California Supreme Court: Law Enforcement Officials May Search Cellular Phones Incident To Arrest

Posted on January 5, 2011 by Proskauer Rose LLP

On Monday, the California Supreme Court ruled that the Fourth Amendment to the United States Constitution did not prohibit a deputy sheriff from conducting a warrantless, post-arrest search of the text messages of an arrestee. Specifically, the Court affirmed the decision of the Court of Appeal that the cell phone was “immediately associated with [defendant’s] person at the time of his arrest” and was therefore “properly subjected to a delayed warrantless search.” 

In People v. Diaz, filed on January 3, the Court considered whether the trial court properly denied Diaz’s motion to suppress evidence gathered during a search of his cell phone, which occurred approximately 90 minutes after he was arrested for being a coconspirator in the sale of drugs. Diaz denied knowledge of the sales. A deputy sheriff accessed Diaz’s cell phone, which had been seized from Diaz’s person, and found a coded text message that, based on the deputy’s training and experience, indicated Diaz knew of the transaction.

The California Supreme Court’s ruling hinged on its finding that the cell phone “was an item [of personal property] on [defendant’s] person at the time of his arrest and during the administrative processing at the police station.” People v. Diaz, S1666000, slip op. Majority Op. at 8 (Cal. Jan. 1, 2011). As such, the case was controlled by the United States Supreme Court’s holdings in United States v. Edwards, 415 U.S. 800, 802-803 (1974) and United States v. Robinson, 414 U.S. 218, 224 (1973), in which the High Court affirmed seizures of paint chips from clothing and a cigarette package containing heroin from a coat pocket (respectively).

Moreover, the Diaz Court held that neither whether an item is typically carried on the person, nor the capacity of an item to store personal information, affects the Fourth Amendment analysis:

The relevant high court decisions do not support the view that whether police must get a warrant before searching an item they have properly seized from an arrestee’s person incident to a lawful custodial arrest depends on the item’s character, including its capacity for storing personal information . . . . Nothing in these decisions even hints that whether a warrant is necessary for a search of an item properly seized from an arrestee’s person incident to a lawful custodial arrest depends in any way on the character of the seized item.

Diaz, slip op. Majority Op. at 9-10.

Justice Werdegar dissented on the grounds that the U.S. Supreme Court’s decisions should not have controlled because their facts were too far removed from the context of personal data devices:

The United States Supreme Court’s holdings on clothing and small spatial containers were not made with mobile phones, smartphones and handheld computers — none of which existed at the time — in mind. Electronic devices “contain” information in a manner very different from the way the crumpled cigarette package in Robinson contained capsules of heroin [citation to Robinson]. Electronic devices, indeed, are not even “containers” within the meaning of the high court’s search decisions. As the Ohio Supreme Court, rejecting application of the container cases to a mobile phone, noted, “[o]bjects falling under the banner of ‘closed container’ have traditionally been physical objects capable of holding other physical objects. Indeed, the United States Supreme Court has stated that in this situation, ‘container’ means ‘any object capable of holding another object.’” (State v. Smith (Ohio 2009) 920 N.E.2d 949, 954, quoting New York v. Belton, [453 U.S. 454, 461 n.4 (1981)].)

Diaz, slip op. Dissenting Op. at 9-10. 

On October 4, 2010, the U.S. Supreme Court denied certiorari in State v. Smith, the Ohio case Justice Werdegar discussed in her dissent.  However, given that there is now a split between the supreme courts of California and Ohio, the United States Supreme Court might be more inclined to weigh in.
Tags: , , , ,

Court Uses Computer Privacy Law to Crack the Whip on Use of Work Computer to Solicit Dominatrix-Prostitute

Posted on June 30, 2009 by Proskauer Rose LLP

The Ohio Court of Appeals, in State v. Wolf, No. 08-16, slip op. (Ohio Ct. App. 5d April 28, 2009), recently upheld application of Ohio’s computer crime law to an employee who used his work computer to engage in criminal conduct (solicitation of a dominatrix-prostitute). While this holding may seem uncontroversial, another aspect of the decision might open the door to imposing criminal liability on employees for violating employer computer use policies.

Wolf was a Shelby City Wastewater Treatment Plant employee. The plant superintendent discovered nude photographs on Wolf’s work computer while performing routine maintenance. The superintendent notified police, who discovered that Wolf used the city-owned computer to solicit a prostitute, visit pornographic websites and upload nude photographs of himself during work hours.  At trial, the jury found him guilty of soliciting prostitution, theft in office and unauthorized use of a On appeal, Wolf challenged the trial court decisions overruling his motion for acquittal on both the charge of theft in office and the charge of unauthorized access to a computer. The Court of Appeals agreed that the trial court should have acquitted on the theft in office charge, but ruled that Wolf’s use of the office computer was unauthorized under Ohio law.

Theft In Office

Ohio Rev. Code § 2913.02 (A) (2009), reads, in part, “no person, with the purpose of depriving the owner of property or services, shall knowingly obtain or exert control over either the property or services.” Upon review, the Court of Appeals found that Wolf’s actions did not constitute the crime of theft in office. Specifically, the court found that while there was evidence Wolf spent nearly 100 hours viewing websites unrelated to his job, nothing suggested that his job performance suffered or that he failed to perform his job duties. Furthermore, the court noted that even if evidence showed Wolf had failed to perform his job duties, such evidence could only serve as a basis for his termination and not as the basis for a criminal theft in office charge. In this instance, surfing websites at work was not a theft of services under § 2913.02(A).

Unauthorized Use

Wolf did not fare as well in his appeal regarding conviction under the unauthorized use law. The statute, Ohio Rev. Code § 2913.04(B) (2009), reads in relevant part:

(B) No person… shall knowingly gain access to, attempt to gain access to, or cause access to be gained to any computer… without the consent of, or beyond the scope of the express or implied consent of, the owner of the computer… or other person authorized to give consent.

At trial, the State argued that Wolf acted outside the scope of authorization by engaging in criminal conduct. The Court agreed that the State’s unauthorized use charge was “based upon sufficient evidence,” i.e., Wolf’s use of the city computer to solicit prostitution, and that such use was “beyond the scope of the express or implied consent.” State v. Wolf, slip op. at 12. 

Notably, the Ohio statute applies not only to outsiders who infiltrate computer systems, but also to insiders such as Wolf, i.e., those who would otherwise have legal access but whose on-the-job activities go “beyond the scope of the express or implied consent” of their employers. Neither the statute nor the Wolf holding expressly limits the coverage of § 2913.04(B) to criminal activity. 

This uncertainty parallels that surrounding the Computer Fraud and Abuse Act (CFAA), a criminal statute designed to prevent unauthorized access to, and use of, computers. There is a split in authority regarding whether the CFAA can be applied to insiders authorized to use a computer or computing service in addition to outsiders. See, e.g., Condux Int’l Inc. v. Haugum, No. 08-4824, 2008 WL 5244818, at *4 & n.3 (D. Minn. Dec. 15, 2008) (collecting cases); US Bioservices Corp. v. Lugo, No. 08-2342, 2009 WL 151577, at *4 (D. Kan. Jan. 21, 2009) (narrowly construing CFAA and holding it applies only to outsiders).

It remains to be seen how the Ohio statute, and others like it, will be applied in this developing area of law.

Proskauer summer associate Kyler Scheid contributed to this post.
Tags: , , , ,

Google Execs Face Privacy-Related and Other Criminal Charges for Taunting Video

Posted on February 4, 2009 by Brendon Tavelli

Several Google executives, including the Company’s global privacy counsel, Peter Fleischer, will face criminal charges in Italian court stemming from Italian authorities’ two-year investigation of a video posted on Google Video showing a disabled teen being taunted by classmates. The video, posted in 2006, depicts four high school boys in a Turin classroom taunting a classmate with Down syndrome and ultimately hitting the young man over the head with a box of tissues. Google removed the video on November 7, 2006, less than twenty-four hours after receiving multiple complaints about the video. Nonetheless, Fleischer and his Google colleagues face criminal charges of defamation and failure to exercise control over personal information that carry a maximum sentence of three (3) years.

According to the International Association of Privacy Professionals, which broke the story on February 2, 2009, the charges against Fleischer are believed to be the first criminal sanctions pursued against a privacy professional for his company’s actions. Under European Union legislation that was incorporated into Italian law in 2003, Internet service providers (“ISPs”) are not responsible for monitoring third-party content posted to their sites, but are required to remove offensive content if a complaint is received. These laws offer to ISPs protections that are similar to those found under U.S. law in Section 230 of the Communications Decency Act of 1996. (See our Section 230 posts here.) But Italian authorities, specifically Milan public prosecutor Francesco Cajani, are prosecuting Google as an Internet content provider, rather than as an ISP, and Italy’s penal code states that such providers are responsible for third-party content on their sites. Cajani believes that Google, and its executives, violated this provision by allowing the 191-second clip to be uploaded to its video site.

On February 3, the Italian judge hearing the case -- which is expected to be ongoing for months -- suspended the proceedings until February 18 to consider procedural issues, but Google maintains that it did not violate any laws with respect to the video posting.  Also on February 3, the City of Milan joined the case with civil charges that Italian lawyers have cited as the rough-equivalent of class-action suit in the United States.  The city, according to Rocco Panetta, an Italian lawyer with Portolano Colella Cavallo, is representing several individuals it claims were injured by Google.

 

In a statement released on February 2, Google expressed sympathy for the victim’s family, but insisted that “We feel that bringing this case to court is totally wrong.  It’s akin to prosecuting mail service employees for hate speech letters sent in the post. What’s more, seeking to hold neutral platforms liable for content posted on them is a direct attack on a free, open Internet.  We will continue to vigorously defend our employees in this prosecution.” Google’s public policy counsel for Google Italia, Marco Pancini, further commented that “We are confident the process will end in our favor.”
Tags: , , , , , , , , , , , , , ,