What the DreamHost/DOJ Battle Says About Search Warrants in the Digital Age
A battle over a DOJ's search warrant highlights the ongoing struggles to define the scope of search warrants and First and Fourth Amendment rights in the…
August 25, 2017 at 08:33 PM
7 minute read
The original version of this story was published on Law.com
A battle over a DOJ's search warrant highlights the ongoing struggles to define the scope of search warrants and First and Fourth Amendment rights in the digital age.
Web service provider DreamHost's refusal to comply with a search warrant issued by the Department of Justice (DOJ) has garnered much attention in the technology world. The company hosts protest website disruptj20.org, which was used to organize protests during the inauguration of President Donald Trump. As part of an investigation into the protesters, the DOJ served DreamHost with a search warrant requesting a wide variety of digital information pertaining to the website.
The crux of DreamHost's arguments for refusing to comply has to do with what it saw as the overly broad scope of the search warrant and its implications on the First and Fourth Amendment rights of those whose data would be turned over. At stake is not just a hotly contested political battle, but how search warrants should be designed and executed in the 21st century.
On Aug. 24, a D.C. Superior Court judge ruled that DreamHost must comply with the warrant, the scope of which was previously narrowed by the DOJ. Still, the case highlights the ongoing challenges courts and authorities have with adapting search warrants to the digital age, given the nature of digital evidence and how it is stored and collected.
At contention in the DreamHost fracas is what is commonly known as the “two-step approach,” a process whereby authorities, enabled by a search warrant, obtain access to a physical or digital container of information, such as a house with paper files or a server with digital data, and review and legally seize information pertinent to an investigation.
Under the two-step approach, the legal seizure only occurs after authorities have access to a larger set of data. Such an approach usually is relied on when authorities do not know exactly what evidence they are looking for, but have reason to believe relevant information is in a certain physical or digital location.
But while commonly employed, the process is not without controversy, especially when applied to a digital search, said Michael Vatis, a partner at Steptoe & Johnson LLP.
“What's really different about digital searches is that the amount of information that can be found on a computer or an email account is much greater, which greatly increases the risk that the government is rummaging through a lot of irrelevant material, far more than is the case with the searches of a house or some other physical location,” he said.
And while the authorities scour data to find information relevant to a specific investigation, should they happen on other information that points to unrelated illicit activity, they may be well within their rights to open additional charges.
This is because of the plain view doctrine, which “says if that evidence is in plain view and the government is rightfully present in what it's searching, it can seize that evidence and investigate that separate crime,” Vatis said.
But courts have been “very uncomfortable” applying this doctrine to digital searches, Vatis noted. Given the vast amounts of data that can be held within such digital containers as an email server, courts fear that authorities can “turn [their search warrant] into a phishing expedition” to uncover new crimes.
A seminal ruling on this issue came from the U.S. Court of Appeals for Second Circuit in United States v. Galpin, which affirmed a lower court ruling that the plain view doctrine, when applied to a digital search, can violate the Fourth Amendment. Vatis said that because of this ruling, “we are seeing the Second Circuit say the government has to specify a protocol that satisfies the particularity requirement in the Fourth Amendment. But as of now, there is still a lot of confusion about exactly what sort of [specifics are needed] in search warrants.”
Vatis also highlighted the 2010 Ninth Circuit ruling in United States v. Comprehensive Drug Testing, which “imposed sweeping limitations on how the government could go about conducting these [digital] searches.” The ruling was diluted, however, when the case was reheard en banc.
While other federal circuit courts have placed restrictions on applying the plain view doctrine in digital search, there is no widespread consensus on the issue. In United States v. Williams, for instance, the Fourth Circuit ruled that the doctrine applies to all searches, regardless of whether it concerns potential physical or digital evidence.
Raymond Aghaian, a partner at Kilpatrick Townsend & Stockton who wrote DreamHost's brief in response to the search warrant and is defending the company in its hearings, said the issue will “ultimately be decided by the Supreme Court or work its way up to the Supreme Court at some point.”
|The Data Security Dilemma
Referencing the DOJ's initial search warrant, DreamHost general counsel Christopher Ghazarian argued that given the nature of some of the requested content, handing over the information could infringe on web users' privacy and First Amendment rights.
The original search warrant, for example, called for all email accounts associated with the website. Ghazarian said such emails contain “lot of information that doesn't relate to the website itself, doesn't relate to the website owner and it doesn't relate to anyone involved in the disruptj20 [inauguration] protests,” he said.
In addition, the DOJ originally sought to obtain all the HTTP request logs from visitors to the website, which “include information about obviously your IP address, the date and time at which you visited the website, the website web pages and website content specifically that you accessed,” Ghazarian said.
Given that much of the data request would contain personally indefinable information (PII), Ghazarian sought to receive assurances from the DOJ about how it would protect, return or destroy the information obtained.
Though he would not offer specifics about what those assurances should entail, Ghazarian said DreamHost's fear was that when giving data over to authorities, “there is a possibility of data leaks and as we all know and heard in the news, even the government is not immune from data leaks.”
He added that it is also a concern that “even though this information may be officially deleted, it still may be on someone's hardware.” Given the political nature of disruptj20.org, “if that information is leaked, then we're looking at basically people's political affiliations and political interests being leaked out in the open, and that's something the First Amendment absolutely prohibits.”
Yet such cybersecurity concerns are not shared by everyone. Vatis noted that data security assurances are usually not something a court is going to “detail in its search warrant, and I doubt any court will require it.”
He also doesn't believe there is a high risk of data leak given that the government is under the “standard obligation to keep secure evidence that it seizures during an investigation,” and has the processes in place in which to do so.
“I will think in most cases the data is not going to be stored on any device that is accessible to the internet. It's going to be stored in secure government facility,” he said.
Still, DreamHost strongly contends that handing over large volumes of private and politically charged data to the government without affirming First and Fourth Amendment protections is wholly unconstitutional.
“You are essentially chilling people's associational freedom because you're telling them that any website that you visit, or any story that you read, or things you check out online, can potentially be used against you by your own government,” Ghazarian said.
He added, “The next time they want to visit that website or another website for that matter, they are going to think twice about going there, and we think that's an absolutely huge issue.”
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllSenators Grill Visa, Mastercard Execs on Alleged Anticompetitive Practices, Fees
Trump's SEC Likely to Halt 'Off-Channel' Texting Probe That's Led to Billions in Fines
Trump Likely to Keep Up Antitrust Enforcement, but Dial Back the Antagonism
5 minute readFTC Sues Cash-Advance Fintech Dave, Says It Deceives the 'Financially Vulnerable'
Trending Stories
- 1Friday Newspaper
- 2Judge Denies Sean Combs Third Bail Bid, Citing Community Safety
- 3Republican FTC Commissioner: 'The Time for Rulemaking by the Biden-Harris FTC Is Over'
- 4NY Appellate Panel Cites Student's Disciplinary History While Sending Negligence Claim Against School District to Trial
- 5A Meta DIG and Its Nvidia Implications
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250