1 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Search Warrants & Seizure of Electronic Evidence.

Slides:



Advertisements
Similar presentations
THE FOURTH AMENDMENT Constitutional Law.
Advertisements

Paul Ohm Associate Professor, CU Law Initiative Director, Silicon Flatirons December 4, 2009.
Internet Investigations COEN 252 Computer Forensics  Thomas Schwarz, S.J
Are you ready for HIPPO??? Welcome to HIPAA
Information Sharing and Cross-System Collaboration John Petrila, J.D., LL.M. Professor, University of South Florida
Lecturer: Miljen Matijašević Session 8, 7 May 2014.
Criminal Procedure for the Criminal Justice Professional 11 th Edition John N. Ferdico Henry F. Fradella Christopher Totten Prepared by Tony Wolusky Searches.
Legal Considerations in Obtaining Electronic Evidence in Online Investigations CSC 486/586 1.
The Patriot Act And computing. /criminal/cybercrime/PatriotAct.htm US Department of Justice.
Right to Privacy: The Unwritten Right
Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202)
1 ISPs and Federal Privacy Law: Everything You Need to Know About the Electronic Communications Privacy Act (ECPA) Mark Eckenwiler Computer Crime and Intellectual.
Legal Issues Computer Forensics COEN 252 Drama in Soviet Court. Post-Stalin (1955). Painted by Solodovnikov. Oil on Canvas, 110 x 130 cm.
Lecturer: Miljen Matijašević G10, room 6, Tue 15:30-16:30 Session 9, 16 Dec 2014.
INTERNET and CODE OF CONDUCT
Class 7 Internet Privacy Law Your Digital Afterlife.
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
Chapter 3 Law Enforcement and the Law. Juvenile Justice Today Gennaro F. Vito and Julie Kunselman © 2012 Pearson Education, Upper Saddle River, NJ
Security Services Constitutional Issues in Private Security.
+ Protecting Individual Liberties Section 1 Chapter 14.
Guide to Computer Forensics and Investigations, Second Edition
The Exclusionary Rule The Fourth Amendment History of the Exclusionary Rule Deontological Defenses of the Rule Consequentialist Defenses Objections Alternatives.
Business Law for the Entrepreneur and Manager
Class 11 Internet Privacy Law Government Surveillance.
HIPAA PRIVACY AND SECURITY AWARENESS.
Use Policies Deputy Attorney General Robert Morgester
Electronic Use Policies.   Social Media  Internet.
1 Copyright © 2011 M. E. Kabay, J. Tower-Pierce & P. R. Stephenson. All rights reserved. The U.S.A.P.A.T.R.I.O.T. Act CJ341 – Cyberlaw & Cybercrime Lecture.
1 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Legal Issues in Cybercrime Cases: Search & Seizure.
Computer Forensics Principles and Practices
Chapter Seven – Searches and Seizures and the Right to Privacy Rolando V. del Carmen.
Medical Law and Ethics, Third Edition Bonnie F. Fremgen Copyright ©2009 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved.
Chapter 20: Civil Liberties: Protecting Individual Rights Section 2
Chapter 2 Legal Aspects of Investigation © 2009 McGraw-Hill Higher Education. All rights reserved. LEARNING OBJECTIVES Explain the historical evolution.
Policing Legal Aspects Go to this Site. Due Process Most Due Process requirements are in either: –evidence and investigation –arrest –interrogation All.
© 2010 Pearson Education, Inc., publishing as Prentice-Hall 1 ADMINISTRATIVE LAW AND REGULATORY AGENCIES © 2010 Pearson Education, Inc., publishing as.
Chapter 20: Civil Liberties: Protecting Individual Rights Section 2
The Bill of Rights The First Fundamental Changes of the Constitution.
 What is the exclusionary rule  Explain stop and frisk  What is the plain view doctrine  What did Miranda v Arizona require police to do  What happens.
Chapter 18 - The Fourth Amendment and National Security.
October 10, 2007 Fenwick & West Conference Center EFF 2007 Bootcamp 2.0 Best Practices for OSPs: Law Enforcement Information Requests Kurt Opsahl, Senior.
The Fourth Amendment and the Home By Laura Zajac.
Understanding the Criminal Justice System Chapter 6: Police and the Constitution.
May 11, 2009 Golden Gate University EFF 2009 Bootcamp 2.0 Best Practices for OSPs: Law Enforcement Information Requests Kurt Opsahl, Senior Staff Attorney.
s Protected by Fourth Amendment Right of Privacy By: Xavier Mulligan.
© 2010 Pearson Education, Inc., publishing as Prentice-Hall 1 INTERNET LAW AND E-COMMERCE © 2010 Pearson Education, Inc., publishing as Prentice-Hall CHAPTER.
The Bill of Rights and the Criminal Trial Process.
The Investigation.  Right to remain silent  Right to an attorney  No interrogation should take place before they read  Are a result of the US Supreme.
Intellectual Property. Confidential Information Duty not to disclose confidential information about a business that would cause harm to the business or.
Legal Studies * Mr. Marinello ARRESTS AND WARRANTS.
Chapter 12: Criminal Justice Process ~ The Investigation Objective: Student should be able to correlate how the constitution relates to an investigation.
Criminal Justice Process: The Investigation The criminal justice process includes everything that happens to a person from the moment of arrest, through.
Chapter 8 Data Privacy. Data Collection IP addresses Visited urls Anonymized? If so, supposed to prevent personal identification Europe considers IP address.
CHAPTER SIXTEEN The Right to Privacy and Other Protections from Employer Intrusions.
The Bill of Rights and Search and Seizure. The students will be able to: 1. Discuss the amendments involved from the Bill of Rights that pertain to obtaining.
VI. CRIMINAL PROCESS FROM ARREST TO CONCLUSION PRESENTED BY: JUDGE MARK A. SPEISER.
Surveillance around the world
VI. CRIMINAL PROCESS FROM ARREST TO CONCLUSION
The University of Adelaide, School of Computer Science
Networking 2002 USA-Patriot Act Tracy Mitrano Cornell University
Protection of CONSUMER information
Lesson # 7 A Practical Guide to Computer Forensics Investigations
Criminal Investigation and the Law
Restrictions, including those restrictions permitted by the European Convention on Human Rights Police powers of stop and search.
The Fourth Amendment and the Home
The Bill of Rights and the Criminal Trial Process
THE CRIMINAL JUSTICE PROCESS: THE INVESTIGATIVE PHASE
The Bill of Rights and the Criminal Trial Process
Chapter 20: Civil Liberties: Protecting Individual Rights Section 2
Search & Seizure The act of taking possession of this property.
Presentation transcript:

