The New York Times Deals blog reports on a fascinating new computer search and seizure decision, and one that I think was very likely wrongly decided:
Federal prosecutors hit another setback on Monday in their criminal fraud case against two former Bear Stearns hedge fund managers, Ralph Cioffi and Matthew Tannin, after the trial judge in Brooklyn prevented jurors from seeing an e-mail in which Mr. Tannin writes, “We could blow up.”
The e-mail, which was sent from Mr. Tannin’s personal Gmail account, was written in November 2006, months before the two hedge funds that he and Mr. Cioffi oversaw collapsed amid the subprime mortgage crisis. “I became very worried very quickly,” Mr. Tannin wrote in his e-mail. “Credit is only deteriorating. I was worried that this would all end badly and that I would have to look for work.”
Federal prosecutors in the Eastern District of New York had planned to use the e-mail to show Mr. Tannin was privately expressing doubt about the funds’ performance, but was telling his investors another story.
The opinion, United States v. Cioffi, holds that the warrant was unconstitutionally overbroad and that neither the good faith exception nor inevitable discovery exception applied so that the evidence should be suppressed. My own view is that the overbreadth holding is likely right but that the good faith analysis is wrong, and that as a result the decision to suppress the evidence was incorrect.
First, the facts. The government suspected that a personal G-Mail account contained evidence of a massive fraud scheme. The affidavit fully explained the reasons for that belief in the affidavit, and asked for permission to get the warrants that related to the fraud offense. The actual warrant itself was phrased in broader language, however: It gave the agents permission to obtain “all e-mail” in the G-Mail account “up through August 12, 2007,” a date that the suspect hired an attorney (the limitation being imposed to avoid potentially obtaining attorney-client communications). The agents sent the warrant to Google, and Google responded with a CD-ROM containing the e-mails. The government then looked through the e-mails and quickly found an incriminating e-mail the suspect had sent to himself in which he seems to have detailed his own fraud activities as sort of a diary entry.
Judge Block held that the e-mail could not be admitted under the Fourth Amendment. The government conceded that the e-mails were protected by the Fourth Amendment, and applying that standard the warrant violated the particularity requirement by asking for “all e-mails” in the time window rather than just the e-mails involving fraud. While the affidavit did limit the case to e-mails looking for fraud, and the agents only looked for fraud (and certainly the e-mail in question was such a fraud e-mail), the warrant itself was not particular enough because the warrant itself did not contain the limitation and it was not fully and adequately incorporated into the affidavit. Further, the good faith exception did not apply because the agents should have known that the warrant was insufficient.
I have mixed views of the court’s opinion, but I think the ultimate decision to suppress is incorrect. I think the basic holding that the Fourth Amendment requires agents to give some guidance as to which e-mails it wants rather than to seize the entire account is probably correct. The caselaw is very sparse here, but courts have required the government to be more specific in the case of seizing a computer hard drive. When the government gets a warrant to search for and seize digital evidence at home, the government can’t get a warrant for “all computers,” but rather must ask for “all computers that contain child pornography” or “all records of a conspiracy to commit wire fraud stored in a computer.” See, e.g., United States v. Riccardi, 405 F.3d 852 (10th Cir. 2005) (McConnell, J.). E-mail accounts today are big enough that the same rule should probably apply to individual e-mail accounts that applies to individual computers: There must be some guidance, even if only very general guidance, as to what the agents are to look for when they have the CD-ROM and start to look through it. A date restriction helps but probably isn’t enough, assuming that there are lots of e-mails before that date. So, assuming that the affidavit wasn’t sufficiently incorporated — a question I’ll leave to the side because the standards among the circuits tends to vary, and it’s a very technical issue — I think the basic Fourth Amendment holding was likely right.
On the other hand, I think the good faith exception should apply, and Judge Block was therefore wrong to suppress the evidence. The question is whether the constitutional error was so clear that a reasonable agent would realize the warrant violated the Fourth Amendment. I don’t think that standard is satisfied for two primary reasons:
First, no district court in the Circuit or the Second Circuit itself has ever held that e-mail is protected by the Fourth Amendment, and the federal Stored Communications Act, 18 U.S.C. 2703(b), takes the position that no warrant is required to obtain e-mails, such as the ones here, that are older than 180 days. As regular readers may know, I argue in a forthcoming article that such e-mail should be protected by a warrant requirement. And it so happens in this case that the government conceded in this case that e-mail is protected by a warrant requirement (presumably because they obatined a warrant — no need to fight that battle in this case). But I don’t think a reasonable police officer would necessarily know that a valid warrant was required and that the relevant federal statute governing e-mail is unconstitutional.
Indeed, there is a remarkable irony in the court’s ruling. If the government had just subpoenaed all the e-mails and not obtained a warrant, as 18 U.S.C. 2703(b) permits, the good faith exception would have applied because the agents could have reasonably claimed good faith reliance on the statute. See, e.g., United States v. Ferguson, 508 F. Supp. 2d 7 (D.D.C. 2007) (accepting such an argument). The agents apparently decided to be more cautious and to get a warrant anyway, even though the federal statute does not require it. But Judge Block ends up punishing the government for providing more process rather than relying on the statute: He ruled that the agents can’t rely on the good faith exception because they obtained a warrant but didn’t meet the far more strict particularity requirements of warrants. That’s an odd result.
The second reason I think the good faith exception applies is that the court’s ruling is directly contrary to the most relevant precedent, United States v. Lamb, 945 F. Supp. 441 (N.D.N.Y. 1996), the only other decision that comes to mind on the particularity for e-mail accounts. Lamb was an early child pornography case involving a single warrant to obtain the entire contents of 78 AOL e-mail accounts. District Judge Munson held that the one warrant for the entire contents of 78 accounts was constitutional, even though the warrant asked for all e-mail and did not specify only e-mails that involved child pornography crimes:
[The warrant] seeks “all stored files in original format in individual files” and any printouts of the same. There was probable cause to believe that some of those files were image files containing the forbidden depictions. Although the language does not limit investigators to seizing image files only or image files of child pornography only, the actual content of a computer file usually cannot be determined until it is opened with the appropriate application software on a computer. The agents who were tasked to obtain account records related to seventy-eight individuals were not obligated to identify the contents of computer files on AOL’s premises. Because there was probable cause to believe that stored files in the accounts of the suspects contained evidence of the crime, viz. the depictions of child pornography themselves, the warrant properly authorized the search and seizure of these particular items.
Id. at 458-59. In a footnote, Judge Munson added: “it is unreasonable to require the executing officers to identify which files actually contain child pornography and which do not in AOL’s Virginia headquarters. That task may be more properly performed by a government computer technician at an FBI lab or office.” Id. at 458 n.10.
I tend to think Lamb is wrongly decided, or at least outdated given the incredible storage capacity of today’s G-Mail accounts as compared to 1996 America Online accounts. But it’s the only precedent I know of on particularity for e-mail accounts, and it said that a single warrant for the contents of 78 accounts with no date restrictions at all complies with the Constitution. Given Lamb, I think an officer in 2009 could reasonably believe that the warrant in this case was constitutional and that the good faith exception applies.