Reg comments46

Don't gripe if you hand your PC to Geek Squad and they rat you out to the Feds – judge

But FBI blunder may let alleged pedo walk free from court

Geek Squad

A judge has ruled that people who give their knackered computers to Best Buy's Geek Squad for repairs have no comeback if technicians find and report any illegal material to the Feds.

The ruling, by US District Court Judge Cormac Carney, came this week over the case of Dr Mark Rettenmaier, a prominent California gynecologist who is accused of possessing child sex abuse images. The case kicked off after he took his defunct HP Pavilion computer into a Mission Viejo Best Buy and asked its Geek Squad to find out why it wouldn't boot.

An examination of the computer's hard drive brought up an allegedly dodgy image of an prepubescent girl, and the engineers called in the FBI. The agency has a close relationship with Geek Squads, and offers $500 bounties for successful finds of illegal material.

Rettenmaier's defense team had argued that this was an invalid search, but Judge Carney ruled that is was legitimate since the defendant had signed a contract with the Geek Squad that contains a warning that illegal material will be reported. The doctor also verbally consented to an engineer checking his hard drive.

Best Buy has always maintained that it does not have a formal working relationship with the FBI. It is, however, obligated to report illegal material to the authorities if it finds it on a customer's computer.

Following the reporting, the FBI obtained a search warrant for the doctor's house and allegedly found thousands of child porn images on his phone and computer. But mistakes made in obtaining the search warrant may cost the FBI its case.

One problem is that the image found by the Geek Squad technicians may not technically be a valid child abuse image. It was a still from a well-known child abuse video, but didn't display the child's genitals or any sex acts.

More importantly, it was found in the unallocated space on the doctor's hard drive – ie: it was stored on the physical disk but no longer present in the file system perhaps because it was deleted – and so may not meet the legal requirements for possession. That's because without any file system metadata – such as a filename or date created – it is virtually impossible to prove who put the data on the disk and when.

For example, consider visiting a webpage that contains an unseen or hidden image that is cached by the browser on disk. A few days later, the browser deletes the image during general housekeeping. The data will linger on the disk for a while even though it has been delinked from the file system. At this point, it's hard to tell if the file was deliberately fetched and stored in a folder marked, say, "My favourite xxx" or unknowingly downloaded by the browser and buried deeply in a temporary cache.

The FBI left this crucial detail out of their application for a search warrant of the top doc's home, and, as such, all the evidence obtained may need to be thrown out.

Judge Carney opined that the image in question may not be considered pornographic and lambasted the FBI for their lax reporting of the circumstances under which it was used to obtain a search warrant.

James Riddet, Rettenmaier’s defense attorney, said his client would be contesting the legality of the search, but that it was now up to prosecutors to decide if the case could still go ahead. "We're going to have to wait until January or February 2018 to see what the government is going to do," he told the Orange County News. ®

Sign up to our Newsletter

Get IT in your inbox daily

Biting the hand that feeds IT © 1998–2017