SERIES2: Cyberlaw for Cyber Professionals

White House Xmas Image
Connect--But, be very careful

PART 2: What we ALL need to know


Covered in This Article:

  • Fourth Amendment
  • Fifth Amendment
  • Electronic Communications Privacy Act (ECPA)
  • Communications Assistance for Law Enforcement Act (CALEA)
  • Privacy Protection Act (PPA)

LEGAL FRAMEWORK

There are multiple laws impacting the acquisition, collection, and storage of virtual evidence.  Primary to any such discussion is the Fourth Amendment and the protections afforded US citizens. There are numerous legal circumstances that have addressed the issue of Fourth Amendment rights. In the case of the United States v. Cotterman, it described that it was not the location of computer forensics’ collection that was at issue, but the intrusiveness of that collection that must always be considered.  It remains an absolute requirement to show “…reasonable suspicion, [which is] a modest requirement in light of the Fourth Amendment,” (United States of America v. Howard Wesley Cotterman, 2013, p. 2) that the collection of evidence is subject to a warrant must always be tightly focused on the charges sought.  LE must demonstrate to the court a reasonable suspicion whether a crime is being committed, has been committed, or there is a danger that evidence may be destroyed if LE does not act quickly.

The Fifth Amendment has direct applicability to the ongoing challenges facing LE in terms of being “compelled” to be a witness against oneself.  The key technological element is the divulging of passwords or passphrases, i.e., cryptographic keys,  to LE where the FifthAmendment bars such activity. Individuals are not required to provide them, and the courts have held this as a specific Fifth Amendment protection. “The core issue related to computer forensics is …[the] protections against self-incrimination extend[s] to cryptographic keys,” (Nolan, O’Sullivan, Branson, & Waits, 2005, p.11).

Discussion of lawful wiretap laws pursuant to the Electronic Communications Privacy Act and specifically 18 USC § 2511, Interception and disclosure of wire, oral, or electronic communications, is closely tied to Fourth Amendment protections.  The execution of a wiretap or intercept when there is reasonable belief that a crime has been committed or continuing to occur is critical to assembling appropriate evidence to pursue charges.  Wiretap laws are vital to establishing current or past criminal activity; it is a form of “surreptitious” warrant—a case where the perpetrator does not know the intercept activity is currently in effect.  This allows LE tocollect and store evidence for an anticipated court proceeding.

 The Communications Assistance for Law Enforcement Act (CALEA), 47 USC 1001-1010, mandates that telecommunications carriers and manufacturers of telecommunications equipment aid and assist LE.  This law was initiated by the FederalBureau of Investigation with Congress’ support to “…ensure a failsafe way for law enforcement to conduct court-authorized wiretapping on …recently deployed and emerging technology,” (Balkin, et al., 2007,p. 185). CALEA is significant in that provides a legal requirement for businesses to provide technological wiretap capabilities where LE’s resources and capabilities may be limited.

Finally, the Privacy Protection Act (PPA), 42 U.S. Code § 2000aa, has a far-reaching and cross-constitutional role in the collection and retention of evidence. The PPA has both protections for First and Fourth Amendment rights specific to the members of the media, business, and industry who have developed“work products,” i.e., intellectual property in cyberspace.  The PPA provides protections under the  First Amendment for the media work products and its Fourth Amendment protection extends to corporations that may have created new and financial significant intellectual products.


LEGAL ANALYSIS

There are legal challenges and potential solutions facing LE with respect to virtual evidence. Key to any argument about the current laws is the role of the FourthAmendment.   For example, the case of the United States v. Cotterman, it describes it was not the location of computer forensics’ collection that was at issue, but the intrusiveness of that collection subject to a Fourth Amendment executed warrant that must be considered.

The courts continue the difficult effort to separate what is absolutely vital forensics from the non-germane evidence that may be difficult to isolate during modern-day investigations. The issue centers around how to parse non-relevant information from the investigation.  It may potentially provide a criminal the ability to argue that other pieces of data were not legally obtained as part of the search,  and therefore all of the evidence is tainted for a future indictment or conviction.

Another example of the difficulty of separating vital evidence from non-relevant evidence in the course of a Fourth Amendment search is the case of SteveJackson Games v. the US Secret Service (Steve Jackson Games, Inc., et. al., Plaintiff-Appellants, v. United States Secret Service, et. al., Defendants, United States Secret Service and United States of America, Defendants-Appellees, 1994). In this case,  the Secret Service should have made every effort to segregate and return any evidence not specific to the case against the plaintiff.  Further, since the Secret Service responded very slowly to the return of SJG’s intellectual property, they were rightly fined by the courts.  It is critical that LE abide strictly to the Fourth Amendment, and fortunately for the plaintiff, they did receive some monetary compensation for the temporary loss of their intellectual property.

