OPINION AND ORDER
This matter is before the Court on Defendant Edward Matish, Ill’s (“Defendant” or “Matish”) First Motion to Suppress (“First Motion”), Doc. 18, Third Motion to Suppress (“Third Motion”), Doc. 34, and Motion to Compel Discovery, Doc. 37. The Court recently rescheduled the trial in this case from June 14, 2016 to October 25, 2016.
The Court issued an Opinion and Order denying Defendant’s First and Third Motions to Suppress on June 1, 2016, and the Court sua sponte filed this Opinion and Order under seal. Doc. 75. Subsequent to an inquiry by the Court on June 14, 2016, defense counsel asked the Court to continue to keep the Opinion and Order, Doc. 75, under seal. However, the Government now has filed a Motion to Unseal the original Opinion and Order. Doc. 89. The Government notes that the trial date has been rescheduled and that Defendant’s declar-ant, Dr. Soghoian, has published information regarding this case and named Defendant on the Internet. See id. Defendant does not oppose the Government’s Motion. Doc. 87. Accordingly, the Court will make public its June 1, 2016 Opinion and Order, which it hereby modifies and restates.
On February 8, 2016, Defendant was named in a four (4) count criminal indictment charging him with access with intent to view child pornography, in violation of 18 U.S.C. §§ 2252A(a)(5) and (b)(2). Doc. 1. The Government filed an eight (8) count superseding indictment on April 6, 2016, charging Defendant with access with intent to view child pornography, in violation of 18 U.S.C. §§ 2252A(a)(5) and (b)(2) (Counts One through Four), and receipt of child pornography, in violation of 18 U.S.C. §§ 2252A(a)(2) and (b)(1) (Counts Five through Eight). Doc.'26. Defendant filed his First Motion on March 17, 2016, Doc. 18, and he adopted it after the Government filed the superseding indictment on April 8, 2016, Doc. 30. Defendant filed his Third Motion oii May 2, 2016. Doc. 34. Defendant filed the Motion to Compel Discovery on May 6, 2016. Doc. 37.
In the Motions to Suppress, Defendant seeks to suppress “all evidence seized from Mr. Matish’s home computer by the FBI on or about February 27, 2015 through the use of a network investigative technique, as well as all fruits of that search.” Doc. 18 at 1; Doc. 34 at 1. Defendant challenges the warrant authorizing the search on the grounds that it lacked probable cause, that the FBI included false information and omitted material information in the supporting affidavit intentionally or recklessly, that the warrant lacked specificity, and that the warrant’s triggering event never occurred. See Doc. 18; Doc. 33. Defendant also argues that the warrant was void ab initio, making the warrantless search unconstitutional. Doc. 34 at 1. Finally, Defendant “alleges a prejudicial and deliberate violation of Rule 41.” Id.
In the Motion to Compel Discovery, Defendant asks the Court to compel the Government to provide him with the network investigative technique’s full source or programming code. Doc. 37 at 1. The defense argues that the full code is relevant not only to Defendant’s' defense at trial but also to his First and Third Motions' to Suppress. Id. at 1-2.
Other courts across the country have considered various challenges to the particular warrant used in this case. See United States v. Werdene, No. 2:15-cr-00434, ECF No. 33 (E.D. Pa. May 18, 2016); United States v. Levin, No. 15-10271,
The Court held hearings to address these Motions on May 19, 2016, May 26, 2016, and June 14, 2016. The Court FINDS, for the reasons stated herein, that probable cause supported the warrant’s issuance, that the warrant was sufficiently specific, that the triggering event occurred, that Defendant is not entitled to a Franks hearing, and that the magistrate judge did not exceed her jurisdiction or authority in issuing the warrant. Furthermore, the Court FINDS suppression unwarranted because the Government did not need a warrant in this case. Thus, any potential defects in the issuance of the warrant or in the warrant itself could not result in constitutional violations, and even if there were a defect in the warrant or in its issuance, the good faith exception to suppression would apply. Therefore, the Court ' DENIES Defendant’s . First and Third Motions to Suppress.
The Court additionally FINDS that Defendant is not entitled to the full source code at this stage of the proceeding. Thus, the Court DENIES Defendant’s Motion to Compel Discovery, Doc. 37. The Government raised a timeliness issue concerning this Motion in its response; however, the Court GRANTED Defendant’s request to file the Motion late at the hearing on May 26, 2016. Additionally, Defendant submitted a Consent Motion for Leave to File an Expert Declaration Relevant to the Motion to Compel Discovery, Doc. 83, which the Court GRANTS.
