Category Archives: Legal

A Brief Response to Cy Vance About Apple and the FBI

I was going to write an overview of the technical issues involved in the FBI’s demand that Apple help them break into the iPhone 5C that was being used by San Bernardino shooter Syed Farook, but it soon became apparent that the issues were too complex for easy summary, and the story keeps changing as more details leak out.

On the other hand, I would like to respond to a recent op-ed by Manhattan district attorney Cyrus Vance (brought to our attention by Scott Greenfield) arguing for a government exception to securely encrypted phones:

iPhones are the first warrant-proof consumer products in American history. They compel law enforcement to deploy extraordinarily creative prosecutorial strategies – and obtain state-of-the-art tools – to carry out even the most basic steps of a criminal investigation. I applaud our federal colleagues for their commitment to justice for the 14 killed in San Bernardino and their families.

The magistrate judge’s order rests firmly on centuries of jurisprudence holding that no item – not a home, not a file cabinet and not a smartphone – lies beyond the reach of a judicial search warrant. It affirms the principle that decisions about who can access key evidence in criminal investigations should be made by courts and legislatures, not by Apple and Google. And it provides the highest-profile example to date of how Silicon Valley’s decisions inhibit real investigations of real crimes, with real victims and real consequences for public safety.

I can certainly see what he’s getting at. Up until now, when a court ordered some evidence seized, the government’s ability to carry out that seizure was never in question. The agents of law enforcement have been able to kick open every door, tear down every wall, and break every box. But strong encryption now challenges that idea, and people like Cy Vance don’t like it.

I have a few responses to Vance, starting with “So what?”

Law enforcement agents used to be able to get any evidence they wanted, but now some new technology means they can’t. So what? Things change, the world moves on, the organizing principles of society evolve. Slavery, the divine right of kings, Papal inquisitions — all have fallen. Now maybe it’s the end for the principle that courts have “a right to every man’s evidence.” That’s kind of an open-ended argument, but then Vance’s argument is basically little more than “It’s always been that way.” I think it’s quite reasonable to respond that just because it’s always been that way doesn’t mean that it always should be.

On the other hand, I could also argue that the rule doesn’t really go where Vance wants it to because (1) the current situation is already in complete compliance with the rule, and (2) there is nothing to which the rule could apply.

I need to go into a bit of technical detail. The FBI’s problem is that sensitive data files on an iPhone are strongly encrypted in such a way that reading the unencrypted contents requires one of a handful of “class keys,” which are in turn encrypted using the user’s passcode. So to get an iPhone to read its data, you have to provide the passcode to decrypt the class key it needs to decrypt the file containing the data.

(I’ve simplified this description of iPhone security quite a bit. If you want more details, Dan Guido has a mildly technical overview and you can get more background technical information from the Apple iOS security whitepaper, especially the “System Security” and “Encryption and Data Protection” sections. It’s absolutely fascinating, if you’re into that kind of thing.)

If you have a modern iPhone with a passcode set, you can see all this for yourself. Call your iPhone from another phone that is in your contacts list. When your phone rings, it should display the name of the other phone’s owner, which it got by searching your contacts list for someone with a number matching the calling phone. Now turn your iPhone all the way off by holding down the power button for a few seconds to display the slider you can use to power it off. Then turn your phone back on by pressing the power button for a few seconds, but don’t enter the passcode. Now try calling your phone again from the other phone. This time the phone should only display the calling number, but not the name from the contacts list. Your phone won’t be able to display contact names until you enter the passcode again.

This shows that your passcode is more than just a locking mechanism, it’s a decryption key: Without it, your phone literally cannot even read its own contacts list. It also can’t read any of the other sensitive files that are also encrypted to require the passcode. An iPhone for which the passcode has not been entered doesn’t just refuse to give you access to its data. In a fundamental way, it can’t even read the data.

That’s the FBI’s problem. The passcode is not stored on the device, and the copy of the passcode in Farook’s brain is no longer accessible because he’s dead, so the FBI has no way to get his iPhone to decrypt any of his files without a code-breaking effort.

That brings me to the first part of my answer to Vance: The FBI already has all the evidence on Syed Farook’s iPhone. They have physical possession of the phone itself, including the internal flash drive that contains all the data. It’s a relatively minor technical task to remove the drive from the iPhone and attach it to another computer so they can read every bit of it. Of course, the files they read will still be encrypted, so they won’t be able to make sense of the data, but they do have all the data on the phone. No one, including Apple, is keeping it from them.

This may sound like some kind of philosophical hair splitting, but it’s the ground truth of the situation at the technical level. It’s confusing because we often speak of encryption using the metaphor of a container. We describe encrypted messages as being like envelopes with plaintext messages inside, and we talk of using keys to unlock stored data. In reality — the reality of the hardware and software — the relationship between encrypted and unencrypted data is not one of containment but of transformation: Plaintext data is transformed into encrypted data using an encryption algorithm and a key, and encrypted data can only be transformed into plaintext data using a related algorithm and the right key. If the key is lost, transformation of encrypted data into plaintext may not be possible.

When Vance asserts that “no item – not a home, not a file cabinet […] – lies beyond the reach of a judicial search warrant” he’s not speaking about merely metaphorical containment. If the court orders a home searched for drugs, that search will be successful if there are actually drugs in the home. If the court issues a warrant that includes searching a file cabinet for financial records, it’s because there’s reason to believe the file cabinet contains the records. More fundamentally, it makes sense to require the production of evidence because the evidence might exist.

That’s my second point of argument: No matter how much the FBI or the judge may want to seize this data, there’s simply nothing to seize. The data existed at one point, but now it’s all been transformed into unreadable gibberish, and the original data is gone. What the government wants — an unencrypted copy of the data on Syed Farook’s iPhone — doesn’t actually exist anywhere in the world.

As a practical matter, this isn’t a get-out-of-jail card. Don’t go trying to convince a judge that you don’t have to turn over financial records on your computer because your hard drive is encrypted and you haven’t entered the key to unlock it. That’s probably not going to work when you routinely decrypt files every day. (But I’m not a lawyer and this isn’t legal advice, so if you actually find yourself in that situation, talk to your lawyer.)

On the other hand, if you truly don’t have the decryption key, then the unencrypted files on your computer actually are beyond the reach of the court. Of course, you might be in for a really bad time if the judge doesn’t believe you, or simply doesn’t care about what you think is possible.

Pretrial Detention and Why It’s Like That

I’ve been blogging about criminal justice issues for a long time now, and I like to think I know a few things (for an amateur observer) but every once in a while I am amazed to discover that some seemingly normal part of the criminal justice system is, on further examination, inexplicably perverse.

This time it started with Ken Womble’s post at Fault Lines about risks faced by criminal defendants who are stuck in jail awaiting trial when they call their friends and family. Jail phones are tapped, and everything the inmates say on them is recorded. There’s an exception for legally privileged conversations between defendants and their lawyers (mostly), but other than that, anything inmates say to their friends and families is fair game for the prosecution. Womble gives a few examples of the kind of trouble that can lead to:

Yes, sometimes, the jailed party unburdens himself and confesses to his mom or brother.  But then there are the conversations about the case that a prosecutor, hearing things only through his finely tuned ears of justice, will try to convince a judge are relevant admissions of something bad.  […]

Beyond the realm of possible confessions, though, there can be hours of conversations that can let the prosecutor know who the defendant’s closest friends and family are. She can find out immense amounts of background information that might come in handy on cross examination.  This system of surveillance allows the government to detain someone and then sit back and simply gather information on them.  All because the defendant could not afford bail.

These calls also allow the prosecution to hear the defendant relay to his friends and family all the great tactics and evidence that his attorney has explained will help out his case.

Except for some details, most of this was not news to me. I’ve heard lawyers’ stories of charges filed and cases lost because inmates said something incriminating over the jail phones. Every criminal lawyer will tell their clients not to talk to cops, but inmates desperate for contact with the outside can easily forget that talking on the jail phone is talking to the cops.

What got my attention was Womble’s introduction of this issue in an earlier paragraph:

Maybe in reality they did commit a crime, but as far as the government and our law is concerned, they are as innocent as you or I. So if we actually give a damn about the presumption of innocence, why do we allow something done to unconvicted inmates that we would never tolerate for ourselves? We rarely think about some of the more mundane casualties of freedom that so many jail inmates must face.

I couldn’t get that idea out of my head, so I was still thinking of it when I got to this:

Do you know who does not have to worry about having their phone calls recorded as they await trial? People who can afford bail. How can we allow the government to record the phone calls of legally innocent people based solely upon their financial circumstances (or lack thereof)?

If you’re in jail because you can’t make bail, the government can listen in on every one of your phone calls. But if you’re out on bail, law enforcement authorities need to get a warrant to listen to your phone calls, just like they do with anyone else. What’s the legal justification for that distinction?

My guess is that authorities are allowed to listen in on inmate phone calls because inmates have essentially no right to privacy. Guards can search their cells and their bodies any time the want, so why not their phone calls too? But that just begs the question: What’s the legal justification for giving pretrial detainees so little privacy?

In other areas of law, infringements of rights must be limited to what is necessary to serve a constitutionally permissible purpose. E.g. when the government limits freedom of speech to prevent fraud, that limitation is supposed to be narrowly tailored to only limit rights as necessary to prevent fraud.

