This series, written by recent in-house counsel and former federal prosecutors, aims to help in-house legal and compliance teams avoid the types of seemingly minor or inconsequential missteps that can lead to aggressive government responses, including parallel civil and criminal investigations.

In part two, the authors explain what to do when a search warrant

This series, written by recent in-house counsel and former federal prosecutors, takes a practical approach to helping in-house legal and compliance teams operating in a world of complex regulatory schemes and increased whistleblower activity.  It specifically aims to address how to avoid the types of seemingly minor or inconsequential missteps that can lead to aggressive

On May 9, 2018, the Fourth Circuit Court of Appeals issued an opinion in United States v. Kolsuz, holding that the Fourth Amendment requires individualized suspicion for forensic searches of cell phones seized at the border.

In so holding, the Fourth Circuit provides important clarification about how the Fourth Amendment applies to border searches of electronic devices. But, both in the Fourth Circuit and in jurisdictions across the country, critical questions remain unanswered about the scope of the Fourth Amendment in this context.

Source: ACLU.org

The Decision

In United States v. Kolsuz, federal customs agents found firearm parts in the checked luggage of an airport traveler and then detained him as he was attempting to board an international flight. Subsequently, and without a warrant, agents seized his cell phone and “subjected it to a month-long, off-site forensic analysis, yielding a nearly 900-page report cataloging the phone’s data.” Based in part on this information, the traveler was eventually convicted of, among other things, attempting to smuggle firearms out of the country.

On appeal of his conviction, the traveler challenged the denial of his motion to suppress the forensic analysis of his cell phone as a violation of his Fourth Amendment rights.

In addressing the issue, the Fourth Circuit acknowledged that government agents may perform “routine” searches at international borders, or their functional equivalents, without a warrant or individualized suspicion consistent with the Fourth Amendment. But, the Court recognized that even at the border certain “non-routine,” “highly intrusive” searches require individualized suspicion.

Ultimately, the court held that forensic searches of digital devices, like the one at issue in that case, qualify as such “non-routine” searches and are thus prohibited absent some level of individualized suspicion.

The Court’s holding was based, in part, upon its determination that forensic analysis of a digital device can “reveal an unparalleled breadth” of “private,” “sensitive” information. It was also based on the Supreme Court’s 2014 decision in Riley v. California, which recognized the strong privacy interests associated with electronic devices. There, the Supreme Court held that a warrant is required to search a cell phone seized incident to arrest because of the private, extensive information contained on such devices.

Notably, however, the Fourth Circuit did not decide whether the requisite level of suspicion for such forensic searches is reasonable suspicion, or something more (like a warrant supported by probable cause). It also had no occasion to decide the requisite level of suspicion for officers to conduct “manual” searches, where agents review the content of electronic devices without the help of forensic technology.

Other Case Law, Open Questions
Continue Reading Courts Continue to Grapple with Border Searches of Electronic Devices: Fourth Circuit Rules Forensic Searches Require Individualized Suspicion

Since 2010, the SEC has abided by the Sixth Circuit’s decision in United States v. Warshak, and has not subpoenaed emails of an individual from third party service providers.   That changed, however, when the SEC decided to test the law by filing a recent action against Yahoo to force compliance with a subpoena for the emails of an individual.

In Warshak, the court held that the use of something less than a warrant, such as a subpoena or court order under the Electronic Communications Privacy Act (ECPA), violates the Fourth Amendment.  Not only had the SEC respected that decision but the DOJ had also changed its policies to comply with Warshak.  While the SEC stayed out of court, it did oppose efforts in Congress to codify the Warshak holding via ECPA reform.  However, when Yahoo refused to comply with an SEC subpoena based on Warshak, the SEC took Yahoo to court, leading to a hearing on the matter on June 30, 2017 in the federal court for the District of Maryland. SEC v. Yahoo, Inc., Case No. 8:15cv1339 (D. Md) (GJH).  While the Judge did not make a decision at the hearing, he did express views on the facts and law that will influence his decision.
Continue Reading In Action Against Yahoo, the SEC Seeks Emails Without A Warrant

Recent high profile cyberattacks and data breaches like those suffered by Sony Pictures Entertainment and Target Corporation have prompted many companies to begin reevaluating their own vulnerabilities.  Target’s 2013 data breach alone resulted in more than 80 lawsuits and investigations by state and federal agencies, including State Attorneys General, the Federal Trade Commission and the Securities and Exchange Commission.  Given the heightened enforcement environment, companies assessing their data-breach response readiness should also have a basic understanding of the various tools that governmental entities can use to investigate data breaches, including the ability to access electronic company data stored by third parties.
Continue Reading Government Investigations in the Wake of Data Breaches

Last month, Attorney General Eric Holder took an important first step towards reforming the DOJ’s federal Asset Forfeiture Program.  Under the program, state or local law enforcement authorities may ask federal agencies to take or “adopt” assets that have been seized under state law.  Federal agencies then sell the assets and return a significant portion of the proceeds to local law enforcement.  In some cases, these proceeds can account for up to 20% of the annual budget for certain police departments and sheriff’s offices across the country.


Continue Reading Holder Takes “First Step” in Comprehensive Review of Federal Asset Forfeiture Program

The U.S. Judicial Conference recently received public comments on proposed amendments to Federal Rule of Criminal Procedure 41 (the “Rule”), which would enlarge DOJ’s ability to remotely access, search, and seize electronically stored information (“ESI”).  Under the current Rule, a magistrate judge’s authority to issue warrants is limited to persons or property located within the district where the court sits, with few narrow exceptions.  Given the Rule’s territorial limit, DOJ has faced barriers in investigating and prosecuting Internet-based crimes where the computer’s location was unknown because of anonymizing tools, or where media and ESI were located in multiple districts or in the Cloud.

Under the proposed Rule, a magistrate judge would be authorized to issue warrants permitting the government to “use remote access to search electronic storage media and seize or copy electronically stored information located within or outside” the district where the court sits, in two possible scenarios.  One of these scenarios is DOJ investigations under the Computer Fraud and Abuse Act where the media to be searched are computers protected under the statute that are located in five or more districts.  The second scenario is where the location of the media or information has been “concealed through technological means.”  In these scenarios, the proposed Rule would allow the government to obtain warrants authorizing it to hack into computers and access ESI saved virtually anywhere in the United States, including in the Cloud.Continue Reading Expanded warrants to let DOJ remotely search and seize electronically stored information saved anywhere?