Judge Says FBI's NIT Warrant Invalid, Points Out FBI Agent Knew It Was Invalid When He Requested It
from the new-strategy-needed-for-spreading-malware-worldwide dept
A Minnesota judge has granted a motion for suppression in an FBI Playpen case, using an agent's nineteen years of service and expertise against the government's good faith arguments. The court here found the warrant to be invalid from the moment it was signed, meaning everything obtained past that point to be fruit of the poisonous tree. (via FourthAmendment.com)
While other courts have noted the warrant's invalidity under Rule 41's territorial limitations (now nonexistent), no other judge has taken time to point out the FBI agent requesting the warrant knew it was invalid when he requested it.
First, the decision [PDF] points to the breathtaking scope of the single warrant the FBI obtained.
[T]he Government claims legal authority from this single warrant, issued in the Eastern District of Virginia, to hack thousands of computers in 120 countries and to install malicious software for the purpose of investigating and searching the private property of uncounted individuals whose identities and crimes were unknown to the Government before launching this massive worldwide search.
From there, the judge makes the point that the government can't claim it had any "good faith" in its warrant because it knew the scope and reach of the warrant exceeded the jurisdictional limitations imposed by Rule 41. As evidence of this knowledge, Judge Franklin Noel points to sworn statements by Agent Macfarlane, which indicate he knew the request was invalid when he submitted his warrant request.
The search warrant application and the warrant, as issued, expressly limit themselves to the search of persons or property located in the Eastern District of Virginia. Yet paragraph forty-six of Agent Macfarlane's affidavit explains in some detail how the NIT malware might be deployed anywhere on earth. Specifically, paragraph forty-six provides that "the NIT may cause an activating computer wherever located -- to send to a computer controlled or known to the government, network level messages containing information that may assist in identifying the computer." Under these circumstances, Agent Macfarlane must have known that he was acting in reckless disregard of proper procedure. It was not objectively reasonable for Agent Macfarlane, a "law enforcement . . . veteran" employed by the FBI "for 19 years" to believe that the NIT warrant, which he knew could reasonably reach any computer in the world, was properly issued given the specific territorial limits under Rule 41(b) and the language of the warrant itself…
Put differently, it was not objectively reasonable for Agents to believe that a single warrant, which by its terms was explicitly limited to searches in the Eastern District of Virginia, could be used to electronically search Carlson's computer in Minnesota…
The judge goes on to point out the government can't avail itself of the "good faith" argument because it relies on a valid warrant's issuance. In this case, the warrant was invalid the moment it was issued, making this akin to having no warrant at all. Good faith denied.
The court also finds the warrant defective in other ways. The NIT warrant had no particularity -- a requirement for valid warrants. Since the government didn't know who it would infect with its malware or where they were located, its warrant could not possibly satisfy particularity requirements, even if it somehow managed to adhere to Rule 41 jurisdictional limitations.
Identification of the particular place to be searched cannot depend upon facts that have not yet occurred. A warrant must particularly describe the place to be searched at the time it is issued. Just as a warrant must be supported by probable cause at the time it is issued, this Court concludes that the warrant must particularly describe the place to be searched when it is issued.
[...]
As neither the Magistrate Judge nor the affiant know which computers are to be searched until after the search has already occurred, the NIT warrant fails to particularly describe the place to be searched.
This suggests the FBI may not be completely in the clear despite the Rule 41 changes. The malware it deployed targeted individuals who visited the seized server, but the FBI had no way of knowing who would visit or when. This is a take we haven't seen from other judges in Playpen/NIT cases and this order will likely be cited by several defendants still facing prosecution.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: 4th amendment, fbi, malware, nit, privacy, warrant
Reader Comments
The First Word
“Big headlines, lots of soundbites, little effort.
They could have ridden the good PR for a while.
Instead they violated the law, lied to a Judge (who should have known better).
They are letting people who sought out CP, walk away rather than explain & allow discovery about the secret weapon.
They are having cases shattered as courts look at what they did and can't find a way to twist their duty to defend the indefensible.
So lets see what we got out of this.
Wasted resources.
Violation of rights.
Production of NEW CP on their watch.
People we would consider criminals are walking in droves.
Some citizens will still blindly screech about those damn judges, ignoring that EVERYONE has rights.
So their crown jewel case is a giant turd, and heads should roll. We need to demand better & remind them to play by the rules or else.
Subscribe: RSS
View by: Time | Thread
The Playpen cases across the U.S. that have played out have been a mixed bag of rulings with courts saying " yeah you have to disclose the NIT to defense counsel" and some courts saying "no need to disclose the NIT" and some courts saying the "warrant used was invalid" and other courts sayin" warrant was good" It has been a mixed bag of rulings.
The issue I see is that some of the courts seem more than okay with letting the FBI get away with all the problems with the various Playpen cases from the warrant problems, to the disclosure issues etc etc etc.
With the mixed bag of rulings out there, I see these cases dragging on and on and either the US DOJ dismissing the ones that are sure to be appealed or to cut them off before they head from an appeals court and to SCOTUS at some point.
For every ruling where the Judges such as this one in MN are calling the US DOJ out on what has transpired before this case landed in court, there have been just as many courts ruling the opposite and letting the cases advance forward.
I have little empathy for those who were caught in these cases, but I still believe the US DOJ and it's law Enforcement agencies need to play by the rules
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re:
The FBI has manufactured terrorists where there haven't been, as has been detailed here at TechDirt. Could they also be manufacturing child pornographers as well? It's high profile, and people are generally against CP's and terrorists - are they banking on the fact we hate CP's and terrorists more than the violation of our rights? That's not a slope I want our government to slip in.
[ link to this | view in chronology ]
Re: Re:
Someone online sends you an onion link as a joke, saying "you've got to see what's on there."
So, you open up your TorBrowser, paste the link, and whammo! You're suddenly looking at a bunch of CP, which has now been cached on your computer.
You immediately close down Tor and try to erase those images from your mind.
But unknown to you, that session also loaded the FBI's NIT, which promptly called home and also reported the known CP images on your computer (in your cache*, where you'll never see them).
Then you get a visit from a SWAT team, and are named in a court case as an alleged CP offender with the FBI themselves gathering the evidence directly from your computer.
I can guarantee that in this scenario, your life is pretty much permanently ruined, even if the case never goes to court. About the only thing you can do is attempt to start over with a new identity and hope that your past never catches up with you.
*The thing about TorBrowser is that it's supposed to keep the cache encrypted, so you'd probably have to actually intentionally save the images somewhere for them to be visible to the NIT -- but there are likely all sorts of edge cases where you could end up with this stuff somewhere visible to the NIT.
[ link to this | view in chronology ]
Big headlines, lots of soundbites, little effort.
They could have ridden the good PR for a while.
Instead they violated the law, lied to a Judge (who should have known better).
They are letting people who sought out CP, walk away rather than explain & allow discovery about the secret weapon.
They are having cases shattered as courts look at what they did and can't find a way to twist their duty to defend the indefensible.
So lets see what we got out of this.
Wasted resources.
Violation of rights.
Production of NEW CP on their watch.
People we would consider criminals are walking in droves.
Some citizens will still blindly screech about those damn judges, ignoring that EVERYONE has rights.
So their crown jewel case is a giant turd, and heads should roll. We need to demand better & remind them to play by the rules or else.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
But hey... since when did illegality stop those fucks!
Here we have a judge saying... yea I know you fucked broke the law... but I aint gonna do shit! wink wink!
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
So.... you are ok with parallel construction?
**Note: Just to be clear, I do not condone CP.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Lessons Learned
By the FBI, none to speak of...yet.
Let's mercilessly and relentlessly mock, deride, and humiliate the FBI in the public forums over the overt illegality and ineffectualness of their actions in this case. Repeat this public derision until the Playpen case becomes a meme that the FBI fails when it relies on "think-of-the-children" arguments to excuse their incompetent criminality.
[ link to this | view in chronology ]
Idiots..
I hope this agent gets more than a telling off.
Sadly i suspect they wont even get that.
[ link to this | view in chronology ]
Re: Idiots..
[ link to this | view in chronology ]
Don't see that nearly enough
A Minnesota judge has granted a motion for suppression in an FBI Playpen case, using an agent's nineteen years of service and expertise against the government's good faith arguments. The court here found the warrant to be invalid from the moment it was signed, meaning everything obtained past that point to be fruit of the poisonous tree.
That the agent knew the warrant wasn't valid and yet still filed for it isn't terrible surprising, as the FBI seems to have adopted a 'The ends justify the means' mindset for a good while now. What is refreshingly surprising is that the judge wasn't willing to give them a pass anyway.
After having far too many(which is to say 'more than zero') judges in these cases admit that the FBI screwed up in one form or another, and yet shrugging it off because they're going after Really Bad People and the pesky 'rules' and 'laws' are getting in the way, nice to see a judge willing to stand up to the rights of everyone, and not treat the laws as inconveniences that can be ignored whenever they get in the way of The Good Guys.
[ link to this | view in chronology ]
What about the judge?
There should be sanctions placed on judges that issue such invalid warrants.
[ link to this | view in chronology ]
[ link to this | view in chronology ]