1 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Search Warrants & Seizure of Electronic Evidence CJ341 – Cyberlaw & Cybercrime Lecture #17 M. E. Kabay, PhD, CISSP-ISSMP D. J. Blythe, JD School of Business & Management

2 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Topics  Identifying Physical Location of Electronic Evidence  ECPA Effects on Data Acquisition  Collaboration from Third-Party Record-Holders  Which Computers?  Legal Limits on Searches  Federal Constitutional Limits  State Constitutional Limits  Statutes

3 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Identifying Physical Location of Electronic Evidence  General Principles  ECPA Effects on Data Acquisition  Coverage  Disclosure to Government Agents  Contents of Electronic Communications  Violations of the ECPA  Collaboration from Third-Party Record-Holders  Finding the Records  Evaluating Utility of Records  Authenticating Records  Obtaining Records  Contacting ISP & Serving Papers

4 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. General Principles  Katz v US (1967): SCOTUS held that publicly disclosed information is not constitutionally protected  Includes voluntarily transferred info in hands of third parties  Thus third-party repositories limited by statute, not 4 th amendment  Restrictions include laws protecting  Bank records  Cable TV & video rentals  & other electronic communications

5 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. ECPA Coverage  2000: Updated Wiretap law (18 USC § )  2004: Added Stored Electronic Communications Privacy Act (SECA, 18 USC § )  Protects contents of e- communications in storage by service  Prohibits provision of communications to government agencies without strict controls

6 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Disclosure to Government Agents  All records may be obtained through warrant  Subscriber/customer records (identity, services) may also be obtained by subpoena  Transaction history available through subpoena since U.S.A.P.A.T.R.I.O.T. Act passed  may be retrieved by subpoena provided user given notice (up to days delay)  May use “§2703(d) court order” to access everything except unopened stored < 180 days

7 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Contents of Electronic Communications  Agreement of one party in electronic communication suffices for legal disclosure  Take that fact into account when you are writing  In general, when writing with employee userID, all must be considered equivalent to using company letterhead  All official may become evidence in a court of law  When writing informally using your own address, remember that everything on Internet is POTENTIALLY PERMANENT and may affect your future employment prospects

8 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Violations of the ECPA  Criminal liability  Up to 2 years in federal prison  Civil liability  Damages & attorneys’ fees  Government agent may be personally liable  Suppression: NOT a remedy  Good faith defense:  Government agent may  Rely on good faith application of warrant or subpoena  As absolute defense against civil or criminal charges stemming from actions

