A battle over a DOJ's search warrant highlights the ongoing struggles to define the scope of search warrants and First and Fourth Amendment rights in the digital age.

Web service provider DreamHost's refusal to comply with a search warrant issued by the Department of Justice (DOJ) has garnered much attention in the technology world. The company hosts protest website disruptj20.org, which was used to organize protests during the inauguration of President Donald Trump. As part of an investigation into the protesters, the DOJ served DreamHost with a search warrant requesting a wide variety of digital information pertaining to the website.

The crux of DreamHost's arguments for refusing to comply has to do with what it saw as the overly broad scope of the search warrant and its implications on the First and Fourth Amendment rights of those whose data would be turned over. At stake is not just a hotly contested political battle, but how search warrants should be designed and executed in the 21st century.

On Aug. 24, a D.C. Superior Court judge ruled that DreamHost must comply with the warrant, the scope of which was previously narrowed by the DOJ. Still, the case highlights the ongoing challenges courts and authorities have with adapting search warrants to the digital age, given the nature of digital evidence and how it is stored and collected.

At contention in the DreamHost fracas is what is commonly known as the “two-step approach,” a process whereby authorities, enabled by a search warrant, obtain access to a physical or digital container of information, such as a house with paper files or a server with digital data, and review and legally seize information pertinent to an investigation.

Under the two-step approach, the legal seizure only occurs after authorities have access to a larger set of data. Such an approach usually is relied on when authorities do not know exactly what evidence they are looking for, but have reason to believe relevant information is in a certain physical or digital location.

But while commonly employed, the process is not without controversy, especially when applied to a digital search, said Michael Vatis, a partner at Steptoe & Johnson LLP.

“What's really different about digital searches is that the amount of information that can be found on a computer or an email account is much greater, which greatly increases the risk that the government is rummaging through a lot of irrelevant material, far more than is the case with the searches of a house or some other physical location,” he said.

And while the authorities scour data to find information relevant to a specific investigation, should they happen on other information that points to unrelated illicit activity, they may be well within their rights to open additional charges.

This is because of the plain view doctrine, which “says if that evidence is in plain view and the government is rightfully present in what it's searching, it can seize that evidence and investigate that separate crime,” Vatis said.

But courts have been “very uncomfortable” applying this doctrine to digital searches, Vatis noted. Given the vast amounts of data that can be held within such digital containers as an email server, courts fear that authorities can “turn [their search warrant] into a phishing expedition” to uncover new crimes.

A seminal ruling on this issue came from the U.S. Court of Appeals for Second Circuit in United States v. Galpin, which affirmed a lower court ruling that the plain view doctrine, when applied to a digital search, can violate the Fourth Amendment. Vatis said that because of this ruling, “we are seeing the Second Circuit say the government has to specify a protocol that satisfies the particularity requirement in the Fourth Amendment. But as of now, there is still a lot of confusion about exactly what sort of [specifics are needed] in search warrants.”

Vatis also highlighted the 2010 Ninth Circuit ruling in United States v. Comprehensive Drug Testing, which “imposed sweeping limitations on how the government could go about conducting these [digital] searches.” The ruling was diluted, however, when the case was reheard en banc.

While other federal circuit courts have placed restrictions on applying the plain view doctrine in digital search, there is no widespread consensus on the issue. In United States v. Williams, for instance, the Fourth Circuit ruled that the doctrine applies to all searches, regardless of whether it concerns potential physical or digital evidence.

Raymond Aghaian, a partner at Kilpatrick Townsend & Stockton who wrote DreamHost's brief in response to the search warrant and is defending the company in its hearings, said the issue will “ultimately be decided by the Supreme Court or work its way up to the Supreme Court at some point.”

|

The Data Security Dilemma

Referencing the DOJ's initial search warrant, DreamHost general counsel Christopher Ghazarian argued that given the nature of some of the requested content, handing over the information could infringe on web users' privacy and First Amendment rights.

The original search warrant, for example, called for all email accounts associated with the website. Ghazarian said such emails contain “lot of information that doesn't relate to the website itself, doesn't relate to the website owner and it doesn't relate to anyone involved in the disruptj20 [inauguration] protests,” he said.

In addition, the DOJ originally sought to obtain all the HTTP request logs from visitors to the website, which “include information about obviously your IP address, the date and time at which you visited the website, the website web pages and website content specifically that you accessed,” Ghazarian said.

Given that much of the data request would contain personally indefinable information (PII), Ghazarian sought to receive assurances from the DOJ about how it would protect, return or destroy the information obtained.

Though he would not offer specifics about what those assurances should entail, Ghazarian said DreamHost's fear was that when giving data over to authorities, “there is a possibility of data leaks and as we all know and heard in the news, even the government is not immune from data leaks.”

He added that it is also a concern that “even though this information may be officially deleted, it still may be on someone's hardware.” Given the political nature of disruptj20.org, “if that information is leaked, then we're looking at basically people's political affiliations and political interests being leaked out in the open, and that's something the First Amendment absolutely prohibits.”

Yet such cybersecurity concerns are not shared by everyone. Vatis noted that data security assurances are usually not something a court is going to “detail in its search warrant, and I doubt any court will require it.”

He also doesn't believe there is a high risk of data leak given that the government is under the “standard obligation to keep secure evidence that it seizures during an investigation,” and has the processes in place in which to do so.

“I will think in most cases the data is not going to be stored on any device that is accessible to the internet. It's going to be stored in secure government facility,” he said.

Still, DreamHost strongly contends that handing over large volumes of private and politically charged data to the government without affirming First and Fourth Amendment protections is wholly unconstitutional.

“You are essentially chilling people's associational freedom because you're telling them that any website that you visit, or any story that you read, or things you check out online, can potentially be used against you by your own government,” Ghazarian said.

He added, “The next time they want to visit that website or another website for that matter, they are going to think twice about going there, and we think that's an absolutely huge issue.”