Internet users apparently have no legal right to privacy.
Senior U.S. District Judge Henry Coke Morgan Jr. has ruled that “people should have no expectation of privacy on their home PCs because no connected computer ‘is immune from invasion,’” reports eWeek.
The ruling stems from a case where the Federal Bureau of Investigation (FBI) took control of a website that was being used to distribute child pornography. The site was called Playpen, and it was a hidden service residing on what is known as “the dark web.”
The dark web is a part of the internet that is not accessible to regular browsers. According to Quora, this area resides on a part of the internet known as the “deep web.” The deep web is where a majority of online data is contained, such as networked databases, banking data, and other encrypted information. As such, data held on this level of the internet is not indexed by search engines and is only accessible through entities that store information there. Hidden networks are also maintained on the deep web and are only accessible through a tool called an onion router.
The most common tool used to access the dark web is known as a TOR client. A TOR client can be a standalone program, which is like a browser, or it can be an attachment bundle to an existing browser such as Firefox. TOR clients allow users to access this deeper part of the internet anonymously. As such, the dark web has seen extensive use as a place to secretly conduct illegal activities such as gambling, hacking, and, in this case, illegal pornography.
According to Motherboard, the FBI seized Playpen’s servers located in Lenoir, North Carolina. Usually, when law enforcement makes such a seizure, they just shut the website down. In this case, the FBI began running the site from its servers in Newington, Virginia. With Playpen under its control, agents were able to infect visitors with a hacking tool that revealed users’ valid IP addresses. Motherboard reports that at least 1,300 unique IP addresses were recovered but says that a defense attorney estimates that the total is probably closer to 1,500.
Motherboard states that “charges have also been filed against defendants in Connecticut, Massachusetts, Illinois, New York, New Jersey, Florida, Utah, and Wisconsin.”
Privacy advocates see a problem with this as only one court order was ever issued in this case. Mass hacking of thousands of computers using a single warrant that does not even list affected parties is seen as a huge breach of Fourth Amendment rights.
However, eWeek reports that the judge ruling in the case said, “It is clear to the Court that Defendant took great strides to hide his IP address via his use of the Tor network. However, the court FINDS that any such subjective expectation of privacy—if one even existed in this case—is not objectively reasonable.”
The Electronic Frontier Foundation (EFF), which investigates and advocates for internet privacy, called the ruling “a dangerously flawed decision.”
The EFF views the judge’s opinion and the precedent that it sets as a violation and erosion of the Fourth Amendment, which protects U.S. citizens from unlawful searches and seizures.
“According to the court, the federal government does not need a warrant to hack into an individual’s computer. This decision is the latest in, and perhaps the culmination of, a series of troubling decisions in prosecutions stemming from the FBI’s investigation of Playpen. We’ve been participating as amicus to educate judges on the significant legal issues these cases present. In fact, EFF filed an amicus brief in this very case, arguing that the FBI’s investigation ran afoul of the Fourth Amendment. The brief, unfortunately, did not have the intended effect.”
The EFF claims that if this decision is upheld, law enforcement will have free reign to search and seize information from an individual’s computer without a warrant, probable cause, or even suspicion. However, the foundation also believes that the ruling will not stand on appeal.
“[His opinion on internet privacy] was not the central component of the judge’s decision, which diminishes the likelihood that it will become reliable precedent,” states the EFF.
Other past court rulings seem to agree with the EFF’s opinion. In 2007, the Ninth Circuit Court ruled “that just connecting a computer to the network does not undermine a user’s ‘subjective expectation of privacy and an objectively reasonable expectation of privacy in his personal computer,’” explained eWeek.
Judge Morgan is of the opinion that the 9-year-old ruling is no longer valid due to technological advances in hacking. He feels that since hackers, given enough time, can eventually breach your computer’s security, users should hold no reasonable expectation of privacy when they connect to the internet. He views it similarly to someone taking a file from their filing cabinet and putting it outside on the sidewalk.
The problem with this view is that internet users do take precautions to protect their privacy and security when connecting to the web, and therefore, they do have a reasonable expectation of privacy. Just because a police officer can use lock picking tools to break into a house does not mean that it is legal for him to do so without a warrant. A digital lock should be no different than a physical one.
While the purveyors and consumers of child pornography deserve no sympathy, the ramifications of this judge’s decision sweep farther than just the criminal element on the internet. Internet privacy and electronic documents should be respected by public officials just as a physical filing cabinet or paper document is protected. Barring an unprecedented Supreme Court decision, this ruling will be overturned.
[Photo by Adam Berry/Getty Images]