Articles Posted in Computer crimes

How many times do we see the private search as an issue.  The upset spouse searches the computer to find evidence of infidelity, the Sailor’s friend or roommate comes across contraband CP on a computer and looks further, etc., etc., etc.

A responsible law enforcer would take the information to get a search warrant or command search authorization.  But that doesn’t always happen.  What does happen is that the law enforcer or someone in command goes and looks for themselves.  The question then becomes whether that is a search or is it a continuation of a private search.  If a private searcher shows the law enforcer exactly what they saw and that alone, there may not be an unlawful search.  But what happens if the law enforcer does more than strictly replicate what the private searcher did.  So Orin Kerr has some information for us in the Washington Post.

[T]he 11th Circuit handed down a new computer search decision,United States v. Johnson, that both sharpens and deepens the circuit split on how the private search doctrine of the Fourth Amendment applies to computers. Johnson isn’t a likely candidate for Supreme Court review. But it does leave the private search doctrine in computer searches ripe for Supreme Court review in other cases working their way through the courts.

Prof. Berman at sentecing law and policy invites our attention to an interesting new decision from the Third.

US v. Husmann, No. 13-2688 (3d Cir. Sept 3, 2014) (available here) .

We all of us have an a client who is charged with distribution of CP because they were using a P2P program such as Limewire, and where the automatic settings placed information in the “shared” folder.  Because the information is in the shared folder it is accessible to others who search Limewire and come across it.  Actually many clients have been caught through the FBI or some other enforcement agency trolling Limewire for such information.

In United States v. Blouin, ARMY 20101135 (A. Ct. Crim. App. 28 May 2014), the court has, in my view, taken a broader view of what qualifies as CP for the purpose of a guilty plea.  However, the court is not taking an unknown or unvisited trail.

Blouin was charged with possessing CP in violation of 18 U.S. Code Sec. 2256(8), to which at trial he plead guilty.

As is common in these type of cases, the prosecution threw up a whole bunch of alleged (173 to be exact) CP images, without really understanding what they were doing.  And they compounded this with offering 12 images as a “sample.”  This caused the military judge to reopen providency, because he found only three of the images were likely CP.

Continue reading →

Here is an interesting opinion from the Sixth about the reasonable expectation of privacy in items transmitted or available through Limewire (or similar P2P programs).  There is none, compared to other ways stuff gets onto a computer – in the Sixth.

Defendant had no reasonable expectation of privacy in his computer from police accessing it via Limewire when he was hooked up to the Internet. He did not create an expectation of privacy from his efforts to hide files on his computer. Warshak has no application to this situation. United States v. Conner, 2013 U.S. App. LEXIS 7437, 2013 FED App. 0365N (6th Cir. April 11, 2013)[.]

The court references United States v. Warshak, 631 F.3d 266 (6th Cir. 2010).

FederalEvidence blog has a good post on United States v. Caldwell, __ F. 3d ___ (5th Cir.  October 26, 2009).

For those of us doing a lot of CP cases – LimeWire, one of several peer-to-peer file sharing programs, is increasingly found to be the method by which CP is received or transmitted.  Typically the prosecution calls a forensic computer examiner as an expert witness (although I notice the Navy is trying to short-circuit this by calling the duty NCIS agent to testify about computers).  Anyway, FEB notes the difficulty courts are having in deciding whether testimony about computers and/or software falls within [Mil. ]R. Evid. 701 (lay) or 702 (expert).

[T]he line between lay and expert testimony is very hard to discern. A closer question would have been raised in the case if an objection had been made at trial and review was under the less deferential abuse of discretion standard. The issue of lay versus expert testimony arises in other contexts, including on computer forensic testimony, as noted in these prior posts: Drawing The Line On Computer Forensic Expert And Lay Testimony (Part I); Drawing The Line On Computer Forensic Expert And Lay Testimony (Part II).

NMCCA has issued an unpublished opinion in United States v. Davis, III, NMCCA 200900137 (N.M.C. Ct. Crim. App. 8 September 2009).

The case addresses the often perplexing issue of prosecutorial overcharging in CP cases.  In this case the prosecution charged the CP under Article 134(1)(2) and (3), UCMJ.  The court does note that some overcharging is to be expected prior to trial and the prosecution then commits itself to proving up the various charges.  However, this was a guilty plea case.  While the MJ did address some factors under United States v. Quiroz, NMCCA decided she’d not gone far enough.  There was no effect on the sentence.

CA Court of Appeals provides guidelines for “knowing posession”.

In People v. Michael James Tecklenburg, (2009, 169 Cal. App. 4th 1402) the California Court of Appeals considered the relevance and applicability of involuntary "pop-ups" and temporary Internet files (TIF or "cache") to the applicable statute. California’s Penal Code section 311.11(a) makes it illegal to "knowingly posses or control" depictions defined as child pornography according to state law (P.C. 314, subd. d). The court specifically considered the variables required to establish "control".

In Tecklenburg, the court denied appeal based on the State’s discovery having established the cumulative applicability of the following variables:

  1. the user actively searched for child porn;
  2. the user visited child porn web sites;
  3. the user explored beyond the first page of said web sites;
  4. the user clicked on images on, at least, one web site;
  5. the images appeared and were accessed multiple times;
  6. the user enlarged thumbnail images;
  7. the images were “part of a series or collection”;
  8. the size and format did not match that of a pop-up;
  9. similar, and sometimes identical, images were found on both the user’s home and work computers.

While I don’t agree with the entirety of the court’s findings, said computer forensics expert Jeff Fischbach, nor am I comfortable that the court fully appreciates the non-standardized and ever-evolving nature of the Web, or the limitations of computer forensics, I do think that the decision itself serves as a good minimum benchmark, or litmus test, for both prosecution and defense in similar cases.

A search warrant for drugs and possible records of drug sales did not permit officers to enter defendant’s computer where the execution of the warrant produced no evidence of drug sales on the premises. (There was also a Franks violation because the officer represented a neighbor’s report of drug use and drug sales, but the remainder of the affidavit showed PC. Child porn was found on the computer.) United States v. Payton, 07-10567 (9th Cir. July 21, 2009).

/tip to fourthamendment.com blog for reporting this case.