LAW ENFORCEMENT HACKING: DEFINING JURISDICTION

Federal law enforcement’s deployment of malware (Network Investigative Technique, or NIT) raises a jurisdictional question central to remote searches of electronic data: Where does the search occur?

Litigation arising from two prominent NIT searches—Operations Pacifier and Torpedo—illustrates the challenge courts confronted in defining the situs of a NIT search absent a clear territorial referent. The defined situs deserves attention, for it determines the territorial reach of law enforcement’s legal authority to conduct operations—warrant jurisdiction—and the Fourth Amendment’s applicability to nonresident aliens.

Recent circuit court opinions have raised the prospect that courts may deem invalid the 2016 amendment to Federal Rule of Criminal Procedure 41(b), which authorizes searches of the sort at issue in Operations Pacifier and Torpedo. Should this occur, the situs of a NIT search would again turn on jurisdiction-specific definitions. As this Note suggests, courts that define the situs as within the United States may enable nonresident alien search targets to claim the Fourth Amendment’s protections. Litigants could draw from lower court precedent recognizing nonresident aliens’ Fifth and Sixth Amendment rights when the alleged violation is said to occur domestically. Their ability to pursue constitutional remedies, however, would remain contingent on the reviewing court’s jurisdictional definition, not on normatively consistent constitutional rationales.

This Note proposes that Congress standardize the situs of a NIT search by drawing from the amended Rule 41(b) and from circuit courts’ interpretation of the situs of a wiretap under the federal Wiretap Act. This proposed definition would codify the amended Rule 41(b) and may guide (though it would not preempt) a court’s analysis of a nonresident alien’s Fourth Amendment claim. This Note concludes by urging a doctrinal shift toward extending the Fourth Amendment’s protections to nonresident alien NIT search targets.

The full text of this Note can be found by clicking the PDF link to the left.

* J.D. Candidate 2021, Columbia Law School. The author would like to thank Professors Daniel Richman and Christina D. Ponsa-Kraus for their steadfast guidance and insight. The author also thanks the editors of the Columbia Law Review for their thoughtful and tireless editorial assistance.

Introduction

During oral argument in United States v. Microsoft, Justice Alito set forth a puzzle: how to define the situs of a search and seizure of electronic data. 1 Transcript of Oral Argument at 52–53, United States v. Microsoft Corp., 138 S. Ct. 1186, 1187 (2018) (per curiam) (No. 17-2), 2018 WL 1383162. Microsoft addressed whether a statutory warrant directing Microsoft to disclose customer data stored in Microsoft’s data center in Dublin, Ireland, but accessible to Microsoft employees at Microsoft’s headquarters in Redmond, Washington, entailed an extraterritorial search. 2 See Microsoft, 138 S. Ct. at 1187. Though the stored information “physically exists on one or more computers somewhere,” Alito began, “it doesn’t have a presence anyplace . . . . The whole idea of territoriality is strained.” 3 Transcript of Oral Argument at 52–53, Microsoft, 138 S. Ct. 1186 (No. 17-2).

This challenge—defining legal jurisdiction absent a clear territorial referent—is not new. During the late 1990s and early 2000s in particular, scholars considered how online communications and transactions challenged the traditional territorial link between “legally significant (online) phenomena and physical location,” between conduct and effect. 4 David R. Johnson & David Post, Law and Borders—The Rise of Law in Cyberspace, 48 Stan. L. Rev. 1367, 1370, 1378 (1996) (arguing that “[m]any of the jurisdictional and substantive quandaries raised by border-crossing electronic communications could be resolved by one simple principle: conceiving of Cyberspace as a distinct ‘place’ for purposes of legal analysis by recognizing a legally significant border between Cyberspace and the ‘real world’”); see also Patricia L. Bellia, Chasing Bits Across Borders, 2001 U. Chi. Legal F. 35, 44 (examining the treatment of remote cross-border searches under the Constitution and customary international law and arguing that any bilateral or multilateral agreement authorizing cross-border searches “must track Fourth Amendment requirements”); Paul Schiff Berman, Legal Jurisdiction and the Deterritorialization of Data, 71 Vand. L. Rev. En Banc 11, 13–15 (2018) [hereinafter Berman, Legal Jurisdiction] (reviewing this early scholarship on internet jurisdiction and territorial sovereignty); Jack L. Goldsmith, The Internet and the Abiding Significance of Territorial Sovereignty, 5 Ind. J. Glob. Legal Stud. 475, 475 (1998) (arguing that “territorial regulation of the Internet is no less feasible and no less legitimate than territorial regulation of non-Internet transactions”). Courts, in turn, confronted one practical application of this jurisdictional puzzle: how to define the situs of an “intercept” of communications within the meaning of the Wiretap Act when law enforcement is physically separated from the tapped device. 5 See, e.g., United States v. Rodriguez, 968 F.2d 130, 135–36 (2d Cir. 1992) (defining “intercept” within the meaning of Section 2518(3) of the Wiretap Act as both where “the contents of a wire communication are captured or redirected” and where “the redirected contents are first heard”). More recently, in Microsoft, Alito confronted the question in the context of Stored Communications Act (SCA) compelled disclosure orders, which direct third-party service providers to disclose stored customer data to law enforcement under specified conditions. 6 See Microsoft, 138 S. Ct. at 1187; Paul M. Schwartz, Legal Access to the Global Cloud, 118 Colum. L. Rev. 1681, 1714 (2018).

