Slashdot Mirror

← Back to Stories (view on slashdot.org)

Federal Court: The Fourth Amendment Does Not Protect Your Home Computer (eff.org)

Posted by BeauHD on from the know-your-rights dept.

An anonymous reader writes: The EFF reports that a federal court in Virginia today ruled that a criminal defendant has no "reasonable expectation of privacy" in his personal computer (PDF), located inside his home. The court says the federal government does not need a warrant to hack into an individual's computer. EFF reports: "The implications for the decision, if upheld, are staggering: law enforcement would be free to remotely search and seize information from your computer, without a warrant, without probable cause, or without any suspicion at all. To say the least, the decision is bad news for privacy. But it's also incorrect as a matter of law, and we expect there is little chance it would hold up on appeal. (It also was not the central component of the judge's decision, which also diminishes the likelihood that it will become reliable precedent.) But the decision underscores a broader trend in these cases: courts across the country, faced with unfamiliar technology and unsympathetic defendants, are issuing decisions that threaten everyone's rights.

13 of 309 comments (clear)

  1. I'm seeing the bigger picture now by Sax+Russell+5449D29A · · Score: 5, Informative

    The invasion of privacy and constant violations of basic and human rights in the US, and around the rest of the Western world for that matter, are starting to have a lot in common with what George Orwell wrote in Animal Farm. The irony is of course that what he described in his book was Stalin-era Soviet Union.

    --
    -SR
  2. That's Not What The Decision Says by hondo77 · · Score: 4, Informative

    The part of the decision regarding a warrant not being necessary relates to the defendent's IP address, not searching his computer. The Court found that "one has no reasonable expectation of privacy in an IP address when using the Internet," therefore a warrant was not needed to obtain the defendent's IP address. The deploying of software on the defendent's computer was done with a warrant.

    --
    I live ze unknown. I love ze unknown. I am ze unknown.
    1. Re:That's Not What The Decision Says by freeze128 · · Score: 4, Informative

      That's why when I'm browsing the web, I only use IPX.

    2. Re:That's Not What The Decision Says by jratcliffe · · Score: 4, Informative

      Read the next section of the opinion, starting toward the bottom of page 47. After writing that there's no expectation of privacy for an IP address (which is a pretty reasonable point), the judge goes on to write that there's no reasonable expectation of privacy for the contents of an Internet-connected computer, because that computer "can - and eventually will - be hacked."

  3. EFF really fibbed on this one. There was a warrant by Timmy+D+Programmer · · Score: 4, Informative

    There was a warrant, the fight was whether or not the warrant was legit,and the ruling was 'Yes'. From the PDF on EFFs site: The Court held hearings to address these Motions on May 19, 2016, May 26, 2016, and June 14, 2016. The Court FINDS, for the reasons stated herein, that probable cause supported the warrant's issuance, that the warrant was sufficiently specific, that the triggering event occurred, that Defendant is not entitled to a Franks hearing, and that the magistrate judge did not exceed her jurisdiction or authority in issuing the warrant

    --


    (If at first you don't succeed, do it different next time!)
  4. Re:Fourth Amendment by dgatwood · · Score: 4, Informative

    They had a warrant to search the house, based on probable cause, and they confiscated the computer. The perp knowingly downloaded something that he thought was child porn and opened it (which turned out to be malware that reported his location). And even the distribution of that malware was authorized by a warrant.

    At no point was this a warantless search of a computer. At no point was due process violated. This is solid constitutional law. The summary is just a ridiculously alarmist, factually inaccurate analysis of the case in question.

    --

    Check out my sci-fi/humor trilogy at PatriotsBooks.

  5. Re:No, that's not what the court ruled. by Stormy+Dragon · · Score: 4, Informative

    Yes it is what the court ruled. If you read the ruling, it says what you say, but then after that has an additional section arguing that even if that doesn't hold up, it doesn't matter anyways because by a second line of reasoning, they didn't actually need the warrant to begin with.

  6. You missed a couple of sections by raymorris · · Score: 5, Informative

    You seem to have missed a couple of sections in the opinion.

    A key sentence is on page 3:

    "Furthermore, the Court FINDS suppression unwarranted because the Government did not need a warrant in this case. Thus, any potential defects in the issuance of the warrant or in the warrant itself could not result in constitutional violations".

    There's the court's ruling that the government does "not need a warrant" to hack your computer.

    Then on page 47 see the section headed "Defendant Has No Reasonable Expectation of Privacy in His Computer", which STARTS with a bit about IP address, but then goes on to cover other information retrieved from the computer. The reasoning (excuse) given is that because your computer could be hacked, you have no reasonable expectation that it won't be. Per well-established precedent, no "reasonable expectation of privacy" means no fourth amendment protection.

    On the other hand, the court ALSO pointed out that the hack did not occur until the defendant tried to download child porn. They didn't hack the machine as soon as it connected to the front page of the CP site; rather it was a trojan in the child porn download. The court says that when you download child porn from foreign countries, you should expect that you might get malware and your information might be exposed.

  7. Re:No conspiracy--this would hurt companies. by Kjella · · Score: 5, Informative

    Microsoft has no obligation to follow the Fourth Amendment, which protects individuals against intrusion by the state. An exception arises if Microsoft is acting as an agent for the state. Some other laws may occasionally protect your privacy against companies; the Fourth Amendment does not.

    I don't think you understand how the third party doctrine works. Basically if you've shared information with a third party, you've shared it with the world as far as the law is concerned. Like in this case, your ISP knows your IP so you have no expectation of privacy so if the cops post some exploit code to reveal it to them that's all right. So if you've given Microsoft access to all your data, you've given the law warrantless access to all your data. Microsoft doesn't have to participate in it.

    --
    Live today, because you never know what tomorrow brings
  8. Re:EFF really fibbed on this one. There was a warr by Xtifr · · Score: 4, Informative

    Sounds like dicta. Not as big a deal as it could be then, since dicta are not binding.

    From the link I gave: "[dicta] therefore are individual views of the author of the opinion and not binding in subsequent cases as legal precedent."

  9. Re: Not necessarily by Anonymous Coward · · Score: 2, Informative

    The warrant to use the nit was issued under probable cause. The ruling makes sense.

    The nit warrant permitted use only in the case of a visitor to a page with illicit material. There is no way it was a random act of searching the computer. The user could hit that page only because they intended to and knew what he would find.

  10. Re:The message is clear: by CaptQuark · · Score: 5, Informative

    The troubling section starts on page 47, where it states "Defendant Has No Reasonable Expectation of Privacy in His Computer".

    The judge states that because home computers can be hacked so easily, it becomes a common assumption that your home computer MIGHT be hacked, therefore your expectation of privacy is forfeit. Just like a broken window blind allows police to peek into your home, an easily exploited vulnerability on your home computer means you assume your data is not private. Even a password protected file is not immune to discovery because everyone knows passwords can be easily defeated. (pages 47 - 55)

    The judge's analysis is similar to saying we should not really expect any privacy in our homes because a skilled locksmith can unlock our front door at any time, and a locked safe in the home is not really private because a skilled safe cracker can open it easily. The judge is saying that because something MIGHT happen, we should assume it WILL happen, and thus give up our right to expectations of privacy.

    --

  11. Re: appeal by LionMage · · Score: 4, Informative

    I wouldn't be so quick to assign sociopolitical labels to which group favors eroding privacy rights. There are plenty of so-called conservatives (judges, legislators, etc.) who would happily erode 4th amendment and other rights. I am reminded of Ronald Reagan arguing in favor of the admissibility of illegally-obtained evidence, and more recently of provisions in the PATRIOT Act that are objectionable to civil libertarians like ACLU members.

    It's worth noting that civil liberty groups like the ACLU are largely socially progressive. And they are generally the ones who say, "Get a goddamned warrant." They're also the ones who hold that the same rules are supposed to apply to everyone, regardless of socioeconomic status.