A ruling by a US federal judge William Young today declared that the magistrate judge who issued a warrant authorizing the FBI to infect suspects’ PC’s with tracking malware lacked all of the authority to do so.
In early 2015, the Feds had used the warrant to install a so called NIT, a Network Investigative Technique, on the computers of people who visited a website hidden in the Tor network that hosted a huge archive of photos and videos of child sex abuse.
The agents commandeered the websites server, and before shutting it down, configured it to deliver the NIT to pedophiles PC’s for a couple weeks, allowing the investigators to unmask and identify the websites visitors even though they were connecting via the anonymizing Tor network. Each NIT, once in place on a computer, was able to ping an outside FBI controlled system to reveal a suspects true IP address, which could be traced back to their home with their ISP’s help.
Hundreds of machines visiting the hidden Playpen website were infected with the FBI’s NIT. It turns out that the warrant was invalid, and that this mass installation and monitoring was effectively an unlawful search.
“It follows that the resulting search was conducted as though there were no warrant at all,” Judge Young said in his ruling.
“Since warrant less searches are presumptively unreasonable, and the good faith exception is not applicable, the evidence must be excluded.”
The warrant was one of three that the FBI investigators used to gather evidence related to their own take down of the illegal Playpen dark net site. Playpen was believed to have more than 200,000 users at the time the FBI took it over and began collecting user data. In turn, this led to the identification of as many as 1,300 suspected pedophiles.
According to Judge Young, the problem with the warrant was that it was signed by a US magistrate judge, who only had the jurisdiction to authorize warrants in his local area. Collecting evidence outside of that area, which the FBI surely did with the NIT, can only be done with the authorization of a district judge.
This is where things will be frustrating for the Feds, as it turns out the federal judges who could have properly authorized the search were likely just yards away when the NIT warrant was signed.
“The magistrate who issued the warrant sat primarily in Alexandria, Virginia,” Judge Young noted. Also saying, “Four district judges and three senior judges sit routinely in that court house.”
Judge Young’s ruling came in response to a motion filed by Alex Levin, one of the thousands of people accused of viewing child porn on Playpen. Levin asked for evidence against him to be thrown out of his trial as a result of the skeptical warrant. Judge Young granted Levin the request.
With hundreds of other prosecutions in the hopper, Judge Young’s interpretation of events, and the decision to effectively throw out evidence collected by US government malware, could land a heavy blow to the FBI’s efforts.