I. FACTUAL BACKGROUND
The prosecution of Mr. Matish stems from the Government’s investigation of Playpen, a website that contained child pornography. At the hearing on May 19, 2016, the Court heard testimony from FBI Special Agent (“SA”) Daniel Alfin and SA Douglas Macfarlane. The Court also admitted several Defense Exhibits. See Def. Exs. 1A, IB, 2, 3, 4, 5, 6. Doc. 58. The Court admitted Ex. 5 under seal. Id. Additionally, the Court received a brief of ami-cus curiae from the Electronic Frontier Foundation. See Doc. 42. These sources, in addition to the parties’ briefs, informed the Court’s understanding of the relevant facts, which are recounted below.
i. The Tor Network
Playpen operated on “the onion router” or “Tor” network. The U.S. Naval Research Laboratory created the Tor network in an attempt to protect government communications. The public now can access the Tor network. Many people and organizations use the Tor network for legal and legitimate purposes; however, the Tor network also is replete with illegal activities, particularly the online sexual exploitation of children.
A person can download the Tor browser from the Tor website. See Tor Project: Anonymity Online, https://www.torproject. drg (last visited May 23, 2016). SA Alfin testified that the Tor network possesses two primary purposes: (1) it allows users to access the Internet in an anonymous fashion and (2) it allows some websites— hidden services—to operate "only within the Tor network. Although a website’s operator usually can identify visitors to his or
ii Playpen
Both parties agree that Playpen contained child pornography. While SA Alfin described Playpen as being entirely dedicated to child pornography, Doc. 59 at 51-52, the Government conceded in its briefs that some of Playpen’s sections and forums did not consist entirely of child pornography. See Doc. 24 at 11 (noting that the “vast majority” of Playpen’s sections, forums, and sub-forums' were “categorized repositories for sexually explicit images of children; subdivided by gender and the age of the victims”). The Government characterizes Playpen as a hidden service, but Defendant disputes that Playpen always resembled a hidden service, claiming that “due to .an error in Playpen’s connections with the Tor network, it could be found and viewed on both the Tor network and the regular Internet for at least part of the time that it was operating.” Doc. 18 at 5.
The Government notes that the “scale of child sexual exploitation on the site was massive: more than 150,000 total members created and viewed tens of thousands of postings related to child pornography.” Doc.,24 at 4. Additionally, “[ijmages and videos shared through the site were highly categorized according to victim age and gender, as well as the type of sexual activity. The site included forums for discussion of all things related to child sexual exploitation, including tips for grooming victims and avoiding detection.” Id. at 4. The victims displayed on Playpen were, both foreign and domestic, and some represent children known to the Government.. Upon registering for an account with Playpen, potential users were warned not to enter a real email address or post identifying information in their profiles.
In December 2014, a foreign law enforcement agency discovered Playpen and alerted the FBI. After locating Playpen’s operator; the FBI executed a search of his home in Florida on February 19, 2015, seizing control of Playpen. The' FBI did not immediately shut Playpen down; instead, it assumed control of Playpen, continuing to operate it from a government facility in the Eastern District of Virginia from February 20, 2015 through March 4, 2015. As of February 20, 2015, Playpen had 158,094 members from all over the world, 9,333 message threads, and 95,148 posted messages. Doc. 18 at 6; Doc. 24' at 9. Defendant argues a substantial increase in the usage of Playpen occurred after the Government took it over. While the Government concedes that there was some increase, it disputes the unsupported figures in Defendant’s briefs.
iii. The NIT Warrant and the Supporting Affidavit
On February 20, 2015, an experienced and neutral federal magistrate judge authorized the FBI to deploy a network investigative technique (“NIT”) on Playpen’s server to obtain identifying information from activating computers, which the warrant defines as computers “of any user or
1. the activating computer’s IP address, and the date and time that the NIT determines what that IP address is;
2. a unique identifier generated by the NIT (e.g., a series of numbers, letters, and/or special characters) to distinguish data from that of other activating computers, that will be sent with and collected by the NIT;
3. the type of operating system running on the computer, including type (e.g., Windows), version (e.g., Windows 7), and architecture (e.g., x 86);
4. information about whether the NIT has already been delivered to the activating computer;
5. the activating computer’s Host Name;
6. the activating computer’s active operating system username; and
7. the activating computer’s media access control (“MAC”-) address.
Def. Ex. 1A. In order to determine a target’s location, the FBI only needed to identify the first piece-of information described above. SA Macfarlane acted as the affiant, and he signed the warrant application. SA Macfarlane has nineteen (19) years of federal law enforcement experience.
The NIT Warrant application' described Playpen’s home page logo as depicting “two images [of] partially clothed prepubescent females with their legs spread apart, along with the text underneath stating, ‘No cross-board reposts, .7z preferred, encrypt filenames, include preview, Peace out.’ ” Def. Ex. IB ¶ 12. This description was inaccurate at the time the magistrate judge signed the warrant, although SA Macfarlane did not know of the inaccuracies at the time he sought the magistrate’s authorization. A very short time before the FBI assumed control of Playpen, the logo changed from depicting two partially clothed prepubescent females' with their legs spread apart to displaying a single image of a female. SA Alfin described this image as “a single prepubescent female wearing fishnet stockings and posed in a sexually suggestive manner.” Doc. 59 at 33. The text underneath the logo remained unchanged. SA Alfin participated in the search of Playpen’s operator’s home in Florida, and he testified that during the search he saw the website displayed on the operator’s computer. However, though SA Alfin admits to viewing the new logo, he testified that “it went unobserved by me because it was an insignificant change to the Web site.” Doc.- 59 at 10.-
Even though the warrant authorized the FBI to deploy the NIT as soon as a user logged into Playpen, SA Alfin testified that the Government did not deploy the NIT against Mr. Matish in this particular case until after someone with the username of “Broden” logged into Playpen, arrived at the index site, went to the' bestiality section—-which advertised prepubescent children engaged in sexual activities with animals—and clicked on the post titled “Girl 11YO, with dog.” In other words, the agents took the extra precaution of not deploying the NIT until the user first logged into Playpen and second entered into a section of Playpen which actually displayed child pornography. At this point, testified SA Alfin, the user apparently downloaded child pornography as well as the NIT to his computer. Thus, the FBI deployed the NIT in a much narrower fashion than what the warrant authorized.
After determining a user’s IP address via the NIT, the FBI can send a subpoena
iv. Discovery Disputes
Defendant first requested discovery pertaining to the NIT code in March 2016. Initially, the Government declined to disclose any part of the NIT code. Therefore, on May 6, 2016, Defendant submitted the Motion to Compel Discovery. Doc. 37. The Government responded in opposition on May 17, 2016. Doc. 56. Defendant replied on May 23, 2016. Doc. 60. On May 25, 2016, the Government requested permission to file a surreply, Doc. 62, which the Court orally granted at a hearing on May 26, 2016. The Government filed the surre-ply on June 1, 2016. Doc. 74. On June 10, 2016, Defendant submitted a Consent Motion for Leave to File an Expert Declaration Relevant to this Motion. Doc. 83. After Defendant submitted the Motion to Compel Discovery, Doc. 37, after the Government responded, Doc. 56, and after Defendant replied, Doc. 60, the Government made the NIT instructions, as well as the information obtained via the NIT’s execution, available for review. See Doc. 74 at 9. Additionally, on June 14, 2016, the Government made available to the defense the two-way network data stream, which details the information sent to and from Defendant’s computer and the FBI. Defendant asserted at a hearing on May 26, 2016 that the NIT instructions do not represent the entire NIT source code, and he now asks for the remaining pieces of the code.
The Court held a hearing to address this matter on June 14, 2016. At the hearing, the Court heard testimony from SA Alfin. The defense did not offer any additional testimony or evidence at the hearing, instead relying upon the declarations filed with its pleadings. With his briefing, Defendant submitted three declarations from Mr. Vlad Tsyrklevich, a computer security engineer, see Doc. 78, Dr. Matthew Miller, an Assistant Professor of Computer Science and Information Technology, see Doc. 60, Ex. C, and Dr. Christopher Soghoian, a “researcher focused on privacy, computer security and government surveillance,” Doc. 83.
II. Defendant Is Not Entitled to Discovery of the Full NIT Source Code
A. Legal Standards
i Disclosure
Under Federal Rule of Criminal Procedure 16(a)(1)(E), “[u]pon a defendant’s request, the government must permit the defendant to inspect and to copy or photograph books, papers, documents, data, photographs, tangible objects, buildings or places, or copies of portions of any of these items, if the item is within the government’s possession, custody, or control and: (i) the item is material to preparing the defense; (ii) the government intends to use the item in its casein-chief at trial; or (iii) the item was obtained from or belongs to the defendant.” Fed. R. Crim. P. 16(a)(1)(E). This rule differs from that announced in Brady v. Maryland,
In United States v. Armstrong, the Supreme Court of the United States clarified that, “in the context of Rule 16 ‘the defendant’s defense’ means the defendant’s response' to the Government’s case in chief.”
