On May 9, 2018, the Fourth Circuit Court of Appeals issued an opinion in United States v. Kolsuz, holding that the Fourth Amendment requires individualized suspicion for forensic searches of cell phones seized at the border.

In so holding, the Fourth Circuit provides important clarification about how the Fourth Amendment applies to border searches of electronic devices. But, both in the Fourth Circuit and in jurisdictions across the country, critical questions remain unanswered about the scope of the Fourth Amendment in this context.

Source: ACLU.org

The Decision

In United States v. Kolsuz, federal customs agents found firearm parts in the checked luggage of an airport traveler and then detained him as he was attempting to board an international flight. Subsequently, and without a warrant, agents seized his cell phone and “subjected it to a month-long, off-site forensic analysis, yielding a nearly 900-page report cataloging the phone’s data.” Based in part on this information, the traveler was eventually convicted of, among other things, attempting to smuggle firearms out of the country.

On appeal of his conviction, the traveler challenged the denial of his motion to suppress the forensic analysis of his cell phone as a violation of his Fourth Amendment rights.

In addressing the issue, the Fourth Circuit acknowledged that government agents may perform “routine” searches at international borders, or their functional equivalents, without a warrant or individualized suspicion consistent with the Fourth Amendment. But, the Court recognized that even at the border certain “non-routine,” “highly intrusive” searches require individualized suspicion.

Ultimately, the court held that forensic searches of digital devices, like the one at issue in that case, qualify as such “non-routine” searches and are thus prohibited absent some level of individualized suspicion.

The Court’s holding was based, in part, upon its determination that forensic analysis of a digital device can “reveal an unparalleled breadth” of “private,” “sensitive” information. It was also based on the Supreme Court’s 2014 decision in Riley v. California, which recognized the strong privacy interests associated with electronic devices. There, the Supreme Court held that a warrant is required to search a cell phone seized incident to arrest because of the private, extensive information contained on such devices.

Notably, however, the Fourth Circuit did not decide whether the requisite level of suspicion for such forensic searches is reasonable suspicion, or something more (like a warrant supported by probable cause). It also had no occasion to decide the requisite level of suspicion for officers to conduct “manual” searches, where agents review the content of electronic devices without the help of forensic technology.

Other Case Law, Open Questions
Continue Reading

The air of uncertainty was palpable as current and former members of the U.S. Securities and Exchange Commission’s (SEC) Division of Enforcement spoke at the Securities Regulation Institute’s 44th Annual Conference in Coronado, California earlier this week.  Important questions went largely unanswered about the impact of the recent resignations of both SEC Chair Mary Jo White and Enforcement Director Andrew J. Ceresney, and the future direction of the enforcement program under the new presidential administration and proposed SEC Chair Jay Clayton.  SEC Enforcement staff in attendance steered clear of prognostications, and instead used the conference as an opportunity to reiterate the agency’s ongoing enforcement initiatives and successes from the past year.
Continue Reading

Technician replacing the screen of a used smartphone

At various times over the last several years, the DOJ has pushed for updates to the Electronic Communications Privacy Act (ECPA) that would include greater access to encrypted information stored on electronic devices. This week, FBI Director James Comey once again pressed for changes that would provide law enforcement with greater access to encrypted data,

U.S. companies of all sizes in recent months have lost millions of dollars to a simple yet highly effective and increasingly common cyber scam.  Dubbed the ‘‘business email compromise’’ by federal investigators, the scam is prevalent among companies with foreign suppliers or frequent financial wire transfers. In this Client Update, we summarize how the

Last week, DOJ’s Assistant Attorney General Leslie Caldwell took to the Justice Department’s blog to rally support behind recent White House proposals that would bolster law enforcement tools for prosecuting those who create, sell or advertise malicious “spyware.”  Spyware refers to software that allows users to surreptitiously intercept communications on their victims’ electronic devices such as smartphones and computers.  Although prosecutors in the Eastern Division of Virginia recently brought criminal charges against a spyware seller—a case DOJ characterized as the first of its kind—Caldwell states that prosecutorial efforts have been hamstrung by an inability to seize criminal proceeds resulting from sales of spyware, as well as an inability to utilize money laundering charges to go after those who transfer funds across multiple overseas accounts in order to conceal profits from criminal spyware sales.  
Continue Reading

Recent high profile cyberattacks and data breaches like those suffered by Sony Pictures Entertainment and Target Corporation have prompted many companies to begin reevaluating their own vulnerabilities.  Target’s 2013 data breach alone resulted in more than 80 lawsuits and investigations by state and federal agencies, including State Attorneys General, the Federal Trade Commission and the Securities and Exchange Commission.  Given the heightened enforcement environment, companies assessing their data-breach response readiness should also have a basic understanding of the various tools that governmental entities can use to investigate data breaches, including the ability to access electronic company data stored by third parties.
Continue Reading

The U.S. Judicial Conference recently received public comments on proposed amendments to Federal Rule of Criminal Procedure 41 (the “Rule”), which would enlarge DOJ’s ability to remotely access, search, and seize electronically stored information (“ESI”).  Under the current Rule, a magistrate judge’s authority to issue warrants is limited to persons or property located within the district where the court sits, with few narrow exceptions.  Given the Rule’s territorial limit, DOJ has faced barriers in investigating and prosecuting Internet-based crimes where the computer’s location was unknown because of anonymizing tools, or where media and ESI were located in multiple districts or in the Cloud.

Under the proposed Rule, a magistrate judge would be authorized to issue warrants permitting the government to “use remote access to search electronic storage media and seize or copy electronically stored information located within or outside” the district where the court sits, in two possible scenarios.  One of these scenarios is DOJ investigations under the Computer Fraud and Abuse Act where the media to be searched are computers protected under the statute that are located in five or more districts.  The second scenario is where the location of the media or information has been “concealed through technological means.”  In these scenarios, the proposed Rule would allow the government to obtain warrants authorizing it to hack into computers and access ESI saved virtually anywhere in the United States, including in the Cloud.


Continue Reading