[The hard drive was searched, and...] After incriminating emails were uncovered
through that process, the agent sought and obtained a warrant based upon the
content of the emails to conduct the search of the hard drive that had already
been completed and to seize the emails that had already been reviewed. Those
mails now form a part of the basis of this prosecution, and Kim moves to
suppress that evidence, arguing that his rights under the Fourth Amendment of
the Constitution have been violated.
Isn't that post-facto application for a warrant precisely an admission that the initial search was illegal?
[I am not a lawyer] My sister-in-law (the defense attorney) would say that you can look if you have probable cause, and then get a warrant for more invasive looking and/or looking elsewhere. But reading the judge's remarks in the article it does not sound like the judge believed they had enough cause to seize the laptop. I hope this goes to the Supreme Court because I would hope they would rule in favor of the 4th amendment on border seizures for laptops. It offends me as a tax payer and a voter that this is allowed and every year and twice on every election year I inform folks who would seek to be my representative that landing in favor of the 4th amendment will help to secure my vote.
That said, I've always been curious (but insufficiently brave) to create a 'bait' laptop which would be a laptop designed to exfiltrate video and audio of everything that goes on around it into a cloud server. Then tweet in passing I finally got some juicy bits and head off on an international jaunt to provide a seizure opportunity.
Whether you believe it or not, there is a reasonable explanation for this in the opinion which doesn't require SIGINT magic, just fairly boring detective work.
It's possible, but I wouldn't say it's probable given that the agents seemed to know to search certain emails in order to gather material for a warrant after the fact.
If they had detective work in hand at the time of seizure which demonstrated the content of these emails, they'd have been able to get a warrant for the search on that basis.
> It's possible, but I wouldn't say it's probable given that the agents seemed to know to search certain emails in order to gather material for a warrant after the fact.
They didn't search "certain emails", they searched all of the emails on the laptop. It's not improbable that there would be interesting evidence in someone's email after a trip when you expect they will have been up to no good, and it's not improbable that a broad keyword search over those .pst's would find something.
> If they had detective work in hand at the time of seizure which demonstrated the content of these emails, they'd have been able to get a warrant for the search on that basis.
Yes, but they evidently didn't think they needed one: the dominant culture the agents were working in seems to say that this constituted a reasonable search, and that applying for a warrant after the fact was proper - that is the real problem here, and the one the judge is picking up on. The opinion describes this: they had enough warning of the guy's trip that they could decide whether to seize the laptop on the way into the country or on the way out, but decided on the latter to give the guy a chance to generate incriminating evidence, because they didn't think they'd catch him in the act otherwise.
Seriously, this looks more like an everyday process that's evolved in a bad direction than parallel construction. They weren't expecting to have to defend this search procedure.
Seems like he didn't feel the need for a warrant to "search", but did to "seize". Given the state of things, you could almost forgive him for thinking that he could do whatever the hell he wanted without worry of recrimination.
Which is funny since that's more or less how I've always heard, as a person outside of law enforcement, a warrant works. It provides permission to search for, often specific, evidence to seize.
The other important points influencing the decision were the amount of time spent examining the hard drive and extensive detail of the search.
"...that wherever the Supreme Court or the Court of Appeals eventually draws the precise boundary of a routine border search, or however either Court ultimately defines a forensic – as opposed to a conventional – computer search, this search was qualitatively and quantitatively different from a routine border examination, and therefore, it was unreasonable given the paucity of grounds to suspect that criminal activity was in progress."
If a warrant was obtained with evidence that itself was illegally obtained then yes the warrant is worthless. Also that "evidence" found is not admissible as it was illegally obtained.
Thats right. They knew, but didn't care so they skirted the law in order to find probable cause. They messed up. Thank the founders for our constitution ladies and gents. Its a strong document thats laws stood the test of time.
I really like that some of the over-reaction after 9-11 is starting to be reeled back in defense of personal privacy. The fact that the paternalistic "If you haven't done anything wrong, you have nothing to worry about!" was (and often is) accepted as "how it is" really was making me worry about our future generations. It is nice to see that cooler heads are finally prevailing in these areas.
I wish it could be the same in France. With the recent debates around the surveillance law, I am under the impression that we go back on the exact same path you are describing, 14 years later.
It upsets me that we don't learn from what happened in the US and just repeating history while everyone else is making progress on theses particular issues.