With the rise of encryption technology and anonymizing software, however, this question has regained salience, particularly with regard to the government’s use of malware to directly search a suspect’s device or data. 7 See Jonathan Mayer, Government Hacking, 127 Yale L.J. 570, 576–78 (2018). This Note focuses exclusively on federal law enforcement’s use of malware-enabled searches, as the factual and legal records of these searches are substantially more developed at the federal level. See id. at 578, 580 n.29. Through tactics the government terms Network Investigative Techniques (NITs), law enforcement is able to circumvent encryption technology and anonymizing software that impede traditional investigative tools. 8 The government has modified the terminology over time. What began as “a workbench project” evolved into the “computer and internet protocol address verifier” (CIPAV) before the 2012 adoption of what is believed to be the currently used term—NITs. See Zach Lerner, A Warrant to Hack: An Analysis of the Proposed Amendments to Rule 41 of the Federal Rules of Criminal Procedure, 18 Yale J.L. & Tech. 26, 38 (2016). When a NIT search targets a device or data concealed by anonymizing software, however, officers do not know prior to the search where it will execute. The question, in turn, becomes: Where does this NIT search occur?

Prior to the 2016 amendment to the venue provisions of Federal Rule of Criminal Procedure 41(b), which regulate federal magistrate judges’ authority to issue search warrants, the government defined the search by the location of the relevant government server and investigating officer. 9 See, e.g., Brief of the United States at 21, United States v. Darby, 721 F. App’x 304 (4th Cir. 2018) (No. 17-4212), 2017 WL 6015454 (“Under Rule 41’s tracking-device provision, the NIT was installed when it was placed on the Playpen server in the Eastern District of Virginia, not when the NIT was retrieved from the Playpen server by a user logging onto Playpen or when the NIT ultimately disclosed the location-identifying information.”). In turn, courts presiding over challenges to two prominent NIT searches—Operations Pacifier and Torpedo—embraced divergent interpretations. Though numerous courts adopted a device-centric approach, defining the situs of the search by the location of the suspect’s device, 10 See infra note 70. others embraced the government’s definition, analogizing the search to a tracking device authorized by Rule 41(b)(4). 11 See infra note 71. Crucially, a device-centric definition laid the groundwork for courts to hold NIT searches that executed beyond the judicial district of the authorizing magistrate judge invalid under the unamended Rule 41(b) and the Federal Magistrates Act.

The amended Rule 41(b)(6)(A) departed from these single-factor approaches. Subsection (b)(6)(A) provides that “a magistrate judge with authority in any district where activities related to a crime may have occurred” may issue a remote search warrant when “the district where the media or information is located has been concealed through technological means.” 12 Fed. R. Crim. P. 41(b)(6)(A). Subsection (b)(6)(A) provides:
(6) a magistrate judge with authority in any district where activities related to a crime may have occurred has authority to issue a warrant to use remote access to search electronic storage media and to seize or copy electronically stored information located within or outside that district if:
(A) the district where the media or information is located has been concealed through technological means . . . . In NIT searches executed since this Rule change, the government and courts have defined the “place to be searched” by the traditional Fourth Amendment framework—the location of the thing searched. 13 See infra note 48 and accompanying text.

This definition deserves attention, for the situs of the search is not merely technical. The definition determines the territorial reach of law enforcement’s legal authority to conduct operations—warrant jurisdiction—and the applicability of the Fourth Amendment’s protections. 14 See Jennifer Daskal, The Un-Territoriality of Data, 125 Yale L.J. 326, 389 (2015) [hereinafter Daskal, The Un-Territoriality of Data] (“Whereas territoriality under the Fourth Amendment demarcates who is—and is not—entitled to basic privacy protections vis-à-vis the U.S. government, territoriality for purposes of warrant jurisdiction defines the geographic scope of court-approved law enforcement authority to act.”). In turn, the definition may determine the legality of the search and the Fourth Amendment rights of nonresident aliens 15 A note on terminology: In this Note, “nonresident alien” refers to foreign nationals investigated by U.S. law enforcement for conduct that might be defined as occurring abroad.
Jurists and scholars have long employed the term “nonresident alien” when discussing whether or to what extent provisions of the Constitution apply to noncitizens located abroad. As scholars such as Kevin R. Johnson have noted, however, use of the term “alien” concretizes a notion of noncitizens as “‘other,’ different and apart from ‘us.’” Kevin R. Johnson, “Aliens” and the U.S. Immigration Laws: The Social and Legal Construction of Nonpersons, 28 U. Miami Inter-Am. L. Rev. 263, 264 (1996). Indeed, President Biden’s proposed immigration reform bill, the U.S. Citizenship Act of 2021, calls for “further recogniz[ing] America as a nation of immigrants” by replacing the term “alien” with “noncitizen” in U.S. immigration law. Fact Sheet: President Biden Sends Immigration Bill to Congress as Part of His Commitment to Modernize Our Immigration System, White House (Jan. 20, 2021), https://www.whitehouse.gov/briefing-room/statements-releases‌‌/
‌‌2021/01/20/fact-sheet-president-biden-sends-immigration-bill-to-congress-as-part-of-his-commitment-to-modernize-our-immigration-system [https://perma.cc/EK2S-CVRY]. subject to a NIT search. 16 See Jennifer Daskal, Borders and Bits, 71 Vand. L. Rev. 179, 185–86 (2018) [hereinafter Daskal, Borders and Bits] (“[T]he answers to these jurisdictional questions often determine not just government’s ability to access or manage data, but the rights and protections that apply. In determining who gets to set the rules, the jurisdictional rules indirectly determine the scope of one’s privacy, associational, and speech rights.”); Daskal, The Un-Territoriality of Data, supra note 14, at 354–55, 383–86 (explaining that the territorial limits on a federal judge’s authority to issue a search warrant depend on where the search is deemed to have occurred and arguing for the presumptive application of the Fourth Amendment “regardless of where the data or the target is located”).

First, if the amended Rule 41(b)(6)(A) is found invalid in light of the Federal Magistrates Act—a prospect the Second and Ninth Circuits have raised—magistrate judges would remain constrained by the Act’s “independent territorial restrictions” on their authority to issue extra-district NIT searches. 17 nited States v. Eldred, 933 F.3d 110, 117 (2d Cir. 2019) (internal quotation marks omitted) (quoting United States v. Krueger, 809 F.3d 1109, 1121 (10th Cir. 2015) (Gorsuch, J., concurring)); see also United States v. Henderson, 906 F.3d 1109, 1115 n.5 (9th Cir. 2018); infra section II.A. In turn, courts would again confront the problem that arose under the unamended Rule 41(b): defining the situs of a NIT search that executes beyond the judicial district of the authorizing magistrate judge.

Law enforcement may avoid this warrant jurisdiction problem by submitting NIT warrant applications to district court judges, who are not subject to the Magistrates Act’s territorial constraints. 18 See Mayer, supra note 7, at 628. But the jurisdictional question would remain relevant for nonresident alien search targets. 19 For NIT searches that execute domestically, the defined situs of the search generally does not have a constitutional dimension. See 2 Wayne R. LaFave, Search and Seizure: A Treatise on the Fourth Amendment § 4.2(f) (6th ed. 2020) (noting that “contrary to the usual rule . . . the violation of a rule or statute may show that the Fourth Amendment requirement that warrants be issued by a ‘neutral and detached magistrate’ who is ‘lawfully vested’ with warrant-issuing authority has not been met”). Though the Fourth Amendment sets forth probable cause and warrant requirements, statutes and rules define the territorial scope of the authorizing judge’s authority to issue search warrants. See id.
By contrast, in searches that may be said to execute extraterritorially, the situs may enable or foreclose Fourth Amendment claims by nonresident aliens depending on whether the situs of the search is found to be located within or beyond the United States. See infra section II.B.2. Further, as to U.S. citizens, the situs may determine whether the Fourth Amendment’s traditional probable cause and warrant requirements, or its reasonableness test, applies. See infra note 118.

Courts that define the situs by the location of the government server or investigating officer—within the authorizing magistrate judge’s judicial district—may pave the way for nonresident aliens subject to NIT searches to challenge the search on Fourth Amendment grounds. Though Supreme Court doctrines generally foreclose Fourth Amendment challenges brought by foreign nationals for searches of their property abroad, 20 ee infra section II.B.1. a nonresident alien might assert such a challenge by characterizing the NIT search as domestic, not extraterritorial, in nature. 21 ee infra section II.B.2. A nonresident alien’s ability to pursue remedies for Fourth Amendment violations, however, would remain contingent on the fortuity of the court’s jurisdictional definition.

To address this incongruity, this Note proposes that lawmakers define the situs of a NIT search as part of a comprehensive bill regulating these remote searches. 22 ee infra Part III. The proposed definition should relate to the locations of the targeted device or data and the investigating officer. A definition tied to the location of the device or data searched would recognize but regulate law enforcement’s execution of remote searches. In turn, a definition tied to the investigating officer may pave the way for nonresident aliens to assert Fourth Amendment challenges to unlawful NIT searches.

Part I of this Note introduces NIT searches and examines how judges have defined the situs of these searches prior to and following the amendment to Rule 41(b). Part II discusses circuit court opinions raising the prospect that the amended Rule 41(b)(6)(A) may be vulnerable to judicial attack. This Part then suggests that defining the situs as within the magistrate judge’s judicial district may enable nonresident aliens to assert Fourth Amendment challenges arising from unlawful NIT searches. As the pursuit of constitutional remedies would remain contingent on the presiding court’s definition, Part III proposes that Congress define the situs of a NIT search by drawing from Rule 41(b) and the federal Wiretap Act.