Clancy 2012
advertisement
JD’S Cybercrime Outline I. 4th Amendment Analysis a. First, does the 4th Amendment apply? i. Must be a government activity that is a “search” or “seizure” ii. You must have a protected interest: liberty, possession, privacy Objects Protected People Houses Paper Effects By Search REP analysis REP REP REP By Seizure Liberty Possession Possession Possession b. Second, is it satisfied? i. Was the search or seizure reasonable? 1. Governs the initial intrusion and 2. The scope of the intrusion ii. Warrant clause requirements 1. Under oath, probable cause, neutral & detached magistrate, etc. II. Federal Statutes a. Wiretap Act, which governs interception of the contents of communications in real time b. Pen/Trap, which governs interception of the non-content aspects of communications in real time c. Stored Communications Act, which regulates access to the content and non-content of records held in electronic storage by certain entities i. The Electronic Communications Privacy Act (ECPA), party of the Stored Comm. Act regulates disclosure of electronic communications & subscriber information ii. IP addresses are unique to a computer iii. 18 U.S.C. 2703 is the core provision that authorizes the government to require disclosure of stored communications and transaction records by third-party service providers 1. Must provide the (1) name (2) address (3) telephone or instrument # or other subscriber number or identity, including any temporarily assigned network address of a subscriber to or customer of such service iv. Under the ECPA, though, we need a certain level of process v. Violations of ECPA does not warrant exclusion of evidence III. 4th Amendment Expectation of Privacy Analysis a. You must have i. A subjective expectation of privacy, and ii. Society must recognize this expectation as reasonable b. When does a person have REP in data on computer? 1 i. Important to distinguish b/w exterior of the computer (incl what is visible on the monitor’s screen) and its contents ii. Private Computers iii. Work & Gov’t Computers 1. Gov’t employees may have legitimate REP, but it is a Case by Case Analysis; Factors a. Context of employment relation b. Access of other employees/public c. Office policies, practices, or regulation i. Practice of monitoring, for example ii. These may reduce or eliminate any expectation iv. No REP in laptop provided by an employer based on the employer’s reserving the right to inspect v. A person who has no ownership in a computer that has been assigned by a company to another user has no standing to challenge its search vi. c. Quon Case: i. Formal written policy saying user had no REP; Quon was aware & signed ii. The Gov’t here obtained the information from a third party, i.e. outside his box iii. No real answers in this case, but possible factors: 1. Informal policy that if you pay overages, will not audit 2. Public vs. Private Employer 3. Gov’t has interest in reviewing messages a. Performance evaluations b. Litigation on police actions c. Comply with open record laws IV. Private Searches & Seizures a. S. Ct. Test: Totality of the Circumstances b. 4th Am applicable only to gov’t activity, but 3 situations for private searches that may work: i. Who is a Gov’t Agent? Turns on 2 Factors 1. Whether the government knew or acquiesced in the private party’s conduct; and a. Generally Gov’t needs to encourage or instigate 2. Whether the private party’s purpose was to assist LE efforts or to further his or her own ends ii. Computer Technicians/Repairmen 1. Usually does not implicate 4th Am unless at request of law enforcement iii. Hackers 1. This hacker got access via Trojan horse and hacker finds a bunch of child porn and he calls up the FBI; private person 2 2. “If you want to bring other information forward, I am available” = not a gov’t agent; not enough. 3. Proverbial “wink and nod” though, no prosecution for hacking…=gov’t agent c. Replicating Private Search i. Replication 1. If private parties have searched something, the gov’t one is not a “search” as long as it does not exceed the scope of the private one b/c you’re reasonable expectation of privacy has been extinguished. ii. Context 1. Example: private party opens folder & opens 3 CP pics, what if gov’t opens more in this folder? a. Courts are split, but generally, the rule is that opening a container that was not opened by private searchers would not necessarily be problematic if the police knew with substantial certainty, based on the (1) statements of the private searchers, (2) their replication of the private search, and their (3) expertise, what they would find inside 2. Depends on what is a container in the computer? If the whole thing is just viewed as one file cabinet (Clancy thinks this is wrong), then you could open any document on the computer after a private party found something illicit. a. On the other hand, if you view each directory, folder, file, etc. as separately then each may be a new container & you’d need a warrant, otherwise the gov’t would exceed their scope 3. One court has held that by taking it to a private party, i.e. Best Buy, and they find it, 4th Am private search doctrine is not applicable but it is abandonment on the computer user – no REP V. Digital Evidence Searches a. 2 Distinct Approaches i. Data are Documents/Container Analogy (relies on Andresen v. Maryland) 1. This is a broad search 2. Cannot anticipate exact form of “records” 3. No principled distinction between paper records & digital records 4. Warrant authorization includes all containers reasonably likely to have items described in the warrant a. It is like in crim pro I, if the warrant is looking for a pipe bomb, you could search ANYWHERE where it could realistically fit, so a duffle bag, an air duct, etc. 5. Data is analogous to document search: can look at all data to ascertain value – just need to identify w/reasonable certainty those items that the magistrate has authorized him to seize then it is within the scope. 3 a. If you find evidence of another crime while looking through these, can probably be seized under plain view ii. Special Approach (used in 9th Circuit) 1. Imposes limitations on search to restrict application of plain view doctrine 2. Premise is that writings & computers are fundamentally different 3. Search warrant seeking to seize computers or computer equipment must specify that it covers such items AND the warrant must include measures to direct the subsequent search of a computer 4. Computer is NOT a container a. Worried that a general warrant for a computer will make 4th Am irrelevant 5. Under this approach, warrant would be limited by: a. Date range b. Key word/search term c. File type i. i.e. pictures vs. Excel files are easy to distinguish 1. criticism: easy to hide this & change the extension ii. i.e. if looking for financial records, cannot look at telephone lists, absent showing other files have financial records d. On site vs. off-site i. Basically who, where, and what to search must be specified in the warrant under the special approach ii. i.e. may have to be on-site by computer forensics agent 6. Thus, you cannot just open other files not specified in the warrant; you must apply for a separate warrant a. And must disclose to each judicial officer, your prior efforts to obtain the same or related info & what those efforts have achieved so you can’t manipulated the system 7. Comprehensive Drug Testing (9th Cir. 2010) – important concurrence a. Gov’t should waive any reliance on plain view; i. if they don’t consent to a waiver, magistrate judge should order that the seizable and non-seizable data be separated by an independent third party under the supervision of the court or deny the warrant altogether b. Segregation & redaction of electronic data must be done either by specialized personnel or an independent third party. i. If the segregation is to be done by gov’t computer personnel, gov’t must agree in warrant application that the computer personnel will not disclose to the 4 investigators any information other than that which is the target of the warrant. c. Warrants & subpoenas must disclose actual risks of destruction of information as well as prior efforts to seize that info in other judicial fora. d. Gov’t’s search protocol must be designed to uncover only the info for which it has probable cause, and only that information may be examined by the case agents. e. Gov’t must destroy or return non-responsive data, keeping the issuing magistrate informed about when it has done so and what it has kept iii. Plain View Doctrine 1. Requirements a. Prior Valid Intrusion b. Observing Object in Plain View from lawful vantage point to seize the object c. Incriminating character of object immediately apparent (court says this is probable cause) 2. Plain View allows everywhere to be searched where the thing in the search warrant could be found. a. i.e. Hicks case i. Not in plain view b/c looking for a gun and they moved the stereo equipment to see serial numbers where ot could not have been 3. S. Court rejected ‘inadvertent’ requirement a. Some courts require this, but this is usually how stuff in plain view is found anyway 4. Distinguishing ‘merely looking’ a. If FBI agent merely looks over suspect’s shoulder why he is typing in a password and he gets it, this is NOT plain view. It is just that he had no REP. VI. Warrants for Digital Evidence a. Warrant has 3 requirements (Dalia) i. Oath or affirmation ii. Probable Cause to search iii. Particular description