Yes, ISIS Is Using Encryption -- But Not Very Well

from the a-comedy-of-errors dept

I've been seeing a few anti-encryption supporters pointing to a new ProPublica report on terrorists using encrypted communications as sort of proof of their position that we need to backdoor encryption and weaken security for everyone. The article is very detailed and thorough and does show that some ISIS folks make use of encrypted chat apps like Telegram and WhatsApp. But that's hardly a surprise. It was well known that those apps were being used, just like it's been well known that groups like Al Qaida were well aware of the usefulness of encryption going back many years, even predating 9/11. It's not like they've suddenly learned something new. So, the fact that they're now using tools like WhatsApp and Telegram is hardly a surprise. It also kinda highlights the idiocy of trying to backdoor American encryption. Telegram is not a US company and WhatsApp's encryption is based on the open source Signal protocol, meaning that any American backdoor encryption law isn't going to be very effective.

But, really, what strikes me, from reading the whole article beyond the headline notion of "ISIS uses encryption," is that it lists example after example of the fact that folks in ISIS use encryption badly and often seem prone to revealing their information. This is not unique to ISIS. Lots of people are not very good about protecting themselves. Hell, I'm probably not very good about my own use of encryption. But, of course, I'm also not trying to blow things up or kill people. Either way, story after story after story in the article highlights the rather bumbling aspects of teaching ISIS supporters how and why to use encrypted communications and to avoid surveillance. My favorite example:

On Jan. 4, 2015, an exasperated coordinator repeatedly explained to a befuddled caller with a Lebanese accent that he could only bring a basic cell phone to Syria, according to a transcript.

“The important thing is that when you arrive in Turkey you have a small cell phone to contact me,” the coordinator said. “Don’t bring smart phones or tablets. OK, brother?”

For the fourth time, the recruit asked: “So we can’t have cell phones?”

“Brother, I said smart phones: iPhone, Galaxy, laptop, tablet, etcetera.”

Sounding a bit like a frustrated gate agent at a crowded airport, the coordinator added: “Each of you can only bring one suitcase. If you come alone, just bring one suitcase. That is, a carry-on and one suitcase.”

“I didn’t understand the last thing, could you explain?”

“Brother, call me when you get to Turkey.”

Then there was the case where someone planned a plot using an encrypted WhatsApp conversation, but police were already bugging the guy so they heard what he was saying anyway:

In April, Italian police overheard a senior figure in Syria urging a Moroccan suspect living near Milan to carry out an attack in Italy, according to a transcript. Although the voice message had been sent through an encrypted channel, the Moroccan played it back in his car, where a hidden microphone recorded it.

In the message, the unidentified “sheik” declared: “Detonate your belt in the crowds declaring Allah Akbar! Strike! (Explode!) Like a volcano, shake the infidels, confront the throng of the enemy, roaring like lightning, declare Allah Akbar and blow yourself up, O lion!”

The suspects exchanged recorded messages over WhatsApp, an encrypted telephone application that is widely used in Europe, the Arab world and Latin America

All of these examples keep making the same point that many people have been making for a long time. Yes, encryption hides some aspect of communications. That's part of the point. But the idea that it creates a "going dark" situation is massively exaggerated. There are many other ways to get the necessary information, through traditional surveillance and detective work. And the report suggests that's working. And the fact that many ISIS recruits are particularly unsophisticated in understanding how and when to use encryption only makes that kind of thing easier for people tracking them. In discussing the Paris attacks, for example, the article notes that while some of the attackers were told to use encryption, they didn't.

Abaaoud’s operatives did not always follow security procedures, however. In June of last year, Turkish immigration authorities detained Tyler Vilus, a French plotter en route to Paris with someone else’s Swedish passport. Allowed to keep his cellular phone in a low-security detention center, Vilus brazenly sent an unencrypted text message to Abaaoud in Syria, according to a senior French counterterror official.

“I have been detained but it doesn’t seem too bad,” the message said, according to the senior official. “I will probably be released and will be able to continue the mission.”

Instead, U.S. spy agencies helped retrieve that text and French prosecutors charged Vilus with terrorist conspiracy.

Anyway, it's no surprise that terrorists are going to use encryption. Of course they have been for over a decade and will continue to do so. The issue is that it's not as horrible as law enforcement is making it out to be. Just as plotters have always been able to plan in ways that law enforcement has been unable to track (such as discussing in person, in other languages, or through simple ciphers or codes). That's always happened and somehow we managed to get by. Yes, sometimes law enforcement doesn't get to know absolutely everything about everyone. And that's a good thing. And sometimes, yes, that means that terrorists will be able to plan bad things without law enforcement knowing it. But that's part of the trade-off for living in a free society.

Filed Under: encryption, fud, going dark, isis, law enforcement, terrorism
Companies: telegram, whatsapp

Sweden Considers Making DNA Donated Purely For Medical Research Available To Police And Insurance Companies

from the so-what-if-we-promised-we-wouldn't? dept

When it comes to biometrics, you really can't beat DNA. You can always erase your fingerprints, or wear contact lenses to fool iris scanners, but there's no way of changing all your DNA enough to make it unrecognizable (even with the new CRISPR technique). Couple that with the fact that we are shedding DNA everywhere we go -- leaving tell-tale markers on everything we touch -- and you have the perfect surveillance mechanism. That's why earlier UK plans to give police access to medical databases are problematic, to say nothing of Kuwait's mandatory DNA database for all citizens, residents and visitors. Now Rick Falkvinge has written a post about troubling moves in Sweden:

Since 1975, Sweden has taken a DNA sample from all newborns for medical research purposes, and asked parents’ consent to do so for this research purpose. This means that over time, Sweden has built the world's most comprehensive DNA database over everybody under 43 years of age. But now, politicians are considering opening up this research-only DNA database to law enforcement and private insurance companies.

As Falkvinge points out, this is not just a betrayal of a trust, it is totally counterproductive:

This is, of course, an outrageous and audacious breach of contract with the parents who were promised the sample would be used only for the good of humanity in terms of medical research. The instant there's a mere suspicion that this will be used against the sampled newborn in the future -- as is the case now -- instead of being used for the good of humanity as a whole, people won't provide the DNA database with more samples, or at least not enough samples to provide researchable coverage.

The risk that Sweden might proceed down this road is also a reminder that once such huge databases are created, it is almost inevitable that one day someone will come along and say: "since we have this information, surely nobody could object to it being used to catch terrorists/pedophiles/rapists etc. etc." And as the news from Sweden shows, initial promises that such sensitive data will only be used for research are worthless, since they can always be revoked later on, and there is no easy way of removing the data once it is on the database.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: dna, information, insurance, law enforcement, medical research, police, privacy, sharing, sweden

Polish Authorities Demand British Law Enforcement Interrogate Tor Exit Node Operator About Information He Doesn't Have

from the colossal-waste-of-time-and-effort dept

As numerous posts on Techdirt attest, the authorities really don't like Tor, even though the Onion routing system was developed by the US Naval Research Laboratory, not some terrorist hacker group. The latest jurisdiction to misunderstand how Tor works is Poland, as this report on Motherboard explains:

Polish authorities have requested British law enforcement to interrogate the node operator because of a 2014 forum post supposedly insulting the ex-mayor of a small Polish town; apparently an illegal act in Poland.

Specifically:

A letter from the District Public Prosecutor's Office in Bialystok, Poland, to the UK Home Office points to Article 212, paragraph 2 of the Polish Penal Code, which says, in sum, that characterising someone else in such a way that might "degrade them in public opinion or expose them to the loss of confidence necessary to occupy a given position […] is subject to a fine or the penalty of limitation of liberty."

The Tor exit node used by the person who allegedly wrote the problematic post is run by Thomas White, better known as TheCthulhu on Twitter, where his bio reads:

Technology and privacy activist. Hidden service dev. Turkey-certified terrorist. Radical giver of no shits.

It will therefore come as no surprise that White is unsympathetic to the request by the District Public Prosecutor's Office in Bialystok. Even better, he has posted part of his statement in reply to that request, which is well-worth reading. White points out that the Polish law in question seems to violate Article 19 of The Universal Declaration of Human Rights, further enshrined as Article 10 of the European Convention on Human Rights. He says that he accepts the ex-mayor in question may have found a statement about him to be humiliating or offending, but adds:

I have many times felt offended where his political party have made derogatory remarks concerning the LGBT community for example, or where his complaint is an attempt to trample upon the rights of others. The difference is that I seem to have the mental capacity to take the opinions of others on board and reason my views with them to make my points.

