• Tag Archives 4th Amendment
  • The Fight Against General Warrants to Hack Rages On

    The federal government thinks it should be able to use one warrant to hack into an untold number of computers located anywhere in the world. But EFF and others continue to make the case that the Fourth Amendment prohibits this type of blanket warrant. And courts are starting to listen.

    Last week, EFF pressed its case against these broad and unconstitutional warrants in arguments before a federal court of appeals in Boston, Massachusetts. As we spelled out in a brief filed earlier this year, these warrants fail to satisfy the Fourth Amendment’s basic safeguards.

    The case, U.S. v. Levin, is one of hundreds of prosecutions resulting from the FBI’s 2015 seizure and operation of a child pornography site “Playpen.” While running the site, the FBI used malware—or a “Network Investigative Technique” (NIT), as they euphemistically call it—to infect computers used to visit the site and then identify those visitors. Based on a single warrant, the FBI ended up hacking into nearly 9,000 computers, located in at least 26 different states, and over 100 countries around the world.

    But that’s unconstitutional. One warrant cannot allow law enforcement to hack into thousands of computers wherever they are in the world. As law enforcement defended these blanket hacking warrants and pushed for federal rule changes to allow them—and as Congress stood by and idly let this rule change go into effect—we’ve been fighting in court to make sure that the Fourth Amendment’s protections don’t disappear as law enforcement begins to rely on hacking more and more.

    And there are signs that courts are beginning to recognize the threats to privacy these warrants pose. Earlier this year, a federal magistrate judge in Minnesota found [PDF] that the warrant the FBI relied on in the Playpen case—the same warrant we were arguing against in Levin—violated the Fourth Amendment.

    In the February report, Magistrate Judge Franklin Noel described how the government’s NIT fails the Fourth Amendment’s requirement that warrants describe a particular place to be searched, agreeing with arguments we’ve made to courts in other Playpen prosecutions. The warrant in this case fails to satisfy that requirement because, at the time the warrant was issued, “it is not possible to identify, with an specificity, which computers, out of all of the computers on earth, might be searched pursuant to this warrant,” Noel wrote.

    He also explained how the warrant essentially flips the Fourth Amendment’s particularity requirement on its head, searching and then identifying specific computers instead of identifying specific computers and then searching them. “Only with [information gathered through the use of malware] could the Government begin to describe with any particularity the computers to be searched; however, at that point, the computer had already been searched.”

    It’s encouraging that courts are beginning to agree with arguments from us and others that these warrants far exceed the Fourth Amendment’s limits on government searches.

    As the Playpen prosecutions begin to work their way up to the courts of appeals, the stakes become higher. The decisions these courts reach will likely shape the contours of our constitutional protections for years to come. We’ve filed briefs in every appeal so far, and we’ll continue to make the case that unfamiliar technology and unsavory crimes can’t justify dispensing with the Fourth Amendment’s requirements altogether.



    Source: The Fight Against General Warrants to Hack Rages On | Electronic Frontier Foundation


  • The Bill of Rights at the Border: Fourth Amendment Limits on Searching Your Data and Devices

    More than 325,000 people enter the United States via airports every day, with hundreds of thousands more crossing by land at the borders. Not only is that a lot of people, it’s also a lot of computers, smartphones, and tablets riding along in our pockets, bags, and trunks.  Unfortunately, the Fourth Amendment protections we enjoy inside the U.S. for our devices aren’t always as strong when we’re crossing borders—and the Department of Homeland Security takes advantage of it. On the other hand, the border is not a Constitution-free zone. What are the limits to how and how much customs and immigrations officials can access our data?

    To help answer those questions, we’re offering the second in our series of posts on the Constitution at the border, focusing this time on the Fourth Amendment. For Part 1 on the First Amendment, click here.

    The Default Privacy Rule



    The Fourth Amendment forbids “unreasonable” searches and seizures by the government. In most circumstances, the Fourth Amendment requires that government agents obtain a warrant from a judge by presenting preliminary evidence establishing “probable cause” to believe that the thing to be searched or seized likely contains evidence of illegal activity before the officer is authorized to search.

