[Infowarrior] - Fwd: Judge denies gov’t request to search suspect’s iPhone in ricin case

[Richard Forno]

(c/o DS)

> http://arstechnica.com/tech-policy/2014/03/judge-denies-govt-request-to-search-suspects-iphone-in-ricin-case/
> 
> Judge denies gov’t request to search suspect’s iPhone in ricin case
> Georgetown U student told FBI he learned to make the poison via his iPhone.
> by Cyrus Farivar - Mar 26 2014, 5:25pm EDT
> 
> According to court documents, sometime in the late hours of March 17, 2014, a Georgetown University student showed a fellow student a small plastic bag containing what he claimed was ricin, a known deadly poison.
> 
> The alleged ricin cook, Daniel Harry Milzman, then showed the same bag to the dorm’s residential advisor (RA). The RA contacted the university’s counseling services, which ultimately led to the FBI arriving to the scene on the following day to interview Milzman. (Other court documents say that Milzman was partly inspired to make ricin as it was featured as a plot line in Breaking Bad and that he was considering using it on himself to commit suicide.)
> 
> According to an affidavit filed March 20, 2014 by FBI Special Agent Aidan Garcia, Milzman waived his rights to an attorney and told Garcia that he had made ricin through materials purchased at Home Depot and American Plant Company and that he had learned how to do it by conducting online research on his iPhone.
> 
> In a 13-page order filed on Wednesday in the United States District Court for the District of Columbia, Judge John Facciola denied the government’s request for a warrant to search Milzman’s iPhone on the grounds that it was overbroad.
> Judge Facciola made a similar rebuke against an overbroad digital search earlier this month as part of an investigation into the possible corruption and conspiracy of a defense contractor.
> 
> Facciola wrote:
> >>
> Although Attachment B provides a sufficiently particularized list of the data that the government will search for and seize, the Forensic Analysis section fails to provide this Court with the same level of detail as to the methodologies to be used to conduct the search. Specifically, the government fails to articulate how it will limit the possibility that data outside the scope of the warrant will be searched. For the reasons stated below, the government’s Application for a search and seizure warrant will, therefore, be denied.
> <<
> 
> Attachment B is a long list of specific digital items that the government submitted in its warrant application to access Milzman’s phone, including his Internet activity, cookies, caches, browser history, call logs, notes, user IDs, passwords, location data, and more.
> 
> Judge Facciola mentioned that this issue had come before his court twice in the last two weeks alone, and he issued similar admonishments in those cases.
> 
> He continued:
> >>
> The government has made some improvements in its current Application, yet it still fails to satisfy the particularity requirement of what will be searched and fails to fully explain to the Court how much data for which it does not have probable cause will likely be seized. The only way to address these issues is for the government to provide the Court with its search protocol, which would explain how the search will occur.
> <<
> 
> Facciola specifically wants government investigators to specify “whether the target devices would be imaged in full, for how long those images will be kept, and what will happen to data that is seized but is ultimately determined not to be within the scope of the warrant—or, more precisely, Attachment B—can only be addressed by a search protocol; after all, the imaging actually occurs as part of the search process.”
> 
> While the government did acknowledge in its warrant application that data outside the scope of the warrant “will be returned or, if copied, destroyed within a reasonably prompt amount of time after the information is identified,” that wasn’t good enough for Judge Facciola.
> 
> Indeed, while the warrant application does detail a particular iPhone with a specific IMEI number, it does not detail precisely how the government will go about determining where it will look.
> 
> “Instead of identifying specific blocks of the iPhone’s flash drive [that] will be searched ahead of time—which would be impossible—the Court is instead asking the government to explain its methodology for determining, once it is engaged in the search, how it will determine which blocks should be searched for data within the scope of the warrant,” he added.
> 
> Judge Facciola also showed fluency with various pieces of technical jargon, concluding:
> >>
> The government need only tell the Court what it already intends to do and what it does in every other similar search of an iPhone. The government should not be afraid to use terms like “MD5 hash values,” “metadata,” “registry,” “write blocking” and “status marker,” nor should it shy away from explaining what kinds of third party software are used and how they are used to search for particular types of data. The Court is not dictating that particular terms or search methods should be used. Instead, the Court is attempting to convey that it wants a sophisticated technical explanation of how the government intends to conduct the search so that the Court may conclude that the government is making a genuine effort to limit itself to a particularized search.
> <<

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://attrition.org/mailman/private/infowarrior/attachments/20140327/785febdf/attachment.html>