Court ruling limits electronic searches
Says Justice Department 'overreached' in collecting data on steroid use by MLB players
Computerworld - A federal appeals court this week ruled that government investigators cannot retain incriminating information found in electronic searches unless it is within the scope of a search warrant.
The U.S. Circuit Court of Appeals for the Ninth Circuit, in a 9-2 vote, rejected arguments by the U.S. Justice Department that it be allowed to retain and use all of the data that it seized in 2004 as part of a federal investigation into the use of illegal substances use by Major League Baseball players.
In a 63-page decision, the court disputed the Justice Department's argument that it should be allowed to retain and use information not included in its original search warrant because it came into "plain view." The court contended that the so-called "plain view doctrine," which allows investigators to seize evidence without a warrant if it was found in plain view during a legitimate search, does not extend to electronic searches.
"This was an obvious case of deliberate overreaching by the government in an effort to seize data as to which it lacked probable cause," wrote Chief Judge Alex Kozinski in the majority opinion.
The case involves the federal government's investigation of the Bay Area Lab Cooperative (Balco), which was suspected of providing illegal steroids to professional baseball players. As part of that inquiry, investigators sought and obtained a warrant to search the computers of Comprehensive Drug Testing, Inc. (CDT) for the test records of 10 specific players. CDT conducts drug tests for the Major League Baseball Players Association, the union representing the players.
The warrant issued in the Central District of California allowed the government investigators to search through computer files for the records of 10 players they suspected had tested positive for illegal substances. When the warrant was executed however, investigators seized and reviewed the CDT test records of hundreds of other major league players.
In its response to the appeal filed by the union, the government argued that it had stumbled upon the broader information while searching for the results of the players listed in the warrant. The players union and the testing company argued that the government had no right to seize the results of any player other than the 10 named in the search warrant, and asked the court to force the government to abandon the disputed data.
In his ruling, Kozinski said government investgators had willfully disregarded many of the caveats in the warrant to obtain the disputed data. Therefore, he said, the government should not be allowed to "benefit from its own wrongdoing" by retaining the "wrongfully obtained" data. He called the government "too clever by half" in asking that the plain view doctrine be applied in this case.
On a broader note, Kozinski said the government cannot apply the plain view doctrine to searches involving computer data. Electronic searches would regularly require the opening of many files to find one, he said.
Accepting the government's argument would give its prosecutors too much incentive to seize as much electronic data as they can despite limitations set in a search warrant, Kozinski said. "Why stop at the list of all baseball players when you can seize the entire directory? Why just that directory and not the entire hard drive? Why just this computer and not the one in the next room and the next room after that? Can't find the computer? Seize the zip disks under the bed in the room where the computer once might have been," he wrote.
Going forward, the government should "forswear reliance" on any stipulations in warrants to search electronic data, Kozinski wrote. If the government does not accept such a waiver, the judge authorizing a warrant should call on a third party to segregate the data under court supervision, he said.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts