NEW YORK (Reuters) - U.S. law-enforcement agencies are increasingly obtaining warrants to search Facebook, often gaining detailed access to users’ accounts without their knowledge.
A Reuters review of the Westlaw legal database shows that since 2008, federal judges have authorized at least two dozen warrants to search individuals’ Facebook accounts. Many of the warrants requested a laundry list of personal data such as messages, status updates, links to videos and photographs, calendars of future and past events, “Wall postings” and “rejected Friend requests.”
Federal agencies seeking the warrants include the FBI, DEA and ICE, and the investigations range from arson to rape to terrorism.
The Facebook search warrants typically demand a user’s “Neoprint” and “Photoprint” — terms that Facebook has used to describe a detailed package of profile and photo information that is not even available to users themselves.
These terms appear in manuals for law enforcement agencies on how to request data from Facebook. The manuals, posted on various public-advocacy websites, appear to have been prepared by Facebook, although a spokesman for the company declined to confirm their authenticity.
The review of Westlaw data indicates that federal agencies were granted at least 11 warrants to search Facebook since the beginning of 2011, nearly double the number for all of 2010. The precise number of warrants served on Facebook is hard to determine, in part because some records are sealed, and warrant applications often involve unusual case names. (One example: “USA v. Facebook USER ID Associated with email address firstname.lastname@example.org,” a sealed case involving a drug sale.)
In a telephone interview, Facebook’s Chief Security Officer, Joe Sullivan, declined to say how many warrants had been served on the company. He said Facebook is sensitive to user privacy and that it regularly pushes back against law-enforcement “fishing expeditions.”
None of the warrants discovered in the review have been challenged on the grounds that it violated a person’s Fourth Amendment protection against unlawful search and seizure, according to a review of the cases.
Some constitutional-law experts said the Facebook searches may not have been challenged because the defendants - not to mention their “friends” or others whose pages might have been viewed as part of an investigation — never knew about them.
By law, neither Facebook nor the government is obliged to inform a user when an account is subject to a search by law enforcement, though prosecutors are required to disclose material evidence to a defendant.
Twitter and several other social-media sites have formally adopted a policy to notify users when law enforcement asks to search their profile.
Last January, Twitter also successfully challenged a gag order imposed by a federal judge in Virginia that forbade the company from informing users that the government had demanded their data.
Twitter said in an email message that its policy was “to help users protect their rights.” The Facebook spokesperson would not say whether the company had a similar policy to notify users or if it was considering adopting one.
In several recent cases, however, Facebook apparently did not inform account-holders or their lawyers about government snooping.
Last year, several weeks after police apprehended four young Satanists who burned down a church in Pomeroy, Ohio, an FBI agent executed a search warrant on Facebook seeking data about two of the suspects.
All four ultimately pleaded guilty and received sentences of eight to ten years in state prison (along with a message of forgiveness from a church official who called the sentence “God’s time out,” and presented them with a Bible). It is unclear if data obtained from the warrant was used in the investigation.
Lawyers for the two defendants were unaware of the searches until they were contacted by Reuters.
In another case, the DEA searched the account of Nathan Kuemmerle, a Hollywood psychiatrist who pleaded guilty in Los Angeles federal court after a joint operation last year by the DEA and local police revealed he had run a “pill mill” for celebrity customers.
Westlaw records show that that the DEA executed a warrant to search Kuemmerle’s Facebook account weeks after his arrest.
At Kuemmerle’s bail hearing, a Redondo Beach police detective pointed to comments Kuemmerle made on Facebook and in the site’s popular game “Mafia Wars” to argue that he should be denied bail.
According to Kuemmerle’s lawyer, John Littrell, the detective testified on cross-examination that the information was from “an undercover source.” Littrell told Reuters that neither he nor his client was ever informed about the warrant, and that he only learned of its existence from Reuters.
The detective said in an e-mail message that he did not recall being asked about how he obtained the Facebook information. The DEA did not reply to requests for comment.
The Facebook searches potentially open up new legal challenges in an area that at one time seemed relatively settled: How much protection an individual has against government searches of personal information held by third parties. In a 1976 case, United States v. Miller, a divided U.S. Supreme Court ruled that a bank did not have to inform its customer when it turned over his financial records to the Bureau of Alcohol, Tobacco and Firearms.
In doing so, the Supreme Court held that the customer could not invoke Fourth Amendment rights against illegal search and seizure because the records were bank property in which he had no legitimate “expectation of privacy.”
Under this reasoning, a person would have no more expectation of privacy in Facebook content than in bank records. A key difference, however, is the scale of information that resides on social networking sites.
“It is something new,” said Thomas Clancy, a constitutional-law professor at the University of Mississippi. “It’s the amount of information and data being provided as a matter of course by third parties.”
Eben Moglen, a cyberlaw professor at Columbia Law School, says the Facebook searches show that courts are ill-equipped to safeguard privacy rights in an age of digital media. In his view, “the solutions aren’t legal, they’re technical.”
Clancy, the Mississippi professor, said that courts are divided over whether the unprecedented volume of digital records in the possession of third parties should give rise to special rules governing the search of electronic data.
He added that the Supreme Court had an opportunity to clarify the issue in a case called Ontario v. Quon, but that it decided to “punt.”
The Quon case concerned a California policeman who claimed his employer violated his Fourth Amendment rights when it read sexually explicit messages that he had sent from a work pager.
The Court found that that the employer’s search was not unreasonable, but declined to rule on the degree to which people have a privacy interest in electronic data controlled by others.
Explaining the court’s caution, Justice Anthony Kennedy wrote, “The judiciary risks error by elaborating too fully on the Fourth Amendment implications of emerging technology before its role in society has become clear.”
Reporting by Jeff John Roberts; Editing by Amy Stevens and Eddie Evans