at 417-18.

 

 

[FN88]. Id. at 412-13.

 

 

[FN89]. Id. at 413.

 

 

[FN90]. Id. at 414.

 

 

[FN91]. Id.

 

 

[FN92]. Id.

 

 

[FN93]. Id. at 415.

 

 

[FN94]. Id. at 417.

 

 

[FN95]. Id. at 418.

 

 

[FN96]. Id.

 

 

[FN97]. Id. at 417; see Francis A. Gilligan & Edward J. Imwinkelreid, Cyberspace: The Newest Challenge for Traditional Legal Doctrine, 24 Rutgers Computer & Tech. L.J. 305, 320 (1998).

 

 

[FN98]. United States v. Maxwell, 45 M.J. at 418-19.

 

 

[FN99]. See Gilligan & Imwinkelreid, supra note 97, at 320; 1 LaFave, supra note 11, 8.6(f).

 

 

[FN100]. Gilligan & Imwinkelreid, supra note 97, at 320.

 

 

[FN101]. See id. at 319-20 (noting the similarities between e-mail messages and telephone conversations or first class mail regarding expectations of privacy).

 

 

[FN102]. United States v. Charbonneau, 979 F. Supp. 1177, 1185 (S.D. Ohio 1997); see supra notes 71-80 and accompanying text for the underlying facts in Charbonneau.

 

 

[FN103]. United States v. Charbonneau, 979 F. Supp. at 1185.

 

 

[FN104]. Id.

 

 

[FN105]. Id.; see Hoffa v. United States, 385 U.S. 293, 302 (1966) (finding no Fourth Amendment rights exist where "a wrongdoer's misplaced belief that a person to whom he voluntarily confides his wrongdoing will not reveal it").

 

 

[FN106]. See United States v. Maxwell, 45 M.J. 406, 418 (C.A.A.F. 1996). Although courts may be willing to recognize a reasonable expectation of privacy in the contents of e-mail, the same cannot be said for the biographical and financial information provided to initiate Internet service. In United States v. Hambrick, a federal district court ruled an Internet Service Provider could reveal biographical and financial information to the government without violating the Fourth Amendment. United States v. Hambrick, 55 F. Supp. 2d 504, 507 (W.D. Va. 1999). The court found the registered name on the account and the credit card used to secure the account could be disclosed because defendant voluntarily gave that information to the Service Provider. Id. The court found defendant has assumed the risk that this private institution may disclose his personal information to law enforcement officials. Id.

 

 

[FN107]. U.S. Const. amend. IV.

 

 

[FN108]. United States v. Jacobsen, 466 U.S. 109, 113 (1984) (citation and internal quotations omitted).

 

 

[FN109]. See United States v. Hall, 142 F.3d 988, 993 (7th Cir. 1998).

 

 

[FN110]. Id. (citing United States v. McAllister, 18 F.3d 1412, 1417 (7th Cir. 1994)); see United States v. Barth, 26 F. Supp. 2d 929, 935 (W.D. Tex. 1998) (citing United States v. Paige, 136 F.3d 1012, 1017 (5th Cir. 1998)).

 

 

[FN111]. United States v. Hall, 142 F.3d at 993.

 

 

[FN112]. See id. at 990-91 (relaying Hall's illegal conduct was discovered by a technician who was servicing his computer).

 

 

[FN113]. Id. at 993-94 (discussing the conversion of a private party to an agent of the government).

 

 

[FN114]. United States v. Hall, 142 F.3d 988 (7th Cir. 1998).

 

 

[FN115]. Id. at 990-91.

 

 

[FN116]. Id. at 991.

 

 

[FN117]. Id.

 

 

[FN118]. Id.

 

 

[FN119]. Id.

 

 

[FN120]. Id.

 

 

[FN121]. Id. at 992.

 

 

[FN122]. Id.

 

 

[FN123]. Id. at 993.

 

 

[FN124]. Id.

 

 

[FN125]. Id.

 

 

[FN126]. Id. at 994.

 

 

[FN127]. Id.

 

 

[FN128]. Id. "The independent source doctrine allows admission of evidence that has been discovered by means wholly independent of any constitutional violation." Nix v. Williams, 467 U.S. 431, 443 (1984).

 

 

[FN129]. United States v. Barth, 26 F. Supp. 2d 929 (W.D. Tex. 1998).

 

 

[FN130]. Id. at 932.

 

 

[FN131]. Id.

 

 

[FN132]. Id. at 933.

