Articles Posted in Computer crimes

How many times do we see the private search as an issue.  The upset spouse searches the computer to find evidence of infidelity, the Sailor’s friend or roommate comes across contraband CP on a computer and looks further, etc., etc., etc.

A responsible law enforcer would take the information to get a search warrant or command search authorization.  But that doesn’t always happen.  What does happen is that the law enforcer or someone in command goes and looks for themselves.  The question then becomes whether that is a search or is it a continuation of a private search.  If a private searcher shows the law enforcer exactly what they saw and that alone, there may not be an unlawful search.  But what happens if the law enforcer does more than strictly replicate what the private searcher did.  So Orin Kerr has some information for us in the Washington Post.

[T]he 11th Circuit handed down a new computer search decision,United States v. Johnson, that both sharpens and deepens the circuit split on how the private search doctrine of the Fourth Amendment applies to computers. Johnson isn’t a likely candidate for Supreme Court review. But it does leave the private search doctrine in computer searches ripe for Supreme Court review in other cases working their way through the courts.

Prof. Berman at sentecing law and policy invites our attention to an interesting new decision from the Third.

US v. Husmann, No. 13-2688 (3d Cir. Sept 3, 2014) (available here) .

We all of us have an a client who is charged with distribution of CP because they were using a P2P program such as Limewire, and where the automatic settings placed information in the “shared” folder.  Because the information is in the shared folder it is accessible to others who search Limewire and come across it.  Actually many clients have been caught through the FBI or some other enforcement agency trolling Limewire for such information.

In United States v. Blouin, ARMY 20101135 (A. Ct. Crim. App. 28 May 2014), the court has, in my view, taken a broader view of what qualifies as CP for the purpose of a guilty plea.  However, the court is not taking an unknown or unvisited trail.

Blouin was charged with possessing CP in violation of 18 U.S. Code Sec. 2256(8), to which at trial he plead guilty.

As is common in these type of cases, the prosecution threw up a whole bunch of alleged (173 to be exact) CP images, without really understanding what they were doing.  And they compounded this with offering 12 images as a “sample.”  This caused the military judge to reopen providency, because he found only three of the images were likely CP.

Continue reading →

Here is an interesting opinion from the Sixth about the reasonable expectation of privacy in items transmitted or available through Limewire (or similar P2P programs).  There is none, compared to other ways stuff gets onto a computer – in the Sixth.

Defendant had no reasonable expectation of privacy in his computer from police accessing it via Limewire when he was hooked up to the Internet. He did not create an expectation of privacy from his efforts to hide files on his computer. Warshak has no application to this situation. United States v. Conner, 2013 U.S. App. LEXIS 7437, 2013 FED App. 0365N (6th Cir. April 11, 2013)[.]

The court references United States v. Warshak, 631 F.3d 266 (6th Cir. 2010).

Over the years I have had some success in challenging expert testimony about the “age” of a child in photographs and video’s.  The testimony is based on so-called Tanner Scale.  As with many expert testimony in court, the prosecutor takes a method used by pediatricians in evaluating the health of a person whose age is known.  Basically the stages are compared to the persons physical development to determine if there is an illness or some form of abuse causing the person not to thrive as expected.   Tanner himself has frequently pointed out and argued that, “the scales were not designed to be used for estimating chronological age, forensically or otherwise.”  Thus a misuse of an otherwise medical diagnostic tool.

Generally there is a challenge that should be made in a Houser motion prior to trial, when the alleged images are of older children.

Basically the objection relates to being able to tell that a person is under 18, a very specific age.  A person can be 18 years and one day old and look like they are 16, or they can look like they are 20.  Essentially you should be cautious of any expert purporting to place the person in an image as being a Tanner Scale three or above and as being under the specific age of 18 (meaning they have not reached their 18th birthday).

FederalEvidence blog has a good post on United States v. Caldwell, __ F. 3d ___ (5th Cir.  October 26, 2009).

For those of us doing a lot of CP cases – LimeWire, one of several peer-to-peer file sharing programs, is increasingly found to be the method by which CP is received or transmitted.  Typically the prosecution calls a forensic computer examiner as an expert witness (although I notice the Navy is trying to short-circuit this by calling the duty NCIS agent to testify about computers).  Anyway, FEB notes the difficulty courts are having in deciding whether testimony about computers and/or software falls within [Mil. ]R. Evid. 701 (lay) or 702 (expert).

[T]he line between lay and expert testimony is very hard to discern. A closer question would have been raised in the case if an objection had been made at trial and review was under the less deferential abuse of discretion standard. The issue of lay versus expert testimony arises in other contexts, including on computer forensic testimony, as noted in these prior posts: Drawing The Line On Computer Forensic Expert And Lay Testimony (Part I); Drawing The Line On Computer Forensic Expert And Lay Testimony (Part II).

NMCCA has issued an unpublished opinion in United States v. Davis, III, NMCCA 200900137 (N.M.C. Ct. Crim. App. 8 September 2009).

The case addresses the often perplexing issue of prosecutorial overcharging in CP cases.  In this case the prosecution charged the CP under Article 134(1)(2) and (3), UCMJ.  The court does note that some overcharging is to be expected prior to trial and the prosecution then commits itself to proving up the various charges.  However, this was a guilty plea case.  While the MJ did address some factors under United States v. Quiroz, NMCCA decided she’d not gone far enough.  There was no effect on the sentence.

CA Court of Appeals provides guidelines for “knowing posession”.

In People v. Michael James Tecklenburg, (2009, 169 Cal. App. 4th 1402) the California Court of Appeals considered the relevance and applicability of involuntary "pop-ups" and temporary Internet files (TIF or "cache") to the applicable statute. California’s Penal Code section 311.11(a) makes it illegal to "knowingly posses or control" depictions defined as child pornography according to state law (P.C. 314, subd. d). The court specifically considered the variables required to establish "control".

In Tecklenburg, the court denied appeal based on the State’s discovery having established the cumulative applicability of the following variables:

  1. the user actively searched for child porn;
  2. the user visited child porn web sites;
  3. the user explored beyond the first page of said web sites;
  4. the user clicked on images on, at least, one web site;
  5. the images appeared and were accessed multiple times;
  6. the user enlarged thumbnail images;
  7. the images were “part of a series or collection”;
  8. the size and format did not match that of a pop-up;
  9. similar, and sometimes identical, images were found on both the user’s home and work computers.

While I don’t agree with the entirety of the court’s findings, said computer forensics expert Jeff Fischbach, nor am I comfortable that the court fully appreciates the non-standardized and ever-evolving nature of the Web, or the limitations of computer forensics, I do think that the decision itself serves as a good minimum benchmark, or litmus test, for both prosecution and defense in similar cases.