So if we accept that the government has a legitimate interest in making sure that defendants show up for their trials, then detaining them in jail may reasonably serve that purpose, and it makes sense to impose restrictions on detainees to prevent them from escaping. However, skimming over the New York City Department of Corrections inmate rule book and visitor’s rules, I was able to hastily put together a short list of restrictions that seem unrelated to that purpose:

  • Inmates can only receive gifts from visitors if the gifts are on a list of 24 categories of items that may be brought in.
  • Inmates are not allowed to have personal shoes. They have to wear jail-provided footware, and that doesn’t include shower shoes like thongs.
  • There are limits to the jewelry they can wear — small wedding rings and religious items.
  • They can’t have clothing that is red, yellow, or light blue, nor can they have camouflage patterns or spandex leggings.
  • They can’t have tobacco products or alcohol.
  • Inmates cannot receive toiletry or food items.
  • They’re not allowed to have telecommunications equipment such as a phone, text messaging device, camera, or tape recorder.
  • Inmates can’t have photographs that include pictures of themselves, and Polaroid photographs are prohibited.
  • They aren’t allowed to have money, checks, or credit cards.
  • They aren’t allowed to have unauthorized art supplies or writing instruments.
  • No sex, even if it’s consensual.
  • No buying or selling of goods or services.
  • Inmates are subject to drug and alcohol testing.
  • Visiting hours are limited and visits are controlled.

It’s possible I’m misunderstanding some of the rules — I read through them pretty quickly and I don’t know much about life in jail — but it’s hard to see how these rules are related to preventing escapes. Perhaps I’m missing a few things — maybe large jewelry could be used as a weapon to threaten a guard, and then once the inmate makes it to the treeline the camouflage would help him hide. Nevertheless, most of these restrictions seem to have little bearing on the goal of ensuring that inmates stand trial.

I understand that there may be good reasons for some of these rules — preventing inmate-on-inmate violence, preserving a sense of order, and making the guards’ jobs easier — but those don’t sound like good reasons to deny legally innocent people their rights, especially since we have rejected those same restrictions for all the innocent people living outside the jail walls.

(I’m pretty sure there are some unsavory motives at work as well: Forcing inmates to buy consumer goods from the jail commissary, forcing them to use over-priced jail phone services, and encouraging them to take a plea deal to get out of jail.)

I realize this is old news to people who know the criminal justice system better than I do. I wonder, however, why this isn’t a more contentious issue? Perhaps I’m just not reading the right news sources. Changes to jail rules might affect thousands of inmates and their families, but they rarely make the news. Or maybe this is settled law, and there’s not much to be gained by litigating.

I’m not sure what reform in this area would look like, but it’s not hard to envision a jail system that prevents inmates from escaping without imposing so many unrelated restrictions. I imagine something resembling a high-security secured college dorm or SRO residence, with private rooms, personal property, phones and internet, pets, and unlimited visitation from family, including overnight stays.

I realize that this vision of comfortable confinement may not be achievable, but that usually isn’t enough to stop reform movements. I’m surprised I haven’t stumbled them somewhere. And nobody said respecting people’s rights was easy.

Haiduk Steps Up On Possession

Kane County criminal defense lawyer Matt Haiduk has posted a response to my earlier post about the strangeness of the crime of possession, in which he address both of my scenarios and makes a few additional points.

In response to my hypothetical stranger-hands-me-a-duffle-bag scenario, Matt has some legal advice:

From a strictly legal standpoint, you need to drop all that stuff immediately. Possession of illegal stuff typically has to be “knowing” to stick in court. Holding that bag in those circumstances for a short time not knowing what’s in it is one thing- you’re not knowingly possessing something you shouldn’t. Once you see child porn, something you believe are drugs, and an illegal firearm the “knowing” element is shot.

You can cure that, though, by not possessing it.  Legally speaking, you don’t take it anywhere to get rid of it and you don’t call somebody while you’re holding it. You cease possessing it immediately.  Then you get the hell away from there…

And then Matt suggests that his legal advice is not the smartest advice:

You’re out on the street with a duffle bag filled with guns, coke and child porn. Depending what the surfaces on the bag or the items in the bag, your fingerprints might be on there. There are cops running at you who haven’t seen you yet, but just might if you do something out of the ordinary (like drop a duffel bag and run across the street).

Assuming that’s how it does go down, dropping a bag full of contraband in front of the cops and possibly having your fingerprints on the contraband inside is what prosecutors call a very strong circumstantial case.

Matt goes on to explain what he thinks is probably the smartest thing to do, but I’m not going to repeat it here. You’ll have to read his post to see.

Matt also addresses my not-so-hypothetical scenario of emergency Doctor Sandeep Jauhar who was handed an envelope of (presumably) cocaine by a client. He promptly threw it away, an act which has attracted criticism from Northwestern Pritzker School of Law Professor Steven Lubet. I in turn had criticized Lubet for accusing Dr. Jauhar of obstructing justice without explaining what exactly the doctor should have done. I felt that Dr. Jauhar did the best he could.

Matt, on the other hand, does better than both me and the law professor:

Patients every day enter a hospital in an emergency fashion with jewellery, a purse or wallet, or important documents. The hospital collects that stuff, and puts it into a safe or some sort of storage.  Juahar could have placed the item in a bag, stapled it shut and put it with the rest of the patient’s belongings- whether in a safe or not.

In that situation there’s no hiding and there’s certainly no destruction.  He’s not possessing it, either. He’s also not betrayed any patient confidences. He’s doing what is always done. If the police ask the Doctor about it, he can tell them what he did with it and where it went.

Note that Matt’s solution addresses the criminal law issue without abandoning doctor-patient confidentiality, which is the difference between asking a law professor (or a blogger) and asking a practicing lawyer.

(I say nice things about Matt Haiduk because his blog is a great read, but also because he’s the only real Illinois law blogger I know of, which makes him my first call if I ever get arrested.)

Jennifer Connell Is Not Really a Monster For Suing Her 8-Year Old Nephew

Folks on the internet have been a bit outraged at a woman who sued her 8-year nephew:

Jennifer Connell claims the boy, Sean Tarala of Westport, acted unreasonable when he leaped into her arms, causing her to fall on the ground and break her wrist four years ago. This week Connell is asking a six-member Superior Court jury to find the boy liable for his actions.

She is seeking $127,000 from the boy, who she described as always being “very loving, sensitive,” toward her. The boy is the only defendant in the case.

It sounds kind of awful, suing a child for essentially hugging her too exuberantly, but this is actually a pretty routine legal matter.

The key to understanding what’s going on, and why Jennifer Connell is not actually the monster some people are making her out to be, is that while she is technically suing her nephew, the real target is the insurance company that holds the homeowner’s policy. The kid is just the defendant for legal purposes, since he’s the immediate cause of her injury, but he was almost certainly represented by an insurance company lawyer since they would be the ones paying. People do this all the time. It’s how you make insurance companies pay claims.

Much has been made over a few of the details:

In court Friday, the boy, now 12 years old, appeared confused as he sat with his father, Michael Tarala, in the Main Street courtroom.

The implication is that he was confused over why the aunt he loved was suing him, but I think it’s safe to say that any 12-year old would be confused by the formality of a courtroom. Heck, I find it all confusing whenever I’m at the courthouse.

The boy’s mother, Lisa Tarala, died last year.

That’s hard on the poor kid, but that’s not a reason to let the insurance company off the hook.

Jack Marshall, who should know better, has been particularly scathing about some parts of this:

The horrific actions of the 8-year-old has turned her life into a living hell, she told the jury. “I was at a party recently, and it was difficult to hold my hors d’oeuvre plate,” she said. Believe me, I know what a social handicap that can be.

Yeah, when you see “hors d’oeuvre” written out, it’s easy to make fun of, but here’s the thing: I can hold an hors d’oeuvre plate. Holding a plate with small bits of food isn’t a difficult feat of strength. But the point of her testimony is that she still can’t hold a plate steady even though the injury has had four years to heal. This isn’t just a temporary problem. It’s a permanent debilitating injury.

The extent of the injury is further indicated by another point that people are making fun of:

She changed her mind, she says, because her life was “turned upside down as a result of the injury.” “I live in Manhattan in a third-floor walk-up so it has been very difficult,” she said. “And we all know how crowded it is in Manhattan.”

It certainly is hard to walk up three flights of stairs on one’s hands.

As a 51-year-old guy with bad knees, I say fuck that ableist bullshit. Did you ever notice there are railings in most stairwells? Did you ever wonder why they’re there? It’s because some of us need to hold on with our hands to steady ourselves on the stairs, especially when carrying something that throws us off balance. That’s got to be a lot harder when your wrist is weakened by injury.

As it happens, the jury decided against her because of the way the jury was told to evaluate the kid’s behavior:

Quinnipiac University law professor William Dunlap said in civil cases like this one involving children, the jury is instructed to view the child as a child, and not by a “reasonable person” standard.

“When you’re talking about young children, you’re talking about a subjective standard – not an objective standard,” he said. “The child is not required to conform his behavior to the way a reasonable adult is expected to behave.”

If the defendant had been 18 at the time of the incident, he would have been expected to act like a “reasonable adult.”

“The jury is supposed to judge the child’s behavior by how a child of similar age, intelligence and experience is expected to behave,” he said.

So she took her chances when she visited an 8-year old. Fair enough. And New York personal injury lawyer Eric Turkewitz says he would not have taken the case:

Would I have taken such a case? No. Because the jury did what I expect a jury would do. But eviscerate her on the Internet for it? No. She took the advice of counsel. Bad judgment call perhaps, though the attorney defends the decision to move forward.

In other words, she went to a kid’s birthday party, got injured by accident, and then a lawyer advised her that she might be able to recover some of her medical costs (and probably lost wages) from the homeowner’s policy. So why not try it? I mean, other than because the internet outrage machine might decide to pick on you…

Someone at CNN interviewed her:

“This was meant to be a simple homeowners insurance case,” she said. “Connecticut law is such that I was advised by counsel that this is the way a suit is meant to be worded.”

Connell said that an individual, not an insurance company, had to be named as a defendant.

“I adore this child. I would never want to hurt him. He would never want to hurt me,” she told CNN.

The boy refers to Connell as his aunt, although she said he is the son of her cousin. The family remains close. Just a few weeks ago, Connell said, she took the boy out shopping for his Halloween costume.

“It’s amazing the power that the Internet has that something can go viral, completely out of context,” she said. “I’m certainly not trying to retire to some villa in the south of France. I’m simply trying to pay off my medical bills.”

And her lawyer thought this might work. Maybe he was just hoping to pressure the insurance company into kicking in a little more than the single dollar they had offered. Since she lost, maybe this wasn’t the best legal decision. Or maybe it was worth a try. If you suffered a debilitating injury in my house, I sure wouldn’t hold it against you if you tried to get some money out of my insurance company. That’s one of the reasons I have the policy.

in Legal

An Attempt to Explain High Sensitivity Analysis in Collins

Both Jeff Gamso and Scott Greenfield have written about Brooklyn Supreme Court Justice Mark Dwyer’s opinion in People v. Collins discussing the admissibility of a certain type of DNA analysis in a criminal case. Since I have an amateur’s interest in both science and criminal law, I thought it might be interesting to read the actual opinion.

Surprisingly, despite the complexity of the subject and the amount of detail, it’s actually pretty readable. Dwyer takes the time to explain a lot of what the reader needs to know to understand what’s going on. And if you’re interested in this kind of thing, it’s fascinating. I think I understand it, so let me see if I can explain some of the science…

The basic issue is whether the court should allow the prosecution to present a certain type of DNA evidence from the New York City Office of the Chief Medical Examiner. DNA evidence itself is generally considered very reliable, but in this case the evidence was based on a very small sample of genetic material discovered at the crime scene and processed using a technique called high sensitivity analysis. The judge had to decide if this specialized technique was good enough to allow it to be admitted as evidence.

To understand the basic problem, imagine that you get a voicemail message in which the caller is speaking so quietly you can’t understand what he’s saying. So you try turning up the volume. This makes the caller’s voice louder, but it also amplifies the crackle and pop of the phone line and the background noises behind the caller. The amplifier circuit even introduces some noise of its own. So even though the caller’s voice is louder, you still might not be able to make out what he’s saying.

Photographers working in low light see a similar phenomenon when they try to crank up their camera’s ISO sensitivity. It makes the picture brighter, but it also adds a lot of speckled noise to the image. This happens to the image for roughly the same reason turning up the volume doesn’t make the voice easier to understand: In trying to amplify the signal, you’ve also amplified the noise — and introduced some as well.

The same thing happens with high sensitivity DNA analysis. One of the steps involves using a process called PCR to vastly multiply the number of copies of the DNA markers in the sample, because the process for measuring the markers requires a lot of material to work with. This process is called “amplification,” and just as with the audio and photographic examples, it will amplify the noise and introduce some of its own.

When the starting DNA sample is fairly large, it’s like a voicemail caller who speaks loudly or a photograph taken in bright sunlight: The signal stands out clearly from the noise in the system. When the sample is small — so-called “touch DNA” or a very degraded sample — the noise can overwhelm the signal.

The ME’s office came up with an interesting way to deal with the noise problem: Basically, they fed samples of known DNA through the high-amplification process and measured the statistical likelihood of the different types of noise. This allowed them to develop mathematical models of the effects of the various types of noise.

That wasn’t enough to filter out the noise completely, but it did allow them to make probabilistic determinations about the original DNA sample. Given a particular amplification result, they could now estimate the probability of getting that result from a particular suspect’s DNA fed through the noisy amplification process. They could also produce an estimate of the probability of getting that result from a random member of the population for comparison. Finally, they could even do this for mixtures of DNA from several people. The end result is that they could say things like, “It is 100,000 times more likely that this is a mixture of the defendant’s DNA and that of two other random people than that it is a mixture of the DNA of three random people.”

That’s not the sort of trillions-to-one odds you get with pristine DNA samples, but it is pretty good. If the science is for real. Which was kind of the question in front of Judge Dwyer.

In New York, the standard for admissibility of scientific evidence is Frye, which basically boils down to saying that the methodology behind the evidence must be widely acceptable to the relevant scientific community.

