Sophos Cloud Optix
Just because a neighbor saw titles for child abuse image files on an unsecured wireless network doesn’t justify the law barging in and searching for the images, ruled an Oregon judge in the US.
The decision reversed the judge’s previous conviction of John Henry Ahrndt, who, it turns out, was already a convicted sex offender.
In a ruling filed January 17, Senior District Judge Garr M. King said that Ahrndt’s Fourth Amendment rights ensuring protection against unreasonable searches had been blown when a deputy got the go-ahead from his supervisor and clicked on one of the titles:
There is no evidence [Ahrndt] intentionally enabled sharing of his files over his wireless network, and there is no evidence he knew or should have known that others could access his files by connecting to his wireless network. [The deputy's] action of clicking on the image in [the neighbor's] iTunes directory to open the image violated Ahrndt’s Fourth Amendment rights.
Here’s how the files were discovered in the first place: In February 2007, one of Ahrndt’s neighbors – a woman identified as “JH” in court documents – got onto his unsecured wireless network when her own network went down.
Ahrndt’s network was coming off a Belkin 54G router with a default setting of “no security”.
JH opened up iTunes and noticed another user’s library, called “Dad’s LimeWire Tunes”, available for sharing.
She then opened the folder and saw file names that got her on the phone with her local sheriff’s office, pronto.
Some of the titles were very sexually explicit. Some other titles were used in conjunction with acronyms indicating age, such as “5yoa” and “8yoa”.
Washington County Deputy John McCullough responded to JH’s call a little less than an hour later. He wasn’t sure whether he could legally open the files, so he called his supervisor, who gave him the go-ahead.
McCullough later recalled seeing the words “getting raped” and “being raped” in those file names.
Deputy McCullough opened a file and did, in fact, find images of child abuse – a search that Judge King last week deemed unreasonable, finding the evidence unsubmittable.
It’s interesting to note the trail of evidence that a group of documents such as these leave on a computer.
According to Judge King’s filing, Arnhdt admitted to downloading child abuse images as recently as eight months prior to law enforcement obtaining warrants and searching his home and computers. He’d subsequently deleted the files, though, he said.
Arnhdt told agents that he’d used LimeWire, a peer-to-peer file-sharing application, to download the images. If agents were capable of recovering deleted files, they’d find the images, he told them – specifically, on external hard drives that he’d converted from hard drives of old computers.
Investigators did, in fact, recover traces of the files, including:
- Advertising pages located in an “orphan” file – e.g., one whose parent file had been deleted.
- Images located in a Google Hello “scache” indicating the images had been sent or transmitted. (For a detailed look at how forensics experts find such images, check out this white paper by J. Curl: “Forensic Investigation of Google’s “hello” [PDF].)
- An .mpg movie that had been viewed in Windows Explorer or by using a My Computer thumbnail or filmstrip view.
- A deleted file recovered from Ahrndt’s computer.
- Deleted files recovered from his USB flash drive.
Will Judge King’s decision be upheld?
A commenter on The Wall Street Journal’s coverage of the case thinks not:
joe doaks: … I believe that historically, you are free to look at any ambient electromagnetic radiation you are able to receive and decode. A couple decades back, an over-the-air HBO provider with not-very-sophisticated encryption, found this out the hard way.
I’m no legal expert, but I’d suggest that this argument misses the mark, given that it’s not the legality of JH’s unauthorized accessing of Arnhdt’s network that was in question.
Rather, it was Deputy McCullough’s opening of one of the files without a warrant that rendered the evidence unsubmittable.
Regardless of the legal technicalities, it’s a good reminder that unsecured wireless networks render files sharable and readable.
This ruling is just one in many that get handed down in child abuse and unreasonable search cases.
I wouldn’t count on the courts letting you off the hook if you’re up to something reprehensible on an unsecured wireless network.
<subFFingers on keyboard image courtesy of Shutterstock.
Whilst not agreeing with what the defendant in this case did, allegedly, it points out the risks that the default settings of the WiFi equipment being sold leave the buyer's system(s) open to both snooping and hacking or worse.
