Reporters looking into the Schiff and McGhan investigations should be making sure that when they report about “subpoenas,” they actually mean subpoenas and not 18 U.S.C. § 2703(d) orders (which are served like subpoenas). The latter are a lot more invasive than the former.
To make a long ECPA short, subpoenas are largely unregulated but can’t (in the Internet context) get the govt much. An account name, IP addresses it was assigned, not much else. /1
But 2703(d) orders are more like warrants: a judge needs to sign off on it and its showing of cause. And it can get all non-content transactional records of the account, like who you contacted and when. /2
If you’re an investigator and you want to know who a suspect communicated with, a 2703(d) order tells you that for that account; a subpoena doesn’t. Pretty big difference. /3
If DOJ only got a subpoena for X, that plausibly means someone else was the suspect (the subject of a 2703d order), revealing contacts with X’s account, and then a subpoena just to see who X is. /4
But if DOJ got a 2703d order for X’s account, it plausibly means X was a suspect and DOJ went to a judge and made the case for why there may be evidence in X’s contacts. /5
Media accounts tend to assume that DOJ issuing a subpoena for X’s records means X was a suspect. But if it’s just a subpoena, not a 2703(d) order, that may not be the case. /end
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Apple says it is tightening its rules on subpoenas, but I don't get it: If Apple says it will only give records relating to 25 accounts per subpoena, doesn't the govt just issue more subpoenas? Subpoenas don't require cause. news.trust.org/item/202106112…
Oh, you want records from 73 accounts? We have had enough: From now on, you must attach three .pdfs, not one .pdf.
It's possible that what Apple is trying to do is limit two-step orders. For example, say DOJ serves an order on Apple for the records of target 1, wanting to know who target 1 has communicated with. It next wants the records of the people who communicated with target 1. /1
A longish thread on Van Buren: Where does it leave the CFAA?
Here's a first cut.
The computer hacking statute, the CFAA, prohibits two things: access without authorization, and exceeds authorized access. Access without authorization is understood to require some kind of breaking in. The question here is whether exceeds authorized access does, too.
As I read the new decision, the Court says yes -- exceeding authorized access also requires some breaking in. The court agrees with the defendant's claim that the two prohibitions are similar -- at just different stages. The Court calls this a "gates-up-or-down" inquiry.
There's a lot to be said about the traffic stop of Lieutenant Caron Nazario, but one of them is that it makes this 2015 blog post unfortunately relevant again:
"Sandra Bland and the 'Lawful Order’ Problem."
(Given the paywall, I'll include screenshots.) washingtonpost.com/news/volokh-co…
The interview above was recorded in 1997, and none of it has ever been shown outside my family before. At some point I'm going to make a full length edited video of it to post on Youtube (it was 5+ hours long, so it needs to be shortened). But, for now, this excerpt.
When a father consented to a search of his "son's account" on their jointly used computer, investigators exceeded the scope of consent when they searched the recycle bin, which included files from multiple users. Child porn found there is suppressed. wicourts.gov/ca/opinion/Dis…#N
The forensic tool used to search the computer grouped the deleted files from all accounts in the same place, the recycle bin, without indicating from which account a particular file had originated. Acc to the court, using the tool to search that was beyond the scope of consent.
This case touches on a question that I cover in my computer crime law casebook and discuss in my class: How do you apply consent principles to computer searches when people consent in regular-user-speak but forensic analysts think in forensic-tool-speak?