 “Under the Fifth Amendment, an individual cannot be compelled to testify to his or her memorized key,” (Nolan, O’Sullivan, Branson, & Waits, 2005, p. 11). The challenges posed by the Fifth Amendment requires a technological solution.  While accused individuals may divulge their respective passwords to encrypted files voluntarily, the need for password cracking tools is important in addressing this aspect of computer forensics.  The deciphering of such passwords still requires the lawful authorities of the courts, and should not be allowed when proper cause or justification is unavailable to LE.

Discussion of wiretap laws pursuant to 18 USC § 2511is tied to Fourth Amendment protections and the execution of a wiretap intercept when there is reasonable belief that a crime has been committed or continuing to occur.  The difficulty of executing this provision of the law is that it typically occurs after a crime has been committed. While the principles in executing a lawful wiretap of an individual’s network communications in the act of committing a crime is quite easy to address, it is the proactive means to detect, deter, and dissuade that the law is not fully supportive.

TheCommunications Assistance for Law Enforcement Act (CALEA), 47 USC 1001-1010, directs telecommunications carriers and manufacturers of telecommunications equipment to aid and assist LE.  Unfortunately, it also places an undue burden on these carriers to support LE technically where the costs may be prohibitive, either in new technologies or public trust.  The public trust and customer base of the respective carrier may not understand or appreciate the legal implications ofCALEA; it has the potential for the carrier to lose some of its subscribers having both a deleterious and financial impact on the business.   CALEA is helpful in general, but may be grossly unsustainable and burdensome for smaller private carriers and start-up businesses to support long-term. 

The Privacy Protection Act (PPA), 42 U.S. Code § 2000aa, has a cross-constitutional role in the collection and retention of evidence by LE.  Not only does the PPA have direct protections for First Amendment rights of the media, it has implications in the protections of Fourth Amendment intellectual property rights of businesses and industries.

In Steve Jackson Games (SJG) v the US Secret Service (USSS) is also an example of a violation of the PPA. The USSS wrongly seized a proprietary work product of the computer publisher, SJG, and violated the PPA.  That seizure was not appropriate to its warrant and specifically the PPA.  TheUSSS violated the PPA when it conducted a “… search for [and seized] … work product materials possessed by a person reasonably believed to have a purpose to disseminate to the public a newspaper, book, broadcast, or other similar form of public communication, in or affecting interstate or foreign commerce” (Cornell University, 2012).

The seizure of their work product was not germane to the original warrant and furthermore, the USSS failed to return it in a timely manner.  The commercial nature of the work product seized had no correlation with the actual scope of the original search warrant. 

That seizure prevented or damaged SJG’s ability to operate as a company and impact edits Fourth Amendment intellectual and commercial property rights.  Additionally, the PPA provided a solid legal recourse for the media and businesses to seek financial penalties against the USSS.  It ensured some form of compensation, minor as it was, and provided an appropriate financial disincentive for LE.


References

Balkin, J., Grimmelmann, J., Katz, E. K., Kozlovski, N., & Wagman, S. e. (2007). Cybercrime: Digital Cops in a Networked Environment. New York City: New York University Press.

Cornell University. (2012, January 4). 42 U.S. Code §2000aa – Searches and seizures by government officers and employees in connection with investigation or prosecution of criminal offenses.Retrieved from Legal Information Institute (LII):https://www.law.cornell.edu/uscode/pdf/uscode42/lii_usc_TI_42_CH_21A_SC_I_PA_A_SE_2000aa.pdf

Leithauser, T. (2010). Experts Urge Caution in Developing New Cyber Attack Attribution. Cybersecurity Policy Report. Retrieved fromhttp://search.proquest.com.nduezproxy.idm.oclc.org/docview/746442315?accountid=12686

Lutes, K. D., & & Mislan, R. P. (2008). Challenges in Mobile Phone Forensics. 5th International Conference on Cybernetics and Information Technologies, Systems and Applications. West Lafayette: Purdue University.

Mejia, E. F. (2014, Spring). Act and Actor Attribution in Cyberspace: A Proposed Analytic Framework. Strategic Studies Quarterly, pp. 114-132.

Sellers, F. S. (2015, March 1). Different Strokes: What Criminal Investigators are Looking for in our Text and Tweets. The Washington Post Magazine, pp. 19-26.

Steve Jackson Games, Inc., et. al., Plaintiff-Appellants, v. United States Secret Service, et. al., Defendants, United States Secret Service and United States of America, Defendants-Appellees, 93-8661 (US Court of Appeals for the 5th District October 31, 1994).

United States of America v. Howard Wesley Cotterman,09-10139; DC No. 4:07-cr-01207-RCC-CRP-1 (US Court of Appeals for the Ninth Circuit March 8, 2013).