Equipment vendors should be required to have default settings in router and WiFi equipment set such that there is some degree of security applied and detail in their manuals exactly how to set up decent system/network security – especially if any form of WiFi is involved.
Likewise all users of any network equipment should take a look at their own systems and tighten up on security so that only known MAC addresses can access the network. Most, but not all routers have a system of allocating IP addresses but not all have a means to block unlisted MAC codes. I think that should be a minimum requirement now. BT's Home Hub 3 cannot apply MAC level security as far as I can find out from BT!
So, by analogy, if a physical photo album marked "Child Porn" is accidentally dropped in the street, the police can't lawfully open it without a warrant.
my thoughts exactly – altho there’s one extra step – the neighbor saw the the pics directly – altho – her access may have been illegal too
in situations like this – i think to let criminals off the hook is itself a major miscarriage of justice – but that the people who did things they shouldnt have done – even while discovering the crime – should be appropriately punished too
It's funny how when it's a big multinational corporation slurping up unprotected wifi (google streetview), or it's a nasty hacker going wardriving, we're shocked and horrified and demand that they feel the full force of the law. When something good comes from it though and it turns out the very law we were demanding makes the evidence inadmissible in court, we're all jumping to their defence 'well it's just EM radiation, there's no expectation of privacy!!'.
We need to as a society make up our minds about whether EM should be considered a private domain or not.
Personally, I would lean on the side of whatever EM radiation one picks up with whatever technology they legally own is fair game. EM radiation is technically a broadcast and there should be automatic loss of privacy with respect to the data contained therein. Even if it's encrypted and the encryption is later broken, you should still have no right to privacy of that data. Encryption is at best a technical mitigation to the privacy risk and the residual risk is implicitly accepted by the user. If you don't like those terms, then don't broadcast your data out to the world.
While I don't exactly support people collecting child pornography, I don't support unwarranted searches either.
Hardly unwarranted! If I saw someone harming you (beating, shooting, robbing etc) the police have no right to arrest or otherwise search for evidence??
This has nothing to do with an actual, witnessed, physical abuse to a person. This is about an illegal search and seizure, which ALL US citizens are protected against under the Fourth Amendment. They should have first obtained enough evidence to obtain a warrant to seize his computers to search for illegal material. While I agree that there are flaws in our judicial system (as evidenced by a convicted sex offender being let off for having illegal images of children), we all have protections under the US Constitution that the judicial system MUST follow in order to convict someone of illegal activity.
I have a problem with so many of these articles essentially advising people on how to be more protected when doing shitty things. Like the kid who posted on FB after drinking and driving, the message here is never "don't do the shitty thing" its "don't be so transparent when you're doing shitty things."
It sounds like the deputy's supervisor was the one that blew it here by not getting a warrant before telling the deputy to "go ahead" with the investigation.
Was the judge another peado? It wouldn't surprise me.
The higher up the system people seem to be the more their minds seem to be twisted.
I suppose that is the corruption of money and not being happy to have enough.
Look at them all with suspicion would be my advice.
I always come to the same conclusion. When the pendulum swings so far the other way and protects the rights of someone guilty of such crimes instead of the victims of those crimes, one can only believe they too must be members of the same club. I really believe that! What other explanation could there be?
The picture in the article should be removed.
Done.
Isn't JH a hacker for accessing a network that wasn't hers and examining files that weren't hers? Why isn't she being tried under the federal Wire Tap Law "An act is done intentionally if it is done knowingly or purposefully. That is, an act is intentional if it is the conscious objective of the person to do the act or cause the result. An act is not intentional if it is the product of inadvertence or mistake. However, the defendant’s motive is not relevant and the defendant needs not to have intended the precise results of
its conduct or have known its conduct violated the law." "Defendants sometimes argue that they lacked the required mental state because they believed that their interception was lawful. However, one can be guilty of intentionally intercepting a communication even if one incorrectly believed the interception was lawful." "Thus, a mistake of law is not a defense to a Wiretap Act charge; a defendant must have intended to intercept a covered communication, but he or she need not have specifically intended to violate a legal duty not to intercept"
Why did JH open up his iTunes song folder? She is a pirate, wanting to steal copyrighted songs that her child abusing neighbor, legally owned and paid for.
