United States v. Bailey

272 F. Supp. 2d 822 | D. Neb. | 2003

272 F. Supp. 2d 822 (2003)

UNITED STATES of America, Plaintiff,
v.
Thomas Edward BAILEY, Defendant.

No. 4:02CR3040.

United States District Court, D. Nebraska.

July 23, 2003.

*823 *824 Steven A. Russell, Assistant United States Attorney, Lincoln, Plaintiff's Counsel.

John C. Vanderslice, Assistant Federal Public Defender, Lincoln, Defense Counsel.

MEMORANDUM AND ORDER

KOPF, District Judge.

This matter is before the court on a report and recommendation by Magistrate Judge Piester (filing 60) regarding Defendant's motion to suppress (filing 26), and on Defendant's statements of objections to the report and recommendation (filing 65).

Pursuant to 28 U.S.C. § 636(b)(1) and NELR 72.4, I have reviewed de novo the report and recommendation, together with the transcript of the evidentiary hearing that was conducted on February 6, 2003 (filing 47). I find that inasmuch as Judge Piester has fully, carefully, and correctly found the facts and applied the law, Defendant's objections should be denied, the report and recommendation should be adopted, and Defendant's motion to suppress should be denied in all respects.

Although I fully adopt Judge Piester's very thorough and extremely well reasoned report and recommendation, I add four clarifying comments regarding the search of the work computer used by Bailey at his place of employment. They are:

* Bailey, a reasonably well educated person, had no expectation of privacy in the work computer owned by someone else because every time he accessed the work computer he physically acknowledged that he was giving consent to search the computer. Such repeated warnings about consent to search, followed by such repeated acknowledgments, categorically and without more defeat Bailey's claim of privacy.
* The irresponsible behavior of Yahoo! would make it impossible for me to find that any of the FBI agents intentionally, knowingly, or recklessly included false and incomplete information in the affidavit for a warrant to search the defendant's work computer.
* The warrant affidavit, corrected to excise the allegedly false material, stated probable cause because the affidavit also truthfully reported that (1) the government knew that the work computer used by Bailey was privately searched by the computer systems' operator and pornography was found on the computer, and (2) the government knew that someone using Bailey's e-mail address, which address was assigned to the same work computer used by Bailey, belonged to an internet site that distributed child pornography. Any other conclusion would amount to use of a far too restrictive definition of "probable cause."
* Although distinguishable from the facts of this case and therefore not applicable, I would not follow United States v. Perez, 247 F. Supp. 2d 459, 480-86 (S.D.N.Y.2003) (without allegedly false information, "Candyman" search warrant affidavit failed to establish probable cause) or United States v. Strauser, 247 F. Supp. 2d 1135, 1143-44 (E.D.Mo.2003)(same), even if they were factually analogous. Respectfully, Perez and Strauser fail to apply the common sense test for probable cause. Moreover, those cases improperly disregard the knowledge and experience of law enforcement officers who specialize in cyber-crime investigation. In my opinion, knowingly becoming a computer subscriber to a specialized internet site that frequently, obviously, unquestionably and sometimes automatically distributes electronic images of child pornography to other computer subscribers alone establishes probable cause for a *825 search of the target subscriber's computer even though it is conceivable that the person subscribing to the child pornography site did so for innocent purposes and even though there is no direct evidence that the target subscriber actually received child pornography on his or her computer.

Accordingly,

IT IS ORDERED that:

1) the Magistrate Judge's report and recommendation (filing 60) is adopted;
2) Defendant's objections to the report and recommendation (filing 65) are denied; and
3) Defendant's motion to suppress (filing 26) is denied in all respects.

REPORT, RECOMMENDATION AND ORDER

PIESTER, United States Magistrate Judge.

Defendant has moved, pursuant to Franks v. Delaware, 438 U.S. 154, 98 S. Ct. 2674, 57 L. Ed. 2d 667 (1978), to suppress evidence of child pornography arising from a warrant issued to search defendant's work computer located in the American Family Insurance office at 716 North 108th Street, Omaha, Nebraska. Filing 26. An evidentiary hearing was scheduled and several continuances of that hearing were granted at the parties' joint request or agreement. The evidentiary hearing was held on February 6, 2003. The parties were granted leave to file post-hearing briefs to summarize extensive documentary evidence received at the hearing. The defendant's brief was filed on March 20, 2003, and the government responded on April 29, 2003. Additional evidence was offered by joint stipulation on May 2, 2003, and additional legal authority was provided to the court on May 27, 2003.[1] This matter is now fully submitted. Upon review of the evidence, I conclude defendant's motion should be denied.

I. Summary of Arguments

The warrant to search defendant's work computer was based on an application presented to Magistrate Judge Thomas D. Thalken on December 21, 2001. The warrant application stated:

1. FBI Agent Geoffrey Binney, as part of his undercover investigation of internet crimes against children, discovered the Candyman E-group and joined it by sending an e-mail to its moderator. He remained a member from January 2, 2001 through February 6, 2001;
2. During his undercover membership in the Candyman E-group, he automatically received all 498 e-mails posted to that E-group during that time period;
3. Of those e-mails, 105 included images of child pornography;
4. "Every e-mail sent to the [Candyman E-group] was distributed to every member automatically;"
5. Based on Agent Binney's own membership, he knew the Candyman E-group posted twenty-three images on February 6, 2001 and two of those e-mails contained images of child pornography;
6. The person identified by e-mail address tbaile2@amfam.com was a *826 member of the Candyman E-Group on February 6, 2001;
7. That address was later identified as an e-mail account within the American Family Insurance Company network;
8. American Family Insurance stated the e-mail address was assigned to defendant Bailey;
9. Pursuant to a subpoena, American Family accessed the contents of defendant's e-mail account through the American family network and reported locating images of pornography, though no distinction was made between adult or child pornography;
10. Use of the internet is known to provide a degree of anonymity to those interested in sexually abusing and exploiting children as well as trafficking, trading, and collecting child pornography. Such people rarely dispose of their collections of sexually explicit materials depicting children, including when these images are stored on a computer;
11. Based on this information, there was probable cause to believe that defendant's office space and work area, including defendant's work computer, located at the American Family agency at 716 North 108th Street in Omaha, Nebraska contained images of child pornography.

Exhibit 101, Application and Affidavit for Search Warrant. The warrant application was signed by FBI Agent Scott McMillion.

Defendant claims this warrant application contained false and incomplete statements which were knowingly, intentionally, or recklessly made by FBI Agents McMillion and Binney and that, had truthful and complete information been provided to the court, no warrant would have been issued. Filing 26 at ¶ 4; T,6-8. The focus of defendant's challenge is the later-determined false representation by Agent Binney (incorporated into the warrant application signed by Agent McMillion) that every member of the Candyman E-group, including the defendant, received every posting in the E-group, including pornographic images of children. Defendant alleges that without this statement in the warrant application, there was no probable cause to believe the defendant had received child pornography by e-mail sent to his work computer, and therefore no basis existed for issuing a warrant to search that computer. Defendant further alleges that Agent Binney knew, or was reckless if he failed to know or recall, that all members did not receive all postings by e-mail because: 1) contrary to Agent Binney's assertions, he joined the Candyman E-group via the web and therefore was informed that members could choose to receive no e-mail from the Candyman E-group; and 2) Agent Binney knew that even if a member initially chose or was assigned by default to receive all e-group postings by e-mail, the member could later use the "modify" delivery button and select a "no e-mail" delivery option.

The government's argument is that, as to defendant Bailey, it did not need a warrant to search his work computer because defendant Bailey had no legitimate expectation of privacy in the e-mail files located on his work computer. The government further claims that even assuming the warrant application contained false or incomplete information, after excluding the information challenged and including the information allegedly omitted, the warrant application supports a finding of probable cause.

II. Statement of Facts

In 1998 the FBI launched the "Innocent Images Crimes Against Children Initiative" to investigate internet criminal behavior directed against children, including the distribution, transmission, and possession *827 of child pornography. FBI Agent Geoffrey Binney, who was trained by the FBI on how to access internet chat rooms and how to save the information located during online chats, was a specialty agent assigned to that task force from December 1998 through May 2001. Exhibit 103, Perez transcript, 4:5-6:8.

During the course of his investigation, on January 2, 2001, Agent Binney discovered and joined the "Candyman" online E-group. During that same time frame, Agent Binney also joined or attempted to join at least five other E-groups as part of his investigation of internet crimes against children. An E-group is an online forum for people with like interests to share ideas, information, and pictures. Some of these groups focus on child pornography. When Agent Binney joined the Candyman E-group, the internet provider was "eGroups." Yahoo! had purchased eGroups in August of 2000, but did not integrate eGroups into the Yahoo! system until January 26, 2001. During Agent Binney's undercover investigation of the Candyman E-group, Yahoo! "provided a new veneer" to the service and automatically became the internet provider for Agent Binney's access to the Candyman E-group. Following this transition a Candyman E-group member could obtain e-mail from the E-group but could not access website postings without obtaining a Yahoo! identification via the web. Exhibit 102, Strauser transcript, 2-11, 2-78 to 2-79, 2-93. 2-193;[2] Exhibit 103, Perez transcript, 12:2-22-13:25; 30:20-31:12; 75:4-25; Exhibit 104, Hull testimony, 4:14-5:23; filing 59, Exhibit BB, Perez stipulation.

Upon entering the Candyman E-group, Agent Binney initially encountered the welcome page which included only text and stated:

This group is for People who love kids. You can post any type of messages you like too or any type of pics and vids you like too.

Exhibit 103, Perez transcript, 14:4-15:7 & Exhibit 1. Based on this language, and the fact that no restrictions were placed on the type of photographs posted to the site, Agent Binney suspected the E-group contained pornographic images of children.

In previous testimony in other case, Agent Binney described how he believed he joined the group. Agent Binney recalls copying the e-mail subscription address; pasting it in an e-mail address line; and sending the e-mail through his web-based e-mail provider. He recalls using his e-mail address to subscribe because he was working at someone else's computer when he joined, and since he was the only person investigating the Candyman E-group at the time, he wanted to assure that he, and not another agent, received all information supplied by that E-group. He testified he did not recall a button on the sign up screen to "join this group" through the web. Whether such a button existed is in conflict, even among those testifying on behalf of Yahoo!. According to Yahoo!'s technical representative, Mark Hull, a member joining by e-mail was not presented with e-mail delivery options and would automatically receive e-mails of all E-group postings. Agent Binney testified he was not provided any options other than automatically receiving all e-mails posted within the group; and when, after joining, he attempting to hit the "Modify" button, it did not provide him with an option to modify delivery of e-mails but acted as a *828 non-functioning hyperlink. During his investigation of the Candyman E-group, Agent Binney received all e-mail postings automatically.[3] Exhibit 102, Strauser transcript, 2-11, 2-23, 2-83, 2-87 through 90, 2-157 through 161, 2-220, 2-228, Exhibit 7; Exhibit 103, Perez transcript, 17:7-19:1.

Agent Binney's undercover investigation of the Candyman E-group revealed that one of the group's main purposes was to trade child pornography. The Candyman E-group included a place where child pornography pictures and videotapes could be stored for user download; polls to respond to the views and images shared in the E-group; and links to other child pornography web sites. The images filed with the Candyman E-group included what Agent Binney described as "egregious, hard-core pornography depicting young kids engaged in sexual acts with other young kids or with adults." Exhibit 103, Perez transcript, 21:21-25:9; Exhibits 4-8. While an undercover member of the group from January 2, 2001 through February 6, 2001, Agent Binney received 498 e-mails from the Candyman E-group. A little over one hundred of these e-mails contained files depicting child pornography. Exhibit 103, Perez transcript, 26:11-21.

