Federal Panel Orders Severe Restrictions On Seized Computer Files

A key federal appellate panel has ordered that government officials can't grab someone's computer data and then use whatever they happened to find against that person and other people. This decision addresses the concerns of many companies—especially retailers—who have to legally share server files with law enforcement in connection with crimes—such as data breaches—knowing that anything stored in that server could come back to haunt them in some unrelated probe.

"The point of (earlier procedural restrictions) is to maintain the privacy of materials that are intermingled with seizable materials and to avoid turning a limited search for particular information into a general search of office file systems and computer databases," said the decision from the full 9th Circuit Court of Appeals. "If the government can’t be sure whether data may be concealed, compressed, erased or booby-trapped without carefully examining the contents of every file—and we have no cavil with this general proposition—then everything the government chooses to seize will, under this theory, automatically come into plain view."

"Since the government agents ultimately decide how much to actually take, this will create a powerful incentive for them to seize more rather than less: Why stop at the list of all baseball players when you can seize the entire Tracey Directory? Why just that directory and not the entire hard drive?" the panel asked rhetorically. "Why just this computer and not the one in the next room and the next room after that? Can’t find the computer? Seize the Zip disks under the bed in the room where the computer once might have been. Let’s take everything back to the lab, have a good look around and see what we might stumble upon."

How, then, should law enforcement proceed when dealing with computer files that need to be seized?

"To avoid this illogical result, the government should, in future warrant applications, forswear reliance on the plain view doctrine or any similar doctrine that would allow it to retain data to which it has gained access only because it was required to segregate seizable from non-seizable data," the panel ruled. "If the government doesn’t consent to such a waiver, the magistrate judge should order that the seizable and non-seizable data be separated by an independent third party under the supervision of the court, or deny the warrant altogether."

The ruling said that federal agents—and while this decision doesn't dictate actions for state, county and municipal law enforcement, it is certainly likely to influence state judges and, therefore, the regional law enforcement agents they oversee—must use the tools they already have to protect the rights of defendants, suspects and companies whose data is grabbed.

"The process of sorting, segregating, decoding and otherwise separating seizable data (as defined by the warrant) from all other data must be designed to achieve that purpose and that purpose only. Thus, if the government is allowed to seize information pertaining to ten names, the search protocol must be designed to discover data pertaining to those names only, not to others, and not those pertaining to other illegality," the panel ruled. "For example, the government has sophisticated hashing tools at its disposal that allow the identification of well-known illegal files (such as child pornography) without actually opening the files themselves. These and similar search tools may not be used without specific authorization in the warrant, and such permission may only be given if there is probable cause to believe that such files can be found on the electronic medium to be seized."

The full decision makes interesting reading.