> Ulbricht hadn’t sufficiently demonstrated that the server belonged to him, and thus can’t claim that his privacy rights were violated by its search.
Wait, wait, wait. Hold the phone.
So any property which, at the time of a search, hasn't been "sufficiently demonstrated [that it belongs to you]" isn't protected, according to this judge, by the fourth amendment?
So for one example, if you sign up to gmail or Facebook using anything other than your real name, they can break it, conduct a search and then whatever they find is totally admissible in court just because they didn't know who it belonged to?
Isn't it now in the best interests of the police to avoid finding out who something belongs to since without knowing the fourth amendment doesn't exist and warrants aren't a requirement?
Here's what I don't get about this case: The FBI is obviously lying about how they got the information they have. They clearly broke into the Silk Road servers. However they could have certain got a warrant to do so had they just presented what they knew at that time about the enterprise. So why didn't they? Laziness? Incompetence? Or just because they knew they'd get away without it (per this)?
Honestly I hope they fight this case on that matter of law and it gets thrown out. We cannot have the fourth getting chucked out any time someone invokes anonymity, that's not how it was meant to work.
> So any property which, at the time of a search, hasn't been "sufficiently demonstrated [that it belongs to you]" isn't protected, according to this judge, by the fourth amendment?
That's not what this means. You can't claim fourth amendment protection on someone else's property: I can't claim my rights were violated because the police searched your car. The court is saying that you have to claim it's your car first before you can claim that your rights were violated by the search. (Well, not exactly. The situation is more nuanced.)
To put it another way, the court's not saying that this was legal, or that nobody's rights were violated. The court is only denying Ulbricht's specific claim that his rights were violated, and the denial seems to be based on a procedural technicality.
However if the government then claims that this server is owned by you, doesn't that then imply that your privacy rights were violated since they illegally hacked into your computer?
The government can't have it both ways. Either the server is owned by Ulbrecht and they violated his rights, or the server is now owned by Ulbrecht, and thus they can't prove he is the DPR.
> The government can't have it both ways. Either the server is owned by Ulbrecht and they violated his rights, or the server is now owned by Ulbrecht, and thus they can't prove he is the DPR.
It's not that simple. The courts follow procedures for these things: the courts respond to claims made by various parties, and if there is no claim that the evidence is dirty, or if the claim that the evidence is dirty is not proved for whatever reason (even silly technical reasons), then the evidence is admitted.
Don't forget that this is only one court. Higher courts could find the judge's ruling incorrect.
I started to read Alderman v. US after Forrest said that 4th Amendment rights cannot be vicariously asserted. I'm a little unclear on how this works. Could an investigator warrentlessly burgle the residences of two conspirators A & B, and use evidence found in B's place against A and evidence found in A's place against B, all without violating the fourth amendment? How about email accounts? If so, why don't investigations against known conspirators proceed this way all the time?
Seems like it should be possible for the defense to argue that the prosecution must stipulate that the server was his property, in which case his rights were violated, or that the prosecution must stipulate that it was not his property and that they have no case against him. What is wrong with this argument in a legal sense?
What you bring up may be an issue for a post-conviction appeal, as a guilty verdict would be a finding that the servers were controlled by him, which dictates that he had a privacy interest in them. But that would be after he's convicted and buried under the jail.
I think the argument is that the information found on the server shows that Ulbrecht was running this. It'd be like if I was using eBay to sell drugs. I don't own eBay, so I couldn't claim my 4th ammendment rights were violated by a search on eBay.
I don't understand how this isn't an illegal search irregardless though (maybe the server hosts gave the FBI permissin? I'm not aware of the specifics)
Shouldn't evidence be inadmissible based on how it was obtained? An illegal search is an illegal search regardless of what was searched or who owns it.
I'm not a fan of the defendant here, but I am a fan of holding the authorities to the rules. You know it's their job to uphold the law.
Your understanding of the rules is in error, though.
And in this case, the court has never got to the question of whether the search was illegal, because the defendant's motion to suppress is not well-formed (despite the court providing the defense with an opportunity to correct that). Courts don't have much initiative in our common-law system, constitutionally speaking their function is to resolve disputes between parties, meaning the onus is on the defense to make the argument about the illegality of the search warrant and to do so in correct legal form.
> I'm not a fan of the defendant here, but I am a fan of holding the authorities to the rules. You know it's their job to uphold the law.
Yes, evidence is inadmissible based on how it is obtained. However, there are rules and procedures for how you get evidence excluded from a trial. This is why you pay good money for good lawyers: they know the rules for excluding evidence. I recommend watching the 1992 moive "My Cousin Vinny".
The unfortunate part of all of this is that we're now in a system where you win by paying more money to cover more technicalities than the other guy.
Sure, this follows the rules, but it seems perverse to lose on a technicality that is easy to resolve with a "hey, prove you own the server. you did? ok."
But the thing is the judge gave them exactly that option and Ulbricht's lawyer inexplicably declined to take it - see page 22 onwards.
So either a) Ulbright can't prove he owns the server (in which case he can't very well claim privacy rights in something that's not his property to start with), or b) he is not willing to, even though doing so might keep most of the evidence out of trial. Maybe that's because of some super-clever legal tactic they plan to unveil at appeal (although this seems very unlikely, as this is such a basic procedural issue) or maybe it's for some extrajudicial reason, like because it would reveal the identity of some partner in crime who would then seek terrible revenge. Or any other number of other possibilities.
I don't know, but I think Ulbricht would need to concede that explictly. I don't feel like digging through all the filings to try and figure out his counsel's strategy at this hour, though.
I want to suggest that this phrase is potentially toxic. Ross's name has been horribly tarnished, not unlike aaronsw before him.
I, for one, think that the evidence suggests he's a pretty good dude. I have seen nothing that makes me believe there is any truth to the arranged murder allegations.
Also, having met and spent half a day in his mother's company, I can tell you that she is a warm, concerned soul and I got the distinct sense that she was telling the truth about this whole thing.
Putting aside the accusation that he tried to put a hit on someone, do you think he's innocent person and wasn't running the Silk Road, or that he was a nice guy who just happened to be flagrantly flouting the law in running an illicit marketplace for drugs, kiddie porn, stolen credit cards, and other illicit goods and services, while engaged in a money laundering scheme? I am genuinely wondering here.
You're the first person I ever heard suggest the possibility that Silk Road was used to distribute child pornography (which was probably among the many things covered by SR's TOS ban of things harmful for others)
If the accusations about him running the Silk Road are true, I think two things:
1) The technology and political material he published as DPR is compelling, interesting, and worth reading. This contribution is meaningful.
2) That there is nothing inherently criminal or morally reprehensible about allowing people to freely transact with one another.
...but that's not the point I was making. The point I was making was that any time the government targets somebody, we find ourselves saying, "I don't want to defend <x>, but I will say..."
But why not? Especially with aaronsw. I find it shocking that this phrase was suddenly through around so often after the indictments. We all knew what he was doing. I supported him 100% and do not believe he did anything wrong.
At the end of the day, we have to be willing to defend not only each other's speech and actions, but each other's characters if in fact they're worth defending. I think aaronsw and DPR are characters that are worth defending.
While I have a lot of sympathy for aaronsw, and admired a lot of the work he did, I don't see a lot in common between the two.
The Feds. charged both, but the thing is that the charges brought against aaronsw were largely absurd. He appeared to have broken a few misdemeanor-class laws, but was charged with wire fraud and the CFAA in ways that didn't really fit what he did at all.
The Feds. are charging Ulricht with things that he mostly was personally responsible for. He very much appeared to be engaged in narcotics trafficking conspiracy, continuing criminal enterprise, computer hacking conspiracy, and money laundering conspiracy. He set up an environment where people can freely transact with one another, but tailored that environment to narcotics trafficking, credit card fraud, selling malware, and money laundering, and chose to engage in tailoring the site specifically for those things. He was fully aware of the illegal transactions occurring through his site and not only did nothing to stop it, but enabled it and profited from it. He was also hit with a Kingpin charge that probably will stick, since he was personally involved and managed an organized crime scheme.