ii. Law Enforcement Privilege
The Fourth Circuit has not directly addressed the law enforcement privilege. However, other circuits have considered how district courts should evaluate a party’s assertion of the law enforcement privilege. Courts agree that the party asserting the law enforcement privilege bears the burden of showing that the privilege applies. See, e.g., In re The City of New York,
When evaluating claims of privilege in the criminal context, courts should remain cognizant of the fact that “[w]hile the public’s interest in effective law enforcement ... supports] the, creation of the privilege, [it does] not extinguish a criminal defendant’s strong interest in effective cross-examination of adverse witnesses.” United States v. Green,
Courts have noted that to “assess both the applicability of the privilege and the need for the documents, the district court must ordinarily review the documents in question.” In re The City of New York,
B. Analysis
i Disclosure
The parties agree that the information requested is within the Government’s control, that the Government does not plan to use the actual code during its case in chief, and that the code was not obtained from and does not belong to Defendant. The parties dispute, however, whether the defense has shown materiality under Fed. R. Grim. P. 16(a)(l)(E)(i).
Defendant asserts two main arguments to support his claim of materiality. First, Defendant éxplains that “Mr. Matish expects to challenge the government’s chain of custody regarding the supposed linkage between his computer and [Playpen].” Doe. 60 at 4. In order to do so, “the defense intends to challenge the accuracy of the identifying data that the government claims connects Mr. Matish to both ‘Bro-den’ and specific activity on the Website,” focusing on “the government’s recent assertion that some of the information that was used to link ‘Broden’ to Mr. Matish’s computer was not in fact gathered from Mr, Matish’s computer and securely transferred in encrypted form to the FBI, but rather was sent unencrypted over the traditional [I]nternet.” Id. at 4-5. The defense also expects to “challenge the government’s case by arguing to the jury that child pornography found in the unallocated space of Mr. Matish’s computer came from somewhere or someone else, or at least that the government cannot prove beyond a reasonable doubt that Mr. Matish intentionally downloaded illegal pictures.” Id at 5. To support this argument, Defendant relies on the supposition that “the security settings on Mr. Matish’s computer had been compromised by the government’s NIT,” leaving his computer vulnerable to hackers and malware. Id.
The Court considers the declarations submitted by Defendant less persuasive than SA Alfin’s declaration and testimony, because SA Alfin testified and was subjected to cross-examination. Although Defendant’s declarants did not testify and were not subject to cross-examination in this case, the Court is aware that Dr. Soghóian testified for the defense at a hearing in Michaud, 3:15-cr-05351. Defendant’s declarations left a number of important questions unanswered. For example, Mr. Tsyrklevich’s declaration and Dr. Miller’s declaration are parallel, and Dr. Miller’s declaration largely adopts Mr. Tsyr-klevich’s declaration with little substance added. See Doc. 78; Doc. 60, Ex. C.
Notably, the purposes for which Defendant asks for access to the missing source code are based upon speculation as to what the declarants might find. The defense lacks any evidence to support the hypotheses and instead relies upon the ipse dixit that the source code is needed because its declarants opine that it is needed. Such speculation remains insufficient to serve as a basis to compel discovery. Cf. Caro,
For example, the defense aims to discover whether the NIT’s deployment compro
Defendant also questions the- data’s chain of custody, due in part to the NIT program’s failure to encrypt its return message from Defendant’s computer. The defense’s declarants hypothesize that the return message became vulnerable- to tampering while in transit on the Internet. As defense counsel argued, during such transmission, the information “was susceptible to being tampered with.” Doc. 86 at 37. Indeed, defense counsel agreed that during unencrypted transmission, “anybody can tamper with it.” Id. at 38. In his testimony, SA Alfin stated that it only took one (1) second for the NIT data stream to transfer the information to the FBI. Thus, anyone seeking to tamper with the data stream during that timeframe must have known in depth the FBI’s activity so as to complete their “hacking operation” within one second. Rather than encrypting and decrypting the information sent to the FBI, the Government produced the data in literal form. Again, the defense has not searched Defendant’s computer to decipher whether there is any evidence of tampering with this message. Defendant’s declarants likewise have not produced any evidential basis supporting an interruption in the chain of custody.
Defendant expresses doubt concerning the credibility of the Government’s evidence, specifically SA Alfin’s declaration and testimony. However, SA Alfin twice was subjected to cross-examination by Defendant’s attorney, whereas the declarations presented by the defense were immune from cross-examination, and, the Court FINDS, left many questions unanswered. Another example is that an examination of Defendant’s computer may have uncovered evidence either of hacking or an alternate source of the child pornography, but, as it stands, the declarants’ inaction leaves their hypotheses with no evidence to support them. At least two of Defendant’s declarants are familiar with a similar case in Washington State, see Michaud, 3:15-cr-05351, and have been involved with these issues for many months. See Doc. 78; Doc. 60, Ex. C. Therefore, they have had ample opportunity to examine Defendant’s computer or other computers as did SA Alfin.