of the place to be searched & the things to be seized 1. Adequacy of description in warrant = Does it enable officer to identify with reasonable certainty person to arrest, place to be searched, items to seize? Maryland v. Garrison b. Search Warrant Documents i. Application ii. Attachment to application – underlying facts 5 c. d. e. f. g. iii. Warrant Command clause is what makes it a warrant 2 Varieties of Searches i. Equipment 1. Hardware & software a. For these, fairly generic descriptions are sufficient, i.e. “computer equipment” or even “equipment” b. At least one court has held that “computer” was commonly understood to include collection of components involved in the computer’s operation, i.e. attached jump drives c. “Common sense” scope of warrant ii. Data 1. i.e. floppy disks Good Faith Exception (United States v. Leon) i. Exclusionary rule does not apply if LE reasonably relies on search warrant subsequently determined invalid for lack of probable cause 1. LE officer must have knowledge that the search was unconstitutional ii. No Good Faith Exception if: 1. Facially invalid warrant a. So facially invalid that no officer can reasonably presume it to be valid b. Placed to be searched/things to be seized with particularity c. See if Affidavit is attached 2. Magistrate not neutral/detached 3. Warrant issued in unreasonable manner 4. Officers dishonest/reckless in application 5. Consider all circumstances, not just executing officer Items to be seized: the Container Approach (Majority Approach) i. Computer is a container ii. Warrants for “writings” or “records” include computer files iii. Lots of warrants have a “dominion” and “control” clause 1. “including” in the warrant may reasonably be interpreted as nonexclusive & merely descriptive of examples of items likely to show who occupied the residence iv. The scope of the warrant is determined by its language, reviewed under an objective standard without regard to the subjective intent of the issuing magistrate or officers v. Courts examine whether the items “are similar to, or the functional equivalent of items enumerated in the warrant” as well as containers in which they are reasonably likely to be found Items to be seized: the Special Approach i. Computer not a container 6 ii. Computer searches & seizures require a special approach & that a warrant must generally authorize their search or seizure w/particularity command of 4th Am. iii. Even if it is “physically capable” of evidence being on a computer, the warrant must 1. Must specify looking for computer/digital device in initial intrusion 2. Scope of search (& execution) must be laid out in warrant h. Other Warrant Details i. Computer as stolen property 1. Brand name/model, serial #, identifying tags 2. Generic statement okay if part of list of specified items i. TAINT TEAMS & SPECIAL MASTERS – pg 91 VII. Search Execution Issues a. Execution of warrant is up to executing officers, but will be based on its reasonableness b. Intermingled Documents i. S. Ct. has given gov’t investigators broad ability to view documents intermingled w/other documents to ascertain their relevancy under a search warrant for documentary evidence. Andresen v. Maryland; Nixon v. Administrator of General Services. ii. Some courts require that when a substantial # of documents are intermingled w/docs not w/in the permissible scope of the search, police must seal the documents seized & obtain a second warrant to further search c. On-Site vs. Off-Site Searches i. Majority rule: temporary seizures of computer/hard drive/computer discs & removal to off-site for examination is permitted 1. Why? a. Difficult technical problems - Police might damage equipment or compromise evidence b. Intermingled of legit/illegitimate items c. Volume of info seized d. Inconvenient to bring all of that equipment to each scene e. Length of time th ii. But, 9 Cir. In particular cautions that must have facts in warrant that justify wholesale seizure to the off-site – reasonable explanation in affidavit 1. But may not warrant suppression of evidence as remedy b/c not abusing authority, they did not act unreasonably in execution d. Use of Experts i. Civilian computer experts are generally okay as long as “serving a legitimate investigative function.” e. Deleted Files i. Can be searched, does not create a new REP ii. Not considered abandoned iii. Usually not outside scope of warrant 7 f. VIII. Time Period for warrants to be valid i. Federal requirement = 14 days from date magistrate signed the warrant ii. Other courts say no expiration date unless PC is stale; 1. Suppression only where a. (1) ‘prejudice’ – search might not have occurred or would not have been so abrasive if rule had been follow, or b. (2) evidence of intentional & deliberate disregard of a provision in the rule iii. Time limit is from the date the magistrate signed it; it does not include the amount of time it is in possession of LE & they don’t need a new warrant every time they search it Consent a. Consent is based on the totality of the circumstances b. Ultimate question turns on the voluntary nature of the consent i. Question of fact based on totality of the circumstances c. Cannot exceed the scope given i. “What would the typical reasonable person have understood by the exchange between the officer & the suspect?” 1. Objective test ii. If they ask “Can I look for X?” 1. Opens search to wherever that object may be found d. If a consent to search is entirely open-ended, a reasonable person would have no cause to believe that the search will be limited in some way, and consent would include consent to search the memory of electronic devices i. i.e. “Can I look at your cell phone?” = entirely open-ended e. Consent to search computer usually includes forensic exam is in the scope of consent f. Scope of Consent for Cell Phones i. Example: Cops ask to search car for guns, drugs, money, or other illegal contraband. 1. Cops can search anywhere those objects may be found, including a cell phone, b/c it can possibly conceal drugs or money 2. But can’t take the cell phone’s memory card, b/c it can’t conceal any of those items g. Third Party Consent i. Actual Authority 1. Person has common authority over or other sufficient relationship to object to be searched ii. Apparent Authority 1. Reasonable reliance by police on consent of person who seems authorized to consent based on facts known to officer at time consent was given 8 iii. In general, a third party may consent to a warrantless search when that party possess “common authority” over or other sufficient relationship to the premises or effects sought to be inspected. iv. For computers, generally turns on the person’s access or control of the computer, regardless of whether that person is a spouse, parent, bailee, systems administrator, or other third party, such as a computer repair person. v. Passwords and Encryption 1. By creating password-protected files, the creator affirmatively intends to exclude the joint user & others from the files a. However, some courts say that it doesn’t matter if there is apparent authority 2. Common access to a computer in a family room area = more than likely apparent authority for anyone in the household to consent th vi. 5 Amendment Privilege: Requiring the Disclosure of Passwords, Decrypted Files 1. If there is a subpoena to give up your passwords so the authorities can search your computer, you must provide access(password/unecrypt the files – but don’t have to give them the actual password). a. Unless location or existence is unknown – see #4 below b. Requires gov’t to demonstrate “with reasonable particularity that it knows of the existence and location of subpoenaed documents.” c. Providing access “adds little or nothing to sum total of Gov’t information” and existence, location of files 2. Cannot use technology to intentionally avoid discovery of passwords/encryption 3. 5th Amendment does not apply b/c it is non-testimonial in nature; searching the computer is just a source of evidence a. Testimonial = communicative i. Trial testimony ii. Police confessions iii. Act of production of private documents (some limits) iv. Demonstrative Acts 1. i.e. nodding your head b. Non-testimonial = source of real or physical evidence i. Blood test ii. Fingerprints – handwriting samples iii. Voice – other physical characteristics iv. Putting on clothing v. Lineup 1. Why? All of these you are not forced to communicate any ideas 9 4. Act of production is incriminating if: a. (1) Existence & location of evidence is unknown, OR i. Not important that Gov’t knows the content of the files – merely have reasonably certainty of existence, location of documents b. (2) Production would “implicitly authenticate” documents i. i.e. Gov’t can’t use him producing them to automatically authenticate them for court IX. Search Incident to Arrest & Cell Phones a. Lawful arrest establishes the authority to search the person – it is a reasonable search. Robinson. i. Reasoning: 1. Safety (i.e. remove weapons) 2. Recover Evidence that could be destroyed b. Affords officer complete discretion as to the objects sought during the search i. All objections from clothing to the contents of wallet are subject to search c. Must be contemporaneous with the arrest as to time & place i. But may be made at police station when accused arrives d. Permissible Scope of SITA i. Person – unqualified authority ii. Reach & Grasp Area – area within immediate control iii. Vehicles – Entire passenger compartment (not necessarily after Gant) e. SITA & Vehicles i. Can search containers SITA ii. “Container” = 1. Any object capable of holding another object. a. i.e. closed or open glove compartments, consoles…luggage, boxes, bags, clothing, etc. f. Arizona v. Gant i. No vehicle search incident to occupant’s arrest after arrestee secured & cannot access interior of vehicle, or, you can search when: ii. Circumstances unique to automobile context justify search when reason to believe that evidence of offense of arrest might be in vehicle. a. Standard = reasonable basis iii. Gant’s new holdings 1. Don’t get SITA after arrestee is secured & cannot access interior of vehicle unless circumstances justify search when LE thinks there may be evidence of arrest in the vehicle g. 2 Different Views for SITA & all Digital Devices i. Majority: Container rule, can search digital evidence when arresting person ii. Minority: Are not containers and persons have “higher level of pricey” in info they contain (Smith case); must get a warrant 10 h. Chadwick i. If the search is “too remote” or no exigency exists, once that person’s personal property is not immediately associated with the person of the arrestee to law enforcement’s exclusive control, this search is no longer SITA & need a warrant i. Immediately Associated i. Wallets ii. Purses iii. Backpacks iv. Cell phones (majority of courts, but split) 1. Thus, you can be arrested & they can search the cell phone at any time (even non-contemporaneously) with no warrant j. Not closely associated i. Luggage k. Seizing & Continuing to Hold Containers (i.e. cell phones) i. LE is justified in seizing & continuing to hold a container if 1. there is probable cause to believe that it contains evidence of a crime, and 2. if exigencies of the circumstances demand it ii. Exigent circumstances = not SITA X. Seizures of Digital Evidence a. Seizure of property occurs when there is some meaningful interference w/an individual’s possessory interest in that property. Jacobsen. i. Or exerting dominion & control for the gov’t’s own purpose is a seizure, but it may not necessarily be an unreasonable one b. For goods in transit not accompanied by their owner, the owner has substantially – if not completely – temporarily given up that possessory interest to send the property to another location i. Some courts view this as a contract issue; if shipping company promises to deliver the goods by noon the next day, gov’t “seizure” begins at noon if the goods are detained beyond that time c. Search or Seizure? i. Search = requires invasion of REP ii. Seizure = requires interference w/possessory interest d. Seizures of Digital Evidence i. Copying of data may not be a seizure b/c it may not meaningful interfere w person’s possessory interest in the data 1. For electronic data, you can access it from multiple locations by multiple people, etc. 2. But some courts hold that this would be a seizure? Pg 198, Cotterman e. If you revoke consent after the mirror image (copy) is made, too late. f. If copies are the fruit of a prior illegal seizure, prohibited from using. Silverthorn 11 g. Most courts have held that there is a possessory interest in intangible interests as well, i.e. have interest in the information itself, not simply the medium in which it exists h. Reasonableness of Warrantless Seizures i. Once it is established a seizure has occurred, it must be justified as reasonable ii. Exigent circumstances may permit seizure, i.e. if you found CP on a D’s computer through a consensual search, it is reasonable to seize the computer. Otherwise, he would destroy the evidence before the warrant could be issued. iii. Reasonableness turns on the facts of each case requiring courts to “balance the need to search or seize against the invasion that the search or seizure entails.” i. Delays to Obtain a Warrant after a Warrantless Seizure i. Even if the initial seizure is lawful, it can still violate the 4th Am b/c its manner of execution unreasonably infringes possessory interests 1. Thus, if police seize it, and unreasonably delay in securing a warrant, i.e. 21 days, then D may get suppression a. Other courts, however, would require more, such as stale probable cause, or change in item to get suppression XI. Networks & Internet – 4th Am “Outside the Box” a. Acquisition of data on internet generally regulated by statute b. Voluntary Exposure/Assumption of Risk i. Peer-to-Peer Distribution 1. The case law is uniform that persons who put files in a folder that others can access to share on peer-to-peer networks do not have a reasonable expectation of privacy in such files. 2. See if they have feature to NOT share the files – more than likely has to be engaged – subjective intention does not matter th c. No F/A (4 Am) protection against i. Disclosure of subscriber info by ISPs 1. Forrester – federal – no REP 2. Reid (NJ) – has REP by state constitution ii. Email recovered from recipient 1. Proetto iii. Internet chat rooms 1. Gariano iv. Posting info on a website d. Data from Third Parties i. Because the third party received the e-mail messages and could forward them to anyone, appellant had no reasonable expectation of privacy. ii. Same applies to chat rooms b/c you do not know who you are speaking to necessarily – even if that party ends up being an undercover cop e. Internet Surveillance: Types of Information Sought i. Smith v. State of Maryland 12 1. Pen Registers = records the #s dialed on a telephone number, but does not hear oral communications or whether the calls are actually completed. a. However, wire taps do get the content. 2. Pen register don’t get the contents of the communication a. No REP in non-content b. Phone numbers are NOT content 3. HELD: Petitioner had no actual expectation of privacy in the phone numbers he dialed. The installation & use of a pen register was not a search and no warrant was required. f. Wire Pen Trap & Trace URLs i. You can get the host, but not the other stuff. i.e. you can get www.biosupplies.com but not www.biosupplies/blah/badstuff.htm g. Content vs. Non-Content i. Content = communication itself – REP ii. Non-Content = dialing/address information – No REP iii. Body of Emails 1. It is content, but you may give up your REP once the other person receives the e-mail b/c he can forward it to whoever iv. Email To/From Information 1. Non-content v. Email Size & Length 1. Non-content vi. Email Subject Headers 1. Content vii. Web-Surfing Transmissions 1. Most likely treated as a form of communication and thus content, i.e. like telephone conversations viii. Search Terms 1. Content ix. URLs containing search terms 1. Content (most likely) x. IP Addresses 1. Non-content xi. Size of information accessed or files downloaded from websites 1. Non-content, pen registers can capture this h. Info Obtained from Third Parties & from The Cloud i. If a 3rd party discloses info to the government that an individual has provided to that party, the individual will typically not have an interested protected by the 4th Am. Miller v. United States. i. Notes i. Types of Surveillance: 13 1. Real Time vs. Stored Records 2. Real time you can catch… ii. What type of Info gov’t is seeking 1. Content vs. Non-Content 2. “Content” = information concerning the substance, purport or meaning of that communication. 18 U.S.C. section 2510(8) 3. Non-Content = dialing, routing, addressing, or signaling information a. Basic customer or subscriber records b. Transactional information XII. Statutory Regulations of Obtaining Data a. Electronic Communications Privacy Act (ECPA) i. The Pen/Trap Statute 18 U.S.C. § § 3121-3127 1. Requirements To Obtain a. Authorized attorney applies under oath for order & b. Assert that information likely to be obtained is relevant to an ongoing criminal investigation i. No independent judicial determination of this. 2. Pen Registers = record outgoing addressing information 3. Trap and Trace Device = records incoming addressing information 4. If the info gathered on the phone is a bank account number, social security #, etc. = content & equivalent of voice communication a. These are Post-cut-through dialed digits (PCTDD) 5. Remedies For Violation of Pen/Trap Statute a. Fine, imprisonment (of not more than 1 year) b. Evidence is not suppressed 6. Providers of electronic or wire communication services may use pen/trap devices on their own networks w/out court order if: a. 1. It relates to the operation…or to the protection of the provider’s rights or property, or to the protection of users of that service; or b. 2. To protect the provider…or a user of that service from fraudulent, unlawful or abusive use of service; or c. 3. User has given consent ii. The Wiretap Statute 18 U.S.C. § § 2510-22 (“Title III”) 1. Regulates the interception of the contents of wire, oral, or electronic communications – that is, real time capture of communications in transit a. Not stored b. Applies to everyone (not just Gov’t) 2. Oral Communication a. Not subject to interception while exhibiting an expectation 3. Wire Communication – Aural Transfer 14 4. 5. 6. 