9 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Evaluating Utility of Records  Records may not be available  Typically day retention of log records  Dynamic IP addresses may make identification difficult for older evidence  Some records may originate in public computers that are effectively anonymous  Business services (e.g., Kinko’s)  Libraries, Internet cafés  Wireless services  Hijacked services  Anonymizers But look for video camera recordings

10 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Authenticating Records  Spoofing may disguise origin  Naïve users alter originating address  But headers show real IP addresses  More sophisticated criminals add faked header lines  Must always analyze entire header  SamSpade does this (discussed in lecture 16)  Open spam relay a danger  Logon to unprotected SMTP server  Send mail from someone else’s system

11 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Obtaining Records  Typically obtain search warrant  Better than subpoena  Can obtain any records at all  Avoids problem of more restrictive state laws that require warrant  So why not use a warrant?  Might not have probable cause  Difficulty getting warrant across state lines

12 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Contacting ISP & Serving Papers  Call ISP to be sure they have records you need  Discuss IP addresses with technical staff  Identify possible errors of analysis  Find out if there have been mergers or acquisitions  Identify possible IP sub-blocks owned/used by other entities  Ask if ISP will accept warrant by fax  Explain exactly what you need

13 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Search Warrants  Which Computers?  Legal Limits on Searches  Federal Constitutional Limits  State Constitutional Limits  Statutes

14 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Which Computers?  Goal of tracing electronic communications:  Locate computer at origin of evidence of crime  Link to specific person  Computers that may be involved  Victims’ computers may be searched without warrant with permission  Publishers’ computers not restricted if publisher is the victim  ECPA does not apply to suspects’ computers

15 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Federal Constitutional Limits  Fourth Amendment  Reasonable expectation of privacy  Government action  Legal Warrant  Probable cause  Neutral/detached magistrate  Reasonably precise  Rules for Executing Warrant

16 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. The Fourth Amendment Text Bold emphasis added

17 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. 4th Amendment Issues (1) Reasonable expectation of privacy (EOP)  Subjective expectation  Computer in home has higher EOP  Shared computer has lower EOP  Employer’s computer: depends – Policy? Awareness? Enforcement?  Social acceptance or expectation of search

18 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. 4th Amendment Issues (2)  Government action  Searches by state law enforcement may transfer results to federal agencies But federal authorities must not have been involved in a way that would require suppression of evidence  Private citizens  Constitution does not affect search by private citizen not acting as an agent of law enforcement  Thus evidence usually admissible in court

19 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Legal Warrant  Probable cause  Evidence of a crime  Likelihood that evidence will be found in location to be searched How do you know suspect used computer in home? Could have been elsewhere May need circumstantial evidence such as time stamps, stakeout  Neutral/detached magistrate  Who has authority for warrant location  Watch out for cross-state jurisdiction  Reasonably precise  General description may lead to suppression  Best to mention computers & media explicitly

20 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Rules for Executing Warrant (1)  Knock and announce: identify as LEOs & explain purpose in entering premises  Take items in plain view  But contraband and tools for crime may also be seized if they are visible and obviously incriminating

21 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Rules for Executing Warrant (2)  Good faith  Evidence seized under faulty warrant may be suppressed  But generally LEOs not prosecuted if acting under good faith in legality of (later overturned) warrant  Remove computers for analysis off-site  Prompt execution  Don’t let evidence evaporate  Cannot hold warrant in abeyance indefinitely

22 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. State Constitutional Limits  Some states more restrictive than federal rules  Some do not allow good-faith exception to requirement for valid warrant  Some may protect vehicles (and by implication portable computers) more than federal courts

23 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Statutes  ECPA (as discussed above)  Zurcher v. Stanford Daily  LEOs had warrant to search student newspaper’s computer for pictures of political demonstration  SCOTUS ruled that 1st Amendment issues did not further limit warranted searches This is not a statute.

24 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Statutes: PPA  PPA passed to further restrict warrants  Privacy Protection Act (42 USC §2000aa)  Passed in 2000  Any material intended for publication or broadcasting requires a subpoena  Exceptions Contraband, fruits or tools for crime Preventing imminent death or injury Material held by target of investigation Child pornography And neither is this.

25 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. PPA & Steve Jackson Games  March 1990: Secret Service raided Steve Jackson Games  Looking for info about BellSouth’s emergency service  Had been posted on BBS  Seized entire computer for BBS  Held for months  Severely damaged company  SJG sued under PPA & ECPA  Won trial  Awarded damages $51K  Attorneys’ fees $250K  Irony: BellSouth info was actually public & available for sale from company

26 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Now go and study

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.