The Silk Road designed a site for drug trafficking and other illicit activities, recruited drug and encouraged dealers, and took a commission from the sales. Since the Feds. have the server they have a sea of evidence to show how the site wasn't running with no knowledge of what transactions were happening, but tailored itself to be effective at drug, CC, and malware trafficking.
Whatever you think morally about profiting off drug deals, malware sales, CC fraud, and money laundering, the law is really clear about it.
aaronsw was engaged in a kind of hacktivism that expanded open access to public information and contributed to the open web in many ways. Ulricht was engaged in making a profit by opening a marketplace for illegal activities and tailoring it for drug deals. There's a world of difference.
aaronsw is a personal hero of mine. I'm not trying to elevate Ross / DPR to that level.
I do think, though, that subverting controls that inhibit free consensual activity between adults is virtuous.
Furthermore, I'm not at all convinced that Ross did most of the things you mention. The indictment reads like a product of zeal and overreach, not a dispassionate document outlining a person's conduct and how it clearly violates plain language.
That he has been denied bail on this basis (especially when he hasn't been charged with the offenses that constituted the entirety of his bail hearing) is egregious and further suggests that he's being specifically targeted.
"subverting controls that inhibit free consensual activity between adults is virtuous."
It depends entirely on what that consensual activity is. If the activity is selling stolen credit card numbers, then it's facilitating theft and doesn't seem virtuous at all, since it's harming a third party. If it's exchanging kiddie porn, again it's harming a third party. If its selling malware, then it's a free exchange with the intent of violating others privacy or otherwise harming them, which does't seem virtuous at all to me. But those were all services that Ulricht not only knowingly facilitated, but worked to specifically facilitate. While I don't agree with the US drug laws, assuming he was responsible for the Silk Road, Ulricht was choosing to facilitate many sorts of exchanges that while consensual between the parties involved in the exchange, were exchanged motivated by profiting off the harm of other parties who weren't consensually involved, but were either victims of crimes or were victimized by the use of the product of the transaction.
"The indictment reads like a product of zeal and overreach, not a dispassionate document outlining a person's conduct and how it clearly violates plain language."
I dunno, they laid out a pretty clear case of what the law was and how it was broken in my reading. He was pretty clearly violating various criminal conspiracy laws that were written to deal with just the kind of thing he was doing.
While I have never been on the site I'd seen it mentioned as being one of the things that was trafficked, and the wikipedia article lists it. Looking into it, that might just be articles using sensationalism, though. Looking into the ref. in the wikipedia article, one of the links used as a citation for the child pornography claim actually stated the opposite - that they didn't allow it, so I think I was probably misinformed there.
Ah! You present a great logical argument to disuade one from the point. After all who could be for kiddie pr0n? Regardless of what Ulbricht did what the GOV is doing is where the focus ought to be as its resulting in the ebbing of our freedoms! Thats what this is about not drugs, sex nor monies. Although impossible to prove its likely we are witnessing some form of parallel reconstruction.
I was responding to someone who had been praising Ulbricht (who really looks like an awful person), so in that context I was questioning how one would compare him to Aaron Swartz (who I admire).
I think I was incorrect about the child pornography claim, though that was only one item in a list.
While we should also be looking at the Feds. who are certainly no angels, we shouldn't pretend that everyone the Feds. prosecute is a martyr. The problem is that the legal argument that the server was protected under the 4th was made poorly by the defense, and their arguments against the Feds. haven't been very strong. Perhaps there will be more time for the Feds. to ...clarify... their story of how they managed to get the IP, and if it's shown that they used illegal means then that evidence should be dismissed. So far the defense has looked as amateur as Ulricht's PHP programming, but we'll see. Their claim that since Ulricht wasn't actually engaging in the transactions personally, that he wasn't involved in a conspiracy made them look like they were, um, morons. There's even a chance that the Feds. can convict with the many other pieces evidence that they have that isn't hit by the Fruit of the poisonous tree (esp. in the pending case filed against Ulbricht in Maryland).
I'd like to see justice served on all fronts, with the Feds. nailed for their wrongdoings, and people like Ulbricht nailed as well.
Very interesting. So, at a minimum, you must disclose that a thing is your property to prevent illegal searches of that thing from being admitted in a case against you. That means that if you can be convicted under either of
- thing.BelongsTo(you)
- thing.Contents
fourth amendment protections will not save you. Am I reading this right?
Fortunately, no. The article explains it better than I could:
> That argument may seem like a Catch-22. If Ulbricht were to claim ownership of that server he would seem to incriminate himself. But Forrest writes that Ulbricht could have nonetheless claimed the server in a pre-trial statement that couldn’t be used against him as evidence. “Defendant could have established such a personal privacy interest by submitting a sworn statement that could not be offered against him at trial as evidence of his guilt (though it could be used to impeach him should he take the witness stand),” she writes. “Yet he has chosen not to do so.”
So he has to "pre-trial" admit to owning the "evidence" or "tool of committing the crime", or something. Thereby admitting "guilt" without it being admissible in court later on. So then, everyone knows he's guilty, because he admitted it, but they can't "prove it" because of a technicality of using that evidence.
The reason that sounds broken to me is that he has to first admit guilt in order to defend some "noble" right to privacy that'll allow him to be acquitted. If he does that, his entire life is ruined because he will forever be tainted in the media and law-enforcement as "guilty, but got away due to a technicality". They will never stop hounding him, and will actively put him under their investigation spot-light for his entire life. This applies whether he's actually guilty, or not.
There's one bit that I'm not sure how to read because I'm not a lawyer:
> “Defendant could have established such a personal privacy interest by submitting a sworn statement that could not be offered against him at trial as evidence of his guilt (though it could be used to impeach him should he take the witness stand),”
It sounds like he could provide proof that he owned the server having the contents of the server thrown out. Then provided he didn't take the stand in his own defense the affidavit couldn't be used. Not entirely certain though.
The 4th amendment isn't exactly a "right". It's a limitation imposed on the government. The whole Constitution is. The government is not supposed to conduct "illegal searches and seizures".
It doesn't say on the victim's property or whatever.
Seems the FBI is claiming the servers were his, and he was operating them, so they are prosecuting him. But somehow they aren't his property, and therefore not protected by the 4th?
This logic seems like it would apply to cell phones which have been subsidized by a contract which continues to exist as well. Aren't they considered to still be legally the phone companies' till you've reached the end of said contract?
No, subsidized phones aren't the carrier's property while you're in contract. You're liable for an early termination fee if you break the contract (barring the case of "adverse changes" or the like), but you own the phone — or at least the atoms in it.
You still have a reduced "expectation of privacy" in your mobile communications, however, in that you're using your carrier as an intermediary to those communications. Consider pen registers, for example.
I reviewed the legal argument that the CTIA made in favor of disallowing end users from unlocking phones and it turns out I was mistaken and you are correct.
No. While the car is legally in your possession and you leave it closed, you have an expectation of privacy even though you don't own the vehicle title outright.
So for one example, if you sign up to gmail or Facebook using anything other than your real name, they can break it, conduct a search and then whatever they find is totally admissible in court just because they didn't know who it belonged to?
Based on the third-party doctrine and United States v. Graham [1], even if you used your real name, you would not enjoy 4th amendment protection of data stored on an outside company's server (they would be protected, though).
It's fairly well established by the Court that there is no "reasonable expectation of privacy" for information disclosed voluntarily to a third party, as with your Gmail example.
Personally I find the judge's ruling utter rubbish. It is irrelevant if the server was Ulbricht's or not. If the FBI is trying to use evidence found within the server against him, then they should have to prove that they obtained it legally, whether or not it belongs to another individual or Ulbricht.
And continuing on your point about best interests, this would amount to rolling up to random cars parked in a parking lot and having a drug sniffing dog walk around until they find something, then trying to arrest everyone parked around the car.
> “He has failed to take the one step he needed to take to allow the Court to consider his substantive claims regarding the investigation: he has failed to submit anything establishing that he has a personal privacy interest in the Icelandic server or any of the other items imaged and/or searched and/or seized.”
This is the critical point as the judge notes. The FBI isn't proving that he owns it yet, just submitting it as evidence. The judge can't rule based on the fact that the FBI will eventually prove that Ulbrircht. At this point it's just a server that the FBI found something on they're planning on using in the trial. Combine that with the fact that the fourth only protects your own property from search and there's nothing the judge could really do.
There's some additional oddness around if the sworn affidavit would could be used to prove he owned the server later in the trial. It sounds like he could plead the 5th and the affidavit wouldn't hurt him but I'm not sure.
> “Defendant could have established such a personal privacy interest by submitting a sworn statement that could not be offered against him at trial as evidence of his guilt (though it could be used to impeach him should he take the witness stand),”
It's very similar to the reason judges have had to reject legal challenges to the NSA spying apparatus, the defendants couldn't show that they had standing, i.e. they were affected by the law.
In short his lawyers screwed up by failing to prove he had any standing to challenge the server as evidence in the first place. Providing this proof would give an unknown amount of damage to the prosecution but the contents of the server would not have been admissible at least.
>The judge can't rule based on the fact that the FBI will eventually prove that Ulbrircht. //
But don't they need to do this at some point in order to get a conviction - if this server is that used to run Silk Road and they want to prove that he ran the Silk Road then it seems like a necessary step. At the point of them making this claim surely the judge has to say "if this evidence proves the defendant owned the server then you've infringed his rights under the Fourth Amendment and the evidence must be discounted"?
Yes, but at this point there's no proof that the server belongs to him so the judge can't throw it out because he has no standing to challenge it's admissibility in the trial. I don't think that this precludes it from being thrown out on appeal or later in the trial but the motion to dismiss before the judge couldn't go through. What the judge ruled right now is just about the pretrial motions to dismiss. I'm not well versed enough in the legal system to say if this is prejudicial against it later being found to have violated his 4th amendment rights, judges can strike evidence from the record at later points though.
Or no. If they can prove that was the silk road server, illegal activities were being facilitated by it, and DPR was accessing and managing it then I don't see them needing to prove he owned it(which it seems he didn't because it was leased).
"At this point it's just a server that the FBI found something on they're planning on using in the trial."
Yes, a server they potentially broke into and violated someone's privacy over. Why does it have to be more complicated than that?
In fact, someone at the FBI should be charged with some sort of illegal-seizure crime, or violation of privacy crime. Whatever it's called these days by the lawyer-priesthood.
> And continuing on your point about best interests, this would amount to rolling up to random cars parked in a parking lot and having a drug sniffing dog walk around until they find something, then trying to arrest everyone parked around the car.
But that pretty much exactly that FBI and other agencies are doing right now in the Internet. And this ruling puts a legal precedent footing under such behavior.
Half right. Trial court judges make rulings of law, juried make findings of fact. An appellate court can then correct the trial court's legal errors, if necessary. But you're right that trial courts' legal rulings aren't precedential.
Yeah, "finding of fact" is a more apt phrasing than "ruling of fact". I thought of that after posting my comment, but felt it was a probably bit fine a distinction for the point I was making. Thanks for the clarification.
"The FBI is obviously lying about how they got the information they have. They clearly broke into the Silk Road servers."
This isn't obvious at all and the only backing we've seen for this is some butthurt speculation. Meanwhile we know for a fact that the Silk Road IP had leaked multiple times in the months before the FBI claims it leaked to them.
Can the FBI issue subpoenas in the USA, don't they need the court to do that?
My reading of the Cybercrime Convention they claimed to use (see my other post) means that if they needed to get a subpoena then they would need to get one before the Convention could be applied to compel the Swedish authorities to perform the search on their behalf.
They don't appear to have got a warrant, a subpoena nor any judicial oversight before ordering the initial search and seizure - that appears to break the Convention. Perhaps that's why there's a footnote saying they may have asked the Swedes just for comity's sake, it's so hard to remember!
What I'd really want to see to prove their position is the captured packets from their initial probing of the publicly available homepage that include the IP addresses. That would show suggest they were telling the truth [eg when matched with other peoples captures that the FBI don't yet have access to]. I'm going to go ahead and assume that they don't have that data. IMO if they can't produce that data it demonstrates the personnel in court are either completely incompetent in their positions as investigators and should be fired immediately or they are flat out lying; something tells me they're largely competent.
The server wasn't in the USA and from all the information I've read they claim the relevant foreign interests cooperated with them in obtaining the server image.
And I'm pretty sure they would have had NO trouble getting a warrant in the USA if they had a credible lead on the SR server. And any credible hosting company would GLADLY cooperate to the fullest extent with such a warrant. Generally hosting companies do not care what you're doing on your server and won't get in the middle of disputes UNLESS:
A.) You're doing something illegal
B.) Your actions pose an untenable threat to the network or other customers
>from all the information I've read they claim the relevant foreign interests cooperated with them //
The law they claim to have used requires that the requesting country act as if the computer being searched is in their own company, all protections that would apply domestically must be applied in order to request the search lawfully.
If they needed a warrant to get the local search done (eg in Pennsylvannia) then they needed one in order to use the 2001 Convention on Cybercrime to request that Sweden perform a search (and imaging) for them.
This appears to be a hole in the FBI argument - as you say, they're claiming they didn't need a warrant or to provide protections that would normally be applied if the server were in the USA. But the Convention used - by my reading at least (see my other post for links) - contradicts that specifically demanding that the normal domestic protections and procedures be applied.
What an odd question. "If the government wants to do a bad thing, shouldn't they do it a good way?" Doesn't the willingness to do a bad thing kind of imply that they will be willing to do it a bad way?
Not really. If you look at the intention of Barack, he totally wanted to codify into law, using normal channels and the full power of democracy the detention, execution and "enhanced interrogation" of WoT suspects.
Not sure what is worse. Democratically passing new bad laws or subverting the constitution via underhanded techniques. I guess the former is depressing and the latter shows mal-intent?
Burn down the Reichstag or get 3/4 majority to nullify the 4th?
I'd argue that it should be a constitutional offense to weaken the constitution using non-constitutional means. Attempting to rewrite the rules of the game during gameplay should get you autobanned by punkbuster.
Forget the 4th Amendment - how does FBI even have the "power" to hack into other nations? What's next? NYPD hacking into other nations? (probably already happened, unfortunately)
I can't fathom why the FBI would have been required to obtain a search warrant in this case because they weren't the ones who searched the servers - the Reykjavik police seized the data under Icelandic law and handed it over to the FBI[1]. According to the FBI's testimony[2], the CAPTCHA on the login page was leaking the site's IP address. The "hacking" that the defense is accusing the FBI of conducting was apparently entering a few invalid logins which caused the CAPTCHA to appear.
As an analogy, if I keep a murder weapon hidden on my property, the police are required to get a search warrant. If I instead keep it at my friend's house, I have no 4th Amendment rights when my friend gives it to the police, especially if the crux my defense is "it wasn't my gun."
The "hacking" was speculation on the defense's part when they filed their motion in August. If you read the motion[1], because the defense didn't yet know how the FBI located the server, Ulbricht's lawyer wrote a long statement speculating that the NSA/DEA was providing the information to the FBI through parallel construction. The defense did not show any proof of their accusation.
A month later, the FBI gave sworn testimony[2] indicating that they found the server because Ulbricht had failed to configure it properly and it was leaking out its actual IP outside of Tor channels. There hasn't been any proof shown that the FBI hacked his server. A number of people have claimed in the past that they came across the actual IP for Silk Road's server as a result of misconfiguration[3][4], so frankly it doesn't surprise me at all that the FBI also found a leak.
Have you actually read [3] and [4]? Based on the comments, the two posts (Made by the same person) were from a notoriously anti-Bitcoin troll on the day that market prices were at an all time high.
I was with you up until I actually read the posts, which I suspect you did not.
I agree [3] looks that way, but [4] certainly doesn't. The thread is filled with people who saw the debugging screens. I think this user's post history is the most informative:
The footnote at the bottom of p3 {1} is hilarious and the referenced law contradicts what the prosecution claim it says.
Paraphrase: 'we said we requested the search using MLAT but then we realised we don't have that agreement with Sweden, so it was probably 2001 CoE Convention on Cybercrime {2} or if it wasn't that then it was comity; we don't really want to say' - presumably they made this up after the fact. I'd be asking for records of the communications.
At Art 15(1) [which is specifically mentioned in the articles on search and seizure] it says:
>"Each Party shall ensure that the establishment, implementation and application of the powers and procedures provided for in this Section are subject to conditions and safeguards provided for under its domestic law, which shall provide for the adequate protection of human rights and liberties, including rights arising pursuant to obligations it has undertaken under the 1950 Council of Europe Convention for the Protection of Human Rights and Fundamental Freedoms, the 1966 United Nations International Covenant on Civil and Political Rights, and other applicable international human rights instruments, and which shall incorporate the principle of proportionality." //
That "each party" means that the state requesting the search and that being requested to do the search, in this case Sweden and USA, have to ensure that they abide by the "safeguards provided for under its domestic law". That means that contrary to what the FBI are claiming if they used this 2001 CoE Convention on Cybercrime to request the search then USA restrictions must be applied to the request, eg the Fourth Amendment.
This {3} recent Cybercrime Convention document reiterates that domestic laws must be applied in certain circumstances (see eg Section 3.2). It specifically relates to Art 32 (unilateral searches of publicly available data) but the language used is such as to reiterate the general principle running through the Convention of the requirement to apply all relevant domestic laws.
This 2001 Convention being used relies on other international laws, I wouldn't be surprised if the cited UN convention also means that a court must be involved in the issue of the request. The Art 15(2) ibid appears to say that an independent or judicial review of the request is required.
tl;dr if the footnote on p3 is correct and {2} was used then, just as for the Pennsylvannia server the USA authorities needed to satisfy USA domestic law before requesting the Swedish authorities search and imaged the server there. If they would have needed a court issued warrant if that server were in USA then they still needed one to make the request under the Cybercrime Convention.
Not sure this counts as a technicality. Do all foreign objects get 4th amendment protections (the servers were in Iceland)? Can I invoke defense of someone else's 4th amendment rights -- even without specifying who that is? Both of these appear to have the answer "no", so I'm not sure this is a "letter but not spirit of the law" thing. Sounds like the judge was just doing his job.
If the servers aren't his, how can he say his privacy was violated? Therefore, the violation is contingent on establishing it was his, which he hadn't done.
Wait no. The 4th amendment is an unalienable right. It doesn't (shouldn't) matter where in geologically a person or his property are.
We can think about it this way. The United States (well, certain bureaus) do not believe that the Bill of Rights contains unalienable rights because:
1.) Foreigners ("aliens") are not 'given' what is presumably 'unalienable' to them (e.g. GitMo)
2.) Snowden Docs (in particular the US) shows how intelligence agencies will spy on one anothers' citizens on their behalf to skirt domestic law. A serious commitment to unreasonable searches and seizures would entail protecting citizens rights from foreign actors, not encouraging it. And it would also refrain from doing it to others.
3.) Fair trials are suspended where convenient, even before executions (e.g. Americans overseas, Bin Laden).
By tautological definition there are no 'extreme' circumstances under which natupal rights are no longer granted; for natural rights are not given, cannot be taken away, suspended or invalidated by geolocation.
The Fourth Amendment is part of a document legally defining and describing the rights in American legal tradition, in this case a right that you and I both find to be a core part of our humanity and social contract (which is why it is so important it is legally respected, although I personally find the principle worthy of extending much farther).
While we recognize in a moral and philosophical sense today that we should treat all people of the globe identically, that isn't the group of people the Fourth Amendment protects. In a general sense, people in other countries are not subject to American law (despite being part of the same humanity and, we can agree, deserving of being treated with respect). If people and objects in other countries were subject to American law, there is a deep sense in which there would only be one country (The United States) with charming colonies labelled things like "Iceland" on maps.
> In a general sense, people in other countries are not subject to American law
The rights are really limitations on the American government, so it's not "subjecting" anyone to anything, and there's no reason limitations on the US government couldn't apply to how it treats people all over the globe. It's no imposition on the sovereignty of Iceland for the US not allow itself to hack into servers there.
Moreover, in practice, it's way more complicated than you're implying. The Supreme Court has been clear that the geographical location of a US citizen actually doesn't matter at all:
> When the Government reaches out to punish a citizen who is abroad, the shield which the Bill of Rights and other parts of the Constitution provide to protect his life and liberty should not be stripped away just because he happens to be in another land. [1]
So it's not just "people in other countries", and presumably the same thing applies to his property being in that other country.
And it's not just citizenship that matters: foreigners on US soil are protected by much of the Constitution, even undocumented immigrants [2]. So apparently neither location nor citizenship strip you of your rights. However--and this is the weird part--for some reason the combination matters: foreigners on foreign soil are not afforded the protections of the Constitution. See e.g. [3].
I think you'll find we completely agree -- the simplification seemed appropriate because it really is a question of how US law applies to objects located and plausibly operated by people who aren't Americans.
An important point you made, though:
> The rights are really limitations on the American government [...] It's no imposition on the sovereignty of Iceland for the US not allow itself to hack into servers there.
This is pointing in the key direction I was trying to go. I feel we _should_ hold ourselves to a higher standard, and I suspect there is no substantial barrier legally. But judges are rarely in the business of "should", otherwise we wouldn't have rule of law. Hence my comment about him seeming to just do his job in this case.
> The Fourth Amendment is part of a document legally defining and describing...
No disagreement there. But that doesn't mean that the document grants the right. It merely recognizes the rights.
We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights...
These rights are not granted by the United States. The United States cannot grant or take away natural rights. That's what they are and how they were intended to work.
The Declaration of Independence is not part of the Constitution, you know.
Also, there are limits on those rights. There's one example in the opinion; if the police somewhere else discover some incriminating information about you and voluntarily pass it along to American police, it is admissible regardless of whether the foreign investigation would have been valid under the 4th amendment if initiated by American law enforcement.
As a simple example, imagine a drug bust in Thailand which would not be 4th amendment compliant turns up evidence that 50% of the money from the drug operation is always send to John Doe, who lives on 123 Main Street in Anytown, USA. The FBI duly arrests John Doe and he's charges with international drug trafficking. The Thai evidence is admissible notwithstanding the non-compliance of Thai investigative procedures with US law.
This isn't meant to be an analogy for this case, BTW, just an illustration of one limiting case.
But the FBI, and US DoJ, operate under some interpretation of the verbiage in the US Constitution. That interpretation has come to mean less and less protection against searches and seizures over the years, as the US Supreme Court interprets what the (to me) plain and simple language of the 4th amendment says.
Germany does give human rights to non-Germans. And you can sue the German government for not upholding them. (They only give citizen's rights to Germans, though.)
There are no such things as natural rights. The 4th amendment defines legal rights, and does not have extraterritorial application. Foreigners have no rights under the Constitution for the same reason they have no obligations under it.
Wow. First, you are claiming the Constitution grants rights. Who, exactly, has the power to "grant rights?" Do you think the people who wrote that document gave themselves that power, or even thought that they could?
Second, you think the Framers thought they were limiting rights to US citizens. When did the Constitution first even mentioned the notion of citizenship?
We have the power to grant rights to each other through our duly elected representatives. Note that the first three words of the US Constitution are "We the People" not "We the Framers."
I think you're confusing the meaning of "unalienable" rights. Unalienable rights are rights that can't sold, traded away or taken... it's not really related to whether someone is from a different country.
But it's an easy mistake to make because it's a totally archaic word.
If the servers aren't his, why is he in court? Doesn't that mean that the real mastermind behind silk road is still out there and that the FBI got the wrong guy?
That's the least effective rebuttal I've heard in a while.
Obviously the government is going to do whatever it can to prosecute the guy, rules be damned.
In FBI logic, something you use is not protected from search, if someone else owns it. The logic goes, that other party could conceivably one day break your trust and divulge your secrets, therefore you have no expectation of privacy. Same argument they use to read your mail when it is in your mailbox.
Opening first-class mail and standard parcels from the Postal Service requires a warrant[1] by federal law, whether or not it is in a mailbox. Is there some specific example you are referencing?
That is correct, but the warrant requirement does not follow common sense. Let me try to explain further with an example. A sends a letter to B with information in the letter that implicates C in a crime. The FBI does not have a warrant to open and search the letter. The FBI goes ahead and searches it anyway. Now, the FBI has evidence that C was involved in a crime. C, obviously, would like to challenge the search based on the warrant requirement of the 4th Amendment. It is here where the warrant requirement diverges from common sense. C does not have "standing", which is a legal term of art that basically means the court can hear and decide the case, to challenge the search because the mail was not his. Therefore, without standing, C cannot challenge the search even though the FBI did not have a warrant for the initial search. In contrast, A would have standing because he has a "reasonable expectation of privacy" in his own mail (assuming there was incriminating information against A in the letter).
No, that evidence would still be inadmissible. They could use "parallel construction" to obtain new and admissible evidence to implicate C in the crime, and could use the inadmissible information to launch an investigation they might otherwise not have. But the standing issue in this case is that Ulbricht cannot argue that his fourth amendment rights were violated by search and seizure of a third party's property.
39 U.S.C. § 4057 specifically requires a warrant for certain classes of mail and parcels, and therefore any evidence obtained in a warrantless search would be inadmissible.
Yes, that statute requires a warrant. However, the exclusionary rule is only applicable to one with a "reasonable expectation of privacy." In the hypothetical, C does not have such an expectation, and therefore C cannot challenge the admissibility of the evidence notwithstanding the statute.
FedEx and UPS (and DHL, OnTrac, et al.) are private companies. They have the authority to open your package at any time for any reason, with few exceptions.
If I gave you a box and asked you to give it to someone else, you have the legal right to open it up and do whatever you want to it. The most I could do is sue you, civilly, for breaking a defined contract if one was in place, but for the most part I'd be limited to calling you names.
>They have the authority to open your package at any time for any reason, with few exceptions. //
Contract law in USA is that weak? They have authority? As in the law authorises anyone to access anything just by virtue of being contracted to move it, not even ownership? Contractual obligation can't override that authorisation .. are you sure?
That would mean, for example, that your taxi-driver has the right to go through your bags by virtue of you asking them to put them in their car. Or that Starbucks have a _right_ to access your laptop if you left it in the store for any length of time. Or if you park in a private parking lot the owner could break in, hot wire and drive your car around.
Or are you saying that only certain possessions are treated as if you didn't own them and only certain companies contracts are treated as null?
I believe uxp's point is that one would only have a civil remedy for breach-of-contract, and evidence would be admissible in a criminal court if a private carrier provided the information to the authorities with or without their consent.
But most likely, the contract with UPS/FedEx/etc would afford broad abilities to inspect and search packages for "safety and quality control" reasons, or whatever else.
To take his example, if I carelessly left my laptop in a Starbucks, I have not given anyone the right to use, transport or otherwise inspect my laptop. I can assume some right to privacy over the contents of it. But if I gave my laptop to a company that specializes in transporting laptops between Starbucks locations on behalf of patrons, one can pretty much assume (given today's contract binding society) that they have some clause in the contract between us that says that they are not responsible maintaining the content of the laptop, and can at their discretion open it up and inspect the contents to be sure that they are not the facilitator in transporting illegal or "bad" data (malware source code, child porn or terrorist manifestos, etc). They don't have the explicit right to open it just because, but in giving it to them I've given them the right to do so.
Everyone is (rightly) taking issue with your mailbox example, but the substance of your point is correct. The Fourth Amendment doesn't require that investigators get a warrant to look at information that you've already handed over to a third party. That's because the Fourth Amendment suppression-of-evidence rule protects citizens' privacy interest. If he has already made the information non-private, then investigators can't be said to have violated his expectation of privacy by accessing it.
Note that the rule doesn't require suppression of just any evidence obtained illegally -- only evidence obtained in violation of the defendant's constitutional rights (and, in particular, his right to privacy). Relatedly, note that the suppression rule is not actually written into the Fourth Amendment. It is a judicial creation to deter particularly egregious violations of the Fourth Amendment. http://en.wikipedia.org/wiki/Exclusionary_rule#Limitations_o...
>The Fourth Amendment doesn't require that investigators get a warrant to look at information that you've already handed over to a third party. //
You're right, if they ask that third party to see it. But if they don't ask, they hack in, then they're breaking the USC that protects against unauthorised access to computer systems [18 USC 1030?].
The third party usually will have a legal requirement not to divulge your info without a warrant (except perhaps under conditions threatening national security). I'm not sure on this for USA, most countries have laws protecting personal information; your contract binds the company to not disclose information but a warrant supersedes that ... but presumably there's not a general regulation forcing companies to disclose information to authorities who merely request it as opposed to getting a warrant. That would be most undemocratic.
Thus under rule of law, despite the Fourth not applying, the FBI would still need to get a warrant before either hacking in or making the company disclose the information, no?
Like, they can open your mailbox as the postal service own it, but if it's locked then they'd need to get the key/authorisation from the owner (or they'd break the law, breaking and entering or bypassing security or somesuch). If the owner says "no" then they'd need a warrant (legally speaking) to force the owner to open the box and take your post out. If they just break in and take the post it's not a Fourth Amendment violation against you, AFAICT, but it's still unlawful.
IMO the evidence should still be used but the fact of the evidence being obtained means that if submitted by the state it's also evidence that a person working for the state committed a crime. Rule of law means that person should be tried as should any co-conspirators. But this last para is just my idea of democratic responsibility and not how things are.
But the judge would have let him establish merely "a personal privacy interest in the Icelandic server or any of the other items imaged and/or searched and/or seized", which sounds like "using", but not necessarily "owning".
Which makes it even stranger, because I don't know how the judge would reconcile that theory with the third-party doctrine, which (in my layman's understanding) seems to be about what you said; namely that since some person(s) shared all the information in the image with the ISP, it wouldn't be subject to anyone's Fourth Amendment protection. Or is there some line between a hosted email account and a VPS; where the email has been "shared" with the host, but the VPS's contents can't sufficiently be shown to have been "shared" and thus are still protected? [1]
Originally, the Bill of Rights bound the government to certain behaviors. It doesn't have a border because it applies to the government not their actions in a certain place.
This sounds right to me but all my James Madison and Thomas Jefferson -fu seems to be failing me. Can we get a citation here for their intent? I'm getting some quotes that indicate they were worried about majority vs. minority stuff, but nothing with any international flair (and, of course, America is a minority of the world, so it doesn't quite pack the punch I would enjoy).
EDIT: I am concerned, the further I go in this search, that the reason they seem not to speak of the rights of foreigners as inalienable may be because e.g. so many foreigners are black or Chinese, and you didn't even get a rights guarantee back then if you were American-born and black or Chinese (not that there were a lot of Chinese people there at the time -- burning down their houses and threatening to kill them if they didn't leave comes later in American history, with similar problems for Japanese people even _later_ in American history), so there was just no chance anyone would even possibly consider the hilarious joke that we'd give rights guarantees to foreigners.
Could be off-base, but the context back then was... decidedly less progressive than we'd like to imagine them now.
The Constitution applies to the government, it is a white list (to use a racist term, ;) to say what the government CAN do. Not that we follow it any more. The government doesn't _allow_ us to do things, it is quite the opposite.
A plain English reading of the Constitution certainly says so. It is addressed TO the federal government FROM the people. So it is incorrect to speak of "constitutional rights." In fact, the BoR goes as far as to say it's not a list of rights and that rights have no bounds.
Now find me a lawyer who reads the Constitution this way.
This begs the following questions: Did the Icelandic government give FBI permission to hack a server that resides on their sovereign soil? If the identity of the owner of a piece of property cannot be confirmed, it's okay to sieze/hack/etc? If I hid evidence in YOUR car, wouldn't the police/FBI still need a warrant or at least permission from YOU to access it?
Bottom line here is there was no warrant, and as far as I can tell, no attempt to gain any sort of permission to access property-- and in a foreign country no less. I thought the FBI's purview was limited to domestic soil.
Anyone here a security expert with experience with TOR? The FBI's claim that they just typed random values into a login to accidentally reveal the server's IP address seems far fetched.
The FBI is claiming that the CAPTCHA on the login page was misconfigured and was leaking the IP. Here's the relevant testimony[1]:
In or about early June 2013, another member of CY-2 and I closely examined the traffic data being sent from the Silk Road website when we entered responses to the prompts contained in the Silk Road login interface. This did not involve accessing any administrative
area or “back door” of the site. We simply were
interacting with
the website’s user login
interface, which was fully accessible to the public, by typing in miscellaneous entries into the username, password, and CAPTCHA fields contained in the interface. When we did so, the website sent back data to the computer we were using
– specifically, the Silk Road homepage, when we used valid login credentials for undercover accounts we had on the site, or an error message, when we used any username, password, or CAPTCHA entry that was invalid.
Upon examining the individual packets of data being sent back from the website, we noticed that the headers of some of the packets reflected a certain IP address not associated with any known Tor node as the source of the packets. This
IP address (the “Subject IP Address”) was the only non-Tor source IP address reflected in the traffic we examined. The Subject IP Address caught our attention because, if a hidden service is properly configured to work on Tor, the source IP address of traffic sent from the hidden service should appear as the IP address of a Tor node, as opposed to the true IP address of the hidden service, which Tor is designed to conceal. When I typed the Subject IP Address into an ordinary (non-Tor) web browser, a part of the Silk Road login screen (the CAPTCHA prompt) appeared. Based on my training and experience, this indicated that the Subject IP Address was the IP address of the SR
Server, and that it was “leaking” from the SR Server because the computer code underlying the login interface was not properly configured at the time to work on Tor.
> Anyone here a security expert with experience with TOR? The FBI's claim that they just typed random values into a login to accidentally reveal the server's IP address seems far fetched.
That's hardly related to TOR, but most probably a misconfiguration of the web-server or application which leaked the IP.
> That's hardly related to TOR, but most probably a misconfiguration of the web-server or application which leaked the IP.
According to http://motherboard.vice.com/read/how-did-the-fbi-find-the-si... "He also says that the logs provided in the new evidence don't match up with the pages described in Tarbell's declaration." So it's most likely a case of parallel construction
I believe Ulbricht has just been given grounds for appeal if the trial goes against him. I find it highly dubious that the FBI has legal authority to access that server without the permission of its "owner" or a warrant. Regardless of whether Ulbricht was in possession of the server (as renter) or it belonged to someone else, the FBI would still need permission of that person or a warrant to search the server. In this case, I suspect that a U.S. warrant would not do as the server was located in Iceland. Probably, they would need cooperation from the Icelandic police and a local warrant. On top of all of this, don't forget that the FBI does not have authority to operate outside of the U.S. without cooperation from the locals.
'I find it highly dubious that the FBI has legal authority to access that server without the permission of its "owner" or a warrant.'
The server was public, the Feds don't need a warrant to investigate public facing web content any more than they'd need a warrant to look at a storefront. They fuzzed some content to get the thing to leak an IP (according to their account). Given the incompetence of the Silk Road admin, that's honestly not a real stretch. There were SQL injection bugs in the search on the site, and he left PHPMyAdmin running on the server. It was amateur hour. With that IP they contacted the ISP in Iceland who gave up the data since the server was violating it's TOS, and the Iceland authorities got legally involved (with no legal issues in that search).
The fuzzing of input to get the IP is iffy, but it's certainly not a cut and dry case where a warrant would be required.
The investigators did get warrants for some of the evidence they collected (esp. the evidence that tied , and I'd imagine if there was a a clear legal requirement for a warrant to investigate the web server, since they had overt probable cause it would have been trivial to get one.
Besides that the only way Ulricht can claim that the search was illegal is to admit that he owned the server, at which point that admission will certainly put him in prison, so an appeal isn't going to do him any good.
The defense wasn't arguing that the FBI didn't have the right to fuzz the captcha. They were arguing that the FBI was not being honest about how they had located the server IP, and that they found it by some other means that they may not have had the legal authority to use at the time. That's why the defense was asking for permission to cross-examine the FBI. They wanted to try to pick holes in the FBI's story. If they could show that IP had been obtained illegally, then they could challenge the subsequent search as well and try to get all of the evidence thrown out.
Also, the article specifically states that the defense could have "claimed" the server as part of their motion to suppress evidence in such a way that the claim could not have been used as evidence against Ulbricht.
Yeah, I've seen them claiming that the captcha wasn't leaky, which well could be the case. Having looked at the config files and logs now, the Feds account seems somewhat shaky. They were hitting the PHPMyAdmin page and authenticating, but didn't mention this, which is very iffy. It sounds more like the "typing in miscellaneous entries into the username, password, and CAPTCHA fields" wasn't exactly 'miscellaneous' so much as using some kind of a targeted exploit that they used to get the machine to leak enough to pwn it pretty well. Ulbricht was not nearly as skilled as he gets credit for, his machine had leaked the IP on the login screen in March and May, and his notes show he was scrambling to patch bugs, but if the Feds. had gotten PHP dumping $_SERVER or something just by fuzzing they would have mentioned it which makes their account suspicious. So that's in the air.
On a separate note, there are two separate cases against Ulbricht, one in New York happening now, and the other Maryland (which is where the contract murder charges are). So he probably does need to be very cagey about any claim of ownership of the server given that this isn't the only trial he faces. As I understand it, while the claim wouldn't be admissible as evidence in the NY case, it could still be germane to the future case.
It also means the "Fruit of the poisonous tree" issue could be mitigated even if the NY case is dismissed, given there's different evidence and claims presented in the MD case, and some of that evidence is not tied to the IP leak at all.
The problem with your analysis is that investigators' illegally gaining access to evidence does not in itself necessarily trigger the suppression-of-evidence remedy for Fourth Amendment violations. The suppression remedy is reserved for constitutional violations. So, yes, whether or not the evidence should have been suppressed crucially depends on Ulbricht's relationship with the server and whether he had a reasonable expectation of privacy in its contents.
I wasn't claiming that he would definitely win, just that the failure to explore this issue gives a probable avenue of appeal. IANAL, of course, so I could be wrong.
So...the government gets to have it both ways? The reason it didn't require a warrant for a search is that it can't be shown that it was his server, but the case itself hinges on proving that it was indeed his?