    The Border Search Exception

    Unfortunately, the Supreme Court has sanctioned a “border search exception” to the probable cause warrant requirement on the theory that the government has an interest in protecting the “integrity of the border” by enforcing the immigration and customs laws. As a result, “routine” searches at the border do not require a warrant or any individualized suspicion that the thing to be searched contains evidence of illegal activity.

    The Exception to the Exception: “Non-Routine” Searches

    But the border search exception is not without limits. As noted, this exception only applies to “routine” searches, such as those of luggage or bags presented at the border.  “Non-routine” searches – such as searches that are “highly intrusive” and impact the “dignity and privacy interests” of individuals, or are carried out in a “particularly offensive manner” – must meet a higher standard: individualized “reasonable suspicion.” In a nutshell, that means border agents must have specific and articulable facts suggesting that a particular person may be involved in criminal activity.

    For example, the Supreme Court held that disassembling a gas tank is “routine” and so a warrantless and suspicionless search is permitted. However, border agents cannot detain a traveler until they have defecated to see if they are smuggling drugs in their digestive tract unless the agents have a “reasonable suspicion” that the traveler is a drug mule.

    Border Searches of Digital Devices

    How does this general framework apply to digital devices and data at the border? Border agents argue that the border search exception applies to digital searches.  We think they are wrong.  Given that digital devices like smartphones and laptops contain highly personal information and provide access to even more private information stored in the cloud, the border search exception should not apply.

    As Chief Justice Roberts recognized in a 2014 case, Riley v. California:

    Modern cell phones are not just another technological convenience. With all they contain and all they may reveal, they hold for many Americans the privacies of life.

    Snooping into such privacies is extraordinarily intrusive, not “routine.” Thus, when the government asserted the so-called “incident to arrest” exception to justify searching a cell phone without a warrant during or immediately after an arrest, the Supreme Court called foul.

    Why is the Riley decision important at the border? For one thing, the “incident to arrest” exception that the government tried to invoke is directly comparable to the border search exception, because both are considered “categorical” exemptions. Given that the intrusion is identical in both instances, the same privacy protections should apply.

    Moreover, with the ubiquity of cloud computing, a digital device serves as a portal to highly sensitive data, where the privacy interests are even more significant. Following Riley, we believe that any border search of a digital device or data in the cloud is unlawful unless border agents first obtain a warrant by showing, to a judge, in advance, that they have probable cause to believe the device (or cloud account) likely contains evidence of illegal activity.

    However, lower courts haven’t quite caught up with Riley.  For example, the Ninth Circuit held that border agents only need reasonable suspicion of illegal activity before they could conduct a non-routine forensic search of a traveler’s laptop, aided by sophisticated software. Even worse, the Ninth Circuit also held that a manual search of a digital device is “routine” and so a warrantless and suspicionless search is still “reasonable” under the Fourth Amendment. Some courts have been even less protective. Last year a court in the Eastern District of Michigan upheld a computer-aided border search of a traveler’s electronic devices that lasted several hours without reasonable suspicion.

    EFF is working hard to persuade courts (and border agents) to adopt the limits set forth in the Riley decision for border searches of cellphones and other digital devices. In the meantime, what should you do to protect your digital privacy?

    Much turns on your individual circumstances and personal risk assessment. The consequences for non-compliance with a command from a CBP agent to unlock a device will be different, for example, for a U.S. citizen versus a non-citizen. If you are a U.S. citizen, agents must let you enter the country eventually; they cannot detain you indefinitely. If you are a lawful permanent resident, agents might raise complicated questions about your continued status as a resident. If you are a foreign visitor, agents may deny you entry entirely.

    We recommend that everyone conduct their own threat model to determine what course of action to take at the border. Our in depth Border Search Whitepaper offers you a spectrum of tools and practices that you may choose to use to protect your personal data from government intrusion. For a more general outline of potential practices, see our pocket guides to Knowing Your Rights and Protecting Your Data at the Border.

    And join EFF in calling for stronger Constitutional protection for your digital information by contacting Congress on this issue today.

    Source: The Bill of Rights at the Border: Fourth Amendment Limits on Searching Your Data and Devices | Electronic Frontier Foundation


  • Trump: Privacy for Me, Not for Thee

    Trump: Privacy for Me, Not for Thee

    President Donald Trump has a consistency problem on the issues of government surveillance and privacy. For the most part, Trump seems to make his ideological decisions based on how something impacts his life personally.

