I’m saying that there is a broad pen stroke between probable cause and slightly possible and the technique applied here does not fall solidly on either side of that line. It is valid for bringing a potential violator to the attention of the authorities for further investigation before someone starts signing off on warrants.
In this case, visiting multiple times, downloading video, whatever other actions they tracked to his account, due diligence seems to have been performed in creating the warrant. That someone dropped the ball in serving it giving him time to destroy potential evidence is another problem.
But a link being clicked is the equivalent of a black man walking through an affluent white neighborhood as far as probable cause goes. And the implication here is that a single click is enough for an overzealous investigator to go to a well-meaning but tech ignorant judge to get a warrant and generally screw up an innocent persons life.
That someone’s IP shows up in the honeypot should be the electronic equivalent of an anonymous tip.
Someone drops a letter into the mail to the local FBI office. “Bricker at 123 Candyland Lane has kiddy porn dvd’s in his home.” No competent judge would create a warrant to search your home based solely on that even if an agent brought it to him.
So, by your reading of these rulings, do you believe the courts fully understand the technology involved, including side issues such as “wireless hacking” and other such objections brought up in this thread so far?
I ask because many folks, when they hear of legal rulings involving tech that they disagree with, explain it by stating that the judges are too old or tech-ignorant to REALLY understand what’s going on, and I’d like to hear your opinion on whether that’s true.
I’m not sure what the argument is that this is so outlandishly unreasonable. Illegal material was downloaded to an IP address. We know that a crime has been committed. Yes, someone else might have done it, but it is reasonable to assume that the owner of the IP address might have done it. How is that not probable cause for a search to see if the illegal material is on the computer?
I think the judges might be a bit behind the power curve, but I also think that people on the other side of the argument are vastly overstating the actual prevalence of WiFi hacking as it’s applied here. I have no doubt that wireless hacking goes on with a fair bit of frequency (no pun intended) but that in the end, it’s a tiny fraction of the overall home network traffic passed around. So on a pure numbers basis, it’s fair to say that it’s sufficient for probable cause that any given traffic passing through your public-facing internet address is attributable to you. Not certain, not even necessarily likely, but sufficient for probable cause.
I think the problem is that most people who read these blurbs don’t really understand “probable cause;” they hear “probable” and think “that means more than 50%.” I also think the writers of these blurbs then to dishonestly tilt the facts in favor of the point they’re trying to make; in the initial link posted by the OP, for example, it’s entirely unclear that the subject’s browser hit the honeypot four time and that a video file was actually downloaded. The link tries to make much hay of the fact that a search warrant was granted based on a single click, which simply isn’t true.
The real problem with tech-unsavvy judges and prosecutors will (and has!) come up not for probable cause issues, but for issues of actual guilt when things like wifi theft and IP spoofing are involved. Reliance on an IP address is perfectly permissible in the probable cause context; I fear it will be treated as presumptive in a criminal trial context, and THERE is where it shouldn’t be.
If I read the OP correctly, they did not download material. They clicked a link that claimed to lead to such material, but no material was there. Just a program that captured the IP address of the person who clicked it.
Suppose the government put an ad in the Yellow Pages that advertised a crack dealer with a phone number. If you call that number, for any reason, then that is enough for the state to get a warrant to search your home for drugs.
The affidavit (which I can’t find online in a free service to link to) also states that Vosburgh actually downloaded the phony video file, which did not actually contain any video at all, but was the right size and named as though it did.
The affidavit also says that Vosburgh clicked on the link four times.
This is where I disagree. I think there’s a distinction to be made in these entrapment cases. If there is no actual illegal material or services to be had, then I believe that there should be no criminal liability. It’s not like attempted murder in which a successful attempt could result in harm. Here, there was no possibility that the illegal material could be obtained by the defendant.
Bricker, I think you are overstating your case that the law on this question is now settled. The only appeals-level opinion we have is a single circuit court ruling on one problematic aspect of this case–what we might call the “multiple users problem.” That case does not address the other issues raised in this thread (e.g. whether any clicking of a link is enough for PC), and even if it did, it still wouldn’t be even close to sufficient for your claims of legal certainty (“We now KNOW" . . . “WHAT IS”).
We would all do well to consider the Supreme Court’s words on probable cause:
Ornelas v. United States, 517 U.S. 690, 695-96 (1996).