The high sensitivity analysis technique in question had recently been invented by the New York ME’s office and was not used much elsewhere, so Judge Dwyer could not conclude that it was widely accepted on that basis. His analysis didn’t end there, however, because the technique might still be considered widely accepted if it consisted only of components that were widely accepted. That is, doing several widely accepted things together is probably still widely accepted.

Judge Dwyer found that many parts of the high sensitivity analysis technique were indeed widely accepted — polymerase chain reaction amplification, electrophoresis, Bayesian statistics — but not all of them. Therefore he found that high sensitivity analysis was not widely accepted.

The problem that struck me as most significant was the experiments conducted by the New York ME’s office to determine how high-amplification noise affected the known DNA samples. This was a unique experiment, and as such it was a great piece of science, but until other labs have reproduced the results, it can’t really be considered widely accepted. Furthermore, the custom software that does the statistical analysis has not been made available for review, so it’s not clear how other labs could ever reach a conclusion about its acceptability.

Judge Dwyer’s opinion goes into a great deal more detail about the potential causes for concern and why he’s ruled that the technique is not widely accepted. It’s clear he’s given this a lot of careful thought, and as an observer of our justice system, it’s great to see judges take such care to get the science right. It makes me feel good about the system.

Trust Jeff to ruin that:

…he did something that almost never happened with expert evidence: he did it properly. That’s worthy of some note. Frye is readily abused.

And Scott:

To the uninitiated, what happened in Collins may seem, well, normal, expected even, since it’s perfectly reasonable to expect judges to do their job.  But what Justice Dwyer did was remarkably bold, maybe even exceptional.  He said “no” to a new wrinkle in DNA analysis, and he did so after other judges said, “sure, why not?”

With pathetic regularity, the by-product of bad forensic science is revealed when defendants convicted with the utmost certainty are later exonerated.

Oh well. At least it felt good while I was reading it.

in Legal

Better Data Seizure in the Digital World

Scott Greenfield has an interesting post about how much computerized data the government is allowed to seize when serving a warrant. Current practice is to seize it all and do whatever they want with it. Orin Kerr had proposed allowing the government to continue to seize all the data but putting restrictions on the use of that data so that only data responsive to the warrant can be used.

Scott’s position, if I understand it correctly, is that the warrant limits the scope of the seizure to the data specified in the warrant, and if the government can’t figure out how to limit their seizure to that data alone, then they just don’t get to seize anything. Too bad, so sad.

In my heart, I like Scott’s argument. He’s argued in that past that it’s a bad idea to make rules for the digital world by using analogies with the way we did things in the pre-digital world. That makes a lot of sense to me. We now store far more data in digital form than in the forms of data storage available when the Fourth Amendment was passed — my guess is we have more on our hard drives now than has ever been written down in all of human history — and if we were to make up rules from scratch to keep people secure in their persons, houses, papers, effects, and digitally stored data, against unreasonable searches and seizures, they would be considerably different from the rules we’ve evolved by analogy.

We’ve been witness to a similar situation when applying copyright law to digital data. Historically, copying and distributing creative works has been hard, so it made sense to have rules that govern copying and publication. And in the early years of the digital media revolution, copyright owners and publishers tried to build a virtual digital implementation of the system of rules we had been using for printed and recorded works. But as soon as consumers discovered they could copy digital works quickly, cheaply, and perfectly, they started to abandon the old copying and publication rules as too cumbersome, and we now seem to be evolving toward a system based around convenient access to source materials: If I hear a song on the radio and I want a copy, it’s much easier for me to download it from iTunes for $1.29 than it is to find someone willing to let me copy it for free. (Eventually, we will probably have laws that allow us to do this without 57-page click-to-accept legal agreements.)

Congress and the courts have been damned slow to adapt the search and seizure rules to the digital world in a reasonable way. Between things like the current rules for seizing computers and the third-party doctrine, the government has far too much easy access to our digital data, but I like to think that will eventually change as more people who grew up living in the digital world become judges and members of Congress. Someday they’ll get it, and we’ll get robust protection of digital data. Until then, Orin’s plan is about as good as it’s likely to get.

Still, I have at least three suggestions for improving Orin’s plan:

First and foremost (and least implausible),  the government should not be allowed to seize computers for longer than it takes to copy the data and return the computers to the owners. A business without its data is a business that cannot operate, and a warrant to seize data becomes an order to shut a business down. (Even having a personal computer seized is damned inconvenient and expensive.) This is a longstanding problem with seizing evidence, but given that digital copies are quick, cheap, and perfect, it’s an area where seizures in the digital world can and should be less troublesome than in the physical world.

Second, it would be nice for a change if the restrictions on the government came with real teeth. I’m not sure how that could work, however, since the initial seizure would still be legal. But without any punishment for breaking the rules, the government will still try to use everything it has, and the worst that could happen is that a judge will say no. And really, if the government discovers something juicy in the non-responsive seized data that they’re not allowed to use, is it realistic to assume they will simply ignore it? Without serious penalties, what’s to stop them from trying a little “parallel construction” to conceal the fact that they’re using the restricted data?

A similar problem arises in civil lawsuits when one party wants to examine business records from another party, such as all emails relevant to the disputed matter. The party responding to the discovery request doesn’t want to turn over all its email messages, full of sensitive business secrets, to the opposition, but the party requesting the email messages doesn’t trust the provider not to leave out messages that would hurt it in the lawsuit. One common solution to this problem is to have the responding party turn over all email messages to a neutral third party which is responsible for picking out the relevant messages and turning them over to the party requesting them.

So my third suggestion is that perhaps digital data seizures in criminal matters could be filtered through a neutral third party as well. I believe there’s some precedent for this in the way client files are protected when a lawyer is being investigated for a crime: The court appoints a special master to review the files for privileged material. Perhaps that protection could be extended more broadly to include filtering terabytes of non-responsive data down to just the material specified in the warrant. It would be a time-consuming and expensive process, but maybe that would discourage fishing expeditions, especially the fishing expeditions that turn into massive data dredging operations.

in Legal

A Rule Made To Be Broken

There’s an interesting bit of detail in this post about legal tech from Brian Tannebaum, talking about the policies governing electronic devices brought into the courtroom:

In the Southern District of New York, you can bring in one device, but if you are not a member of the SDNY Bar, you have to file a motion to bring in your one device. Pick your poison – cell phone, iPad, laptop. […] So decide what’s more important – keeping in touch with the office, witnesses, opposing counsel, clients, or having your documents available electronically and the ability to type.

Let’s get past the fact that the court doesn’t seem to realize that lawyers bring electronic devices into the courtroom because they need them to do their job and go right to the real question: Do lawyers in the Southern District of New York hire stooges to carry additional devices for them?

(My wife and do something like that at the grocery. If a sale item has a limit of one per person, we buy two of them by telling the cashier we’re paying for them separately. I’ll leave it as an exercise for the reader to figure out which one of us is the stooge.)

Actually, from a quick glance at the rules, it looks like only attorneys are allowed to bring in devices. This suggests to me that more than a few second or third chair lawyers aren’t really on the team because of their legal skills. In fact, this sounds like a perfect job for a law student: “Hey kid, you want to have front row seat at a federal trial? Great! Carry this.”

Granted, the rules do say that “The Personal Electronic Device may not be shared with any other person,” but these are lawyers we’re talking about. I’m sure they’ve figured out some way to game that rule by now.

in Legal

Return to the Planet of Reasonable Doubt

Over at a public defender, Gideon has posted his second attempt to create a jury instruction for the meaning of “reasonable doubt,” based on feedback he got from his first attempt, which has a lot of interesting comments.

The discussion is far too technical for me to contribute to, for reasons that Scott Greenfield spells out when describing an attempt he was involved with:

The mandate was to come up with an instruction that was consistent with existing caselaw while being comprehensible on a 6th grade level and across varying ethnicities.

That’s way beyond me. I’m sure I have nothing helpful to contribute to the discussion. But I’ve never really let that stop me from blogging, so…

Take a quick look at Gideon’s proposed instruction. You don’t have to actually read it, but I want you to see what it looks like. Here it is:

The State has the burden of proving the defendant’s guilt beyond a reasonable doubt. Beyond a reasonable doubt is how convincing the evidence has to be to you in order to find an accused guilty of a crime. So what does “beyond a reasonable doubt” mean?

What it means is this: The evidence must fully and firmly convince you of the defendant’s guilt before you may return a verdict of guilty.The evidence must cause your state of mind to be such that you can confidently say that you are certain of the defendant’s guilt. Although the State does not have to prove the defendant’s guilt to an absolute or mathematical certainty, the State must prove his guilt to a state of near certitude in your own minds. In other words, while the law does not require the State to prove a defendant guilty beyond all possible doubt, it is not sufficient to prove that the defendant is possibly or probably guilty.

After considering all of the evidence, you may be fully and firmly convinced that the defendant is guilty of the crime charged. On the other hand, based on the evidence or lack of evidence, you may think there is a realistic possibility that he is not guilty. This realistic possibility must be based on the evidence or lack of evidence and not arising from mere possibility, bare imagination, or fanciful conjecture.

Thus, if you are fully and firmly convinced of the defendant’s guilt, you must return a verdict of guilty. If you find that there is a realistic possibility that he is not guilty, the law demands that you return a verdict of not guilty.

It seems nice enough. It’s clearly written and full of evocative phrases. But when you step back from its context as a jury instruction, I think there’s a larger, more fundamental problem. There’s just something wrong with trying to explain such an important topic with so few words.

Excluding the instruction itself, Gideon’s post runs to 800 words, and he and his visitors added another 2000 words of comments. In an earlier post, he wrote another 900 words, which brought another 1500 words of comment. That post was in response to a 700 word post from Scott Greenfield that had another 700 more words in the comments, and it spawned a 2600-word behemoth post from Rick Horowitz, plus 600 words in the comments. Add it all up, and just these few posts amount to a discussion of reasonable doubt that runs to almost 10,000 words.

Yet if the judge uses Gideon’s proposed instruction, the jury will have to figure out what reasonable doubt means from only 272 words. That doesn’t seem…reasonable.

When it comes to explaining nuanced topics like reasonable doubt, there are well-known teaching techniques. For example, you approach the topic several times from different directions, you emphasize key points, and you hit on those points over and over so they sink in. You explore the context in which the subject arises, perhaps considering why reasonable doubt is an important feature of the justice system, so jurors understand why they’re supposed to apply the standard the way you want them to. And you also drop the discussion into the details, illustrating the rules you want to teach with examples — what counts as reasonable doubt, and what does not. You explore corner cases, and you show how the rules of reasonable doubt are derived from the larger goals of our system of justice.

You try to link the subject you’re teaching to things your students already know. You discuss how certitude and doubt already play roles in jurors’ lives, and you explain how reasonable doubt is related to those levels of doubt. You use analogies, diagrams, and stories.

Then you let them practice. You give them an example scenario, and let them figure out whether there’s reasonable doubt. Have them discuss it with each other and with you. You answer their questions, and ask instructive questions of your own. When you see them applying a principle incorrectly, you explain what they’re doing wrong, and you suggest ways to avoid that mistake in the future.

Finally, you test them. You confront them with a series of problems, and you find out which potential jurors demonstrate competence, which ones need more training, and which ones wash out of the jury pool.

In a nutshell, that’s the kind of training program it takes to get a group of people to become competent at a job. So why don’t we train jurors that way for their job?

In the industrial world, we sometimes prefer on-the-job training. It actually includes a lot of the same processes, but in the context of actually doing the job. Employees start out with simple tasks and work their way up, and competency testing takes the form of a supervisor’s evaluation. That doesn’t seem to be what we’re doing with jurors, however, because there’s no evaluation of juror performance, and they don’t work their way up — your first trial as a juror could be a capital murder or a racketeering case with mountains of complex evidence.

Another possibility is that training jurors is just too costly. That’s not quite the whole story, given the extensive training received by almost everyone else involved in the trial — lawyers, judges, court reporters, bailiffs — all of whom receive weeks, months, or years of training. Of course, the training for all of those people is reusable. Once trained, they can participate in many trials. We don’t do that with jurors. We don’t hold trials using fact finders drawn from a pool of trained professional jurors.

Every once in a while, someone proposes switching to professional jurors, but the general consensus seems to be that we prefer to use jurors drawn at random from the community. The argument is usually that professional jurors would be captured (or corrupted) by the system that employs them, and they would soon become insiders — just another part of the incarceration machine. Jurors plucked from the community take their duty of impartiality more seriously, and they represent the community better because they are a random sample. They remain part of the community from which they are drawn, as opposed to professional jurors, who self-select to join the criminal justice community.

I like this argument, but I don’t know if it’s true. In any case, we end up with jurors who are largely ignorant of the law and the workings of the criminal justice system, and who have to be instructed on reasonable doubt (and everything else they need to know) in the limited amount of time available for trial. Overall, it seems like a very sloppy process, and Gideon’s attempt to write a good jury instruction on reasonable doubt seems like a hopeless dream.

Or maybe that’s the wrong way to look at it. Maybe I should take the jury system more seriously. After all, juries have been used for centuries, and they exist in one form or another in most of the free countries of the world.  Maybe jury ignorance is a feature not a bug: Jurors are drawn at random from the community, and the limited instruction is intentional, presumably to encourage jurors to bring their community values into the process.

In that case, the true definition of reasonable doubt is not really up to lawyers or judges or legal scholars. We tell juries they must be convinced of a defendant’s guilt “beyond a reasonable doubt,” and they tell us the verdict. As a practical matter, the meaning of reasonable doubt is whatever the jurors say it is. And since this is the result of the evolved design of the jury system, perhaps this practical meaning of reasonable doubt is in fact the only true meaning of reasonable doubt. Reasonable doubt is whatever the jury does after you give them the reasonable doubt instruction.

I don’t know if you learned anything from reading this, but I feel better now. This way of thinking has a certain elegance, and it makes Gideon’s task seem less hopeless. He doesn’t have to teach a jury everything they need to know about reasonable doubt in 272 words. He just has to get them to use what they already know.

in Legal
css.php