Computers, Privacy & the Constitution

Protecting Fourth Amendment Privacy Rights in Electronic Data.

The Plain View Doctrine and Electronic Data.

In physical spaces, the plain view doctrine can balance personal privacy rights against society’s interest in effective law enforcement. This is because physical evidence takes up space. We automatically compute physical constraints (a Mossberg must be physically moved from the scene of the crime to the hiding spot) and the scale of physical locations suggest the number of objects and where they may be hidden (four shotguns cannot be stored in a wallet, tea kettle, or cut-out book). These physical constraints protect people from pretextual searches, while not punishing law enforcement for doing a good job (or rewarding criminals for the same). (“Police with a warrant for a rifle may search only places where rifles might be,” Coolidge v. New Hampshire, 403 U.S. 443, 517 (1971)).

Electronic data has no such constraints. Documents can be hidden in pictures, files can be renamed (‘tax.evasion.2010.xls’ becomes ‘profilepic.jpg’), and seemingly endless memory can contain an almost unlimited amount of information (there is only one shotgun, but millions of files could contain tax evasion information). Thus, a warrant to search a hard drive for child pornography would place every single file on the drive in plain view of the investigating officer.

If physical searches were no longer bound by the reasonable expectations of physical space, we would call them general searches. Without a parallel restriction in digital investigations, the plain view doctrine negates the particularity requirement of the Fourth Amendment. An officer with a warrant for a particular piece of electronic evidence may use that authorization as a general warrant to search the rest of the drive.

When this intrusion is balanced against the amount of information now stored on most personal computers and the ease of planting contraband (both by law enforcement and third parties), these general searches should not be considered reasonable under the Fourth Amendment.

Mitigating General Warrants for Electronic Data.

Pre-search descriptions ('how' restrictions)

Requiring the investigator to outline their search methodology, as described for physical files in US v. Tamura, 694 F.2d 591 (9th Cir., 1982), “maintain[s] the privacy of materials that are intermingled with sizeable materials . . . to avoid turning a limited search for particular information into a general search of office file systems and computer databases.” US v. Comprehensive Drug Testing, 579 F.3d 989, 998 (9th Cir., 2009). Unfortunately, requiring investigators to explain their process before the search of electronic data is impossible. Given unfamiliarity with the drive and possible countermeasures, the only possible time for an agent to request additional judicial authorization would be when she comes across ‘illegalkiddieporn.jpg,’ at which point the new warrant is merely a formality and the harm has already been done.

Post-search restrictions (exclusionary rule)

Exclusion can be a powerful defense against admitting electronic data found in plain view. However, defining any files on a computer as not in plain view would simply result in either allowing anything found in the search, or excluding everything not in the warrant. The latter option essentially abandons the plain view doctrine entirely with respect to electronic data.

Which would be right, given the points with which you started the essay, correct?

Excluding digital evidence not covered by the warrant would solve the harm of general electronic warrants, but we still have to establish that the investigator/prosecution committed an illegal act or infringed on the rights of the person searched in order to invoke the protection.

Unreasonable seizure

Fourth Amendment protections against unreasonable search were founded upon and sustained by the limitations of our physical world. We do not yet have analogous limitations in the electronic world so that privacy in digital searches is adequately protected. The same is true for seizure, except we do have a digital equivalent of physical seizure.

Physical seizures involve the deprivation of physical control over the object seized. This conception of seizure, like that of searches, relies on the physical world to set boundaries that protect privacy. Where unreasonable physical seizures violate rights in property, we can extrapolate a parallel protection against unreasonable seizures of electronic data that maps similar privacy protections onto such data - a form of property the ratifiers of our Constitution did not have in mind.

For seizures of a physical drive, we can use the traditional calculus to apply privacy protections to the seizure. The threat that a warrant or exigency will be enlarged into “the equivalent of a general warrant to rummage and seize at will” is averted by a requirement that “ seizing the item must entail no significant additional invasion of privacy.” Texas v. Brown, 460 US 730, 748 (Stevens concurring)(emphasis added)(1983). When the warrant is seeking information found on a persons main drive (where it can be expected they keep many of their personal files) and the plain view doctrine would open even file to search, the seizure itself triggers privacy concerns. By failing to isolate the relevant information off of the drive, the seizure constitutes a significant additional invasion of privacy.

The copying of information from a person’s hard drive implicates unique privacy concerns. The copying itself, while not amounting to an infringement on property rights, in effect ‘takes’ a person’s identity. In the same way that copyright creates a right in some digital media that is violated when the file is copied and distributed, seizure of such a large quantity of very personal data may constitute an independent violation of both property rights and privacy when the government becomes partial owner of unrelated information.


This analysis suggests a constitutional right against unreasonable seizure of electronic data. This constitutional right would justify an exclusion-based protection of digital evidence in plain view, as argued above, as well as the steps taken by the Ninth Circuit to add a filtering step between the search and the seizure in US v. Comprehensive Drug Testing, 579 F.3d 989 (where prosecutors must waive the ‘plain view’ doctrine in cases of digital evidence, and outsource the actual search to other parties that will extract relevant evidence, destroy contraband not covered by the warrant, and return the remainder to the owner) (9th Cir., 2009).

It would be helpful to begin by thinking a little about warrant execution in general. Once a warrant has been obtained, and the particularity requirements _for the warrant_ have been met, the practical scope of discretion in execution is very broad. The investigator empowered by the warrant may choose to serve it and execute it with great specificity, or she may decide, colloquially, to take the joint apart. Judicial control over execution might result from motions to exclude evidence uncovered by too-diligent searching, but exclusion is unlikely, to say the least, under such circumstances, and it is a peripheral control at best over the vast bulk of searching activity. Damages actions in the Bivens mode will not be successful either.

So this is an area in which the real limits are set by custom, and they are highly variable. Under present circumstances, imaging storage devices rapidly is easy, and physical seizure of hard drives, let alone whole computers, is arguably unnecessary. On the other hand, storage devices smaller than a thumbnail can contain more text than a small 20th century public library, so searching an office or apartment for a data file known to be there could certainly legitimately be said to involve stripping the place to the walls and carrying away everything heavier than a dust ball. The real practicalities of investigation evidently demand outcomes between these extremes. This implies both wide discretion for agencies applying limited resources to multiple investigations, and a concomitant breadth of possible abuse.

So the first question will be whether constitutional doctrine is a sensitive, or even useful, instrument in the management of these issues. Unless the courts are in the end to manage how police agencies actually perform IT searches, which is not going to be a problem for the US Court of Appeals for the Ninth Circuit, but for many less high-status judges with far less comfortable worklives, the real rules about whether all your client's computers are seized and remain seized for years, let alone about who does what to inspect which files, are going to be made by people who don't wear robes and never sat in legislatures.

"Plain view," if it has any application at all to this context, which you raise some substantial reasons to doubt, is again only about the need for a warrant, and plays no role in setting limits on the execution of a warrant once granted.

But remember that with a few minutes' work (at least if you use reasonable computer operating systems) you can render all of this pretty much irrelevant. The world is full of strong encryption for ordinary people to use, for reasons I know a little bit about, and it's trivial to store all your data all the time in encrypted form that makes seizing your computer hard drives or the thumb drive you keep in your left sock completely useless. Isn't that nice to reflect upon? It might even be a thing you'd want to do. Because if there are all these reasons to feel concerned about the increase of the power of the State to search, and the inadequacy of the Law to control, surely it's minimally relevant that individuals can readily possess the power necessary to do more than equalize.

-- AlexanderUballez - 26 May 2010



Webs Webs

r5 - 17 Jan 2012 - 17:48:18 - IanSullivan
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM