A federal judge in Texas has ruled that sending malware to someone's computer in order to retrieve information from it does count as a "search" under the Fourth Amendment, mandating that the FBI will require a warrant to hack into someone's computer. The ruling came as part of Jeffrey Torres' ongoing case. He is currently facing charges for receiving and possession of child pornography. Torres was one of several people caught by the FBI for using Playpen, a dark web child pornography site.
After seizing Playpen in February 2015, the FBI ran the site for two weeks during which they used malware called the Network Investigative Technique (NIT) to secure Torres' IP address and then determine his identity by subpoenaing his internet provider, Time Warner Cable, according to court documents. The FBI later obtained a residential warrant to search his premises.
After conducting a forensic search of Torres' computer, they found "at least 141 image files and 84 video files depicting child pornography" that included "toddlers, graphic degradation of female children, and at least one video of a male infant being abused by an adult female".
While Torres filed a motion to suppress the evidence discovered saying it was obtained in an "unlawful" search of his computer due to the use of the NIT, Senior US District Judge David Ezra denied the motion. However, he ruled that though there was "no evidence" that the FBI or the judge who issued the NIT warrant "acted in bad faith when they respectively sought and issued" it, the FBI's hacking does amount to a "search" under the Fourth Amendment.
"[T]he NIT placed code on Mr Torres' computer without his permission, causing it to transmit his IP address and other identifying data to the government," Judge Ezra wrote in the ruling. "That Mr Torres did not have a reasonable expectation of privacy in his IP address is of no import. This was unquestionably a 'search' for Fourth Amendment purposes.
"The instant NIT warrant has brought to light the need for congressional clarification regarding a magistrate's authority to issue a warrant in the internet age, where the location of criminal activity is obscured through the use of sophisticated systems of servers designed to mask a user's identity."
Ezra also noted that if he were to throw out the evidence seized in Torres' case, it could suppress "a significant quantity of evidence currently being used to prosecute individuals who allegedly downloaded child pornography" from Playpen.
In June, a US district judge in Virginia found that the FBI did not require a warrant to deploy the NIT malware.
"People who traverse the internet ordinarily understand the risk associated with doing so," Senior US District Judge Henry Coke Morgan Jr, said. "Now, it seems unreasonable to think that a computer connected to the web is immune from invasion. Indeed, the opposite holds true: In today's digital world, it appears to be a virtual certainty that computers accessing the internet can — and eventually will — be hacked."
Charged with access with intent to view child pornography, the defendant in that case, Edward Joseph Matish III also filed a motion to suppress the evidence seized and gain access to the full source code of the malware. Morgan, however, denied the motion.