 

 

[FN133]. Id.

 

 

[FN134]. Id.

 

 

[FN135]. Id.

 

 

[FN136]. Id.

 

 

[FN137]. Id. at 934-35.

 

 

[FN138]. Id. at 935.

 

 

[FN139]. Id. at 936.

 

 

[FN140]. See id.

 

 

[FN141]. Id.

 

 

[FN142]. Id. at 939.

 

 

[FN143]. Id.

 

 

[FN144]. Id. (quoting Murray v. United States, 487 U.S. 533, 542 (1988)). The court also found the inevitable discovery doctrine and the good faith doctrine inappropriate exceptions given this particular set of facts. Id. at 939, 942.

 

 

[FN145]. Id. at 942.

 

 

[FN146]. See id. at 932. The technician was not only privately employed but also served as a confidential informant for the FBI. Id.

 

 

[FN147]. See supra notes 27-50 and accompanying text for a discussion on consent issues in the workplace.

 

 

[FN148]. Schneckloth v. Bustamonte, 412 U.S. 218, 219 (1973); see Computer Guidelines, supra note 12, at 11.

 

 

[FN149]. United States v. Matlock, 415 U.S. 164 (1974).

 

 

[FN150]. Id. at 171.

 

 

[FN151]. Id. at 171 n.7 (citations omitted).

 

 

[FN152]. A single system is a single computer with one user, or possibly a small number of users. Sergent, supra note 22, at 1183. An example of this type of system is a family who is living together and sharing one computer. 1 LaFave, supra note 11, 8.6(f).

 

 

[FN153]. Sergent, supra note 22, at 1183.

 

 

[FN154]. 1 LaFave, supra note 11, 8.6(f).

 

 

[FN155]. Id.

 

 

[FN156]. See United States v. Smith, 27 F. Supp. 2d 1111, 1116 (C.D. Ill. 1998).

 

 

[FN157]. United States v. Smith, 27 F. Supp. 2d 1111 (C.D. Ill. 1998).

 

 

[FN158]. Id. at 1113-14.

 

 

[FN159]. Id. at 1114.

 

 

[FN160]. Id.

 

 

[FN161]. Id.

 

 

[FN162]. Id. at 1115-16.

 

 

[FN163]. Id. at 1116.

 

 

[FN164]. Id.

 

 

[FN165]. See Computer Guidelines, supra note 12, at 15. "[C]reating a separate personal directory on a computer may not sufficiently mark it as exclusive, but protecting that separate directory with a secret password may 'lock the container.' In that event, if law enforcement analysts search the directory by breaking the password . . . a court would probably suppress the result." Id.

 

 

[FN166]. U.S. Const. amend. IV. A government search may still violate the Fourth Amendment despite the warrant's validity. See United States v. Carey, No. 98-3077, 1999 WL 215669, at *6 (10th Cir. Apr. 14, 1999). Officers can always exceed the bounds of a properly issued warrant, thus offending the Fourth Amendment. See id. In United States v. Carey, officers, searching for drug notations, obtained a warrant to search the defendant's computer. Id. at *1-2. The officer conducting the search, however, did not limit his search to text files; rather he abandoned the warrant's articulated scope and began searching graphic files. Id. That search revealed child pornography. Id. The court ruled although the warrant was sufficiently particular in all respects, the officer's actions exceeded the bounds of the warrant and violated the Fourth Amendment. Id. at *6.

 

 

[FN167]. Computer Guidelines, supra note 12, at 89 (quoting The American Heritage Dictionary (2d ed. 1983)).

 

 

[FN168]. Fed. R. Crim. P. 41(a).

 

 

[FN169]. Id. (emphasis added).

 

 

[FN170]. Computer Guidelines, supra note 12, at 90. The Guidelines explained: For example, an informant indicates that the business where he works has a duplicate set of books used to defraud the Internal Revenue Service. He has seen these books on his computer terminal in his Manhattan office. Based upon this information, agents obtain a warrant in the Southern District of New York authorizing a search for, and seizure of, these records. With the informant's help, agents access his computer workstation, bring up the incriminating documents . . . . Unfortunately, unbeknownst to the agents, prosecutor, or informant, the file server that held those documents was physically located in another office, building, district, state, or country. Id.

 

 

[FN171]. See generally id. (relying on wiretap cases to guide United States Attorney's in these decisions); David Movius, U.S. Dep't of Justice, Supplement to Federal Guidelines for Searching and Seizing Computers 29-30 (1997) (relying on the same).