Upon joining the Candyman E-group, Agent Binney promptly attempted to obtain technical information regarding how the E-group operated. In January 2001 he informally asked Yahoo! for information, but encountered significant resistance. When he asked to speak with a technical representative, its "compliance paralegal" told him he would "never speak to a technical representative" of Yahoo! Exhibit 102, Strauser transcript, 2-163; Exhibit 103, Perez transcript, 32:1-12. Therefore, on January 19, 2001, and while his undercover investigation was still ongoing, Agent Binney served a grand jury subpoena on Yahoo! for testimony and the production of documents related to the identity of Candyman E-group subscribers. Exhibit 103, Perez transcript, Exhibit 10. The subpoena also specifically stated in bold print:

PLEASE DO NOT SHUT DOWN THE SITE/ADDRESS OR DENY ACCESS UNTIL REQUESTED TO DO SO BY THE INVESTIGATING AGENT.

Exhibit 103, Perez transcript, Exhibit 10. Yahoo! did not honor this request and shut down the site on February 6, 2001. Exhibit 103, Perez transcript, 33:16-22.

Yahoo!'s response to the January 19, 2001 grand jury subpoena revealed the Candyman E-group was created on December 7, 2000 and had some 3400 members when Yahoo! shut it down. The response provided e-mail addresses for the Candyman group members as of that date, but contrary to the clear directive of the subpoena, did not provide identifying information to locate those members. Exhibit 103, Perez transcript, 34:1-37:20, Exhibit 11. Agent Binney again spoke with Yahoo!'s compliance paralegal and asked for some explanation of how the E-group operated. He inferred from her resonse that, he could "assume" that all members of the group had received all the e-mail postings he had received.[4] Exhibit 102, Strauser transcript, 2-176.

*829 According to Yahoo!, it believed full compliance with the January 19, 2001 subpoena was illegal absent a court order signed by a judge. Yahoo! did not, however, challenge the breadth or legality of the subpoena by presenting the matter to a court. It instead unilaterally determined the level of compliance it would provide based solely on its interpretation of the law. In Yahoo!'s opinion, it was justified in refusing to disclose certain documents responsive to the grand jury subpoena it received in January 2001. Exhibit 102, Strauser transcript, 2-287.

A second grand jury subpoena was served on Yahoo! on March 1, 2001 requesting testimony and documentary information on the identity of the group members listed by e-mail address in its response to the first subpoena, and for information on two other child pornography groups. Exhibit 103, Perez transcript, 38:24-39:25. No one appeared to testify before the grand jury and Yahoo! did not provide all the information requested by the second grand jury subpoena. Exhibit 103, Perez transcript, Exhibit 13.

Agent Binney became a supervisor in March 2001, and thereafter the case agent responsible for the Candyman investigation was Agent Kristen Sheldon. Exhibit 103, Perez transcript, 40:5-41:20; 100:13-19. To obtain additional and useful information from Yahoo!, Agent Sheldon crafted a grand jury subpoena using language directly from Yahoo!'s website. The website stated that Yahoo! maintained subscription logs, post logs, accept logs, moderated posts, and bounce posts. In addition to requesting the documents themselves, the subpoena ordered Yahoo! to produce corporate representatives or technicians who could provide testimony explaining these documents. This subpoena was issued on June 29, 2001 for an appearance before the grand jury on July 23, 2001. Yahoo! responded by delivering a box of documents to the Assistant United States Attorney. No one from Yahoo! appeared to testify. Exhibit 103, Perez transcript, 110:4-112:23; Exhibit 14.

Convinced that responsive documents existed but remained undisclosed, the government sought and obtained a court order, signed by a federal district judge in the Southern District of Texas to obtain from Yahoo! the documents and testimony previously sought by the June 29, 2001 grand jury subpoena. Exhibit 103, Perez transcript, Exhibit 16A. On August 30, 2001, Yahoo! responded by providing a zip disk that contained substantial information not previously provided to the FBI. Exhibit 103, Perez transcript, 110:4-112:23; 114:15-118:20, Exhibits 16A & 17. None of the information provided by Yahoo! to the FBI explained that Candyman subscribers to eGroups were provided e-mail delivery options other than automatic receipt of all posted e-mail. Yahoo! was not aware until May 2002 that it could retrieve documents indicating whether an E-group member was receiving automatic e-mails of postings. Yahoo! did not provide this additional information to the government until July 2002. Exhibit 102, Strauser transcript, 1-245 through 247, 2-170, 2-238.

During his undercover investigation Agent Binney received all e-mail posted with the Candyman E-group. Based on his personal experience, along with his inference of the representation of Yahoo!'s compliance paralegal, Agent Binney assumed that all members automatically received all posted e-mails, including any files depicting pornographic images of children. Exhibit 102, Stauser transcript, 2-160, 2-221; Exhibit 103, Perez transcript, 17:7-19:1; 60:14-64:11. In December 2001 he drafted an affidavit which stated he had joined the Candyman E-group by e-mail; child pornography was disseminated by this E-group; and all E-group members *830 received all postings within the group by e-mail.

Yahoo!'s record revealed that "tbaile2@amfam.com" became a subscriber to the Candyman website on January 16, 2001 at 11:44 a.m. This e-mail address was defendant's address at his place of employment. The defendant has, since August 2000, been employed by Bruce Southwell at an American Family Insurance office located at 716 North 108th Avenue in Omaha, Nebraska. T, 14:24-15:22, 17:7-22; Exhibit 105 ¶¶ 1-2.

Based in part on information provided in Agent Binney's affidavit, and having identified "tbaile2@amfam.com" as assigned to defendant Bailey,[5] on December 21, 2001 Agent McMillion prepared an application for a warrant to search defendant's work computer at the American Family Insurance office. Before preparing his application to obtain a search warrant, Agent McMillion spoke with Agent Sheldon but did not speak directly with Agent Binney or contact Yahoo!. Agent McMillion relied on Agent Binney's prior affidavit statement that all e-mails posted to the Candyman E-Group were "automatically" received by all E-group members, including the defendant. T, 57:5-58:5; 73:1-76:15; 78:15-80:17.

The warrant application, as more specifically set forth above, stated that defendant Bailey's e-mail address within the American Family network was included in the listing of Candyman E-group members; this E-group distributed child pornography; all members received e-mails of all postings in the E-group; people interested in child pornography save the images they have collected; and American Family had found pornographic images on Bailey's work computer. Based on these representations, Magistrate Judge Thalken issued a warrant to search Bailey's work computer and work space was issued.

The American Family office where defendant worked contained three desks and three computers, one of which was used by the defendant. The computers were owned by American Family and available for use in Mr. Southwell's office through Southwell's payment of a monthly fee. Defendant did not own his work computer and paid no fee to use it. T, 19:14-20; 22:15-24; 23:16-24:13; 32:18-33:25; Exhibit 106, Southwell statement at p. 1; Exhibit 109.

Defendant needed a password to access American Family's computer network, which provided defendant with internet access and the web base for his E-mail account. Mr. Southwell did not know Bailey's password, and Bailey's password was changed every thirty days. The defendant used his work e-mail account to contact American family personnel at its home office, but also frequently used this e-mail address to send and receive personal messages. T, 26:23-29:6; 38:8-39:23; 40:2-41:13; 44:13-17; 45:23-47:9; 48:14-17; Exhibit 105 ¶ 1. In addition to his login password, Defendant needed an additional password to access American Family information for Bruce Southwell's clients, (T, *831 29:7-30:25), and a third password was required to enter American Family's mainframe and access client billing and policy information. T, 93:24-94:18.

Every morning when defendant arrived at work he began by turning on his computer. Before any password login screen appeared, the computer screen displayed the following notice:

These computer resources are solely owned by the Company. Unauthorized access or use is a violation of federal law and could result in criminal prosecution. Users agree not to disclose any company information except as authorized by the company. Your use of this computer system is consent to be monitored and authorization to search your personal computer to assure compliance with company policies.

T, 25:17-26:22; 34:16-25; 42:4-43:5; Exhibits 107, Schumann affidavit, attachment D, and 108. This notice began appearing on American Family network computers on June 1, 2000. Exhibit 107, Schumann affidavit, Exhibit C. The defendant was required to click an "OK" button to proceed past the notice and log on to his work computer. Exhibit 107, Schumann affidavit ¶ 7.

The defendant acknowledged seeing the notice on his computer screen during his daily routine of logging into the computer system, but testified he believed it meant he could not share or disclose private information concerning clients. He had never considered whether American Family had access to his work computer and believed the personal information he stored or exchanged on it was private. To his knowledge, neither American family nor Bruce Southwell had ever previously looked at any of his computer e-mails or personal files. T, 26:23-27:6; 35:1-14; 88:12-90:6.

American Family's formal policy, and additional information concerning the purpose and meaning of the log-in notice which appeared daily on defendant's computer, were posted on the American Family intranet site. Exhibit 107, Schumann affidavit Attachments A and B. The posted information explained that by accessing the American Family computer system, "the user implicitly agrees to be monitored for appropriate use." Exhibit 107, Schumann affidavit Attachment B.

While American Family has no desire to act as a "Big Brother," the company does reserve the right to examine information systems use records when necessary in order to make sure these resources are being used appropriately by its workers.

Exhibit 107, Schumann affidavit attachment B.

The company's Electronic Resources Policy was posted on American Family's intranet beginning on May 31, 2000 and explained that while personal use of computer resources was not prohibited, American Family's computer could not be used "for unlawful purposes or in violation of Company policies," to "access or distribute inappropriate information (i.e., pornography ...", or to post messages to public news groups or internet chat rooms. The policy further stated that workers had "no expectation of privacy associated with the information they store in or send through these systems...,") and the Company reserved the right to examine the worker's use of the resources including any e-mail and internet use. The policy explained that a worker who discovered he or she had connected to an internet site containing sexually explicit or potentially offensive material was required to immediately disconnect from the site and contact the company's computer support staff. Exhibit 107, Schumann affidavit ¶ 4 and attachment A. The defendant testified he did not *832 read these postings on American Family's internal website. T, 31:1-23.

A letter was e-mailed to all American Family workers, which included its agent contractors and their employees, on August 30, 2000. Exhibit 107, Schumann affidavit ¶ 5. This e-mail letter advised that American Family's computer use policies were posted on the company's intranet site. The letter explained that American Family had recently established an Information Security Board to update policies related to the access, use and privacy of American Family's information systems, including its e-mail systems. The letter informed American Family workers to review the policies on the company's intranet site. The letter warned:

It is critical that all agents, employees, suppliers and vendors understand these information security policies and comply with them when accessing and using American Family's electronic resources. All of us — as individuals and as a Company — will be held accountable for knowing and adhering to these policies. Each of us as individuals and as a Company can be held liable for failing to comply with these policies.

Exhibit 107, Schumann affidavit Exhibit C. At the time this e-mail letter was sent, defendant was employed by Bruce Southwell, was an American Family "worker," and had an American Family password. The August 30, 2000 letter, which was e-mailed to all American Family workers, was therefore also sent to the defendant. Exhibit 107, Schumann affidavit ¶ 5. The defendant testified he did not receive or read the August 30, 2000 letter. T, 32:3-17; Exhibit 106, Southwell statement at p. 1.

The warrant to search defendant's work computer and work space was executed at approximately 10:00 a.m. on December 21, 2001. When Agent McMillion, FBI Special Agents Barbara Kelleher and Kevin Hudson, FBI CART[6] Examiner Deb Fenton, and FBI photographer Labone Tieken arrived at the American family office to execute the warrant, the defendant was present at the office. Mr. Southwell was not present T, 19:21-25; 56:19-23; 58:6-11; 69:8-15.