In other words, to speak of a settled legal rule here at all is to misunderstand the role of probable cause. Probable cause is a practical determination made based on the particular facts of a case and given deference by the courts. It is an area where the is/should distinction is very narrow because each decision is made on its own practical merits.
Given the facts in this case, I agree that most magistrates would likely have made the same decision. But on the larger question of the law regarding this investigatory method things are not–and maybe in principle cannot be–as settled as you state. Even if you think the Supreme Court is wrong and that Perez represents a “neat legal rule” that settles the issue, there are only a handful of cases with similar facts, and none from the Supreme Court. Concluding that the law is now clearly settled would still be entirely premature.
There is some reason to believe that Perez will not ultimately win the day. On the general principles involved there are cases on both sides. Perez cites Garrison as its guiding precedent, but Garrison is barely relevant, and entirely distinguishable. Reasonably believing that you will be searching one apartment that turns out to be two is quite unlike believing that there is only one user of an IP address. And indeed, Garrison suggests that if the police had known it was multiple apartments ahead of time, the search would have been suppressed. It seems to me that the court should have at least addressed the line of cases that holds that if multiple suspects have access to the resources of the crime (say, the basement where a rape was committed) then you need a reason to suspect one in particular in order to search or arrest only that one.
In my NYC apartment, I have access to 16 wireless routers. Frequently my computer will automatically log on to one that isn’t my own. Few other resources are stolen intentionally or unintentionally more than wireless connections. At some point, the fact pattern starts to look more like the lack of particularized suspicion cases. Combine that with the link-clicking problem and I think there is, at a minimum, a discussion to be had here that goes beyond talking in generalities about the standard for probable cause.
I must be misunderstanding your point here. We know that the effort to suppress failed, but the fact of his conviction tells us no more than failure to suppress told us. It does not follow from the fact of conviction that the information known by the FBI was sufficient to establish probable cause.
This is not entrapment. Entrapment is when the government coerces you into committing a crime, and then tries to charge you for committing the crime. There was no coercion on the part of the FBI in this case.
The defendant attempted to commit a crime. This “no potential harm” thing is a total non-sequitur. Hell, suppose that the videos were real. What harm has been done if he does download the videos?
By the same token, an undercover officer posing as a prostitute shouldn’t be able to arrest a soliciting John. After all, the officer was never going to perform sexual acts so no illegal services could have occurred.
And again everyone is once again shocked that, as long as someone convinced him it was legal, Bricker would be herding people on to the trains as fast as he could.
Still, I guess it’s encouraging that a few more people seem to figure this one out every time lil’ Bricker defends the indefensible.
I think the government thinking is going like this.
This guy tried to download some illeagal pron.
Really tried.
He may have done so successfully in the past.
So Judge, give us a warrant to seach his computer.
Judge says “OK”.
So the guy did download what he thought would be kiddie porn. It turned out to be a bad file. So he attempted downloading a few times. None of them worked but hey, that makes him a suspect as to having done it previously.
Now if he had just one time, or maybe a few, clicked a link to a place that advertised the stuff, I would say that he is not a suspect.
The problem is that maybe someone was borrowing his IP address and they did it. Or maybe his software did this automatically for him. But those are separate issues.
You lack the capacity - the wit, if you will - to understand anything that I’m talking about. If, every time you see one of my posts from here on out, you simply repeat to yourself, “I’m too dumb to understand this, so I’d better skip it,” you’ll be in much better shape.
I don’t doubt that future cases may operate to refine some of the guidelines for probable cause when IP addresses are involved. For example, if the subpoena to my ISP returns my service address as a rural location, a single residence with no neighbors closer than 1/2 a mile, it may be treated differently than, as you say, a closely clustered apartment.
If I were a magistrate, I would love to ask the affiant, “Standing outside the subject’s door, how many WiFi signals were you able to detect, and how many of them were unencrypted?” I own a simple USB WiFi connector that, even unconnected to a computer, will cycle through the SSID of each WAP it finds, and show a little lock signal if the connection is using encryption of some kind. No reason the cops couldn’t use a similar test. In fact, I should have thought to say that when responding to Leaper’s question, above.
But those are details, not changes in the basic approach. After all, someone could argue that a van equipped with a laptop and WiFi was roaming the area; someone could argue that WEP is trivially compromised and shouldn’t count as encryption; that there’s no proof some virus-like prcess didn’t force the target computer to act as a web proxy. All of those are possible defenses at trial that should have nothing to do with probable cause.