The opinion of the court was delivered by: McLAUGHLIN, Sean J., District J.
Defendant Robert Eugene Beatty has been charged in this criminal action with one count of receiving/distributing or attempting to receive/distribute and one count of possessing visual depictions of a minor engaging in sexually explicit conduct, in violation of 18 U.S.C. §§ 2252(a)(2) and 2252(a)(4)(B), respectively. Presently pending before the Court is the Defendant's motion to suppress evidence of contraband taken from his home computer and statements which the Defendant made in connection with that search and seizure. For the reasons set forth below, this motion will be denied.
The challenged search in this case was conducted pursuant to a warrant obtained by Special Agent Tom Brenneis of the FBI on July 30, 2008. The affidavit in support of the warrant states that, on April 13, 2008, Trooper Robert Pearson of the Pennsylvania State Police conducted an online undercover investigation using the Gnutella network in a "peer-to-peer" (P2P) environment.*fn1 (Brenneis Affidavit [49-2] at ¶ 21.) Employing a file sharing program known as "Phex,"*fn2 Trooper Pearson entered "search terms [known] to be utilized by those interested in child pornography" and, in doing so, obtained a list of shared files located on computers attached to the Gnutella network. (Id.)
Trooper Pearson's investigation revealed that an individual assigned Internet Protocol (IP) number 220.127.116.11*fn3 was using the Gnutella network and his/her own P2P software to broadcast for download numerous shared files with titles suggestive of child pornography. (Brenneis Affidavit at ¶ 23.) In particular, the affidavit references the titles of eleven files; nearly all of the file names include graphic references to specific sexual acts involving children and/or terms such as "child_sex," "pedofilia," "illegal pedo sex," "incest" or "Lolita." (Id.)*fn4 Trooper Pearson found that the Secured Hash Algorithm ("SHA1")*fn5 values of these files matched those in a national database of "known child pornography computer files" maintained by the Wyoming Internet Crimes Against Children (ICAC) Task Force. (Id.) Further investigation revealed that the Defendant was the subscriber to IP number 18.104.22.168 on the date in question.
Based largely on the foregoing information, Agent Brenneis obtained a warrant to search the Defendant's home. During the course of the search, the Defendant's computer was seized and, according to the Government, was later found to contain hundreds of movies depicting minors engaged in sexually explicit activity. On August 4, 2008, several days after the search of his home, the Defendant was interviewed by the FBI and gave incriminating statements. This indictment followed.
A. Reasonable Expectation of Privacy
According to the Government, the overwhelming majority, if not all, of the alleged child pornography movies that were discovered on the Defendant's computer were located in his shared LimeWire folders. Thus, the first issue we must address is whether the Defendant maintained a reasonable expectation of privacy in the files that were obtained as a result of the Government's search.
The Fourth Amendment, which guarantees "[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures," and which ensures that "no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized," U.S. CONST. amend. IV, is a personal right. Minnesota v. Carter, 525 U.S. 83, 88 (1998). To claim the protection of the Fourth Amendment, therefore, an individual must demonstrate that he personally has an expectation of privacy in the place searched and that his expectation is reasonable. Id. (citing Rakas v. Illinois, 439 U.S. 128, 143-44 (1978)).
Here, the Government contends that the Defendant has no reasonable expectation of privacy in the files retrieved from his computer, at least to the extent the files were located in a shared folder. The Government cites United States v. Stults, 575 F.3d 834, 843 (8th Cir. 2009), United States v. Ganoe, 538 F.3d 1117, 1127 (9th Cir. 2008); United States v. Perrine, 518 F.3d 1196, 1205 (10th Cir. 2008); United States v. Barrows, 481 F.3d 1246, 1249 (10th Cir. 2007); United States v. Brese, 2008 WL 1376269, at *2 (W.D. Okla. 2008); United States v. Borowy, 577 F. Supp. 2d 1133, 1136 (D. Nev. 2008); and United States v. Meysenburg, 2009 WL 1090664 (D. Neb. 2009), as supporting the proposition that an individual using peer-to-peer software to share files on his computer cannot claim the protection of the Fourth Amendment relative to those shared files.
The Government's argument would have more force if the Defendant were challenging Trooper Pearson's use of P2P software to remotely access his shared files, but that is not the situation here. As the Defendant points out, the cases cited by the Government generally recognize that law enforcement officers do not violate the Fourth Amendment by using P2P software to remotely access files contained on a defendant's computer that are being shared by the defendant inasmuch as the defendant has no reasonable expectation of privacy regarding the remote accessing of those files. See Stults, 575 F.3d at 843 (agent's use of file-sharing program to access child pornography files on the defendant's computer did not constitute an illegal warrantless search where defendant had made those files accessible to others for sharing and thus lacked any reasonable expectation of privacy in files); Ganoe, 538 F.3d at 1127 (no illegal warrantless search where agent used LimeWire to access child pornography files on defendant's computer; defendant lacked reasonable expectation of privacy in those files); Borowy, 577 F. Supp. 2d at 1136 (same); Brese, 2008 WL 1376269 at *1-2 (same); Meysenburg, 2009 WL 1090664 at *2 (rejecting defendant's claim that his privacy interests were violated by officer's use of Phex software to remotely locate child pornography on defendant's computer; court found no support for defendant's factual contention that he had previously disabled his file-sharing program). Accord Perrine, 518 F.3d at 1205 (10th Cir. 2008) (defendant, who utilized peer-to-peer software so as to allow other internet users to access at least certain folders in his computer had no reasonable expectation of privacy in the subscriber information given to his internet provider).*fn6
However, none of the cases cited by the Government stand for the proposition that an individual running P2P software thereby loses his Fourth Amendment "standing"*fn7 to challenge a search which involves entry into his home and the seizure and subsequent search of his entire computer.*fn8 Were that the case, Agent Brenneis could have entered the Defendant's home and downloaded from his computer any shared files without having first obtained any warrant at all. In short, even if the Defendant suffered no Fourth Amendment intrusion by virtue of Trooper Pearson's conduct in remotely accessing certain shared computer files, the Defendant nevertheless retained a reasonable expectation of privacy in his computer and his home such that he possesses "standing" to challenge the merits of the subject search.
We turn next to the merits of the Defendant's suppression motion, which concerns the fundamental question whether the search warrant affidavit established probable cause to believe that evidence of a crime would be found on the Defendant's computer. The standards governing a probable cause determination are well-established:
[t]he task of the issuing magistrate is simply to make a practical common-sense decision whether, given all the circumstances set forth in the affidavit before him, including the "veracity" and "basis of knowledge" of persons supplying hearsay information, there is a fair probability that contraband or evidence of a crime will be found in a particular place, and the duty of a reviewing court is simply to ensure that the magistrate had a "substantial basis for... concluding" that probable cause existed.
Illinois v. Gates, 462 U.S. 213, 238-39 (1983)(quoted in United States v. Shields, 458 F.3d 269, 277 (3d Cir. 2006) (ellipsis in the original)). In making this assessment, the affidavit is to be construed in its entirety and in a common sense and non-technical fashion. Id., 462 U.S. at 230-31. Importantly, "[s]ufficient information must [have been] presented to the magistrate to allow that official to determine probable cause; his action cannot [have been] a mere ratification of the bare conclusions of others." Id. at 239. Accordingly, "a mere conclusory statement" in an affidavit "that gives the magistrate virtually no basis at all for making a judgment regarding probable cause" will not suffice. Id.
Here, the Defendant concedes that Agent Brenneis' affidavit supported a finding of probable cause to believe: (i) that the files which Trooper Pearson located through peer-to-peer networking were located on the Defendant's computer and (ii) that they matched the files in the Wyoming ICAC Task Force's national data base. "But what the affidavit fails to do," according to the Defendant, "is provide any information for [the issuing magistrate judge] to use to determine that there was a fair probability that those files were contraband or evidence of a crime." (Def.'s Mot. to Suppress  at p. 10.)
I do not agree that Agent Brenneis' affidavit was so deficient as to leave the magistrate judge without a substantial basis upon which to conclude that there was a fair probability that contraband or evidence of criminal activity would be found on the Defendant's computer. Here, two key pieces of information -- i.e., the highly graphic titles of the files which the Defendant was making available to other P2P users and Trooper Pearson's confirmation that these same files were among those identified by the Wyoming ICAC Task Force as "known child pornography" -- provided a substantial basis for the magistrate judge's probable cause determination. The Defendant challenges the probative value of each of these two pieces of information.
(i) The Computer File Names
The Defendant vigorously disputes the idea that the titles of the 11 computer files could meaningfully inform the magistrate judge's probable cause analysis. He contends that, in order to find a fair probability that the files in question were contraband or evidence of a crime, the magistrate judge either had to view the files personally or have at her disposal (i.e., contained within the affidavit) a sufficiently detailed description of the contents of the files as supplied by someone who had actually viewed them. Defendant argues that neither of these situations occurred here and, therefore, probable cause was lacking.
In the context of obscenity laws, the Supreme Court has stated that an issuing magistrate judge is not required to review the allegedly obscene material personally; rather, "a reasonably specific affidavit describing the content of a film generally provides an adequate basis for the magistrate to determine whether there is probable cause to believe that the film is obscene, and whether a warrant authorizing the seizure of the film should issue." New York v. P.J. Video, Inc., 475 U.S. 868, 874 n.5 (1986). A number of federal courts have applied this principle in the context of child pornography cases. See, e.g., United States v. Battershell, 457 F.3d 1048, 1052 (9th Cir.2006) ("[A] judge may properly issue a warrant based on factual descriptions of an image."); United States v. Chrobak, 289 F.3d 1043, 1045 (8th Cir.2002) (ruling that a magistrate may base probable cause on viewing images or on a description of them); U.S. v. Brunette, 256 F.3d 14, 18 (1st Cir. 2001) ("A judge cannot ordinarily make this determination [whether an image constitutes child pornography] without either a look at the allegedly pornographic images, or at least an assessment based on a detailed, factual description of them.").
Here, as I have noted, the affidavit did not state that Trooper Pearson had personally viewed the files in question, nor did the affidavit provide a detailed recitation of what the files were observed to contain. The question therefore becomes whether the Magistrate Judge could draw a reasonable inference as to the probable content of the files based upon the highly descriptive names assigned to them.
Herein lies the central point of contention, for the Defendant strongly insists that the file names at issue in this case cannot support a finding of probable cause to believe that the files actually contained images of child pornography. He cites two reasons -- one general, one specific -- in support of this argument.
The Defendant's first reason for disputing the probative value of the file names is his assertion that, as a general proposition, file names are not a reliable indicator of the actual content of any given computer file obtained through P2P file sharing. He contends that the search warrant affidavit provides no information to establish that the actual contents of files obtained through the use of peer-to-peer software correspond to their titles and, in fact, he extrapolates from the affidavit the opposite conclusion. He cites an article (apparently published by the "IEEE Computer Society" as part of the "Proceedings of the 41st Hawaii International Conference on System Sciences - 2008")*fn9 in support of the proposition that computer hackers will, in some instances, place malicious programs such as a virus, worm or spyware into a purposefully mislabeled file in order to infect and gain access to the searcher's computer. In fact, the Defendant suggested at oral argument, against the possibility that this Court might rely on the file names as an indicator of probable cause, that he would request an evidentiary hearing to establish as a factual proposition that file names do not necessarily correspond to actual file content. (See Tr. of 11/9/2009 Oral Argument  at pp. 25-27; 34-35.)
As is invariably the case, however, the ultimate determination as to whether an affidavit is supported by probable cause -- and the degree to which any particular factor may be relied on as an indicator of probable cause -- depends on the specific facts at hand. See Gates, 462 at 232 ("[P]robable cause is a fluid concept-turning on the assessment of probabilities in particular factual contexts -- not readily, or even usefully, reduced to a neat set of legal rules."). That is no less true in the case at bar.
As a generic proposition, the Government would likely stipulate -- and this Court would agree -- that file names are not a definitive indication of actual file content and, therefore, only after downloading and viewing a particular file can one know with certainty whether the content of the file is consistent with its designated name. But "certainty has no part in a probable cause analysis." U.S. v. Frechette, 583 F.3d 374, (6th Cir. 2009). On the contrary, "probable cause requires only a probability or substantial chance of criminal activity, not an actual showing of such activity." Illinois v. Gates, 462 U.S. at 244 n.13.
Moreover, determining the existence (or lack) of probable cause involves making a "practical, common-sense decision" as to whether, given the totality of facts, a "fair probability" exists that contraband will be found in a particular place. Gates, 462 U.S. at 238. See also United States v. Williamson, 439 F.3d 1125, 1136 (9th Cir. 2006) ("[N]o more is required in issuance of a warrant than that the judge has made a 'practical, common-sense decision' that there was a 'fair probability' that actual child pornography would be found in the suspect's residence."); United States v. Whitner, 219 F.3d 289, 296 (3d Cir. 2000) (affidavit must be read in its entirety and in a commonsense and non-technical manner).
As a matter of common sense, one can easily envision circumstances where a computer file name will fail to provide meaningful insight concerning specific file content, particularly if the file name involves a popular name or a term that is abstract, generic, or otherwise capable of differing interpretations. The Defendant postulates, for example, that: if the searcher is using the peer to peer software to search for music and wants to download Imagine by John Lennon he could use the search term Imagine or "John Lennon" and receive a list with hundreds of file names containing the term Imagine or "John Lennon." However, if the person downloads several of the files whose titles contain the search term, he might discover that a number of the files do not really contain the song Imagine by John Lennon but rather a different song altogether, or the song Imagine performed by an artist other than John Lennon, or a movie clip of John Lennon, or some content completely unrelated to the song Imagine or John Lennon....
(Def.'s Mot. to Supp.  at p. 2.) Clearly, a P2P file search conducted under the foregoing circumstances might well produce a large quantum of files whose titles fail to spell out the precise nature of their content. Thus, the Court is perfectly ...