 

 

[FN172]. Computer Guidelines, supra note 12, at 90.

 

 

[FN173]. Id. at 91.

 

 

[FN174]. Id.

 

 

[FN175]. Id. at 93.

 

 

[FN176]. Id.

 

 

[FN177]. Id. at 93-94.

 

 

[FN178]. Id. at 93.

 

 

[FN179]. United States v. Judd, 687 F. Supp. 1052 (N.D. Miss. 1988).

 

 

[FN180]. Id. at 1054.

 

 

[FN181]. Id.

 

 

[FN182]. Id.

 

 

[FN183]. Id. at 1054-55.

 

 

[FN184]. Id. at 1058-59.

 

 

[FN185]. Id.

 

 

[FN186]. See Computer Guidelines, supra note 12, at 91.

 

 

[FN187]. See 18 U.S.C. 2510-2522 (1994).

 

 

[FN188]. Id. 2518(3) (emphasis added); see Fed. R. Crim. P. 41(a).

 

 

[FN189]. United States v. Rodriguez, 968 F.2d 130, 136 (2d Cir. 1992).

 

 

[FN190]. Id.

 

 

[FN191]. Id.

 

 

[FN192]. 18 U.S.C. 2510(4).

 

 

[FN193]. United States v. Rodriguez, 968 F.2d at 136.

 

 

[FN194]. See id.

 

 

[FN195]. Id.

 

 

[FN196]. Id.

 

 

[FN197]. United States v. Denman, 100 F.3d 399, 403 (5th Cir. 1996).

 

 

[FN198]. United States v. Rodriguez, 968 F.2d 130 (2d Cir. 1992).

 

 

[FN199]. United States v. Denman, 100 F.3d 399 (5th Cir. 1996).

 

 

[FN200]. United States v. Ramirez, 112 F.3d 849, 853 (7th Cir. 1997).

 

 

[FN201]. Id.

 

 

[FN202]. See generally id. (discussing surveillance of cellular phone calls).

 

 

[FN203]. U.S. Const. amend. IV.

 

 

[FN204]. Coolidge v. New Hampshire, 403 U.S. 443, 467 (1971).

 

 

[FN205]. United States v. Upham, 168 F.3d 532, 535 (1st Cir. 1999) (citing Coolidge v. New Hampshire, 403 U.S. at 467).

 

 

[FN206]. Id.

 

 

[FN207]. United States v. Hunter, 13 F. Supp. 2d 574, 583 (D. Vt. 1998).

 

 

[FN208]. "The typical home computer with a seemingly modest ten megabytes of storage capacity has the equivalent capacity of approximately 100,000 typewritten pages." Gilligan & Imwinkelreid, supra note 97, at 306 (citing Winick, supra note 25, at 75, 81).

 

 

[FN209]. United States v. Hunter, 13 F. Supp. 2d at 583.

 

 

[FN210]. Id. at 584.

 

 

[FN211]. Davis v. Gracey, 111 F.3d 1472, 1478 (10th Cir. 1997); see also United States v. Hunter, 13 F. Supp. 2d at 583-85 (finding a warrant authorizing the seizure of documents "practically" included documents on a computer or disk given society's current dependence on computers).

 

 

[FN212]. United States v. Wolfenbarger, 696 F.2d 750, 752 (10th Cir. 1982) (citations omitted).

 

 

[FN213]. See Davis v. Gracey, 111 F.3d at 1478; United States v. Kow, 58 F.3d 423, 427 (9th Cir. 1995).

 

 

[FN214]. Davis v. Gracey, 111 F.3d 1472 (10th Cir. 1997).

 

 

[FN215]. Id. at 1478.

 

 

[FN216]. Id. at 1478-79.

 

 

[FN217]. Id. at 1479.

 

 

[FN218]. Id. (quoting the language of the warrant).

 

 

[FN219]. Id.

 

 

[FN220]. United States v. Kow, 58 F.3d 423 (9th Cir. 1995).

 

 

[FN221]. Id. at 427.

 

 

[FN222]. Id.

 

 

[FN223]. Id. "Except for vague references to 'fraudulent' transactions and possible disparities between actual and reported income, the warrant failed to give any indication of the alleged crime . . . ." Id.

 

 

[FN224]. Id.

 

 

[FN225]. Id.

 

 

[FN226]. See United States v. Lamb, 945 F. Supp. 441, 457-58 (N.D.N.Y. 1996) (finding e-mail messages discussing the transport of child pornography to have a sufficient nexus to the crime and thus subject to seizure).

 

 

[FN227]. See United States v. Kow, 58 F.3d at 427. In Kow, the court found there was no indication that the entire business was wrought with illegalities, thus a warrant permitting the wholesale seizure of all corporate documents was over broad. Id. at 427-28.

 

 

[FN228]. Id. at 427. It should be noted that "documents" naturally include those located on a computer or hard drive. See United States v. Hunter, 13 F. Supp. 2d 574, 581 (D. Vt. 1998). Thus, probable cause for documents thereby implicates a search of the computer and all related disks. Id.

 

 

[FN229]. See United States v. Falon, 959 F.2d 1143, 1148 (1st Cir. 1992).

 

 

[FN230]. See id.

 

 

[FN231]. Id.

 

 

[FN232]. United States v. Lacy, 119 F.3d 742 (9th Cir. 1997), cert. denied, 118 S. Ct. 1571 (1998).

 

 

[FN233]. Id. at 746-47.

 

 

[FN234]. Id.

 

 

[FN235]. See United States v. Lamb, 945 F. Supp. 441, 457-58 (N.D.N.Y. 1996); see also United States v. Kow, 58 F.3d 423, 426-30 (9th Cir. 1995) (holding a warrant that did not describe items to be seized with particularity cannot stand).

 

 

[FN236]. United States v. Hunter, 13 F. Supp. 2d 574, 583 (D. Vt. 1998).

 

 

[FN237]. United States v. Upham, 168 F.3d 532 (1st Cir. 1999).

 

 

[FN238]. Id. at 533.

 

 

[FN239]. Id.

 

 

[FN240]. Id. at 537. Reformatting is "a process that erases some of the indexing code that allows undeleting to be done quickly." Id.

 

 

[FN241]. Id.

 

 

[FN242]. Id.

 

 

[FN243]. Id.

 

 

[FN244]. See id.

 

 

[FN245]. See Computer Guidelines, supra note 12, at 70.

 

 

[FN246]. Id.

 

 

[FN247]. Id.

 

 

[FN248]. Id.

 

 

[FN249]. Id. Examples of BBSs dedicated primarily to illegal activities include: (1) distributing copyrighted software; (2) distributing fraudulently obtained credit card numbers or telephone access codes; and (3) distributing child pornography or adult obscenity. Id.

 

 

[FN250]. See id.

 

 

[FN251]. Id. at 70-71.

 

 

[FN252]. 42 U.S.C. 2000aa-2000aa-12 (1994).

 

 

[FN253]. Id. 2000aa(a).

 

 

[FN254]. S. Rep. No. 96-874, at 4 (1980), reprinted in 1980 U.S.C.C.A.N. 3950, 3950-51.

 

 

[FN255]. 42 U.S.C. 2000aa(a).

 

 

[FN256]. Steve Jackson Games, Inc. v. United States Secret Serv., 816 F. Supp. 432 (W.D. Tex. 1994), aff'd, 36 F.3d 457 (5th Cir. 1994).

 

 

[FN257]. Id. at 435.

 

 

[FN258]. Id.

 

 

[FN259]. Id. at 434.

 

 

[FN260]. Id. at 434-35.

 

 

[FN261]. Id. at 435.

 

 

[FN262]. Id. at 436-37.

 

 

[FN263]. Id. at 439.

 

 

[FN264]. Id. at 439-40.

 

 

[FN265]. Id. at 440.

 

 

[FN266]. Id.

 

 

[FN267]. Id. at 440-41.

 

 

[FN268]. 42 U.S.C. 2000aa-7(a)-(b) (1994).

 

 

[FN269]. Id. 2000aa-7(a), (b)(1). Work product materials include: (1) those items prepared, produced, authored, or created in anticipation of public dissemination; (2) which are possessed expressly for that purpose; and (3) contain mental impressions, conclusions, opinions, or theories. Id. 2000aa-7(b)(1)-(3). Documentary materials are those "upon which information is recorded, and includes, . . . [magnetically] or electronically recorded cards, tapes, or discs . . . ." Id. 2000aa-7(a). Thus, the PPA will protect floppy dis[k]s, CD-ROMS, and computer hard drives. See Winick, supra note 25, at 122.

 

 

[FN270]. S. Rep. No. 96-874, at 17 (1980), reprinted in 1980 U.S.C.C.A.N. 3964, 3964.

 

 

[FN271]. 42 U.S.C. 2000aa(a)(1), (b)(1).