White concludes pretty much as you might hope and expect:

I can only reaffirm my position that I have no intention of assisting with the request from the Polish authorities

Of course, the great thing about Tor is that White couldn't help the Polish authorities even he wanted to, since he was just operating the exit node, and knows nothing about the origin of the Tor traffic he facilitates. The sooner governments learn this basic fact, the sooner they can stop wasting time and resources trying to extract information from people that don't have it.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: law enforcement, poland, thecthulhu, thomas white, tor, tor exit node, uk

FBI Vacuums Up Local Law Enforcement Documents To Block Open Records Requests About Orlando Shooting

from the PROPERTY-OF-THE-FBI-stamp-ink-running-dangerously-low dept

The FBI has decided to insert itself into another public records battle. The agency has long been known to cc: itself to public records requests for Stingray documents, but this time it's claiming any requests for local law enforcement documents related to the Orlando nightclub shooting need to be routed through it.

A June 20 letter from the FBI, attached to the City or Orlando's lawsuit over withholding 911 calls and other records from 25 media outlets including the Orlando Sentinel, was also sent to the Seminole County Sheriff's Office with instructions pertaining to how they should respond to records requests.

The letter requests that agencies deny inquiries and directs departments to "immediately notify the FBI of any requests your agency received" so "the FBI can seek to prevent disclosure through appropriate channels, as necessary."

Notice the FBI says "prevent disclosure," rather than, say, "assist in determining which documents can be released." The letter [PDF] claims that all records generated by local law enforcement agencies are now the FBI's by proxy and that the "investigative documents" exemption [Exemption 7(A)] prevents the release of all documents related to the shooting.

The FBI flat-out states all documents are belong to it.

The FBI considers information obtained from state and local law enforcement agencies in furtherance of its investigation to be evidence, or potential evidence.

Presto! Instant blanket exemption from disclosure at both federal and state level. The FBI takes care to point out which Florida Sunshine Law exemption local agencies can use to withhold documents from requesters.

There's significant public interest in these documents, especially those related to EMS/police response to emergency calls. This obviously conflicts with the FBI's determination that its ongoing investigation -- which now apparently contains every document created by every responding law enforcement agency in Florida -- should preempt any and all requests for documents via Florida open records laws.

Not for nothing have there been several efforts mounted to alter blanket exemptions like the one the FBI is using to insert itself into local level records requests. Unfortunately, it's very likely the FBI's wielding of this "open investigation" exemption will be granted deference by the federal court currently presiding over an open records lawsuit between the Orlando Sentinel and the City of Orlando, even though this fight never should have included a federal agency conducting its own concurrent investigation of the mass shooting.

Filed Under: fbi, foia, imsi catcher, law enforcement, orlando, public records, stingray

Former Police Chief Pushes Through Legislation To Keep Body Cam Footage Out Of The Public's Hands

from the putting-the-'no'-back-in-'North-Carolina' dept

Whatever accountability and transparency could be achieved with the deployment of police body cameras often seems to be undercut by legislative activity. Minnesota legislators, prompted by law enforcement, tried to cut the public out of the process. So did a sheriff-turned-legislator in Michigan. The LAPD preemptively declared its body cam footage would not be considered "public records," which means legislators will have to act to roll back the PD's policy. And in Illinois, a law enforcement agency decided to stop using body cameras altogether because accountability is just too much work.

Over in North Carolina, one legislator is sponsoring a bill that would exempt body cam footage from public records laws. His concern, of course, is the privacy of all involved.

Sponsor Rep. John Faircloth, R-Guilford, said the measure strikes a balance between police accountability and the rights of private citizens, noting that cameras see what officers see, including people in their homes at some of their most difficult moments, such as a domestic violence incident.

There are other interests at play as well.

"There are private things that could be very embarrassing to people, could be hurtful to people, and that doesn't need to be public," said Faircloth, a former police chief.

Misconduct is often embarrassing, but it will be shielded from disclosure along with actual privacy issues. The bill places severe restrictions on who can have access to police video and recordings, as well as how they can access these.

Under the bill, anyone captured in police video or audio could request to see it but would not be allowed to have a copy. No copies of police video could be released to the public unless ordered by a judge.

As bad as this bill is (and it's a signature away from becoming law), it's -- incredibly -- better than the current status quo. As it stands now, police recordings are considered personnel records, which are almost impossible to obtain. So when former police chief Faircloth says his bill will "increase transparency," he isn't lying. But he's also only making the most incremental forward motion -- the kind that doesn't do much to increase accountability and gives law enforcement nearly as many opportunities to withhold recordings completely.

Filed Under: body cameras, law enforcement

Appeals Court: A Bunch Of Mostly-Irrelevant Information Is Not 'Probable Cause'

from the drug-warrior-enthusiasm-clouds-judgment dept

A drug conspiracy with no drugs. A house searched because a car carrying no drugs was registered to the address. It's little things like these that add up to a successfully suppressed evidence, even if it took defendant Ricky Brown a trip to the Sixth Circuit Court of Appeals to achieve it.

The DEA, working with Michigan State Police, pulled over two vehicles that had left a house they had under surveillance, apparently on their way to a heroin buy set up by an informant. One vehicle, a Chevy Silverado driven by Steven Woods, was searched after a MSP traffic stop and approximately 565 grams of heroin were recovered. The other vehicle, a GMC Yukon in which Brown was a passenger was stopped as well. However, there were no drugs in this vehicle, just four cell phones.

Despite this lack of evidence, the MSP booked both the vehicle's driver (Marzell Middleton) and Brown on charges of "conspiring to deliver drugs." Search warrants were obtained for both Brown and Middleton's residences, and 90 grams of heroin were found at Middleton's house.

The route to the search warrant for Brown's residence was a bit more circuitous. The idea to search Brown's residence was apparently predicated on little more than the fact that a vehicle he owned (another Yukon, but not the one that was being driven when both parties were arrested) was parked in Middleton's driveway while that residence was searched. From the decision [PDF]:

During their search of Middleton’s residence, the police also searched a 2002 GMC Yukon registered to Brown, which was parked on the street in front of the residence. MSP Trooper Unterbrink allowed a drug dog to walk around and climb into the vehicle. The dog alerted to the odor of narcotics inside Brown’s vehicle, but the affidavit does not indicate that any drugs were actually recovered. Agents seized the 2002 Yukon under Michigan forfeiture laws.

This was the first plank of the DEA's probable cause platform: the drug sniff that seemingly failed to turn up any drugs. The next was text messages on a prepaid cell phone containing the message "He said 1175 or 1125 for one," which Agent Fitch claimed was "consistent with Detroit-area pricing for cocaine." Also added to the affidavit were the results of a criminal record database search: an arrest (and an acquittal) for "delivery/manufacture of dangerous drugs" dating back to 1996 and a 1999 conviction for conspiracy to distribute marijuana.

Despite there being nothing linking Brown to the sale of heroin and his most recent conviction being 12 years old at that point, Agent Fitch somehow convinced a judge that a vehicle parked in the driveway of a house being searched was enough of a "nexus" to justify a search of the vehicle owner's home. This warrant was obtained three weeks after Brown's arrest and three weeks from the point Brown had been released after being charged, during which time neither the DEA nor the MSP performed any surveillance of Brown or his residence.

The DEA rolled up to Brown's house and searched it. Agents found some stuff, but nothing that would link Brown to heroin distribution.

DEA agents executed the search warrant at Brown’s residence on March 31. They found a nine-millimeter Smith and Wesson semiautomatic pistol, a loaded 12-gauge shotgun, and 60 grams of marijuana. They also recovered a digital scale, various forms of ammunition, $5,805 in cash, utility bills addressed to Brown, a Michigan certificate of title and insurance document for a 2002 GMC Yukon, and a hand-written document—purportedly a drug ledger—listing names and what appeared to be gram drug quantities. They did not find heroin or any other evidence linking Brown to a heroin conspiracy.

The district court refused to suppress the evidence, claiming the "four corners" made up for the deficiencies in the affidavit, and allowed the good faith exception to paper over the rest of the warrant's flaws. The government continued to pursue the heroin conspiracy charge, but the jury found nothing in the evidence to support it. Brown was acquitted on that charge but convicted on the firearms and marijuana possession charges.

The appeals court is less impressed with the government's attempt to spin nearly nonexistent threads into connective tissue.

In the present case, the search warrant affidavit contained no evidence that Brown distributed narcotics from his home, that he used it to store narcotics, or that any suspicious activity had taken place there. The affidavit did not suggest that a reliable confidential informant had purchased drugs there, that the police had ever conducted surveillance at Brown’s home, or that the recorded telephone conversations linked drug trafficking to Brown’s residence. The Government notes that Brown’s car, which was registered to his residence, was parked outside Middleton’s home and tested positively for narcotics during a canine search. Although these facts supported the search of Brown’s car, they did not establish a fair probability that evidence of drug trafficking would be found at his residence. A more direct connection was required, such as surveillance indicating that Brown had used the car to transport heroin from his home to Middleton’s on the day in question. The mere fact that the car was registered to Brown’s home was too vague and generalized a nexus to support the search warrant.

The government tried to salvage this by claiming Brown's status as a "known drug dealer" was all it really needed to obtain a search warrant of his residence. The appeals court disagrees.

