Congress and the federal courts have long adhered to the premise that child pornography websites cause “significant social harm.” The U.S. Supreme Court in 1982 said that the use of children in the production of child pornography was a “serious national problem.” In the ensuing three-plus decades since that Supreme Court decision, modern technology now allows for pornographic images and videos to be traded through websites far more easily than imagined in 1982.
Playpen is one of those websites.
150,000 Users Visited Child Porn Site
In an October 27, 2017 decision, United States v. Levin, the First Circuit Court of Appeals sketched out the reach of this particular child porn website:
“Playpen attracted web traffic on a massive scale. Just between August 2014 and February 2015, more than 150,000 users accessed the site. Visitors to Playpen made over 95,000 posts on over 9,000 topics, all pertaining to child pornography. Playpen also featured discussion forums where its users discussed issues such as how to groom child victims and how to evade law enforcement.”
The appeals court pointed out that Playpen operated on an Internet network known as TOR—the acronym for “The Onion Router.” TOR and other like networks form what is known as the “Dark Web”—the underbelly of the Internet where every illicit vice known to man can be found, accessed, and acted upon.
TOR: The Onion Router
Ironically, as the First Circuit noted, TOR was created by the United States Naval Research Laboratory “as a means of protecting government communications.” The network today, however, is accessible to the public and is now a prime target of law enforcement, particularly the FBI. The appeals court explains why:
“ … One gains access to the Tor network by downloading the Tor software. By masking its users’ actual addresses – which could otherwise be used to identify users – that software offers its users much greater anonymity than do conventional web browsers. Tor achieves this masking by bouncing users’ communications around a distributed network of relay computers run by volunteers all around the world. The Tor software can be used to access the conventional internet as well as the Dark Web.”
NIT: Network Investigative Technique Reveals Users of Website
In response to the TOR software, the FBI created its own software known as the “Network Investigative Technique” (NIT). The FBI has for some time possessed the technology to take over child porn websites like Playpen. Once the FBI assumes control of a child porn website as the agency did with Playpen, the agency can then install the NIT software that attaches itself “to anything that was downloaded from Playpen, and thus effectively travelled to the computers that were downloading from the website, regardless of where those computers were located. The NIT then caused those computers to transmit several specific items of information – which would allow the FBI to locate the computers – back to the FBI.”
It was the NIT software that ensnared Norwood, Massachusetts resident Alex Levin.
An August 11, 2015 search of his computer by the FBI, authorized with a warrant, discovered files containing child pornography. He was arrested and indicted for possession of child pornography, in violation of 18 U.S.C. § 2252A(a)(5)(B). His defense attorney moved to suppress the evidence seized with the NIT warrant. The federal district court granted the motion, but that ruling was vacated by the First Circuit.
Good Faith Exception
In reaching its October 27 decision, the First Circuit was following the lead of two decisions issued earlier this year by the Tenth and Eighth Circuits upholding NIT warrants under what is known as “the Leon good faith exception.”
The issue before the First Circuit, as it was before the other two circuits, was whether the search of property located outside the jurisdiction of where the NIT warrant issuing magistrate presided violates Rule 41 of the Federal Rules of Criminal Procedure which was amended in 2016 to allow the FBI and other federal law enforcement agencies to hack computers outside the jurisdiction from where the warrant was issue.
In the Levin case, the NIT warrant was issued in February 2015 by a magistrate judge in the Eastern District of Virginia. The warrant permitted the FBI to install its NIT software on the server that hosted Playpen. That software ultimately led the FBI to Levin’s computer which, in March 2015, accessed several images of child pornography under the user name “Manakaralupa.”
That was sufficient probable cause for the FBI to secure a warrant to search Levin’s computer from a magistrate presiding in the federal District of Massachusetts.
The question the First Circuit had to answer was whether the evidence obtained through a pre-2016 NIT warrant issued in Virginia for Playpen could be used to obtain a search warrant of Levin’s computer in Massachusetts. The appeals court said it could:
“ … The NIT warrant specifies into which homes an intrusion is permitted (those where the activating computers are located), and on what basis (that the users in those homes logged into Playpen). And if the government wished to conduct any further searches of anyone’s home, it would have needed [to] obtain an additional warrant – which is exactly what it did in this case. Therefore, the NIT warrant ‘was not so facially deficient that the executing officers could not reasonably have presumed it to be valid.”
In effect, the First, Eighth and Tenth Circuits have concluded that child pornography evidence obtained through pre-2016 NIT warrants is admissible under the Leon good faith exception rule, regardless of where that evidence was located and seized.