I agree with your sentiment. I also find it funny that this sort of illegal government activity actually caught someone selling weapon parts to Iran. Does the NSA system actually work? Random success? Statistically speaking you will eventually catch something, right?
Yes, invading everyone's privacy and illegally searching them will catch more bad guys. I don't think anyone's arguing it won't. The point is, it's not worth the loss of freedom and privacy.
The purpose of America is not to make cops' jobs as easy as possible.
I actually do not think that is a better argument.
If I understand you correctly, you are implying that we should make the argument that searching everything will result in less effective law enforcement because there will be so much more data that we will miss more things.
If this were true, then it would be an excellent argument -- rather like the argument against using torture in interrogations because it actually does a WORSE job of getting people to tell you (true) information than other techniques. This is in addition to the argument against torture that claims that torture is simply evil and we shouldn't be doing it.
I think that invading everyone's privacy without a warrant and without any good REASON to suspect an individual ("reasonable and articulable suspicion") is simply evil and we shouldn't be doing it. But I do NOT also believe that invading everyone's privacy will reduce the number of criminals caught. I actually think it would be quite effective at catching criminals. The massive amount of data available would be create more work, but investigators would spend time only on people they had vague inarticulable reasons to suspect, and this would be quite efficient. For instance, if you focused just on black males age 17-29 and combed through every email or electronic communication they had ever made, I am sure you could find tens of thousands of felonies -- but such a process would be profoundly unfair. In addition, you can use computers to search through the giant haystacks very efficiently.
> Yes, invading everyone's privacy and illegally searching them will catch more bad guys. I don't think anyone's arguing it won't.
I am arguing it won't.
What it does is it makes it easier for the government to manufacture bad guys* to then continue manipulating the public.
[*] How is that done? Gov. agency finds patsy; Gov. agency entraps patsy; Gov. agency blames patsy, says he is a terrorist, arrests/kills/tortures patsy, gets confession, passes new legislation, all in a day's work. If not a patsy, an ally disguised as "enemy".
Its a trade off. For the last few decades (at least) government policy/lawmaking has been leaning towards more invasive surveillance of the general public. This certainly makes police work easier, as they already have monitoring systems in place that allow them to collect information much more easily. They may already have a file on a suspect.
The down side is that public opinion and policy making are constantly changing. A person who is constantly monitored needs to worry that any activity they take part in today, regardless of how legal/acceptable, may become unacceptable tomorrow. Take, for example, boycotting by Canadian citizens of goods made in Israeli settlements. A year ago one may have disagreed with the sentiment, but it certainly wouldn't have seemed illegal. Today the Canadian government is threatening to bring these citizens up on hate crime charges. (As an aside I am not deeply familiar with this particular issue and am using it only as and example and as described at face value. Its entirely possible that some people have committed hate crimes.)
The Canadian government certainly already has files on some, if not all, of the biggest actors in this movement.
In a truly democratic society we need to tolerate and even bolster the voice of dissent. We claim to value our (nearly) unlimited freedom of speech. But a person who needs to worry that all of their words are recorded and can be used out of context later to condemn them will be less likely to voice their dissent. That loss of freedom is the cost of making police job's as easy as possible.
> The down side is that public opinion and policy making are constantly changing
Don't forget the issue of abuse of surveillance data- see for example NSA and CIA analysts using our databases to stalk their exes, or cops using their legally-acquired surveillance powers in illegal ways to suppress dissent.
And there's another facet that I don't hear discussed enough- Take, for example, the crime of speeding. What if speeding resulted in immediate traffic fines, 100% of the time, with perfect enforcement. Is that how we want it to work? Speeding is always possibile, and always punishable? Or is it actually better to live in a world where speeding carries the risk of traffic fines?
Because constitutional protections are not black and white. They protect not just against grossly anti-constitutional laws, but against stupid laws, too, by making them impractical, but not unconstitutional, to enforce.
Some people have never had bad law enforcement experiences. I know someone whose brother was shot to death in a traffic stop. I know a woman who was stalked by a deputy. And I know of an entire city neighborhood that got tear gassed because the PD drove protestors into a residential area. In the early evening.
Cops are people too, and sometimes people are assholes. Really, really big assholes. This is why we have rules instead of a police state. Well, had.
Hmm, I wonder what the closest analogue to that statement is that's actually found in the writings of the Founding Fathers. I assume manny of them would agree with it, but the quote itself is from a century later, when a British Confederate-sympathizer was criticizing papal infallibility.
Because it's easier to put innocent people in prison than it is to catch those who are actually guilty, so making cops' jobs as easy as possible pretty much requires mass quantities of false imprisonment.
That's not quite what happened. The guy was already under investigation, and his laptop was specifically targeted when he crossed the border. This wasn't a dragnet win: it just supplied additional evidence in a case that was already being built.
Then why not have the warrant ready to go when he crossed the border? If the suspect was already under investigation and there was suspicion there would be evidence on the laptop, then it would seem a warrant would be easy to obtain. Then this would be a non-issue.
I'm guessing that this wasn't the agents' understanding of the process. From reading the opinion, it seems that they thought it was perfectly fine to search the laptop on spec, then later apply for a warrant to justify what they found.
They had enough warning that he was going to be going through customs to decide whether to grab the laptop when he arrived in the country or when he left it, opting for the latter, so yes, they would have had plenty of time to apply for a warrant if they thought they needed one up-front.
It's not that they thought it was fine to just search the laptop; that it was fine for them to seize the laptop, remove it from the scene, and then search at their leisure. It would be like border agents seizing a car crossing the border, towing it to another location (leaving owner behind as well), and searching it later. How that comes off as a reasonable search to anyone is beyond me.
Parent comment was making a joke: Oliver North was one of the people involved in the Iran-Contra affair illegally shipping arms to Iran in the 80s while also supporting terrorism in Nicaragua.
I might have realized that laptops weren't in common use at the time. I remember his secretary Fawn Hall smuggled documents out in her boots for him. How old school. https://en.wikipedia.org/wiki/Fawn_Hall
I grew up near the Canadian border. When I left for SV 7 years ago, you never saw border patrol outside of the border crossings. When I came back last year, I saw their patrol cars roll by every couple of days. That may not sound like a lot, but I live in a small town in the middle of nowhere. I see them more than I see the local cops.
I also heard they put surveillance cameras and licence plate readers all over Massena[0]. There's nothing there. College kids roll through it all the time to go to Cornwall to drink. That's about it.
There is no 100-mile border zone. That's a marketing creation of the ACLU. This question was put to the Supreme Court in the 1970s, and the Supreme Court unequivocally held otherwise.
The nexus with reality of that "100 mile" figure is that it represents the limit of the distance at which the USG can establish a permanent checkpoint --- at which CBP is allowed only to stop people who have actually crossed the border. Some DHS person misspoke when describing that process, and ACLU picked it up as "the USG believes it has border search rights for anyone living within 100 miles of the border". Which is a farcical position.
> The nexus with reality of that "100 mile" figure is that it represents the limit of the distance at which the USG can establish a permanent checkpoint --- at which CBP is allowed only to stop people who have actually crossed the border.
That's not been true in my experience. I've done some traveling in the southwest and have been regularly stopped at these checkpoints. They are on U.S. highways far from the border and they stop everybody, not people actually crossing the border or who have recently crossed the border.
Now, it is true that their search powers are more limited at these checkpoints than at the border, but they do have the power to stop everyone who passes through. (Whether or not they have the power to question you doesn't seem to be settled, but to try to exercise your right to remain silent is a risky endeavor. Some civil libertarians who have tried to exercise this right have ended up in the hospital.) Which court case are you referring to?
I should say first: I have zero doubts that CBP, immigration, DHS --- whatever --- are pushing way past the bounds of what's lawfully allowed by the border search exception.
Have you been forcibly searched at any of those checkpoints?
There is a popular series of Youtube videos of drivers refusing to comply at some of these checkpoints.
They have the power to stop everyone in order to find out whether they have recently crossed the border. That's what a checkpoint is: everyone stops and answers a question or two.
What they do not have the power to do is conduct a warrantless search in the absence of any evidence that the person has actually crossed the border on that particular trip.
Sure they do - if they have probable cause otherwise. The last few times I went through these checkpoints (in Texas) they ran dogs around my truck looking for probable cause.
Whether or not you've crossed the border recently seems like fairly ineffective criteria. Are you sure that's the case? Where did you see that?
My experience: They had a drug dog sniffing at the vehicle without making it stop for the dog. They actually asked me to keep going, a little bit short of the stop sign, when I stopped for fear of running the dog over while it was very energetically sniffing in front of and at the sides of the vehicle.
The few times I went through them in the southwest (2009), I think they asked if I was a citizen and upon answering yes that was the end of it. They probably saw my uncooperative face, and didn't feel as entitled because it was earlier in the program. If my face had said "being hassled by uniformed thugs makes me feel safe" they would have probably given me a better molestation. And these days I would think they would feel more entitled since it's been going on for some time.
In reality any such stop is a detainment, and it is being done without any suspicion whatsoever. Exactly like drunk driving checkpoints (think of the children). But of course that's ignoring that our legal system has been turned to Swiss cheese by contradictions.
It has nothing to do with any kind of Patriot/equivalent act. The border search exception was authorized by the First Congress in 1789. It is extremely well established that at international borders the government can conduct warrantless searches and seizures, as long as they are reasonable.
In this case, the court did not feel that the search was reasonable, citing such factors as the actual search not taking place until after the person had left, and the search taking place far away from the border.
Unlikely; the article notes that the laptop was shipped 150 miles and the actual search took place far from the border, after any immediate risk had passed, not that the search itself was unjustified or unwarranted.
There's got to be some threshold though - it's not best prepared. A few years ago we wouldn't use much cloud storage because there weren't many options to do so. Right now, if you are a terrorist and carry your data with you, unencrypted, you're a complete idiot and will likely fail in some other way.
> Simply make an encrypted backup and wipe everything before traveling through airports and borders.
Which helps against a border guard installed hardware keylogger how…? There's been reports of border guards flashing laptop firmwares (no idea how credible they are), which would make "wiping everything" rather difficult (you can re-flash the main firmware, but what about e.g. the Intel Management Engine firmware? That thing is a hardware rootkit by design).
> Simply make an encrypted backup and wipe everything before traveling through airports and borders.
True, but in some countries (such as the UK, under RIPA) it's illegal to refuse to give authorities your password or decryption key. You'd really want to use a decoy disk image with some content; an empty disk on an otherwise used-looking laptop arouses suspicion and would probably lead to further scrutiny.
Or keep your data on a server somewhere and hide the address and key, accessing your data remotely when you get to your destination.
With a decoy account you wouldn't need to go through the wiping rigamarole every time you travel. Just have the decoy account's login trigger a wipe of the primary account.
Of course, there's the question of how to make a realistic-looking decoy account that doesn't look suspicious on account of not having any files created in the past year or two, but with a little creativity you could pull it off.
Computers aren't free, so it'd impair the flow of information, to say nothing of the hours it'd take to download hundreds of gigs from the cloud every single time you travel (given the typical hotel wi-fi, you wouldn't be able to use your computer, so might as well advise people to never travel with a computer)
A technical question: If he had been using whole-disk encryption (for example a macbook pro with FileVault) would that have effectively prevented them from doing the forensic searches that they did?
Specifically would that have inoculated him in this instance, where they did a bit-for-bit copy of the HD and then returned the laptop to him?
If there were a backdoor that Apple had built into FileVault, and they gave it to authorities to access your hard drive, wouldn't it make it into the news pretty quickly? (e.g. "Gee, I had my FileVault turned on but somehow the authorities were able to decrypt the whole damn thing!")
And wouldn't Apple be destroying the product's reputation and severely harming their own reputation by providing that backdoor access and having it hit the news?
I'm not saying it's impossible, it just seems so unlikely as to not even register on the list of concerns for a typical security-minded individual unless that person is storing nuke codes or something.
Even with the possibility of obtaining gag orders, the risk and potential to exposure to Apple would be huge.
They'd be in much safer territory to just not include encryption software with their products at all, unless the whole NSA surveillance thing is so complex and intrusive that they force large OS makers to specifically develop backdoored encryption technology for the specific purpose of encouraging people to store sensitive information on FileVault encrypted drives so that the government to access it at it's will.
But, that doesn't really stand to reason in my mind.
Perhaps. The question still stands though. Assuming they don't have an actual purposeful back door is there evidence that they have the ability to crack FileVault level encryption at this point or no?
Full-disk encryption is theoretically capable of preventing forensic searches of your computer.
I say "theoretically" because there might be weaknesses or backdoors in any given implementation that would permit decryption. (Hence the discussion of whether Apple's Filevault can be trusted against law enforcement.)
You might also face personal pressure to provide the key to decrypt.
