Government hacking in child porn case was a search, but evidence won't be suppressed, says judge
Federal trial courts differ on whether the FBI placing malware on private computers amounts to a search, and although a Texas judge recently found that it did, he denied the defendant’s evidence suppression motion on the basis that it wasn’t proven the government willfully violated the law.
The case involved a darkweb site that hosted abusive images of children accessible on the Tor internet network, Motherboard reports. Tor software conceals the internet protocol addresses and geographical locations on computers that have it installed.
The government accused Jeffrey Jerry Torres of receiving and possessing approximately 141 image files and 84 video files of child pornography.
The FBI found the photos after initially using malware known as a network investigation technique, more commonly referred to as NIT. The FBI obtained a warrant for that in the Eastern District of Virginia, according to the Sept 9 order (PDF). After securing Torres’ IP address by way of the NIT and determining his identity after a subpoena to Time Warner Cable, the FBI discovered the images and videos after obtaining a residential search warrant and subsequently conducting a forensic search of Torres’ computer.
Torres agreed to be interviewed after the residential search, and he told law enforcement that he’d been downloading and accessing child pornography for approximately 1.5 years, Senior U.S. District Judge David Ezra wrote in his order.
For Fourth Amendment purposes, there’s no question that the hacking amounted to a search, Ezra wrote, but there was no evidence that the FBI acted in bad faith when it sought the NIT warrant, or deployed it.
“Rather, the instant NIT warrant has brought to light the need for congressional clarification regarding a magistrate’s authority to issue a warrant in the internet age, where the location of criminal activity is obscured through the use of sophisticated systems of servers designed to mask a user’s identity,” the order reads.
Ezra notes that if he were to toss the evidence in Torres’ case, it could suppress “a significant quantity” of evidence using against other defendants who were caught in the same NIT search.
In June, an Eastern District of Virginia U.S. district court judge found that the FBI did not need a warrant to deploy an NIT. The order (PDF) in that case also involved a motion to suppress evidence motion; in this case, defendant Edward Joseph Matish III was charged with access with intent to view child pornography.
Matish’s motion also sought access to the full source code of malware deployed by the FBI, which Senior U.S. District Judge Henry Coke Morgan Jr. denied.