The defendant spoke with Agent McMillion while the remaining FBI personnel searched defendant's computer. Agent McMillion told the defendant the FBI was present to execute a search warrant, defendant was not under arrest, and he was free to leave. Bailey stated he did not want to leave because clients may come to the location for business and he needed to be present. He stated his work computer must be returned by the FBI because it was part of the American Family network system and was used by Mr. Southwell to access account and claim information for his American Family clients. T, 59:1-60:8; 70:1-71:17.

Agent McMillion asked Bailey if he had access to other computers. Bailey explained he and his girlfriend had a home computer and a home e-mail account through Yahoo!. Agent McMillion asked Bailey if the FBI could search the home computer to look for any child pornography. The defendant did not object to any search of his home computer. He responded by contacting his girlfriend, Julie McEwen, at their home. Bailey told McEwen the FBI was searching his work computer, FBI agents would be arriving at the house to look at the home computer, and she should cooperate with them. T, 60:15-62:17.

Having completed a search of the defendant's work place and work computer pursuant *833 to the warrant, Agents McMillion and Kelleher, FBI technician Fenton, and FBI photographer Tieken proceeded to defendant's home. The FBI personnel were not in uniform and no weapons were drawn. Julie McEwen, who lived with the defendant, greeted them at the back door of the home and fully cooperated with the agents' search of the home computer. She told the agents that defendant had already arrived at the home and left. She stated the agents "were more than welcome" to come into the home; directed them to the location of the computer; and stated that while the computer was primarily used by the kids, she and the defendant accessed several sexual sites on the computer as well. The computer was removed from the home. Ms. McEwen never objected to any analysis of the computer in the home, nor to its later removal from the home. T, 63:1-13; 66:15-69:7; 85:11-17.

In January 2002 another grand jury subpoena was served on Yahoo! to obtain technical testimony from a Yahoo! representative. A technical representative did not appear to testify. Instead, on January 24, 2002, Yahoo! sent an attorney and a compliance paralegal to explain the documents previously provided to the government's attorney. While they could answer questions about the Candyman E-group when Yahoo! was the provider, neither the attorney nor the paralegal could answer the government's questions concerning the operation of the Candyman E-group when its internet provider was eGroups, the provider when Agent Binney joined. They stated that E-mail delivery options, including the option of receiving "no mail," existed for all Yahoo! groups, but they did not know if such delivery options existed when the Candyman provider was eGroups. They deferred answering the government's questions and stated they would investigate those answers through Yahoo!'s technical staff. Exhibit 102, Strauser transcript, 2-76. Exhibit 103, Perez transcript, 119:4-127:1; 149:1-151:24; Exhibits 18 and 19.

In mid-March 2002 FBI Agent Sheldon interviewed Mark Bates, the moderator of the Candyman group. Bates stated that for those joining the Candyman E-group via the web, three e-mail options were available to receive E-mail from the E-group. Those options included automatic receipt of all posted e-mails; receipt of a digest of posted e-mails; or accessing the web to obtain any e-mails. However, Mr. Bates was the subject of a significant criminal investigation; the moderator of not only the Candyman E-group, but also the Candyman2, Candyman3, and Candyman4 E-groups; and was a member of 170 other E-groups. According to the FBI, Mr. Bates' credibility and memory concerning the delivery options associated specifically with the Candyman E-group was suspect. Exhibit 102, Strauser transcript, 2-243; 2-327 through 329; filing 59, Exhibit AA, Bates interview.

In May 2002 Yahoo! provided an affidavit to defense counsel which stated that its logs reflected the following regarding for Agent Binney's subscription to the Candyman E-group:

gobannon@usa.net, Jan 02 2001 12:53 p.m., Subscribed, gobannon@usa.net,via web from 24.162.50.185

This log entry meant that contrary to Agent Binney's recollection and prior statement, Yahoo!'s records indicated he joined the Candyman E-group through the web and therefore was presented with the three e-mail delivery options, including an option to receive no e-mail. Exhibit 104, Hull testimony, 30:13-21.

Even after receiving information from Yahoo! indicating he had signed onto Candyman via the web, Agent Binney was not convinced that Yahoo! was correct. Yahoo! had not been forthcoming with information, and had previously provided inconsistent *834 information on the date the Candyman E-group was created; the total number of members; the number of pending and unconfirmed members; the originating service provider; and the identity of members. Yahoo! offered no explanation for these discrepancies. Given this history, Agent Binney was not convinced Yahoo!'s information was reliable, and therefore his memory incorrect, until he saw Yahoo!'s logs in July 2002. Exhibit 102, Strauser transcript, 1-246 through 1-248, 2-53 through 2-58; Exhibit 103, Perez transcript, 17:7-19:1; 43:1-45:2; 48:10-50:10; 68:25-69:17; 87:14-89:4. As late as July 1, 2002, Agent Binney signed an affidavit which stated he was given no e-mail delivery options when he joined the Candyman E-group. Exhibit 103, Perez transcript, 53:21-55:18, Exhibit C.

In June 2002 Yahoo! discovered it possessed but had not provided records to the government which identified the delivery options chosen by Candyman E-group members. Since that time, Yahoo!'s technical representative, Mark Hull, has provided testimony to explain the volumes of documents Yahoo! has now provided to the FBI. Mr. Hull never worked with or for eGroups. According to Mr. Hull's testimony, Yahoo! logs reflect that Agent Binney became a Candyman E-group member via the web. From this information, Mr. Hull concludes Agent Binney, when he signed up through eGroups, was presented with options other than automatic e-mail receipt of all E-group postings. Yahoo! has no capture screens depicting the sign-up page for the Candyman E-group as it appeared on an eGroups website. The moderator's page for eGroups reflected that a "no e-mail" delivery option was available, and Mr. Hull believed that option was presented on the screen for those choosing to subscribe to the Candyman E-group. Mr. Hull further believes the eGroups sign up screen included a "join this group" button and believes eGroups provided an option to edit the settings. Yahoo! states that under eGroups, absent choosing the "no e-mail" or "digest" options, the system defaulted to e-mail delivery of all E-group postings. This delivery could be changed by using a "modify" delivery button, which Yahoo! states was provided by eGroups. Yahoo!, however, has no definite information and cannot refute Agent Binney's statement that this button was not functioning on the Candyman E-group site when Agent Binney joined.[7] Exhibit 102, Strauser transcript, X-XXX-XXX, 2-49; 2-80 through 82; 2-94; 2-98 through 99; 2-125 through 126; 2-141; Exhibit F; Exhibit 104, Hull testimony, 30:13-21; Exhibit 103, Perez transcript, Hull stipulation ¶¶ 3 & 8.

