Feds publish computer search manual
One word: crypto
When the Feds lack evidence sufficient to hustle a judge into issuing a warrant to examine a computer's contents, they often politely ask the owner or someone who shares it if they might just have a quick peek at the contents of its HD. Incredibly, a significant number of people foolishly cooperate, and so reveal enough evidence for the nosey buggers to bring to a judge and get the desired warrant.
So Lesson One of the US Department of Justice's latest how-to publication, "Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations", is 'Just Say No'.
Not that it always works. Your idiot roommate, parent or spouse, if s/he shares your computer, can give the Feds permission to search it. The way to defeat that is to encrypt any file you'd prefer agents of Uncle Sam not see. This puts your data in a category similar to the contents of a locked box to which your housemates haven't got a key. They are assumed not to have authority to open it, and obviously not to have the authority to let anyone else do so either.
Another risky practice is leaving potentially incriminating data unencrypted on a disk when the box is sent to a repairman. Here the repair flake may not authorise the Feds to search your box; the law assumes you have a reasonable expectation of privacy from government snooping when you surrender property for the limited purpose of getting it fixed.
Ah, but nothing can stop the ten-thumbed technician from doing his own, private search of the machine, and alerting the Feds to your collection of bestiality pics. In that case, the coppers are authorised to recapitulate the private search, and if that bit of cherry picking should turn up enough evidence to get a warrant, you're stuffed (not to mention keenly embarrassed).
"The fact that a private person has uncovered evidence of a crime on another person's computer does not permit agents to search the entire computer. Instead, the private search permits the agents to view the evidence that the private search revealed, and, if necessary, to use that evidence as a basis for procuring a warrant to search the rest of the computer," the manual explains.
And in some instances the Feds can lie to you, or anyone else in control of your machine, and still conduct a legal search with consent.
One William Roberts last year was told by agents at an airport that they were searching for "currency" and "high technology or other data" that could not be exported legally.
Of course what they were really looking for was just what they found; the large collection of kiddie porn Roberts had on his laptop machine. Poor Roberts imagined that by consenting to let the Feds look for something he knew he didn't have, the rest of his data would be protected by Constitutional requirements of specificity in searches. Little did he know that while en route to France he and his possessions occupied a Constitutional nether-world. He was being treated to a so-called 'border search', in which the Feds enjoy grossly expanded powers.
And there is the growing trend towards executing 'no-knock' searches of computers, which the DoJ thinks is a splendid practice.
"Agents may need to conduct no-knock searches in computer crime cases because technically adept suspects may 'hot wire' their computers in an effort to destroy evidence. For example, technically adept computer hackers have been known to use 'hot keys,' computer programs that destroy evidence when a special button is pressed. If agents knock at the door to announce their search, the suspect can simply press the button and activate the program to destroy the evidence," the DoJ warns.
Here again, as in all the previous cases, there's only one reliable way to protect your privacy: encryption. Use it. ®
Sponsored: RAID: End of an era?