Although this alone establishes that the warrant was issued without probable cause, we note that the evidence supposedly establishing Brown’s status as a drug dealer was also inadequate. The affidavit relied on the following facts to show that Brown was a known drug dealer: Brown was a passenger in Middleton’s car when the arrest was carried out. Police officers seized four cell phones from the car, two of which were believed to belong to Brown because they listed Middleton’s phone number as a contact. One of Brown’s alleged cell phones had a text message that said, “He said 1175 or 1125 for one,” which Agent Fitch alleged referred to local cocaine prices, not heroin. Brown possessed $4,813 in currency at the time of his arrest. Brown’s car was parked at Middleton’s residence and, during a search of Brown’s vehicle, a drug dog alerted to the odor of narcotics.

Although some of these facts suggest that Brown may have been involved in the heroin drug conspiracy—and thus established probable cause to arrest Brown—they are too inconclusive to assume, for the purpose of determining probable cause to search Brown’s residence, that he was a known drug dealer.

The court also denies the government's good faith appeal, finding that law enforcement had 22 days to put together something more resembling probable cause. The court wonders why the DEA -- if it felt it didn't have enough PC to pursue a search of Brown's house right after his arrest (the driver's house was searched the next day) -- suddenly felt it had enough evidence to support a warrant three weeks later, when literally nothing had changed in the interim.

It is hard to account for this delay, as little new evidence was discovered during that period: just a cryptic text message, which Agent Fitch concluded reflected pricing for cocaine—not heroin—and a conviction for conspiracy to distribute marijuana from 1999. Neither the text message nor the 12-year-old conviction was probative of whether Brown was using his current residence for drug trafficking…

Save for a passing reference to Brown’s car registration, the affidavit is devoid of facts connecting the residence to the alleged drug dealing activity. Although the good-faith standard is less demanding than the standard for probable cause, the affidavit still must draw some plausible connection to the residence. Agent Fitch’s affidavit failed to do so.

With the evidence suppressed, the convictions for marijuana and firearms possession vanish as well. Considering the Supreme Court recently decided old arrest warrants can salvage illegal searches, it's nice to know mostly-irrelevant criminal history isn't enough to turn a lack of probable cause into a good faith effort.

Filed Under: dea, law enforcement, michigan, probable cause

2015 Wiretap Report Doesn't Have Much To Say About Encryption, But Does Show Feds Run Into Zero Judicial Opposition

from the Drug-War-conquers-all dept

The US Courts' 2015 "Wiretap Report" is out and it seems to show that fears of "going dark" are largely overstated. Here's Alex Emmons of The Intercept:

Despite a 21 percent increase in wiretaps authorized by state courts overall between 2014 and 2015, the number of cases where law enforcement encountered encryption decreased from 22 to seven.

And out of 1,403 wiretaps authorized by federal judges, only six encountered encrypted communication. Two of those were decrypted by law enforcement, leaving only four that could not be deciphered.

[...]

That means that in 2015, out of 4,148 total wiretaps, only 11 encountered a form of encryption law enforcement could not break. That’s about one quarter of one percent.

Not so fast. The lack of issues in this report doesn't necessarily mean law enforcement agencies aren't encountering encryption. It simply means they're not running into it while utilizing wiretaps. There's a lot this report doesn't cover and there are many instances where the chance of running into encryption that renders wiretaps useless is simply being avoided. Why do the paperwork if there's nothing to be acquired?

This is basically what the FBI told Motherboard in response to questions about the lack of encryption roadblocks shown in the report.

After this story was published, an FBI spokesperson echoed the arguments of Comey and Yates, saying the Wiretap Report numbers ”should not be surprising: agents now recognize when they are likely to encounter encryption and do not waste their time on fruitless endeavors.”

The FBI pointed to other reports more closely aligned with Comey's anti-encryption proselytizing.

The spokesperson added that ”a better representation” of the going dark problem is the number of devices that the Computer Analysis Response Team (CART) and Regional Computer Forensic Laboratory (RCFL), the FBI teams that help state and local police with technical requests, have been unable to unlock due to being encrypted.

”Over the 6-month period from October 1, 2015 – March 31, 2016, approximately 4,000 devices were submitted for digital forensic analysis. About 500 of those could not be unlocked,” FBI spokesperson Christopher Allen said.

Apples and oranges. But that's to be expected. One report deals with wiretap warrants obtained under one legal authority. The other deals with search warrants obtained under another. Wiretaps will rarely run into encryption because there are a wealth of options available to obtain communications that don't involve intercepting them... or more closely reflect the current reality of communications -- which isn't tied to plain old telephone service.

Whatever the government is doing with these other options can't easily be examined by the general public because there are no reporting requirements tied to these, unlike wiretap warrants. So, the number of times where encrypted communications (not contained in locked phones) are holding up law enforcement cannot be nailed down with any certainty. The DOJ could collect and disseminate this data, but it would certainly prefer to keep its reporting requirements to a minimum, even if this data would back up Comey's encryption histrionics.

What hasn't changed, however, is what wiretaps are used for: drugs. 3,367 or 4,148 issued in 2015 were for narcotics investigations. And for those of you who have followed the explosion of possibly illegal wiretaps originating from a single county courthouse in California, it's no surprise the state issuing the most federal wiretap orders is that particular coastal "drug corridor."

And, if law enforcement only ran into encryption in ¼ of 1% of wiretap orders, it ran into adversarial judges even less: every single one of the 4,148 federal wiretap requests was granted in 2015.

Taking James Comey at his word that encryption is a huge problem, it would appear the DOJ would rather withhold any data that supports this assertion than develop a precedent it doesn't like: additional reporting requirements on the ECPA orders, NSLs, and regular old search warrants it uses to obtain digital communications. Almost everything in this report deals with old-fashioned landlines, so its depiction of federal surveillance is woefully incomplete.

Filed Under: encryption, law enforcement, privacy, wiretap

Court Tells Cops They Can't Seize Luggage And Send It Hundreds Of Miles Away In Hopes Of Generating Probable Cause

from the Fourth-Amendment-also-deals-with-seizure dept

There's no universal law enforcement "best practices" for searches and seizures, but simply respecting the Fourth Amendment would seem to be a good base guideline. However, that baseline is rarely used. Far too often, searches and seizures seem to be officers seeing what they can get away with -- and expecting the legal system to assist in applying "good faith" to unconstitutional searches after the fact.

Ethan Moore landed at the Dillingham, Alaska airport, where he was met by two police officers. According to the officers, informants claimed Moore was transporting marijuana. They seized his luggage and took it to the local police station while they sought a search warrant. (via FourthAmendment.com)

This effort failed.

After hearing the warrant application, the magistrate concluded that there was no probable cause for the search, so he refused to issue the search warrant. More specifically, the magistrate concluded that the officers had failed to provide sufficient proof of their informants’ credibility to satisfy the Aguilar-Spinelli test.

When the magistrate issued this ruling, he invited the officers to present more information to corroborate their informants.

The Aguilar-Spinelli test basically states informants -- if used to support probable cause claims -- must be shown to be reliable and credible. The three informants relied on here weren't. Rather than follow up with the informants or simply return Moore's luggage, the officers went with option C.

Instead, the officers kept Moore’s luggage overnight and then, the next morning, they shipped it to the Alaska State Troopers in Anchorage. After the luggage arrived in Anchorage, it was subjected to sniffing by a drug-detection dog. The dog alerted to the luggage, and the troopers then applied for a search warrant, this time in front of an Anchorage judge. The warrant was granted.

Armed with this warrant, issued by another judge in another city after being "pre-searched" by a drug dog, the officers opened the suitcase and found seven ounces of marijuana. Moore challenged the search and the court finds the officers' decision to do something no one recommended violated Moore's Fourth Amendment rights.

We therefore hold that the police violated Moore’s rights under the Fourth Amendment when they continued to hold his luggage after the magistrate denied their application for a search warrant. All evidence derived from the later search of that luggage must be suppressed.

The state did try to save the search with some pretty bad arguments. For one, it argued that because officers told Moore they were going to perform some questionable actions in search of a warrant, the warrant and search should be valid. The court disagrees.

[E]ven though the police may have accurately informed Moore that they were going to ship his luggage to Anchorage, and that he would be deprived of his luggage at least until the next day, the fact that the police communicated this information to Moore could not turn an unconstitutional seizure into a lawful one. In other words, the police could not obtain a license to violate Moore’s Fourth Amendment rights merely by informing Moore that they intended to do so.

In addition, the court informs the state that it cannot do whatever it wants with seized items just because it feels it may eventually reach a point where it will have enough probable cause to obtain a search warrant.

The State is effectively arguing that if the police have probable cause to believe that an article of luggage contains evidence of a crime, the police may seize the luggage, hold it for as long as is reasonably necessary to complete any desired additional investigation or testing, and even ship the luggage hundreds of miles to accomplish this additional investigation or testing — all without seeking a judicial warrant until the additional investigation is done.