III. Discussion

a. Legitimate Expectation of Privacy

Defendant asserts he had a legitimate expectation of privacy in the information stored on his work computer, and the search of that computer pursuant to a warrant issued on the basis of false statements violated his Fourth Amendment rights. He seeks suppression of all evidence found on that computer and all evidence obtained as fruit of that search.

The person challenging the constitutionality of a search "has the burden of showing both a subjective expectation of privacy and that the expectation is objectively reasonable; that is, one that society is willing to accept." United States v. Mendoza, 281 F.3d 712, 715 (8th Cir.2002)(quoting United States v. McCaster, 193 F.3d 930, 933 (8th Cir.1999)). Absent a legitimate and constitutionally protected *835 expectation of privacy in e-mail files, defendant cannot successfully assert a Fourth Amendment violation. United States v. Bach, 310 F.3d 1063, 1066 (8th Cir.2002). Factors relevant to determining if a legitimate expectation of privacy exists include ownership, possession and/or control of the area searched or item seized; the defendant's historical use of the property or item; whether the defendant can exclude others from that place; whether he took precautions to maintain the privacy; and whether the defendant had a key to the premises. Mendoza, 281 F.3d at 715; United States v. Gomez, 16 F.3d 254, 256 (8th Cir.1994).

Employees may have reasonable expectations of privacy within their workplaces which are constitutionally protected against intrusions by police. "As with the expectation of privacy in one's home, such an expectation in one's place of work is `based upon societal expectations that have deep roots in the history of the [Fourth] Amendment.'" O'Connor v. Ortega, 480 U.S. 709, 716, 107 S. Ct. 1492, 94 L. Ed. 2d 714 (1987) (quoting Oliver v. United States, 466 U.S. 170, 178 at n. 8, 104 S. Ct. 1735, 80 L. Ed. 2d 214 (1984)). However, an employee's expectation of privacy in the content of offices, desks, and files may be reduced by an employer's practices, procedures, and legitimate regulation over the use of the employer's property. O'Connor, 480 U.S. at 717, 107 S. Ct. 1492. The question of whether an employee has a reasonable expectation of privacy in his work area must be determined on a case-by-case basis. O'Connor, 480 U.S. at 718, 107 S. Ct. 1492.

Use of passwords and locking office doors to restrict an employer's access to computer files is evidence of the employee's subjective expectation of privacy in those files. United States v. Slanina, 283 F.3d 670, 676 (5th Cir.2002), remanded on other grounds, 537 U.S. 802, 123 S. Ct. 69, 154 L. Ed. 2d 3, vacating judgment and remanding, 313 F.3d 891 (5th Cir.2002). Further, where the employer has no policy notifying employees that their computer use could be monitored, and there is no indication that the employer directs others to routinely access the employees' computers, the employees' subjective beliefs that their computer files are private may be objectively reasonable. Slanina, 283 F.3d at 677.

However, an employer's notice to an employee that workplace files, internet use, and e-mail may be monitored undermines the reasonableness of an employee's claim that he or she believed such information was private and not subject to search. An employee cannot claim a justified expectation of privacy in computer files where the employer owns the computer; the employee uses that computer to obtain access to the internet and e-mail through the employer's network; the employee was explicitly cautioned that information flowing through or stored on computers within the network cannot be considered confidential, and where computer users were notified that network administrators and others were free to view data downloaded from the internet. United States v. Angevine, 281 F.3d 1130 (10th Cir.2002) (professor had no Fourth Amendment right to suppress evidence of child pornography located on the erased files on his office computer which was part of university network). See also, United States v. Simons, 206 F.3d 392 (4th Cir.2000) (CIA division's official Internet usage policy eliminated any reasonable expectation of privacy that employee might otherwise have in copied files); Muick v. Glenayre Electronics, 280 F.3d 741 (7th Cir.2002)(employee had no reasonable expectation of privacy in laptop files where employer announced it could inspect laptops it furnished to employees and employer owned laptops); Garrity v. John Hancock Mut. Life Ins. Co., 18 I.E.R. Cas. (BNA) 981, 2002 WL 974676 *836 (D.Mass.2002) (employees had no reasonable expectation of privacy where they admitted knowing employer had ability to look at e-mail on company's intranet system, and knew they had to be careful about sending e-mails); Wasson v. Sonoma County Junior Coll., 4 F. Supp. 2d 893, 905-06 (N.D.Cal.1997) (employer's computer policy giving it "the right to access all information stored on [the employer's] computers" defeats employee's reasonable expectation of privacy in files stored on employer's computers); United States v. Monroe, 52 M.J. 326 (C.A.A.F.2000) (sergeant had no reasonable expectation of privacy in his government e-mail account because e-mail use was reserved for official business and network banner informed each user upon logging on to the network that use was subject to monitoring).

Defendant Bailey could not access his e-mail account, or any other computer file or program, on the computer American Family provided to him for his work without first acknowledging that he understood the computer resources were solely owned by American Family, and his "use of this computer system [was] consent to be monitored and authorization to search" his computer. Exhibit 107, Schumann affidavit attachment D. Although claiming he did not routinely read this screen notification, Bailey knew what it said. He nonetheless claims he did not believe American Family would look at his personal e-mail files, knew of no prior instance where they had, and believed his e-mails and personal files on the computer were private. However, despite the fact that his computer was password-protected, I conclude defendant's claim of a subjective expectation of privacy is not credible.

Defendant is an intelligent adult who was fully capable of reading and understanding the screen banner notifying him that his computer use could be searched by American Family. Bailey is a high school graduate, has successfully completed post high school education to become an ASC certified automotive technician, and has passed the licensing requirements to sell insurance. T, 36:24-37:4; 53:11-54:17. He offered no credible testimony explaining his alleged belief that his computer use was private when, to access his computer, he was required to acknowledge daily that American Family could monitor and search computer activity.

Even assuming defendant believed his workplace e-mail and files were private, he has failed to prove this subjective expectation of privacy was objectively reasonable and protected by the Fourth Amendment. In addition to the notice on his computer startup screen, American Family advised its computer users, including defendant, by e-mail letter and through its policies posted on its intranet that a worker's computer could be searched to assure employees were not using American Family equipment to violate the law or company policies, or in a way which could reflect negatively on American Family. A company can legitimately regulate the use of its property and is entitled to adopt policies and practices which place restrictions and conditions on the personal use of computer equipment. Employees have no objectively reasonable basis to believe that their activities on a company computer are private when, through the company's screen notification, they have actual knowledge that the computer can be searched and, through posted company policies and e-mail notifications, either know or should know they possess "no expectation of privacy associated with the information they store in or send through these systems." Exhibit 107, Schumann affidavit ¶ 4 and attachment A.

Any expectation of privacy Bailey had in the contents of his American Family computer is not one that society is willing to accept and protect under the Fourth *837 Amendment. Bailey cannot assert any Fourth Amendment violation from the search of his work computer provided to him by American Family to conduct Mr. Southwell's business on behalf of American Family. Irrespective of whether the search warrant was invalid under Franks, Bailey cannot successfully pursue a motion to suppress evidence found on his work computer, or arising from execution of a warrant to search that computer.

b. Franks Challenge to the Warrant

Assuming, for the momentary sake of argument, that Bailey did possess a reasonable expectation of privacy in the contents of his American Family computer, I further conclude he has failed to show a basis for suppression under Franks. For the purposes of this motion only, and at the request of the government, I assume that Agent Binney and Agent McMillion intentionally, knowingly, or recklessly included false and incomplete information in the application for a warrant to search the defendant's work computer.[8] I find that even absent the warrant application statement that all Candyman E-group members received all E-group postings by e-mail, probable cause existed for a warrant to search the American Family computer Bailey used at Mr. Southwell's office.

*838 To prevail on a Franks challenge, the defendant has the burden of proving: (1) that a false statement knowingly and intentionally, or with reckless disregard for the truth, was included in the affidavit, and (2) that the affidavit's remaining content is insufficient to establish probable cause. United States v. Frazier, 280 F.3d 835, 845 (8th Cir.2002) (quoting United States v. Milton, 153 F.3d 891, 896 (8th Cir.1998)). A judicial officer presented with a warrant application must consider the "totality of the circumstances" to determine if probable cause exists to justify issuing a search warrant under the Fourth Amendment. Illinois v. Gates, 462 U.S. 213, 230, 103 S. Ct. 2317, 76 L. Ed. 2d 527 (1983). The court must "make a practical, common-sense decision" of whether, given all the circumstances set forth in the warrant application, there is a fair probability that evidence of a crime will be found in a particular place. Gates, 462 U.S. at 238, 103 S. Ct. 2317 (quoting Jones v. United States, 362 U.S. 257, 271, 80 S. Ct. 725, 4 L. Ed. 2d 697 (1960)).

Finely-tuned standards such as proof beyond a reasonable doubt or by a preponderance of the evidence, useful in formal trials, have no place in the magistrate's decision. While an effort to fix some general, numerically precise degree of certainty corresponding to "probable cause" may not be helpful, it is clear that "only the probability, and not a prima facie showing, of criminal activity is the standard of probable cause."

Gates, 462 U.S. at 235, 103 S. Ct. 2317 (quoting Spinelli v. United States, 393 U.S. 410, 419, 89 S. Ct. 584, 21 L. Ed. 2d 637 (1969)).

A warrant is proper so long as the evidence as a whole creates a "fair probability" that the search will lead to the discovery of evidence of a crime. United States v. Horn, 187 F.3d 781, 786 (8th Cir.1999) (quoting Illinois v. Gates, 462 U.S. 213, 238, 103 S. Ct. 2317, 76 L. Ed. 2d 527 (1983)). In the context of warrants to search for evidence of internet distribution of child pornography, a warrant to search a computer is justified where the officers have established the nexus between an e-mail address and an internet site containing images which graphically depict children engaging in sexually explicit conduct; there is evidence — even, as in this case, inferential evidence — that image transmission was requested or images were actually transmitted to or from that e-mail address; and the warrant application avers the fact that those interested in child pornography generally save the images they have found. United States v. Chrobak, 289 F.3d 1043, 1046 (8th Cir.2002).

Even absent the allegedly false statement that all Candyman E-group members received all postings by e-mail, Agent McMillion's warrant application represented that the Candyman E-group site contained graphic images of child pornography; the defendant, as identified by his American Family e-mail address, had been a subscriber of this E-group; defendant's work computer contained what American Family described as pornographic images; and those interested in child pornography tend to retain the pornographic images they collect. Although American Family did not state that the images located on defendant's work computer were of child pornography,[9] the totality of the facts remaining in the excised warrant application support issuing the warrant to search that computer. After removing the questioned passages of the warrant application, the remaining facts demonstrated a fair probability that pornographic images of children would be found on defendant's work computer. Even assuming that "a warrant to *839 search for child pornography needs some evidence that there has been a delivery of child pornography," United States v. Strauser, 247 F. Supp. 2d 1135, 1144 (E.D.Mo.2003),[10] American Family's discovery and report of "pornography" located on defendant's work computer provided evidence of a nexus between Bailey's membership in a child pornography E-group and his receipt and downloading of pornography from that site. I conclude that even assuming the warrant application contained false or incomplete information, after excluding the information challenged and including information of defendant's ability to choose to receive no e-mail from the Candyman E-group, the warrant application supported a finding of probable cause.

I therefore conclude the execution of the warrant to seize and search defendant's workplace computer did not violate defendant's Fourth Amendment rights. Therefore, I further conclude that Bailey's statements to the FBI agents performing the search and the evidence obtained from seizing and searching Bailey's home computer are not subject to suppression as fruit of an unconstitutional search of defendant's workplace.

IT THEREFORE HEREBY IS RECOMMENDED to the Honorable Richard G. Kopf, Chief United States District Judge, pursuant to 28 U.S.C. § 636(b)(1)(B), that the defendant's motion to suppress, filing 26, be denied in all respects.

The parties are notified that a failure to object to this recommendation in accordance with the local rules of practice may be held to be a waiver of any right to appeal the district judge's adoption of this recommendation.

IT IS FURTHER HEREBY ORDERED: Trial is set for 9:00 a.m. on September 8, 2003, for a duration of five trial days before the Honorable Richard G. Kopf. Jury selection will be at the commencement of trial.

June 13, 2003.

NOTES

[1] The government submitted a slip opinion of Judge Leonard D. Wexler's April 28, 2003 Memorandum and Order which denied a Franks challenge to a search warrant issued on substantially the same "Candyman" affidavit at issue in this case. United States v. Coreas, CR 02-320 (E.D.N.Y 2003) (J. Wexler, presiding). That ruling is available on West-law at United States v. Coreas, 2003 WL 2012409 (E.D.N.Y.2003).

[2] The parties submitted the Strauser transcript as evidence. The government does not cite to this evidence. The defendant does not cite to specific references or exhibits in that extensive transcript as supportive of his motion. The Strauser transcript has, nonetheless, been reviewed by the court.

[3] Agent Binney recalls that his attempt to register with the Candyman E-group was not completed until he responded to the e-mail sent by eGroups which required him to access the web and register his e-mail address with "egroups.com." Exhibit 103, Perez transcript, 18:14-20:6, and Exhibits 2 & 3.

[4] Agent Binney has been harshly criticized for failing to verify his assumption. United States v. Strauser, 247 F. Supp. 2d 1135, 1141-43 (E.D.Mo.2003) (finding Agent Binney "reckless" for this failure when he had "obvious reasons to doubt the accuracy of the information he provided.")

[5] The application to search defendant's employment computer includes information concerning identifying the e-mail address, "tbaile2@amfam.com" as an American Family network e-mail address assigned to the defendant. The application further states that a subpoena was served on American Family to obtain information concerning the contents of defendant's work computer. According to the warrant application, American Family responded to the subpoena by reporting that pornographic images were found on defendant's work computer, but American Family did not state whether those images were of adults or children. The veracity of these application statements has not been challenged, and no evidence was offered at the hearing on this issue beyond what is reflected in Exhibit 101, the warrant application itself.

[6] CART is an acronym for "computer analyst response team." Members of this team are field technicians that perform computer examinations for the FBI. T, 69:16-19

[7] Curiously, the record does not disclose any effort by FBI investigators to contact personnel from eGroups to obtain clarity on the issue of sign-up choices available on January 2, 2001 for receipt of Candyman E-group postings by e-mail.

[8] This is more of an issue than the assumption concedes. I have analyzed the complete record before me for the purpose of fully understanding the issues presented. I note that as of December 21, 2001, the date when the warrant application was made, Yahoo! had not explained or raised an issue concerning the "no e-mail" delivery option for the Candyman E-group. Assuming Yahoo!'s testimony is credited, the earliest date when it brought this matter to the attention of the government's counsel was on January 24, 2002, at which time Yahoo! representatives could not answer the government's questions concerning whether a "no e-mail" delivery option was available to the Candyman E-group members when the web provider was eGroups. This question was not answered by Yahoo! until it provided information to defense counsel in May 2002, and documents specifically evidencing individual member's delivery choices were not provided to the government until July 2002. While Agent Binney's recollection that he joined the Candyman E-group by e-mail (and therefore should have known of the "no e-mail" delivery option) may have been incorrect, his ability to research and fully investigate the Candyman E-group website to assure a thorough knowledge of its contents and options was eliminated by Yahoo! without notice on February 6, 2001. Thereafter Yahoo! was not forthcoming with information on how the website operated, how to read its logs, and who the members were, and some of the information it did provide was inconsistent with its previous disclosures. Agent Binney's investigation of the Candyman E-group occurred while he was also investigating several other E-groups and internet sites for child pornography.

The test for determining whether Agent Binney's statements were made with reckless disregard for the truth is not whether the statements were actually true, but whether, viewing all the evidence, Agent Binney "must have entertained serious doubts as to the truth of his statements or had obvious reasons to doubt the accuracy of the information he reported." United States v. Clapp, 46 F.3d 795, 801 n. 6 (1995). Under the facts presented in the record before me, Agent Binney failed to pay attention to the mechanical details of how he joined the Candyman E-group and the e-mail delivery options available, and he also negligently drafted an affidavit based on his mistaken recollection of how he joined the Candyman E-group; his own experience with the E-group; and the representations of a Yahoo! compliance representative in January 2001. However, I cannot conclude that as of December 21, 2001, Agent Binney knew a "no e-mail" delivery option existed for the eGroups version of the Candyman E-group. Mere negligence or an innocent mistake in an officer's warrant application is insufficient to void a warrant. Clapp, 46 F.3d at 799. Whether he was reckless because he had "obvious reasons to doubt" his statement, as found in Strauser, or in failing to make reasonable efforts to ensure the accuracy of his statement that all Candyman E-group members received all postings by e-mail, is a closer call.

[9] There has been no explanation offered as to any reasons for this omission.

[10] See contra, United States v. Coreas, 259 F. Supp. 2d 218 (E.D.N.Y. 2003) wherein the New York District Court held that even absent Binney's statement that all Candyman E-group members received all group postings by e-mail, and with no third party information stating pornography could be found on defendant's computer, the corrected affidavit still supported probable cause to issue a warrant.

midpage