7. a. The Communication must include the human voice under the wire communication (2510(1)) Electronic Communication a. Any transfer of signs, signals, writing, images, sounds, data, or intelligence…by a wire, radio… b. But NOT: i. Wire or oral communication ii. Communication through a tone-only device iii. Communication from a tracking device iv. Electronic funds transfer info stored by a financial institution Intercept a. Can be content b. Has to be real time, i.e. contemporaneous w/the transmission of the communication c. Very few seizures of electronic communications from computers will constitute interceptions Wiretap Orders a. May be granted under this statute only to investigate specified predicate offenses or for electronic communications to investigate any federal felony b. Federal Court may issue if: c. (1) Must have PC to believe that an individual was committing, had committed, or is about to commit a crime; d. (2) That the communications will be obtained through the wiretap; and e. (3) the premises to be wiretapped were being used for criminal purposes or are about to be used or owned by the target of the wiretap i. Must show less intrusive techniques “reasonably appear unlikely to succeed” ii. Short time period (30 days) iii. Minimization requirements: avoid communications not subject to order Remedies for Wiretap Violations a. Statutory framework largely supersedes Fourth Amendment analysis b. Prohibits unauthorized gov’t AND private party “real time” interception of content c. Requires suppression of illegally intercepted oral & “wire” communications i. NOT electronic ones though 15 d. Criminal penalties & civil remedies for violations 8. Exceptions to Wiretapping a. 1. System Provider Interceptions Permissible to i. Protect provider rights/property 1. i.e. theft of long distance services 2. i.e. police asked for help in kidnapping; company listened to cloned phone conversations b. 2. Consent by one party i. One party consent 1. Ex: implied consent a. Landlady said all calls recorded enough 2. System banner announcing all communications are monitored a. Ex: prison phones ii. Some states require consent of both of all parties c. 3. Computer “trespasser” i. Aka Hackers ii. Person who access without authorized and thus have no REP iii. Does not include user with existing contractual relationship who violates terms of contract iv. Investigation allowed if 1. Consent of owner 2. Lawful investigations 3. Reasonable grounds to believe relevant to investigation b. Stored Communications Act – 18 U.S.C. § § 2701-12 (SCA) i. Regulates access to & disclosure of stored electronic communications or account record held by network service providers such as ISPs ii. No applicability to data in real time transit iii. Applies to BOTH content & non-content of stored data iv. If provider is not RCS or ECS, SCA does not apply 1. Provider could be ECS as to one thing, RCS to another; so do not define the service provider itself but rather than particular piece of electronic communication at a particular time v. Voluntary disclosure of communications or account records -§ 2702 1. Providers of service not available to the public may freely disclose both the contents and other records relating to stored communications 2. There are exceptions to content & non-content – see pages 288 & 299 vi. Compelled disclosure of communications or account records to government §2703 16 vii. DOJ Approach to SCA 1. Classify Service Provider 2. Classify Info Sought 3. What Process is needed to obtain info viii. Classification of Providers 1. Remote Computing Service (RCS) vs. Electronic Communication Service (ECS) 2. Whether it is ECS or RCS – ask what role the provider has played and is playing w/respect to the communication in question. 3. ECS a. Any service that provides users ability to send or receive wire or electronic communications b. Covers public & private providers i. i.e. AOL, Earthlink, Hotmail, private company, state gov’t c. Applies only to oral & wire communications d. If ECS, must be in electronic storage – 18 U.S.C. 2710(7): i. (a) Temporary, intermediate storage incidental to electronic transmission ii. (b) ECS stores for “backup protection” iii. If it is being stored for any other reason than these 2 above, not covered by the act 4. Conventional View of Storage: Flagg a. Temporary, intermediate storage: i. Once email reaches destination, copies no longer in storage b. Backups: i. Made by ISP to ensure integrity of system th 5. 9 Circuit View of Storage: Theofel a. Temporary, intermediate storage: i. Same as conventional b. Backups i. Any copies retained by ISP ii. “Prior access is irrelevant” 6. RCS a. Any service that provides “to the public…computer storage or processing services by means of an electronic communications system.” b. Only public providers i. i.e. payroll processing company ii. Online storage service iii. Off-site data bank services (medical file storage, etc.) 17 c. Thus, a company’s email network would not be an RCS b/c not offered to the public i. Or a school’s, like Ole Miss, would be excluded ix. What Information You are Seeking 1. Basic subscriber information 2. Records/info pertaining to customers 3. Contents x. What Process is Needed to Obtain that Information 1. For Compelled Disclosures - 5 levels of Process (as list goes down, it gets you more info) – except in 6th & 9th circuits, which have departed from this a. This for Gov’t obtaining information when providers are not allowed or do not choose to disclose content or records; pertains to public & non-public providers b. Subpoenas i. Basic subscriber information 1. i.e. name & address, telephone, session records (time, duration), IP addresses, means of payment (credit card, bank account #s), length of service ii. Opened messages & other files in non-RCS storage (b/c the SCA does not apply to such storage by non-public providers) c. Subpoenas (w/prior notice) i. Opened email from a public provider if the gov’t complies w/the notice provisions of 2703(b)(1)(B) and 2705 ii. Basic subscriber information, contents in RCS storage, & contents in electronic storage more than 180 days d. “d” orders [2703(d)] i. Basic subscriber information, transactional records 1. Transactional Records = Historical data involving past activity on account, email addresses of correspondents, web sites visited, etc. ii. The gov’t must state specific & articulable facts that there are reasonable grounds to believe the communications or records are relevant & material to a criminal investigation e. “d” orders (w/notice) i. Gov’t can obtain everything in an account except for unopened email or voicemail store w/a provider for 180 days or less 18 ii. Gov’t can obtain basic subscriber info, transaction records, contents in RCS storage, & contents in electronic storage more than 180 days iii. Notice Exception: May delay notice in 90-day increments if it would result in endangerment of life, flight from prosecution, destruction of evidence, etc. f. Search Warrants i. Can obtain all contents & non-contents of an account th g. 6 Circuit Cases: i. Gov’t has 3 options for obtained communications stored with a remote computing service (RCS)…that’s been in storage more than 180 days: 1. obtain a warrant; 2. use an administrative subpoena; or 3. obtain a court order under § 2703(d). ii. Court may say it depends on the ISP contract agreement which may destroy REP iii. A subscriber enjoys a reasonable expectation of privacy in the contents of emails “that are stored with, or sent or received through a commercial ISP.” 1. But e-mails not subject to exclusionary rule if Gov’t, in good faith, relied on SCA to obtain them 2. Emergency Disclosures a. Under the SCA, there is no cause of action against a service provider, who disclose records with a good faith belief that there are exigent circumstances XIII. Obscenity and Child Pornography a. Obscenity i. Roth v. United States held that obscene materials were not protected by the First Amendment ii. We now confine the permissible scope of such regulation to works which depict or describe sexual conduct iii. Basic guidelines for trier of fact must be: 1. whether the average person, applying contemporary community standards, would find that the work, taken as a whole, appeals to prurient interests; 2. whether the work depicts or describes, in a patently offensive way, sexual conduct specifically defined by the applicable state law; and 3. whether the work, taken as a whole, lacks serious literary, artistic, political or scientific value 19 iv. United States v. Stanley – cannot criminalize obscene speech in the home v. United States v. Reidel –can criminalize distribution of obscenity b. Community Standards i. For Snail Mail: Under the Miller test first prong, you apply the community standards of the geographic area where the materials are sent (6th Circuit Case) ii. For Internet: A national community standard must be applied in regulating obscene speech on the Internet, including obscenity disseminated via email (9th Cir) c. Child Pornography & Obscenity Test i. New York v. Ferber: ii. THE MILLER FORMULATION IS ADJUSTED IN THE FOLLOWING RESPECTS: 1. A trier of fact need not find that the material appeals to the prurient interest of the average person; 2. it is not required that sexual conduct portrayed be done so in a patently offensive manner; and 3. the material at issue need not be considered as a whole. iii. Thus, Child Pornography does not have to meet the obscenity test; it is not entitled to First Amendment protection iv. Possession of CP 1. Osborne v. Ohio a. Says Stanley v. Georgia – where it held private possession of obscene speech in home is protected – does NOT protect CP in the home b. Nude photos, without more, make it unconstitutional, but OH Supreme Court corrected this to make it apply to children v. Virtual CP 1. Ashcroft v. Free Speech Coalition a. The CPPA extends federal prohibition against child pornography to sexually explicit images that appear to depict minors but were produced without any real children i. This is not obscene under Miller nor child porn under Ferber – statute goes beyond Ferber b/c Ferber stood for the state interest of protecting actual children b. CPPA prohibits speech that records no crime & creates no victims by its production; i. Virtual CP is not “intrinsically related” to the sexual abuse of children as the materials in Ferber were c. After Free Speech Coalition, they amended the Federal Statute to say “indistinguishable from a minor” i. “Indistinguishable” = ordinary person would conclude depiction is of actual minor engaged in sexually explicit conduct 20 ii. “Indistinguishable” inapplicable to: 1. Drawings 2. Cartoons 3. Sculptures 4. Paintings 2. Thus, Virtual CP, which used to be an affirmative defense – is no longer –Amended Statute (PROTECT ACT) says can be prosecuted for obscenity if: a. It meets the Miller standard, or b. Is graphic & “lacks serious literary, artistic, political or scientific value” vi. Current definition of Child Pornography (Federal Definition) 1. Visual depiction 2. Of sexually explicit conduct a. Using minor (under 18) engaging in the conduct, or b. Digital or computer-generate image that is, or is indistinguishable from, a minor, or c. Created or modified to appear that identifiable minor engaging in act 3. “Sexually explicit conduct” a. Sex acts, or b. Lascivious exhibition of genitals or pubic area vii. Pandering 1. “Knowingly…advertises, promotes, presents, distributes, or solicits any material or purported material in a manner that reflects the belief, or is intended to cause another to believe, that the material, or purported material contains” child porn = does not violate 1st Am. 2. Gov’t can ban both fraudulent offers & offers to provide illegal products 3. DISSENT: This goes against Free Speech Coalition; can’t prosecute against trafficking when it is not a real child yet you can for pandering – doesn’t make sense viii. Morphed Images 1. Not protected – it implicates the interest of real children – so it is closer to Ferber – trying to protect actual children 2. If child is actually identifiable it can be prosecuted as child porn ix. Obscene Cartoons Featuring Children 1. Cartoons featuring obscene conduct are okay concerning mere possession, if in the privacy of your own home under Stanley, but no right to receive or possess obscene material in interstate commerce 2. The statute that prohibits this requires that one who receives obscene material in interstate commerce knowingly receives d. Distribution 21 i. Sending of a hyperlink not distribution; unlike an e-mail attachment, it does not move a file or document from one location to another 1. Data contained in hyperlink not capable of conversion into an image 2. Also check & see if link goes to a “directory” = even better case that it is not distribution 3. Check to see what he is CHARGED WITH. Hyperlink may still be attempted distribution, but not actual distribution ii. File Sharing Program may be distribution 1. The purpose of a filing sharing program (i.e. kazaa/limewire) is to share, in other words, to distribute a. Absent concrete evidence of ignorance; a fact-finder may reasonably infer that the D knowingly employed a file sharing program for its intended purpose b. Sentencing Courts may increase sentence for different types, i.e. “for pecuniary gain” or “distribution” c. Sentencing Commission: distribution includes posting material for public viewing, but does not include the mere solicitation of such material by a D. e. Viewing vs. Possession i. Fed law: Access with intent to view 1. Have to have actus reas part = access 2. Along with mens rea = intent to view (knowledge) ii. Most states: require possession iii. In the electronic context, a person can receive & possess child porn without downloading it, if he or she seeks it out and exercises dominion and control over it (Romm Case from 9th Circuit) 1. Here, D exercised dominion & control over the images in his cache by enlarging them on his screen, and saving them there for 5 minutes before deleting them. 2. He had the ability to copy, print, or email the images to others iv. To possess the images in the cache, D must, at a minimum, know that the unlawful images are stored on a disk or other tangible material in his possession v. Bass case from 10th Circuit 1. Authorities found lots of child porn, but could not tell the source – they couldn’t say if they had been downloaded or not 2. QUESTION: Was there sufficient evidence for the jury to conclude beyond a reasonable doubt that D knowingly possession pornographic images which were found on the computer hard drive 3. HOLDING: The jury here reasonably could have inferred that D knew child porn was automatically saved….based on evidence that D attempted to remove the images (using two software programs, “History Kill” and “Window Washer”) 22 f. vi. “Pure View” Defense 1. “Pure view” case is one where an innocent by-stander happens to see child porn on someone else’s computer, but has no dominion or control over the material– they did not direct the computer to get the material and cannot alter or remove it vii. Monitor by Employer (search terms, web site visited, etc.) 1. Even without any pics, this may be enough for possession a. Via constructive possession from facts & inferences b. It is not much different than cache evidence at all viii. Proving Image Depicts a Real Child 1. Proof beyond reasonable doubt does not require the government to produce evidence which rules out every conceivable way the pictures could have been made without using real children 2. Thus, relying on the images themselves can meet the Gov’ts burden of proving it is a real child by letting the jury draw their own conclusions 3. Knowledge element (D knowing that they are real children) can be proven through direct and/or circumstantial evidence of actual knowledge and through a finding of willful blindness; 4. So, you can probably rely on the pictures themselves if you want, or you can also introduce expert testimony, embedded data, metadata analysis, PC to Believe a Person Possesses CP i. Subscribers of Child Pornography Web Sites 1. Split of authority a. Mere membership of child porn website is sufficient, or b. Additional evidence of actual downloading is necessary 2. For Federal, subscription is enough under “access with intent to view” ii. Retention Habits of Collectors 1. May be PC based on affiant’s testimony iii. Pedophile Profiles 1. Profile alone without specific nexus to the person concerned cannot provide the sort of articulable factors necessary to find PC to search a. But may provide facts that he had an interest in it in the past and continued an ongoing interest in CP iv. Staleness 1. Typical review for staleness is the same as probable cause; de novo 2. Staleness = “events or circumstances constituting probable cause, occurred at a time so remote from the date of the affidavit as to render it improbable that the alleged violation of law authorizing the search was extant at the time.” a. Thus you lose PC 23 3. Whether information is too stale to establish probable cause depends on the nature of the criminal activity, the length of the activity, and the nature of the property to be seized a. Passage of time alone cannot demonstrate staleness 4. In child porn cases, the nature of the criminal activity and the nature of the property to be seized are especially relevant factors 5. If D is charged with possession of child porn & not acquiring it a. PC continues as long as he could still possess it i. Especially relevant for VIDEOS, probably will still possess those for a long period of time v. Locating the Computer: IP Addresses; Screen Names; Nexus Questions 1. IP Addresses a. Since IP addresses do not directly reflect an address, LE officials must conduct research & rely upon the addresses & data provided by internet providers, as well as billing addresses b. PC does not require proof beyond a reasonable doubt, just a substantial basis 2. Screen Names a. Split: i. Some courts will find PC to search the billing address associated with the screen name ii. Others require additional steps, such as requiring finding that suspect maintained a computer at place to be searched, had internet capable of transmitting CP, etc. – see pg 392 for more 3. Nexus Concerns a. May use experience of LE – pg 392 for more vi. Sufficiency of the Descriptions of Sexual Activity in the Affidavit 1. Federal Definition a. Visual Depiction of i. Sexually Explicit Conduct 1. Using a minor, or 2. Indistinguishable from a minor, or 3. Created/modified to appear that identifiable minor is engaging in the act b. Sexually Explicit Conduct = i. Sex Acts, or 1. Actual or simulated a. Sexual intercourse b. Bestiality c. Masturbation d. Sadistic or masochistic abuse 24 ii. “Lascivious exhibition” of genitals or pubic area 1. Nudity not required 2. See Dost test below 2. Dost Six-Factor Test for “Lascivious Exhibition” (non-exclusive) a. 1. Whether the focal point of the visual depiction is on the child’s genitalia or pubic area; b. 2. Whether the setting of the visual depiction is sexually suggestive, i.e. in a place or pose generally associated with sexual activity; c. 3. Whether the child is depicted in an unnatural pose, or inappropriate attire, considering the age of the child; d. 4. Whether the child is fully or partially clothed, or nude; e. 5. Whether the visual depiction suggests sexual coyness or a willingness to engage in sexual activity; f. 6. Whether the visual depiction is intended or designed to elicit a sexual response in the viewer. 3. A magistrate may not issue a search warrant based solely on a LE officer’s conclusion that the target of the warrant is in possession of “lascivious” photographs or videos a. These courts therefore require that the LE officer either to append the allegedly lascivious material or to provide a description that is sufficiently detailed for a magistrate to reach an independent legal conclusion that the material is lascivious vii. Self-Produced CP & Sexting 1. Pg 400 XIV. Policing the Internet for Crimes Exploiting Children a. Traveler Cases – aggressive & dangerous online child predators who travel to the location of a child for the purpose of establishing physical conduct b. Warrantless search of car is per se unreasonable under 4th Am i. Carroll v. United States exception: where there is PC to believe that a vehicle contains contraband or evidence of a crime, LE may conduct a warrantless search of the vehicle ii. PC exists where based on a totality of the circumstances “there is a fair probability that contraband or evidence of a crime will be found in a particular place.” 1. Requires probability, not absolute certainty c. For traveler cases, usually can search car b/c a “means of interstate commerce” is an element of the offense i. May find evidence of map and/or directions, toll, gas receipt, etc. d. The “oops, I thought she was 18” defense doesn’t work because the transcripts prove that he knew. i. Admissible under 404(b) b/c goes to absence of mistake & intent; 25 e. Using a Computer to Entice a Child; Entrapment i. Enticement Statute - § 28-320.02 1. No person shall knowingly solicit, coax, entice, or lure (a) a child 16 years of age or younger or (b) peace officer who is believed by such person to be a child 16…by means of a computer to engage in an a (sexual) act a. So can be actual child or a cop posing as a child ii. Entrapment 1. Entrapment instruction only warranted when a. (1) gov’t induced D to commit the offense charged AND b. (2) D’s predisposition to commit the criminal act was such that the D was not otherwise ready & willing to commit the offense 2. Inducement requires more than a gov’t agent or informant suggesting the crime & providing the occasion for it a. Inducement is an opportunity plus something else, such as excessive pressure 3. Gov’t agents may not originate a criminal design, implant in an innocent person’s mind the disposition to commit a criminal act, and then induce commission of the crime so that the Gov’t may prosecute 4. Inducement can be any gov’t conduct creating a substantial risk that an otherwise law-abiding citizen would commit an offense, including a. Persuasion b. Fraudulent representations c. Threats d. Coercive tactics e. Harassment f. Promise of reward g. Pleas based on need, sympathy, or friendship 5. Relevant time frame for assessing a D’s disposition comes before he has any contact with gov’t agents, which is doubtless why it’s called predisposition iii. Liability of Social Networking Sites 1. MySpace Case from CA a. MySpace is immune from liability under section 230 of the Communications Decency Act (CDA) b. Immunity under 230 requires proof of 3 elements i. 1. MySpace is an interactive computer services provider ii. 2. MySpace is not an information content provider with respect to the disputed activity, and 1. Ps claim MySpace is a content service provider; but they are not. A third party provides the published content, so immune here. 26 2. P also tries to claim that they provided the boxes to fill in, but doesn’t work 3. Unlike the questions & answers in Roommates.com, does not allege that MySpace’s profile questions are discriminatory or otherwise illegal 4. Court says that even if provider is notified of objectionable content, no liability b/c staggering amount of info online & tort liability would have chilling effect iii. 3. Appellants seek to hold MySpace liable for information originating with a third party user of its service 2. Can an internet web server be held liable when a child is sexually assaulted by an adult that she met on the web site? a. If you are simply an information provider, NO! b. The CDA says that you have to be an interactive content provider - you have to be responsible for the content. Social networking sites just provide the blank space for you to fill stuff in and write your own comments. i. Be careful – if it only allows you to select a number of choices which might give rise to libel or another form of liability, could be held liable c. But Congress’ intent is to give them immunity from liability XV. Property Crimes a. Trespass i. In general – require knowing entrance or presence on another’s property despite notice owner forbids it b. Theft/Larceny i. In general – taking and carrying away personal property of another with the intent to steal c. Computer as Target i. Unauthorized access, damage, theft d. Computer as Tool i. Fraud ii. Threats, Harassment iii. Child porn e. Computer as Container i. Drug dealer records ii. How to commit murder f. Elements of a Crime i. Physical Element 27 1. Actus Reus a. Result b. Conduct c. Attendant Circumstances ii. Mental Element 1. Mens Rea a. Purpose b. Knowledge c. Recklessness d. Negligence e. Strict Liability i. From most culpable to least XVI. Computer Specific Crimes: Obtaining Confidential Information, Unauthorized Access, Fraud, & Damage a. Computer Fraud and Abuse Act (CFAA) – 18 U.S.C. § 1030; addresses i. National Secuirty – prohibits unauthorized access to & distribution of classified gov’t information ii. Confidential Information – prohibits obtaining, without authorization, information from financial institutions, the United States, or any protected computer iii. Unauthorized Access – proscribes intentionally accessing, without authorization, a nonpublic computer of a United States department or agency iv. Fraud – prohibits accessing a protected computer, without authorization, with the intent to defraud & obtain something of value v. Damage – creates a categories of offenses based on who the person accessing the computer is & on the type of damage caused vi. Passwords – prohibits trafficking I passwords that would either permit unauthorized access to a government computer or affect interstate or foreign commerce vii. Extortion – makes it illegal to transmit in interstate or foreign commerce any threat to cause damage to a protected computer with intent to extort something of value b. To be criminally liable under the statute, it must be shown that a person intentionally accesses a protected computer without authorization or exceeding authorization and obtains i. Certain Financial Records ii. Info from any dept or agency of U.S. iii. Info from any protected computer if conduct involves interstate/foreign communication c. “Protected Computer” i. Applies to 28 1. Financial institutions, U.S. gov’t, or 2. Used in or affecting interstate or foreign commerce or communication a. Thus, everyone connected to internet or capable of crossing state lines d. Restricting Access - Can limit Access by: i. Code based restrictions 1. Passwords ii. Contract based restrictions 1. Click through agreements 2. Terms of use legal notices e. “Intentional Access” i. Intentional: When conduct evinces a clear intent to enter, without proper authorization, computer files or data belonging to another (Drew case) 1. Must be person’s conscious objective ii. Access: 1. Federal: To gain access to = retrieve data from, not just any successful interaction w/system 2. States a. Split – varies; some use the approach method i. KS - defines access as “freedom or ability to obtain or make use of” 1. Have to alter program, add something to system, perform functions, or interfere with system ii. Approach Method (WA) - to approach…or otherwise make use of f. Without or in Excess of Authorization i. “Without” = not defined, intrusions by outsiders ii. “In excess” = intrusions by insiders iii. Exceeding Authorization 1. To access a computer with authorization & to use such access to obtain or alter information in the computer that the accesser is not entitled to obtain or alter iv. Agency Theory to Find lack of Authorization 1. Employees lose authorization when violate duty of loyalty to principal, i.e. sending trade secrets of one company via email to another co. 2. The authority of an agent terminates if, without knowledge of the principal, he acquires adverse interests or if he is otherwise guilty of a serious breach of loyalty to the principal v. Some Courts Reject Employee Breach of Duty as Basis 1. Say CFAA is concerned with access, not use, so the CFAA does not apply if the user has access & sends out trade secrets, violates loyalty, etc. 29 vi. Non-Intended Use as Basis 1. Johns case: was allowed access to the info (had access to bank account #s), court did not rely on agency theory, but rather that she exceeded her authorized access when using computer to further fraud 2. Restricts access of use of info when the user knows or reasonably should know that he or she is not authorized to access a computer and information obtainable from that access in furtherance of or to perpetrate a crime vii. Websites: Terms of Use & Technical Barriers 1. Terms of use cannot be basis of liability; otherwise web site administrators would have power to criminalizes 2. Circumvention of technical barriers can be basis of liability g. Obtaining Confidential Information – Cell Phones vs. Web Sites i. Mere observation of data on website where don’t have access = obtaining info (Drew) ii. But not merely sending a text message. Czech. 1. Sending a text is essentially a one-way communication that does not implicate the obtaining of information from the recipient’s cell phone h. Trespassing into a Government Computer i. Requires 1. Intentional Access 2. Without Authorization 3. “Nonpublic” computer ii. The computer must be “of” – meaning owned or controlled by – a department of agency of the U.S. i. Accessing to Defraud and Obtain Value – 5 Elements i. Knowing access ii. Without or in excess of authorization iii. With intend to defraud iv. Access must further the intended fraud 1. Must have a “scheme” v. Obtains anything of value 1. Unless object of fraud & thing obtained consists only use of computer and value of us is not more than $5,000 2. The “thing” obtained may not merely be the unauthorized access j. Damaging a Computer or Information i. Knowingly causes the transmission of a program, information, code, or command ii. As a result of such conduct, intentionally causes damage without authorization to a protected computer 1. Gov’t doesn’t have to prove access iii. Mens rea: intentional 30 1. The mens rea applies to the damage element, NOT access iv. They also have lower levels of causing damage including 1. Recklessly 2. Strict Liability v. Damage = any impairment to the integrity or availability of data, a program, system, or information vi. Transmission 1. Either internet download or disk insertion of program designed to cause damage is enough 2. Pressing delete or erase key transmits a command (probably not enough) k. Measuring Damages i. “losses” = reasonably necessary to restore or to re-secure 1. Re-secure: make it as secure as it was before, not better ii. Monetary: includes wages of own employees XVII. Intellectual Property Theft a. Criminal Copyright Violations i. Copyright exists ii. Infringed by reproduction or distribution iii. Willful act – specifically intend to violate copyright law iv. Three alternative elements 1. For commercial advantage/private financial gain 2. Within 180 day period, reproducing or distributing $1,000 in value 3. Distributing on computer network in prep stage b. Penalty Enhancement i. Acting for purposes of commercial advantage or private financial gain c. Valid Copyright i. A work is protected by copyright law form the moment it is created, even if it is not registered ii. However, it is generally a prerequisite to civil enforcement and to some remedies 1. Not a prerequisite for criminal enforcement d. Infringement i. Infringement is the threshold requirement for both criminal & civil copyright infringement cases ii. Can be shown through either direct or indirect evidence showing that the D had access to the copyrighted work and that the alleged copy is “substantially similar” in idea and in expression of idea iii. Substantially similar test requires 1. A showing of substantial similarity in the basic ideas involved, establish by focusing on specific “extrinsic” criteria, such as the type of work 31 involved, the materials used, the subject matter, and the setting for the subject; and 2. A showing that the D’s alleged copy expresses the same “intrinsic” substance and value as the original work. iv. Some courts use the “virtual identity” standard 1. Looks at the two works as a whole to determine if they are virtually identical v. Copies are usually okay if for archival purposes & copy can be destroyed if necessary e. Willfulness i. Most courts hold you must have an intent to infringe 1. 2d Circuit held that willfulness only requires an intent to copy f. Misdemeanor vs. Felony i. Felony penalties attach when the violation consists of the reproduction or distribution of at least ten (10) copies that are valued together at more than $2,500 in a 180-day period, or ii. When the violation involves distribution over a publicly-accessible computer network 1. Otherwise, misdemeanor g. Fair Use Doctrine i. Factors listed in 17 U.S.C. § 107 which guide a court’s fair use determination = 1. The purpose & character of the use; a. This factor asks “whether and to what extent the new work is ‘transformative’” b. Does it replace the object or instead add further purpose of different character? c. For P2P like Napster, NOT fair use, b/c just a duplicate d. Also, is the infringing use commercial or noncommercial? i. Commercial weighs against fair use, but not conclusive ii. Direct economic benefit is not required to demonstrate a commercial use 2. The nature of the copyrighted work; a. Works that are creative in nature are “closer to the core of intended copyright protection” than are more fact-based works b. Music is creative in nature which cuts AGAINST the fair use argument 3. The ‘amount and substantiality of the portion used’ in relation to the work as a whole; and a. While wholesale copying does not preclude fair use per se’, copying an entire work militates against a finding of fair use 4. The effect of the use upon the potential market for the work or the value of the work 32 a. Proper fair use should not impair the marketability of the work which is copied ii. Sampling may be a defense 1. But won’t work for P2P like Napster; users download a full, free, and permanent copy of the recording iii. Contributory Copyright infringement – Vicarious Copyright Infringement 1. Requirements for “contributory infringer” liability (vicarious copyright infringement): a. 1. Direct Infringement by someone b. 2. Know or have reason to know #1 i. D must know or have reason to know of infringement ii. Napster had actual knowledge that specific infringing material was available on its system & failed to remove it c. 3. Induces, causes, or materially contributes to #1 i. Napster materially contributes b/c without the support services D providers, Napster users could not find and download the music they want with the ease of which D boasts ii. Direct financial interest 2. One who with knowledge of the infringing activity, induces, causes OR materially contributes to the infringing conduct of another, may be held liable as a contributory infringer a. D must know or have reason to know of infringement b. Napster had actual knowledge that specific infringing material was available on its system & failed to remove it iv. Digital Millennium Copyright Act – 17 U.S.C. § § 1201-05 1. Prohibits the use of computers & other digital devices to circumvent technological measures used to protect copyrighted works a. This is in contrast to copyright law, which focuses on the infringement of copyrighted work 2. D who has violated DMCA has not necessarily infringed on a copyrighted work under copyright law; instead, DMCA “targets the circumvention of digital walls guarding copyrighted material (& trafficking in circumvention tools), it does not concern itself w/the use of those materials after circumvention has occurred 3. Section 1201 has 3 prohibitions a. Section 1201(a)(1) prohibits circumvention of access controls i. Ex: Bypassing password; descrambling work b. Section 1201(a)(2) prohibits trafficking in technology designed to circumvent access controls i. Ex: DeCSS (Corley case) 33 ii. First 2 control access c. Section 1201(b)(1) prohibits trafficking in technology designed to circumvent copy controls i. These have limitations on the use of protected works ii. Did not ban mere copying…protects fair use v. Access Controls 1. A digital lock – access control – who may see, hear, or use copyrighted works stored in digital form 2. i.e. newspaper article that can only be seen by those who pay a fee or have a password = access control 3. Circumvention of an access control occurs when someone bypasses the technological measure’s gatekeeping capacity, thereby precluding the copyright owner from determining which users have permission to access the digital copyrighted work and which do not. XVIII. Spyware, Adware, Malware; Phishing; Spam; Identity-Related Crime a. Spyware: collects personal & confidential info about a person or organization without their knowledge or informed consent & reports it to a third party i. Legit Spyware: Updates for your software, cookies. ii. FTC says anti-spyware legislation unnecessary b/c improper use of spyware can be prosecuted under existing law b. Adware: Like spyware, but is delivered as a “pop-up” or “pop-over”; sends targeted ads after it collects the user’s interests c. Malware: spyware type technologies that alter or interfere with the operation of a local computer, by changing a browser home page or altering security settings, installing unwanted or malicious software that may improperly access personal or security information such as passwords & financial account information d. User Agreements i. Accompanying popup has user agreement that states by clicking on Yes, the user acknowledges that he has read the end-user license agreement (EULA) and agreed to be bound by its terms ii. They clicked “Yes” on the button; in NY, such click-wrap contracts are enforced so long as the consumer is given a sufficient opportunity to read the EULA and assents to it e. Center for Democracy & Technology i. Says we need more than click of button consent ii. Need control how data is shared, not just what is collected iii. Some principles 1. Transparency 2. Quality control 3. Data minimization 4. Purpose Specification 5. Use Limitation 34 f. Phishing i. A tool to commit a substantive crime by obtaining confidential info