She should be arrested for the attempted subversion of the Digital Millennium Copyrights Law.
I am from where this all went down. It would have been very, very easy for that cop to get a warrant. They would have been able to show the judge the guy was a convicted sex offender (database!) – even the most permissive judge in the state would have issued a warrant. As a taxpayer that pays the salary of that cop and his supervisor, I am pissed as hell that they could be so sloppy, lazy, and stupid. And that is exactly where I place the blame. They should have both lost their jobs over this. Sooner or later, that guy is going to offend again, and he'll be nailed to the wall for it – so long as the police follow the same laws that we peons are expected to.
So citizens can no longer report crimes? PU's Jerry Sandusky should of had this judge.
It seems to me that the judge ruled correctly in this case; the supervisor screwed up:
1) There was no suggestion that harm to another person could be averted by immediate action.
2) As long as the neighbor kept mum while a warrant was being obtained, there was no suggestion that the suspect would wise up and destroy evidence.
3) The neighbor’s observations should have made getting a warrant a near certainty.
Had a warrant been obtained after the deputy viewed the file, and that observation been used as probable cause for the warrant, rather than as evidence of wrong-doing, the conviction probably would have been upheld.
Lance ==)—————–
Is this how we operate now, that as long as it doesn't infringe on our own rights the RAPE of certain children is okay. True, what message does it send everyone thinking about doing the same.
What happens to the young girl or boy in those images/videos when they are 18 years old or older and they come across these images?
Where do we stand in our own morality, are the needs and freedoms of adults more important than the protection of children?
However I'm just a kitchen boy watching whats happening powerless to stop it.
We stand exactly where we should be. If the police violate the accused persons rights, the evidence discovered is not admissible. What the evidence is of is not relevant.
It is not saying rape or child pornography is acceptable. It is saying that the authorities have rules they have to follow to convict someone. Don't follow those rules, you don't get your bad guy.
The officer in this case did the right thing, he was not sure if accessing this person's computer via iTunes was acceptable. He then contacted his supervisor who told him it was. Courts feel that was the wrong call.
We can't say that if the crime is despicable enough, the rules don't matter.
I think this ruling will get overturned. It was the offender's responsibility to close off his network, in just the same way it was his responsibility to close his front door and pull his curtains. Failing to ensure the privacy of his network meant that he left the items on public display and in 'plain view'.
I agree and don't agree.
Is an open wi-fi network like an open door or an unlocked door? An unlocked door does not mean it is acceptable for someone to open it.
The other side is that not only did someone have to connect to his wireless network, they had to actively decide to browse his iTunes library. So, it's not only accessing the wi-fi, but his computer as well, which is where I think it will stand up.
The question in my mind is if a reasonable iTunes user would realize and understand that items in their iTunes library would be viewable to anyone on their local network/wi-fi? I have never used iTunes, so I have no idea if this is the default behavior or not, or how well known this "feature" is.
The open wi-fi bit should already have established case law regarding accessing it by law enforcement. I haven't researched it, so I don't know what the law says.
Basically, there are 2 parts to determining if he had a reasonable expectation of privacy, 1) Open wi-fi 2) iTunes library sharing.
Awhile back, I recall that a thief once stole a laptop computer. He saw the images on the computer, so he took it to the cops and confessed his theft and told them the name of the guy he stole it from. The guy was convicted and sent to prison for 10 or so years. How would that be any different?
I think the difference is possession of the pictures, not accessing them across a private (ownership) network. Additionally, there is a question about accessing them via iTunes.
I wonder if the situation would have been different if the neighbor had downloaded the pictures and then showed them to law enforcement instead of law enforcement accessing them, even if from her computer?