We are aware of no legal authority to support this argument.

The seizure of Moore's luggage should have ended when the magistrate denied the warrant. The US Supreme Court has held that people and their belongings cannot be unreasonably detained just so officers can attempt to sniff up some probable cause (in the context of traffic stops and drug dogs). The magistrate -- while noting the severe deficiencies in the hearsay presented as "probable cause" -- gave the officers a few options. Because they chose "none of the above," their drug bust has vanished.

Filed Under: 4th amendment, ethan moore, law enforcement, probable cause, seizures, warrants

BlackBerry: We're Here To Kick Ass And Sell Out Users To Law Enforcement. And We're (Almost) All Out Of Users.

from the thank-you,-sir!-may-I-get-you-another?-and-another? dept

Back in mid-April, it was discovered that Canadian law enforcement (along with Dutch authorities) had the ability to intercept and decrypt BlackBerry messages. This level of access suggested the company had turned over its encryption key to the Royal Canadian Mounted Police. BlackBerry has only one encryption key for most customers -- which it maintains control of. Enterprise users, however, can set their own key, which cuts BlackBerry out of the loop completely.

BlackBerry CEO John Chen -- despite publicly criticizing Apple for locking law enforcement out of its phone with default encryption -- refused to provide specifics on this apparent breach of his customers' trust. Instead, he offered a non-denial denial, stating that BlackBerry stood by its "lawful access principles."

The matter was left unsettled… until now.

A specialized unit inside mobile firm BlackBerry has for years enthusiastically helped intercept user data — including BBM messages — to help in hundreds of police investigations in dozens of countries, a CBC News investigation reveals.

This unit, which cracks open BlackBerries for nearly anyone who comes asking, is very proud of its work.

One document obtained by CBC News reveals how the Waterloo, Ont.-based company handles requests for information and co-operates with foreign law enforcement and government agencies, in stark contrast with many other tech companies.

"We were helping law enforcement kick ass," said one of a number of sources who told CBC News that the company is swamped by requests that come directly from police in dozens of countries.

Go team! While these sources remain generally upbeat about throwing customer privacy and security to the wind, the official word from the company is less enthused. In fact, it's nonexistent.

In response to questions from CBC News, a BlackBerry spokesperson said it "will not address the questions given the extremely sensitive nature of this process."

This unadvertised service is apparently so popular BlackBerry has streamlined the process. It offers government agencies a list of boxes to check for what kind of information they'd like retrieved from a phone (including the ominously vague "other"), as well as the option to declare any request "exigent."

It also asks that the requesting party sign off on some boilerplate saying the request is legal in the requester's country and that it is not being done to "control, suppress or punish… political or religious opinion."

Of course, BlackBerry is not a government agency so it really can't do anything if someone "perjures" themselves by signing the form and moving directly towards suppression, punishment, etc. The best it can do is not allow that entity to make any more requests. I'm guessing this almost never happens because the quoted sources seem like a bunch of overly-cheery do-gooders. Policing the police would require BlackBerry to second-guess the government entities it seemingly can't wait to assist.

"Narco trafficking, human trafficking, money laundering, kidnapping, crime against children, knowing you are stopping those things … how do you not love doing something like that?" said the insider.

Yup. [Insert whatever the Canadian equivalent of "'Murica!" here.]

In its hurry to help supposed good guys track down alleged bad guys, the Canadian branch of BlackBerry's "full give" operations is skirting around statutes meant to protect locals from inappropriate demands made by foreign countries.

Christopher Parsons, a research associate at the University of Toronto's Citizen Lab, who has studied the privacy practices of tech companies, is worried by the secrecy of BlackBerry's process and its potential for abuse.

[...]

He said BlackBerry is allowing foreign police to bypass the Mutual Legal Assistance Treaty, a diplomatic agreement that allows Canadian officials to review requests from foreign police and consider whether they are legal under Canadian law.

But, as Parsons points out, law enforcement agencies are probably thrilled to have someone on the inside willing to violate treaties with the drop of pre-printed form. Adhering to MLAT may result in significant delays, whereas approaching BlackBerry directly sets its team of super-secret gofers in motion immediately.

Of course, the major downside here is that very few criminals are likely still using BlackBerries. Most of the company's customers are enterprise users and they have the ability to lock down their phones so tight not even BlackBerry can get into them. But for all the panicked talk about going dark, BlackBerry's special ops unit says it's still surprised at how many criminals are unaware the company is basically the local PD at this point.

The nails were already in the coffin for BlackBerry. Each new exposure of its highly-proactive law enforcement assistance is only going to hasten the dwindling of its user base.

Filed Under: blackberry, encryption, law enforcement, lawful access
Companies: blackberry

Another Court Says Law Enforcement Officers Don't Really Need To Know The Laws They're Enforcing

from the horseshoes,-hand-grenades,-and-fraud-investigations dept

The nation's courts continue to ensure that the less you know as a law enforcement officer, the more leeway you'll be granted. USA Today's Brad Heath tweeted out a screenshot from a Medicare fraud case that shows ignorance of the law is no excuse… unless you're in law enforcement.

The accused doctor sought to have the evidence suppressed [PDF] because the search warrant contained assertions that were false.

Dr. Barnes argues the affidavit erroneously states that a physician is required to meet a Medicare beneficiary in person before certifying that beneficiary for home healthcare services. According to Dr. Barnes, the applicable Medicare regulations allow this "face-to-face" requirement to be satisfied through a nurse practitioner or a physician assistant. Had the warrant affidavit contained a correct summary of the applicable law, Dr. Barnes argues the magistrate judge would not have found probable cause that Medicare fraud had been committed.

The court, however, found that errors of law are pretty much unchallengeable when it comes to warrant affidavits.

Franks does not apply to the alleged misstatement of law in this case and therefore does not preclude application of the good faith exception.

The question before the Court in Franks was whether a criminal defendant "ever ha[s] the right . . . to challenge the truthfulness of factual statements made in an affidavit supporting the warrant?" Dr. Barnes has not identified any cases extending Franks to misstatements of law. Instead, the Court's research indicates the relevant inquiry is whether the warrant affidavit contains false statements of fact. That no other court has applied Franks to misstatements of law is a strong reason for declining to do so in this case.

Why can't a defendant raise a Franks challenge alleging "misstatements of law?" Well, it's because law enforcement officers -- despite being charged with enforcing the law -- are not required to know the details of the laws they're enforcing.

As the Supreme Court recognized over 50 years ago, "affidavits for search warrants . . . . are normally drafted by nonlawyers in the midst and haste of a criminal investigation."

Which leads to this [all emphasis mine]:

As an officer untrained in the law, S.A. Bradford cannot reasonably be expected to understand the nuances of the law, especially the "maze of Medicare regulations"—as Dr. Barnes described them—at issue in this case.

As for all the nonlawyers not employed by law enforcement agencies, they're still on the hook for not knowing the nuances of the "maze of regulations" surrounding almost every business or service.

The Supreme Court gave law enforcement a "close enough" pass for traffic stops and detentions in its 2014 Heien decision, stating that officers can't even be expected to know the narrow(er) set of laws pertinent to traffic enforcement. Here, another "good faith" pass is handed out, allowing officers specializing in certain investigations (like medical fraud) to have only a passing knowledge of the laws they're using to arrest and prosecute people with.

As Scott Greenfield points out, the continued expansion of the "good faith" exception means it's far more beneficial for law enforcement officers to remain ignorant of the law than it is to strive towards expertise.

The absurdity of the court’s rationale would be good for a party joke but for the fact that this is serious. Of course, it’s true that no federal agents (and for yuks, let’s add, because he’s a non-lawyer) could know every law and regulation. The reason this is funny is that no lawyer, no judge, no legislator, no one, knows every crime. No one has even been able to count how many exist, with best guesstimates at 35,000 federal crimes (including regulatory offenses), plus all the state, local, etc., crimes on top of that. The ridiculousness of it all is manifest, but that doesn’t mean ignorantia juris non excusa won’t land your butt in prison.

What this reflects isn’t sound legal doctrine, but a policy choice: that cops get a free pass and you don’t. The less they know, the broader their authority. The less they know, the more luxurious their baseless assumptions.*** The less they know, the more we forgive their errors.

The footnote:

***For example, “I didn’t know if that he wasn’t armed, so when he reached into his car to retrieve his driver’s license, after I commanded him to give me his driver’s license, I didn’t know if he had a weapon in the car, so I shot him.” The more you don’t know, the more you’re allowed to do.

The courts don't expect law enforcement to be perfect, but they refuse to extend the same courtesy to the accused. The rationale for this double standard appears to be that law enforcement officers are on the side of good and must be indulged, while every accused citizen tends toward evil, even when it might not have been maliciousness that prompted the criminal act, but ignorance.

Filed Under: fraud, ignorance of the law, law enforcement, scams