Kind-of. I think the case hinges on all the evidence of wrong-doing that was found on the server. Obviously if someone else was DPR, they wouldn't have a case against Ulbricht. But this ruling doesn't really effect whether it belonged to him or not, only that he did not /own/ it. It wasn't his server, but a 3rd party's server where he had his data. And there was no ruling on the legality of the search methods (ie; the judge could have ruled that the server had 4th Amendment protections, but that they weren't violated) only that in this case they didn't apply.
That's not contradictory; you're conflating past and future. Suppose you're a cop and you find a box with a label on the outside saying 'drug ca$h LOL.' You open it and to your surprise find $1 million dollars, some cocaine, and a passport in the name of K Ingpin. Later you establish K. Ingpin's whereabouts and arrest him. It turns out his fingerprints are all over the box and contents.
You had probable cause to investigate what appeared to be a cache of proceeds from the sale of contraband, despite not knowing who it belonged to. On discovering the identity documents in such close proximity to actual contraband, you had probable cause to locate and arrest that person on suspicion of drug dealing.
It's actually Ulbricht who wants to have it both ways. Asserting 4th amendment rights effectively amounts to saying 'hey, that's mine and you snoops had no right to access it.' Ulbricht refuses to admit or assert that the servers were his in any meaningful way, even though the prosecution could not put such an admission before the court as evidence. The only way the prosecutors could bring it up is if he took the stand and said 'no way, that's not my server,' in which case they'd say 'but you told the court that it is.' So as a defendant you can say that evidence is the result of an illegal search, or you can disclaim ownership of it, but not both at the same time.
I don't know whether the original warrant was deficient or not, and haven't looked it up. but bear in mind that the job of the trial court is not to establish whether it was valid (unless there is glaring evidence to the contrary), but whether it is admissible as evidence to be considered by the finder-of-fact (typically a jury). It's up to the defense counsel to raise those arguments, not for the court to preempt. In this case, the court is pointing out that it told the defense exactly what it needed to do to to make a procedurally valid 4th amendment challenge, and the defense failed to do so.
It's not the court's job to step in and assist the defendant if the the defendant's lawyer is no good, although bad lawyering is sometimes the basis for an appeal (on the grounds of ineffective assistance of counsel, in which case the appeal court could order a new trial if it agreed with the claim). In the American legal tradition (and the English one from which it derives), courts are not investigative bodies, they are determinative ones, which can only rule on matters brought up by one of the parties. This is completely different from how courts operate in jurisdictions based on Napoleonic law, in which the functions of prosecutor and judge and virtually combined. Obviously this is a highly simplistic summary, please take it with a grain of salt as I can't compress centuries of different legal traditions into a few sentences.
> even though the prosecution could not put such an admission before the court
Can anyone explain "though it could be used to impeach him should he take the witness stand" from the article? Sounds like this pre-trial statement could effectively constrain his options during the trial, so it's not like it's perfectly safe or inconsequential for him to have said this pre-trial.
Yes, your pre-trial statements definitely constrain your options during the trial. Your pre-trial statements guide how your opponent prepares and presents the case against you. You don't get to suddenly shift your ground halfway through the trial because you don't like the way that your first approach panned out.
Oh it definitely constrains his options. But remember you have a constitutional protection from self-incrimination, so as defendant you don't have to take the stand at all and the jury (well, the trier-of-fact which is usually a jury) is not allowed to infer anything from your unwillingness to testify. Not being able to to protest your ignorance is the price you pay for the court witholding inadmissible evidence from the scrutiny of the jury.
Your analogy doesn't make sense to me. A box like that doesn't violate anyone's privacy rights to open. That completely ruins any applicability to this case.
"Defendant could have established such a personal privacy
interest by submitting a sworn statement that could not
be offered against him at trial as evidence of his guilt
(though it could be used to impeach him should he take the
witness stand)"
So it's not as Kafkaesc as the title makes it sound---he could have said it's his without incriminating himself---but it's still pretty kafkaesc in that it would have effectively prevented him from testifying.
He wanted the ability to claim 4th amendment protections on his server while simultaneously denying that it was his server. For the government to tell him he can't have it both ways in fact seems almost the opposite of Kafkaesque
As a refresher to what exactly happened in the investigation that the judge ruled "not an illegal search":
1. FBI agents noticed the captcha mechanism on Silk Road was not configured to go through Tor (revealing the server IP address)
2. They asked Icelandic police to get an image of the server.
Another part of the argument is that the TOS of the data center said that servers could be "monitored" for lawful use (probably removing expectation of privacy questions, independent of localisation, in the prosecution's mind).
I wouldn't call this "hacking", but the constitutional question remains. I think the crux of this is that information obtained from foreign agents seems to be admissible independent of how they obtained it. Not a fun state of affairs.
The judge states in the ruling that she relied in part on this Supreme Court decision:
"A person who has been aggrieved by an illegal search and seizure only through the introduction of damaging evidence secured by a search of a third person's premises or property has not had any of his Fourth Amendment rights infringed."
Prosecutors have long found our constitutional protections to be inconvenient in their pursuit of "justice". Over the years, however, they have managed to obtain Supreme Court decisions, like this one, that pierce through these protections in every meaningful way. This particular ruling opened up the floodgates, and it seems that the FBI is actively utilizing it.
> If successful, the move would have likely made Ulbricht nearly impossible to convict on the central charges of narcotics and money-laundering conspiracy that he faces.
The judge's instructions to his clerk was probably something like: We're going to deny the defendant's motion; find me the legal precedent to do so.
strangely how the ruling goes against the logic. I mean the server either belongs to the guy and then the 4th applies ie. the evidence from the search of the server should be thrown out, or the server doesn't belong to the guy and thus the same evidence don't have a place here. Logically these are the only 2 options. Yet the ruling follows the 3rd way - the 4th doesn't apply and the evidence still can be admitted.
No, logically those are not the only two options. What about the possibility that the guy says it doesn't belong to him, but he's lying? That's essentially the prosecution's position right now, since the defendant has refused to admit the server is his even though that admission would not itself be admissible (as it would have been made to the court, not the prosecution).
Legal rulings are like scientific papers - you should not rely on how the press reports them to get a full understanding of what they mean. Read the original document on which the report is based, which addresses the dichotomy you are imagining.
But it does, for reasons laid out on page 12 of the opinion. In short, a 4th amendment attack requires your privacy to have been violated, not just anyone's. You can't say 'that box is not mine, and looking inside it was a violation of my privacy rights'; you must pick one argument or the other.
If it really is not your box then you don't have any privacy expectation. The 4th amendment protects '[t]he right of the people to be secure in their persons, houses, papers, and effects [...' (emphasis added). You don't have a right to security in other people's property, eg if we are both drug dealers and I keep notes about you in my notebook, you can't make a 4th amendment claim about the privacy of my papers even though they incriminate you.
Even if those papers are the fruits of an illegal search of my apartment, only I have the right to demand that evidence is suppressed. If I don't (perhaps because I cut a deal for immunity, or perhaps because I was smart and blew town before the police suspected me) then that's just too bad for you.
I have to say that's one of the worst rules I've ever heard. Anyone should be able to object to illegally-obtained evidence. And consent should not be retroactive, in the case of cutting a deal.
Is the a reason the rules are this way? It's certainly not because of what the 4th amendment actually says.
This seriously hurts my faith in the entire common law system.
If I understand you right, you'd like a third party at the table that argues to the collective rights of he people to be free from overbearing police and so, notwithstanding their lack of individual interest in any given case - or rather, you'd like the court to take up that function. This turns on how you interpret 'the people' - individually, or collectively. I lean towards the former because the collective right you're worried about also has to be balanced against the collective right to delegate security to law enforcement agencies, and because the threshold of legality in each case is highly individualized depending on the circumstances. I also think that leaning too heavily on dictionary definitions runs the risk of being exclusionary, eg the 4th amendment doesn't mention telephones or other sorts of information storage, so if we are going to take the most narrowly textual approach we might end up honoring the letter but not the spirit of the law.