under false pretenses ii. Fraud element iii. Employs both technical & social subterfuge iv. Oftentimes companies will try to get a temporary restraining order to protect its web site and customers/users 1. Standard for issuing a temporary restraining order (TRO) is same for preliminary injunction; must show either a. (1) likelihood of success on the merits & possibility of irreparable injury, or b. (2) that serious questions are raised and the balance of hardships tips in the movant’s favor g. Spam i. Unwanted, annoying email message(s) received via computer ii. 3 Requirements 1. Spam must be commercial a. Primary purpose is commercial 2. Spam must be unsolicited a. Excludes “transactional or relationship message” – those whose primary purpose is to facilitate, complete, or confirm a commercial transaction that the recipient has previously agreed to enter into w/sender – i.e. shipping confirmation of online order 3. Spam is in bulk a. More than 100 emails during a 24-hour period; b. more than 1,000 emails in a 30-day period; or c. more than 10,000 emails in a 1-year period iii. Headers & Spam iv. 18 USC 1037(a) Prohibitions 1. unauthorized access, use of protected computer to transmit 2. Use of protected computer to deceive as to origin of 3. false header information a. Whoever in or affecting interstate or foreign commerce, knowingly…materially falsifies header information in multiple commercial electronic mail messages & intentionally initiates the transmission of such messages shall be punished b. Section (a)(3) has 2 mens rea elements: i. D must ”knowingly” materially falsify header info, and then 1. D must at very least know he is being deceptive ii. “intentionally” transmit it. 35 4. false registration – accounts/domain names a. Whoever in or affecting…registers, using information that materially falsifies the identity of the actual registrant, for 5 or more email accounts or online user accounts or two or more domain names, and intentionally initiates the transmission of multiple commercial email messages from any combination of such accounts or domain names…shall be punished. b. Materially falsified = if it is altered or concealed in any manner that would impair the ability of a recipient of the message, an internet access service processing the message on behalf of a recipient, a person alleging a violation of this section, or a LE agency to identify, locate or respond to a person who initiated the email message or to investigate the alleged violation. c. Section (a)(4) has 2 mens rea requirements: i. D must “knowingly” register for accounts using information that materially falsifies the registrants identity, and ii. “Intentionally” send commercial emails from those accounts. 5. false representation – IP addresses h. Identity-Related Crime i. Identity Theft: Usually means someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, typically for economic or other gain, including immigration benefits ii. Identity-related crime usually has 5 distinct phases 1. Unauthorized or illegal acquiring of identifying data or items (e.g. cards or documents) 2. Transfer of the initially acquired identifying data or documents 3. Manipulation of the data or items (e.g. through alteration, or forgery/counterfeiting) 4. Transfer of the manipulated data or items; and 5. Use of the data or items for fraud or concealment of criminal identity iii. Types of identity theft 1. Financial 2. Gov’t 3. Child 4. Medical 5. Smart phone security 6. Social networking iv. 18 U.S.C. 1028 1. Prohibits knowing transfer, possession, or use of a means of ID to commit a crime 36 XIX. 2. Production, transfer or possession of false documents 3. Intent to use it in the production of a false ID document v. Any implement or impression specially designed or primarily used for making an identification document, a false identification document, or another document-making implement 1. Under the statute, the 5th Circuit has held that It is not that a computer, scanner, or printer’s general use are primarily used for making false ID documents; the relevant inquiry focuses on the specific Defendant’s own primary use of the computer system, not some hypothetical user 2. So if you have software for counterfeiting/copying licenses/etc. that will be enough Cyberbullying a. One definition: The repeated use of computer or other modern communications technology to engage in non-physical abuse of one or more individuals when the actors are all constituents of common educational context. i. Usually must be willful conduct on behalf of bully ii. Legal system classifies it as child, preteen or teen; once adult is involved it is cyber harassment or cyber-stalking b. Forms of Cyberbullying i. Insulting ii. Targeting iii. Identify Theft iv. Uploading 1. Sharing images without permission of a person v. Excluding vi. Harassment c. Traditional Approaches i. Defamation ii. Schools & workplace punishment iii. Intentional infliction of emotional distress d. 18 U.S.C. § 875(c): i. Whoever transmit in interstate or foreign commerce any communication containing any threat to kidnap any person or any threat to injure the person of another, shall be fined under this title or imprisoned not more than five years, or both ii. 6th Circuit requires the mens rea accompany the actus reus specifically proscribed by the statute iii. To constitute “a communication containing a threat” under Section 875(c), a communication must be such that a reasonable person 1. Would take the statement as a serious expression of an intention to inflict bodily harm (mens rea), and 37 2. Would perceive such expression as being communicated to effect some change or achieve some goal through intimidation (actus reus) e. Some States Have Criminalized Harassment i. Pg 603 line of cases f. Defamation i. New York Times standard for public official on defamation: must be made with actual malice – with knowledge that it is false or a reckless disregard of whether it was false or not ii. Also line of cases (Bresler-Letter-Carriers-Falwell) that the type of speech matters; parody, fantasy, rhetorical hyperbole, and imaginative expressions that cannot reasonably be interpreted as stating actual facts about an individual 1. the dispositive question in this case is whether a reasonable person would conclude that the statements were actual statements of fact about D, or attributable to him, rather than a satirical spoof. XX. Sentencing a. Federal Sentencing Guidelines – Enhancements i. USE OF A COMPUTER ii. D pleaded guilty to violating 18 U.S.C. § 2252(a)(1), which states: iii. Any person who 1. knowingly transports or ships using any means or facility of interstate or foreign commerce or in affecting interstate or foreign commerce by any means including by computer or mails, any visual depiction, if 2. the producing of such visual depiction involves the use of a minor engaging in sexually explicit conduct; and 3. such visual depiction is of such conduct; iv. 2 Level Enhancement for use of computer is not an element of the statute and thus can be applied at sentencing to enhance it v. SPECIAL SKILLS 1. Focusing on “specialness” of a skill does not necessarily work 2. 2 Part Test a. 1. Must not be possessed by members of the general public AND b. 2. Whether it requires substantial education, training, or licensing i. i.e. Doctors, lawyers, pilots, etc. require education & training 3. So, use of Frontpage, Adobe Page Maker, etc. not a special skill generally. Court upheld enhancement for expert hacker that rigged radio contests to win Porsches, trips to Hawaii, b. Sentencing in Child Porn Cases i. We are reviewing only for unreasonable sentences, not sympathetic defendants 38 ii. Sentencing Commission is an agency; Commission’s Guidelines lack the force of law, sentencing courts are no longer bound to apply the Guidelines 1. However, must take them into account when sentencing c. Restrictions on Internet Use or Using a Computer i. For restrictions, consider: 1. Length of the Ban 2. Coverage of the imposed ban 3. D’s underlying conduct 4. D’s occupation (does he work with computers?) 5. D’s age – this goes w/occupation – if he does work w/computers, is he young enough to train for a new occupation that doesn’t require 1? th ii. 5 Circuit Upheld a supervised release stipulation of not have access to a computer or internet for 3 years 1. Said it was reasonable & D did not assert it would harm his occupational affairs or his expressive activities 2. Meets 2 Goals of 18 U.S.C. 3583(b) of (1) protecting the public and (2) preventing future criminal activity iii. D.C. Circuit struck down a 30 year internet ban 1. Deprived the D of substantially more liberty than was ‘reasonably necessary’ 2. Also interfered with his goal of rehabilitation 3. Additionally, D’s job was as a systems analyst where he needed to use computers and that was his livelihood iv. Options for Limiting Computer Use 1. Monitoring Software a. Filtering Software – blocks access to certain websites & logs a user’s usage; b. System Resident Software – can only be accessed by the probation agent while at the probationer’s computer; c. System Resident software – sends email reports to the probation agent; and d. Forced Gateway Software – can be reviewed remotely 2. Probation Searches a. May require probation to submit his computer at any time to the probation officer with reasonable suspicion 3. Prohibition on Websites/Filtering a. Installs software on probationer’s computer restricting certain web sites from being viewed 39