 

 

[FN272]. H.R. Rep. No. 96-1064, at 7 (1980).

 

 

[FN273]. 42 U.S.C. 2000aa(a)(1). The PPA does exclude a few enumerated items from this possession clause, including: (1) items relating to national defense; (2) classified material; (3) child pornography; and (4) material concerning the sale of children. Id.

 

 

[FN274]. See Computer Guidelines, supra note 12, at 75. For example, if a reporter possessed a smuggled corporate document discussing a defective product, officers without this exemption could circumnavigate the Act's legislative intent by charging the reporter with possession of stolen goods. Id.

 

 

[FN275]. 42 U.S.C. 2000aa(a)(2), (b)(2). Under documentary materials, additional exceptions include: (1) that giving notice would lead to destruction, alteration, or concealment of the material, and (2) the materials have not been produced pursuant to a court order and "all appellate remedies have been exhausted or . . . further [delay] . . . would threaten the interests of justice." Id. 2000aa(b)(3)-(4).

 

 

[FN276]. In Steve Jackson Games, Inc., the court relied primarily on the company's publishing activities, rather than its bulletin board system in applying the PPA. Steve Jackson Games, Inc. v. United States Secret Serv., 816 F. Supp. 432, 434 n.1 (W.D. Tex. 1994), aff'd, 36 F.3d 457 (5th Cir. 1994); see Computer Guidelines, supra note 12, at 81; Winick, supra note 25, at 99-100 & n.142.

 

 

[FN277]. Winick, supra note 25, at 100 (footnote omitted).

 

 

[FN278]. Computer Guidelines, supra note 12, at 78.

 

 

[FN279]. See id. at 82.

 

 

[FN280]. Id.

 

 

[FN281]. See generally United States v. Hillyard, 677 F.2d 1336, 1340 (9th Cir. 1982) ("Cases may arise in which stolen goods are intermingled with and practicably indistinguishable from legitimate goods. If commingling prevents on-site inspection, . . . the entire property may be seizable, at least temporarily."); National City Trading Corp. v. United States, 635 F.2d 1020, 1026-27 (2d Cir. 1980) (finding a law office and a targeted business that shared office space were so commingled that the entire suite was subject to search).

 

 

[FN282]. See supra note 281 and accompanying text.

 

 

[FN283]. 42 U.S.C. 2000aa-6(a) (1994). "A person having a cause of action under this section shall be entitled to recover actual damages but not less than liquidated damages of $1,000, and such reasonable attorneys' fees and other litigation costs reasonably incurred." Id. 2000aa-6(f).

 

 

[FN284]. See State v. One (1) Pioneer CD-ROM Changer, 891 P.2d 600, 607 (Okla. Ct. App. 1994).

 

 

[FN285]. Title I of the ECPA is codified at 18 U.S.C. 2510-2522 (1994). Title II of the ECPA is codified at 18 U.S.C. 2701-2711.

 

 

[FN286]. Megan Connor Bertron, Home Is Where Your Modem Is: An Appropriate Application of Search and Seizure Law to Electronic Mail, 34 Am. Crim. L. Rev. 163, 176 (1996) (quoting S. Rep. No. 99-541, at 1 (1986), reprinted in 1986 U.S.C.C.A.N. 3555, 3555).

 

 

[FN287]. See Electronic Communications Privacy Act of 1986, Pub. L. No. 99-508, 1986 U.S.C.C.A.N. (100 Stat. 1848) 1848, 1848 (codified at 18 U.S.C. 2510).

 

 

[FN288]. See id. at 1860-61 (codified at 18 U.S.C. 2701).

 

 

[FN289]. 18 U.S.C. 2511(1)(a), (c).

 

 

[FN290]. Id. 2510(12). Prior to the ECPA's enactment the Federal Wiretap Act only included wire or oral communications. Id. 2511(1).

 

 

[FN291]. See infra Part IV.B.1.a.

 

 

[FN292]. See infra Part IV.B.1.b.

 

 

[FN293].See infra Part IV.B.1.c.

 

 

[FN294]. See infra Part IV.B.1.d.

 

 

[FN295]. 18 U.S.C. 2510(4).

 

 

[FN296]. See Steve Jackson Games, Inc. v. United States Secret Serv., 36 F.3d 457, 462 (5th Cir. 1994) ("Congress did not intend for 'intercept' to apply to 'format electronic communications' when those communications are in 'electronic storage."'); Bohach v. City of Reno, 932 F. Supp. 1232, 1236 (D. Nev. 1996) ("An 'electronic communication,' by definition, cannot be 'intercepted' when it is in 'electronic storage . . . ."'); United States v. Reyes, 922 F. Supp. 818, 836 (S.D.N.Y. 1996) ("Therefore, intercepting an electronic communication essentially means acquiring the transfer of data. Taken together, the definitions thus imply a requirement that the acquisition of the data be simultaneous with the original transmission of the data.").

 

 

[FN297]. See United States v. Reyes, 922 F. Supp. at 836.

 

 

[FN298]. See Nicole Giallonardo, Casenote, Steve Jackson Games v. United States Secret Service: The Government's Unauthorized Seizure of Private E-mail Warrants More Than the Fifth Circuit's Slap on the Wrist, 14 J. Marshall J. Computer & Info. L. 179, 196-98 (1995).

 

 

[FN299]. 18 U.S.C. 2701(a), (c)(3).

 

 

[FN300]. 18 U.S.C. 2518.

 

 

[FN301]. Giallonardo, supra note 298, at 197 (footnotes omitted).

 

 

[FN302]. 18 U.S.C. 2510(12).

 

 

[FN303]. S. Rep. No. 99-541, at 3 (1986), reprinted in 1986 U.S.C.C.A.N. 3555, 3565-66.

 

 

[FN304]. Winick, supra note 25, at 91.

 

 

[FN305]. Id.

 

 

[FN306]. S. Rep. No. 99-541, at 3, reprinted in 1986 U.S.C.C.A.N. at 3566.

 

 

[FN307]. Id.

 

 

[FN308]. 18 U.S.C. 2511(2)(a)(i) (1994).

 

 

[FN309]. Id.

 

 

[FN310]. Id. 2511(2)(g)(i).

 

 

[FN311]. For a discussion of the plain view doctrine see supra Part II.A.1.a.

 

 

[FN312]. 18 U.S.C. 2511(3)(b)(iv).

 

 

[FN313]. Winick, supra note 25, at 94.

 

 

[FN314]. 18 U.S.C. 2518(10)(a).

 

 

[FN315]. Winick, supra note 25, at 93.

 

 

[FN316]. 18 U.S.C. 2520(b)(1).

 

 

[FN317]. Id. 2701(a)(1).

 

 

[FN318]. Id. 2702(a)(1)-(2).

 

 

[FN319]. See infra Part IV.B.2.a.

 

 

[FN320]. See infra Part IV.B.2.b.

 

 

[FN321]. See infra Part IV.B.2.c.

 

 

[FN322]. See infra Part IV.B.2.d.

 

 

[FN323]. See 18 U.S.C. 2703(a).

 

 

[FN324]. Id.

 

 

[FN325]. See id. 2703(b).

 

 

[FN326]. Id. 2703(b)(A).

 

 

[FN327]. Id. 2703(b)(B).

 

 

[FN328]. Id. 2510(17)(A).

 

 

[FN329]. Computer Guidelines, supra note 12, at 86 (quoting 18 U.S.C. 2510(17)).

 

 

[FN330]. 18 U.S.C. 2701(c)(1).

 

 

[FN331]. Winick, supra note 25, at 97-98.

 

 

[FN332]. See 18 U.S.C. 2702(b).

 

 

[FN333]. Id. 2702(b)(1), (3).

 

 

[FN334]. Id. 2702(b)(6).

 

 

[FN335]. S. Rep. No. 99-541, at 38 (1986), reprinted in 1986 U.S.C.C.A.N. 3555, 3592.

 

 

[FN336]. 18 U.S.C. 2702(a)(1).

 

 

[FN337]. Computer Guidelines, supra note 12, at 84.

 

 

[FN338]. Id.

 

 

[FN339]. Id.

 

 

[FN340]. Giallonardo, supra note 298, at 202.

 

 

[FN341]. 18 U.S.C. 2518(1). The comprehensive elements are: (1) the identity of the officer making the application; (2) a complete set of facts detailing the nature of the offense, the location, the type of communications sought, and the identities of the involved parties; (3) a complete statement as to whether other investigative procedures have failed, and why they are unlikely to succeed in the future; (4) a statement as to the time period for interception; (5) a complete statement concerning all other applications made for interception; and (6) if an application for extension, the officer must detail the material gained thus far from the interception. Id. 2518(1)(a)- (f).

 

 

[FN342]. Id. 2703(a)-(b).

 

END OF DOCUMENT