A controversial ruling by a New York judge is stirring up questions as to whether or not email should be protected from extensive search warrants.
Magistrate Judge Gabriel W. Gorenstein of the U.S. District Court for the Southern District of New York ordered Google on Friday to turn over access to an unnamed defendant’s gmail account as part of a search warrant in a money laundering case. Gorenstein gave investigators carte blanche to the defendant’s email because he likens it to searching a defendant’s hard drive. According to the ruling,
[w]e perceive no constitutionally significant difference between the searches of hard drives … and searches of email accounts. Indeed, in many cases, the data in an email account will be less expansive than the information that is typically contained on a hard drive. Therefore, we believe the case law we have cited concerning searches of hard drives and other storage media supports the Government’s ability to access an entire email account in order to conduct a search for emails within the limited categories contained in the warrant.
Privacy advocates are freaking out about the implications of this decision because Gorenstein didn’t put any limits on this warrant. Because investigators can rifle through the the suspect’s inbox, outbox, drafts, address book and everything in between, Mark Stern of Slate calls this warrant the digital equivalent of a general search warrant.
Most magistrates would be reluctant to grant a warrant that allowed police to search every single space in every room of a house. In fact, such a warrant would tread dangerously close to the “general warrants”—an unlimited license to search and seize—that the Framers banished with the Fourth Amendment. So why should a digital search be any different? In defending broad virtual warrants, judges usually harp on the fact that computer and inboxes have vast quantities of scattered, often hidden data. (Gorenstein noted that few criminals log their illicit activities in a folder titled “drug records.”) As a result, these judges argue, police must be able to search every digital alcove they can find. The invoice from your last heroin sale might be tucked in a folder titled “Grandma’s 80th Birthday Party.”
Stern’s argument isn’t unreasonable because courts in the District of Columbia and Kansas rejected similar warrants for being too wide sweeping. D.C. Magistrate Judge John Facciola has repeatedly warned the Department of Justice, which routinely seeks email search warrants, that it is violating the Fourth Amendment, according to Ralph Losey in E-Discovery Law Today.
His order reveals that the Department of Justice has been routinely using over-broad search warrants for email. The warrants allow the Department to search and seize all email in a target’s email account from email providers. The warrants do not attempt to restrict the email seized or searched to the subjects underling the investigation. This is done secretly without the knowledge of the person whose email is seized. Moreover, the warrants contain no provision for the return or destruction of the emails seized.
However, it’s not that much of surprise that this decision came from the Southern District Court of New York. Earlier this year, another judge in this district upheld a warrant by the U.S. government that Microsoft had to disclose emails held on their servers in Ireland. Data privacy lawyer Kate Brimstead wrote that
Microsoft had argued before the court that the warrant, which was issued under the Stored Communications Act, should be quashed. This was because it amounted to an extraterritorial warrant, which U.S. courts were not authorised to issue under the Act. In summary, the court ruled that the warrant should be upheld, noting that otherwise the U.S. government would have to rely on the “slow and laborious” procedure under the Mutual Legal Assistance Treaty, which would place a “substantial” burden on the government.
New York magistrates seem to be fond of siding with the Stored Communication Act, which allows the federal government access internet service providers’ data with a warrant.
This isn’t the last we’ll hear about this warrant because “[t]his ruling is likely to lead to appellate review so that there will be uniform laws regarding search warrants for content stored at ISPs,” according to Peter Vogel.