IF I understand the court in Payner correctly, the problem is the lack of an objective standard for determining when the cost of government overreach outweighs the benefit of truth-seeking in criminal cases, or as the court puts it 'After all, it is the defendant, and not the constable, who stands trial.' The court ad established a standard a year or two before in another case called Rakas (involving the objections of passengers in a car to the admission of incriminating evidence found in the car that the owner of the car did not attempt to suppress). The court in that case took the simplistic but nevertheless straightforward view that only the owner of a property that is illegally searched has standing to complain about a 4th amendment violation. While acknowledging that this is a flawed standard that will sometimes result in injustices, it is nevertheless an unambiguous standard and was a core holding that case. The Payner court, while admiring the principle that the lower court was trying to uphold, agreed with the government that the standard laid down by the Supreme Court in Rakas should control despite its shortcomings, because it came from the Supreme Court.
In other words, it's sort of pointless having a hierarchical court system (as established by the Constitution) if lower courts can interpret constitutional issues without reference to the standards established by the Supreme Court. If those standards have to be abandoned,it must be the Supreme court that abandons them, or the whole system collapses. To quote Justice Jackson: 'We are not final because we are infallible, but we are infallible only because we are final.'
I think you've raised some very interesting questions here. While I said your earlier statement was wrong legally, I don't disagree with your comment that 'it's one of the worst rules [you've] ever heard.' Morally it's very problematic, because as Justice Marshall observed in his Payner dissent, it provides the government with a sword that allows them to deliberately infringe upon one person's 4th amendment rights in order to obtain evidence against someone else. It might well be that the decision was influenced by the perception of out-of-control crime levels in the late 1970s, and might have something to do with the exponential rise in incarceration rates that took off in 1980, which bears thinking about.
Balancing of conflicting imperatives under the 4th amendment is a real ethical minefield, as in this unrelated but interesting case from a few years which has been bothering me ever since I read it. There should be a better rule for handling cases like this, but so far I have been unable to articulate one that doesn't have any holes in it.
The judge in the case, Katherine Forrest, issued a courageous ruling last year in the case of Hedges vs. Obama, where she ruled that the indefinite detention powers of the NDAA were unconstitutional. Unfortunately, the Obama administration appealed the ruling and won.
Whoa. Anyone stopped to consider what this might mean for a future where all content becomes hash-addressable on an anonymizing network... for instance, telehash over tor. So if every site is anonymous, and isn't certain to be owned by citizen of nation X (based on geography), then it's ok to break into. Anything found on any anonymous server is admissable. Disputing the break-in would require claiming the rights of citizenship, ie. claiming ownership of the server.
So basically, any hacked system with incriminating data is almost an automatic hit against a defendant.
No, they address that in the article. There was a way under the law that the defense could have "claimed" the server for the purpose of their motion to suppress that couldn't then be used against them during trial.
Never understood the whole 'illegal privacy invasion' thing. Sure, it should be prosecuted if nothing was found, BUT if something is found, who cares how it was found? Unless it was planted of course, but AFAIK these two points are not connected. Can someone explain?
EDIT: Not that it should not be prosecuted if something is found also, but WHY does the obtained evidence have to be dismissed?
In short, if illegal techniques can be used to find evidence, and that evidence can be admitted, that's a pretty powerful reason to use illegal techniques.
Barring that evidence is a way to prevent that abuse. Aggressively prosecuting the use of illegal techniques is another way, but given that we're not willing to prosecute prosecutors who railroad the innocent or government employees who torture other people, well, I'd say that's a non-starter.
Thank you and others, I think I see now. Though I think retaliation (fines or maybe some jail time) would be more effective measure to prevent abuse than passive dismissal.
Fines against the police department are just fines against the taxpayers. Fines and jail time for individual officers are not possible because of qualified immunity.
That Wikipedia article doesn't say you can't prosecute, it just says that government workers are immune unless they reasonably should have known they were violating the constitution. The FBI know they need warrants, it's got to be FBI 101.
When you take the stand in court you are an individual giving testimony though. The rule of law means that if you perjure yourself you should be tried.
I have a notion that you are not a natural born American citizen. Please, don't hold it against me if this assumption is wrong, but its the first thing that springs to my mind by your confusion proposed.
I (and many others) view the government as a service by the people, for the people. It should adhere to the same laws and constraints that the people do in order to be kept in check and not all-powerful. One of these regulations is that citizens have powerful rights of ownership over their personal belongings and no one should be able to rifle through them without permission. Objects/data/articles/ideas can be held private for a multitude of reasons, and due process should be followed in order to gain access to these details. By removing the government's requirement to abide by this, you grant it an immense power to control and have knowledge of your life. That simply isn't necessary for the true function of government. Our original constitution and amendments attempted to protect its citizens from that fear.
You are correct, I am not an American citizen at all :) I guess what you said is true for any government but does it really matter? They get what they want in the end. Be it Alexander, FBI or someone from my country.
I view that form of thinking as a very slippery slope. The government should get what it wants, but what it wants should be defined by the people. Currently, in the HN community, the view of what the government is doing and what the rules are aren't aligned. Thus, we are pushing for rectification. We've got to take a stand somewhere. That's the only way progress is made.
There is no "they". There are individuals who influence each other, each of whom may change their position depending on the position of others. History is replete with the consequences of changes inspired by advisers to advisers of leadership.
There is no guarantee that you can influence outcomes, but it is exceedingly likely that if you believe that you cannot influence outcomes, then you will not.
Why not have it that the court can use evidence that is presented to it. Those committing illegal searches should be prosecuted. Obviously the evidence of the illegal search means a conviction is highly likely. Ignoring evidence that points to the facts of a case seems futile if you wish to achieve justice.
> but WHY does the obtained evidence have to be dismissed?
Because to permit it effectively allows the end to justify the means. It would effectively permit law enforcement to ignore any and all laws they wanted to in the course of investigations in order to produce a favorable result. Why the hell would you only conduct searches within the bounds of the law if you could get the same result more expediently by just doing it however you want?
If the police are willing to break the law, then who is going to enforce the consequences for doing so?
More than 2 words - If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged. - Cardinal Richelieu
You get into situation where you tell a prosecutor - find this guy guilty of something and throw him into jail.
Because this is the basic deterrent against illegal searches. By making all evidence from an illegal search be thrown out, it offers a real-world incentive to not violate the 4th Amendment.
As someone who is not a lawyer I wonder why the defense isn't allowed to simply amend their motion to insert language "claiming" the server in the manner the judge described.
I guess as a cop, if my friend breaks into a known criminal's house. I can use anything my friend finds against the criminal. This makes things easier.
Wait, wait, wait. Hold the phone.
So any property which, at the time of a search, hasn't been "sufficiently demonstrated [that it belongs to you]" isn't protected, according to this judge, by the fourth amendment?
So for one example, if you sign up to gmail or Facebook using anything other than your real name, they can break it, conduct a search and then whatever they find is totally admissible in court just because they didn't know who it belonged to?
Isn't it now in the best interests of the police to avoid finding out who something belongs to since without knowing the fourth amendment doesn't exist and warrants aren't a requirement?
Here's what I don't get about this case: The FBI is obviously lying about how they got the information they have. They clearly broke into the Silk Road servers. However they could have certain got a warrant to do so had they just presented what they knew at that time about the enterprise. So why didn't they? Laziness? Incompetence? Or just because they knew they'd get away without it (per this)?
Honestly I hope they fight this case on that matter of law and it gets thrown out. We cannot have the fourth getting chucked out any time someone invokes anonymity, that's not how it was meant to work.