Wednesday, March 10, 2010
“Translating” Privacy
One of the interesting issues pointed out in the video shown to us last week was how the right to against unreasonable searches have been “translated” as changes in technology occurred. We saw how the Olmstead v US decision failed to translate the right to unreasonable searches. The Court therein ruled that the Fourth Amendment, as intended by the framers, merely covered trespass. Later on, such ruling on wiretaps was overturned by Katz v US. The Court therein said that what the Fourth Amendment covered was”people, not places”. Thus, even though there was physically no trespass, as long there is “reasonable expectation of privacy” from an individual, such privacy will be covered by the Fourth Amendment.
Today, we again face the problem of translating this right because of the changes the computer and the Internet have introduced. U.S. v. Ahrndt, 2010 WL 373994 (U.S. District Court for the District of Oregon 2010) and U.S. v. Borowy, 2010 WL 537501 (U.S. Court of Appeals for the 9th Circuit 2010), two recently decided cases by US courts, illustrate this.
In Ahrndht, a woman was using her computer at home and was connected thru the Internet via a wireless router. When her router malfunctioned, her computer picked up a signal from another wireless (unprotected) network nearby. The woman then started using her ITunes and later noticed that another user’s library from the same network was available for sharing (meaning she can see and access those files). When she opened the shared library, she saw therein files containing child porn. She immediately contacted the police. When the police came, she showed them the files by again accessing the shared library. From there, search warrants were obtained by the police to gather evidence.
In Borowy, on the other hand, involved a search conducted through Limewire. Special Agent Byron Mitchell conducted a search in LimeWire by keying in the search bar the term `Lolitaguy,’ a term known to be associated with child pornography. From results, he identified known images of child pornography by using a software program. One of these files identified was linked to Borowy’s IP address. Using the `browse host’ feature of LimeWire, Agent Mitchell was able to find other child porn being shared by Borowy’s IP address and downloaded them. A search warrant was then obtained to later seize Borowy’s laptop and other storage devices.
In both cases, the accused filed a motion to suppress evidence, claiming that the search was unconstitutional as their right to privacy was violated. In Ahrndt, the accused argued that there was an expectation of privacy in the ITunes shared folder. Also, he added “that a wireless network should be given no less protection than a hardwired network under the Fourth Amendment“ and that “if . . . [he] had possessed a hardwired home network, and officer McCullough had obtained access to defendant's computer via the hardwired network, there would no question that his access violated a reasonable expectation of privacy“. In Borowy, the accused argued that “he had purchased and installed a version of LimeWire that allows the user to prevent others from downloading or viewing the names of files on his computer and because he attempted to engage this feature, he had a reasonable expectation of privacy in the files“. He claims, that for whatever reason, the feature was not engaged when Mitchell downloaded the files from Borowy’s computer.
These arguments were rejected by both courts. In Ahrndt, the Court said there was a different expectation of privacy in wireless networks against their hard-wired counterparts. It also pointed out that the accused failed to protect the network with a password (thus making the network available for all nearby users), thus making his privacy argument weaker. In Borowy, the court argued that simply by the fact that those files were shared over the network, all expectation of privacy was lost.
I agree with the ruling in the Borowy case. Limewire is basically a program wherein users share files. Its purpose is to facilitate the transfer of files between many users. Thus, when a person uses this program, it can be inferred that there is an intention on his part not only to download files, but also to share his files with other users. There is clearly no expectation of privacy in this case.
The Ahrndt case is what I find a bit problematic. Wireless routers, when installed in homes, are intended to be used only by the people residing therein. It is not installed so that it can be used by other persons living nearby. There is thus a reasonable expectation of privacy within this “space“. The fact that there was a shared ITunes library within the network could only mean that it was intended to be shared within the computers inside the house. The argument that the network should have been password protected to be considered private should also not hold. It should be noted that the default setting of a wireless router (or most of them) is not to have password protection. Additional steps should be taken, which may seem complicated to most people. As evidence, most wireless networks we encounter are not password protected. To make things worse, “quick installation guides“ of wireless routers do not usually include instructions on how to set a password for your network. You have to browse through the online or main manual just to find such instructions, something we usually don’t bother with when the network is already up and running. Thus, to just conclude that there is no expectation of privacy because the network is unprotected seems to be a rash conclusion. To analogize the court’s view, what they are saying is that the police can enter and search your house if your front door is open. There is only an expectation of privacy if the door is closed and locked. This conclusion is simply absurd.
The rulings in these cases have shown so far that there is an increasing burden on our part to secure our privacy and to prove that such right to privacy exists. These cases also mandate that we should be responsible for the machines we use and thus, we should educate ourselves on how to use them properly. This all sounds right at first. But a closer scrutiny tells us that this should not always be the case, as the burden of showing that the non-existence of a fundamental right belongs to the government.
Sources:
http://cyb3rcrim3.blogspot.com/2010/02/wi-fi-privacy.html
http://cyb3rcrim3.blogspot.com/2010/02/kyllo-and-forensic-software-program.html
Monch Bacani
13th entry
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment