The Timing of Computer Search Warrants When It Takes the Government Several Years To Guess The Password
In a decision handed on Friday, United States v. Kopankov, the U.S. District Court for the Northern District of California (Jacqueline Scott Corley, J.) suppressed the fruits of a computer warrant search because it took the government too much time to bypass the device’s encryption. Specifically, the magistrate judge who issued the warrant had imposed an extra limit on the warrant requiring the government to forensically search the seized computer quickly, and to request extensions from the court asking for more time if it needed longer. But the government could not bypass the encryption on the computer — an Apple iPhone X — other than by trying a “brute force” attack to guess all the possible passwords. The government did get one extension giving it more time. But it ended up taking three years for the brute force attack to guess the correct password. By that time, the extension had itself expired.
In the new ruling, Judge Corley suppresses the fruits of the search because the brute force attack did not succeed until after the extension had expired. Specifically, the government mirrored the decrypted device (generating a copy to be searched) before applying for another search warrant to search the device. Judge Corley concludes that the mirroring was a warrantless search that requires suppression of the evidence found on the warrant.
I think this ruling is wrong. Not only should the evidence not be suppressed; there was no legal violation at all.  The government had a valid search warrant, and there is no principle of law that makes a defendant’s ability to slow down a search by using encryption a legal basis for suppressing the evidence when the search eventually succeeds. In this post, I will explain why.
I. Background on Ex Ante Restrictions on Computer Warrants
First, some context. I have written over the years about ex ante search restrictions in computer search warrants. These are limits sometimes added to computer warrants that purport to control ex ante the details of how the warrant is executed. With traditional warrants, the warrant authorizes the search, and Fourth Amendment doctrine regulates the reasonableness of the warrant’s execution. With ex ante restrictions, though, the warrant itself will include detailed limits on how the warrant will be executed. The limits might be on who can search the device, or when, or where. It might be about what steps are taken when the warrant is executed. It’s all up to the discretion of the magistrate judge.
One of the issues that has come up from time to time is why or whether ex ante restrictions matter. In particular, if the government violates an ex ante restriction, what is the remedy?
I have argued that there is no remedy. In my my view, as explained in detail here, the Fourth Amendment does not permit magistrate judges to impose ex ante restrictions on warrants. The law of executing warrants has to be based on Fourth Amendment law, not individual-warrant-condition-by-individual-magistrate law. As a result, in my view, the government is entirely free to disregard ex ante restrictions and there is no legal wrong, or legal remedy, if they choose to do so. The government has to follow the law of Fourth Amendment reasonableness, of course. But individual warrant restrictions don’t determine reasonableness; Fourth Amendment law does.
If that seems odd to you, you should read the Supreme Court’s decision in Richards v. Wisconsin, on whether a warrant can be executed as a no-knock warrant. Richards held that the fact that the issuing magistrate had said the warrant could not be executed as a no-knock warrant was irrelevant to whether it c
Article from Latest