    This has been made overwhelmingly apparent watching Trump spend the entire weekend condemning former President Obama for allegedly wiretapping the phones at Trump hotels during the 2016 presidential campaign.

    While addressing the press and calling for a full congressional inquiry, President Trump referred to these actions as Obama’s “greatest abuse of power.”

    To be sure, if Trump’s accusations about Barack Obama prove to be true, this is absolutely appalling on behalf of the former president. However, is this the greatest abuse of power by the Obama Administration? Hardly.

    Hope and Change

    The Obama presidency was supposed to usher in a new era of government transparency. The Bush years had left the people traumatized as civil liberties and other constitutional safeguards were disregarded in the name of national security and the war on terror.  

    The people wanted change and President Obama was going to be the man who led this country back to freedom.

    Unfortunately, that was not the case.

    It wasn’t long before journalists had dubbed the Obama Administration one of the least transparent presidencies in modern times. To make matters worse, Obama continued to execute Bush’s destructive foreign policy strategy— he just did so in secret and kept it from the American public—or so he thought.

    Thanks to journalist Jeremy Scahill, the world discovered that President Obama had not only continued, but actually escalated the use of drone warfare in the Middle East. In Scahill’s Oscar nominated film, Dirty Wars, it was also revealed that  America’s favorite peaceful president had a secret kill list which he used to go after enemy combatants, including American citizens.

    The Edward Snowden NSA leaks came as a further blow to then President Obama, who was elected on a platform that promised to protect government whistleblowers. Of course, this section was conveniently removed from his change.org website shortly after Snowden’s first round of leaks.

    Given this information you would think Trump would admire Snowden. After all, Snowden, like Trump, discovered that the government was illegally spying on its citizens, and spoke up. However, that doesn’t seem to be the case.

    “Kill the Traitor”

    Uttering the phrase “kill the traitor” in 2013, Donald Trump called for the execution of Edward Snowden. During the campaign, Trump claimed that Snowden was working as a spy for Russia.

    While similar rhetoric was often thrown around by other Republican presidential candidates, Trump’s continued disapproval of Snowden was particularly perplexing, since it was only thanks to another infamous government whistleblower that Trump was thrown a lifeline when he needed it the most.

    Whether he will admit it or not, the leaked Access Hollywood footage dealt a huge blow to the Trump campaign. His offensive comments about women were putty in the hands of Hillary Clinton, who was desperately looking for any way to take him down.

    Just when it appeared like the Trump campaign would never recover from his past remarks, Wikileaks changed the game by leaking several of John Podesta’s personal email’s that admitted wrongdoing on the part of the Democratic National Committee.

     

    Trump seized on this moment and shifted the focus back to “crooked Hillary” and the Democratic Party and away from his own Access Hollywood scandal. Publicly declaring his love for Wikileaks, Trump went on to praise Assange for the good work he was doing while simultaneously condemning Snowden for the same actions.

    It should also not be forgotten that during the 2016 legal battle between Apple and the Department of Justice, Trump called for a national boycott of Apple until the company agreed to unlock the phone of San Bernardino shooter, Syed Farook.

    Addressing a crowd Trump said:

    “Apple ought to give the security for that phone, OK. What I think you ought to do is boycott Apple until such a time as they give that security number. How do you like that? I just thought of it. Boycott Apple.”

    With these comments, Trump sided with the surveillance state – one that threatens and oppresses not only Americans but every digital user on the planet – rather than with commerce and consumers, who are in desperate need of privacy protection. Apple sought to give that to its customers, while Trump wanted to take it away.

    Trump is absolutely right, the allegations that President Obama wiretapped his phones are indeed “very troubling.” However, they are no less troubling than the surveillance state that Trump has also advocated for both in his support of the Department of Justice’s fight against Apple, and his condemnation of Edward Snowden.

    Now that Trump thinks he has been a victim of the same spying he has favored on everyone else, he flies into a fury of outrage. He is right now and wrong before.


    Brittany Hunter

    Brittany Hunter is an associate editor at FEE. Brittany studied political science at Utah Valley University with a minor in Constitutional studies.

    This article was originally published on FEE.org. Read the original article.