Defense counsel makes much of SA Al-fin’s testimony that he did not know, nor had he examined, the exploit code. SA Alfin explained that the exploit represents “a defect in a lock that would allow someone with the proper tool to unlock it without possessing the key.” See Doc. 74, Ex. 1 ¶ 11. Thus, through the exploit, the FBI could deploy the NIT onto Defendant’s computer. Yet, the Government now has furnished the NIT’s operating instructions, which the defense’s declarants could apply to Defendant’s computer or to other computers ultimately to determine how—if at all—the NIT affected Defendant’s computer.
The Court FINDS ex parte and in camera inspection of the exploit unnecessary. Such examination would not have assisted the Court in dealing with the issues before ■it. The technicalities of such an examination are better left to computer, experts.
The Government declined to furnish the source code of the exploit due to its immateriality and for reasons of security. The Government argues that reviewing the exploit,■ which takes advantage of a weakness in the Tor network, would expose the entire NIT program and render it useless as a tool to track the transmission of contraband via the Internet. SA Alfín testified that he had no need to learn or study the exploit, as the exploit does not produce any information but rather unlocks the door to the information secured via the NIT. The defense claims it needs the exploit to determine whether the FBI closed and relocked the door after obtaining Defendant’s information via the NIT. Yet, the defense lacks evidentiary support for such a need. The lack of any evidence to support the hypotheses of Defendant’s declar-ants, coupled with their failure to examine Defendant’s computer and the fact that the Government knew of the “Broden” account prior to the NIT’s deployment,
Accordingly, the Court FINDS that the defense has failed to meet the test under Caro,
ii Qualified Law Enforcement Privilege
The Government asserts that the law enforcement privilege applies to the full source code, excluding the already-provided NIT instructions and the corresponding data stream. See Doc. 56 at 22; Doc. 74 at 13. Although the Court technically does not reach the issue of Government privilege, assuming arguendo that it did, the Court believes that the scales tip substantially in favor of the Government. In considering this issue, the Court examined—in addition to the parties’ briefs—a classified brief submitted by the Government.
The Government alleges that disclosure of the code “would be harmful to the public interest” because it “could diminish the future value of important investigative techniques, allow individuals to devise measures to counteract these techniques in order to evade detection, [and] discourage cooperation from third parties and other governmental agencies who rely on these techniques in critical situations.” Doc. 56 at 22.
Courts have held similar law enforcement techniques subject to the qualified privilege. See In re The City of New York,
However, the recognition of the privilege cannot end the Court’s consideration. E.g., Green,
Defendant already has received the NIT instructions and the two-way data stream, and the Government’s disclosure of this information, coupled with its assurance to the Court that none of the images recovered from Defendant’s computer serve as a basis for any charge filed in this case, see Doc. 86 at 56, further lessens the defense’s need for the additional information it seeks. Hence, even if the Court were to find the exploit code material under Rule 16(a)(1)(E), the Court FINDS that the Government’s need to protect the code outweighs Defendant’s need for it.
Therefore, the Court FINDS that Defendant has failed to show that the full NIT code—specifically, the exploit—is material under Rule 16(a)(1)(E). Thus, the Court DENIES Defendant’s Motion to Compel Discovery, Doc. 37. Additionally, even if the Court were to find that Defendant made a sufficient showing of materiality, the Court would not require the Government to disclose the full source code due to the law enforcement privilege.
Hi Mahvare
The parties debate whether the NIT constitutes malware. See, Doc. 74 at 12; Doc. 83. Black’s Law Dictionary defines malicious technology, or malware, as “any electronic or mechanical means, esp. software, used to monitor or gain access to another’s computer system without authorization for the purpose of impairing or disabling the, system.” Malicious Technology, Black’s Law Dictionary (10th ed. 2014), available at Westlaw BLACKS. Whether the NIT constitutes malware is immaterial to this Court’s decisions concerning. the Motions to Suppress and the Motion to Compel Discovery. The Court notes, however, that perhaps malware is a better description for the program through
III. Probable Cause Supported the Issuance of the NIT Warrant
A. Legal Standards
The Fourth Amendment to the United States Constitution provides that “[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” U.S. Const, amend. IV. As the Supreme Court of the United States noted in Illinois v. Gates, “probable cause is a fluid concept—turning on the assessment of probabilities in particular factual contexts—not readily, or even usefully, reduced to a neat Set of legal rules.”
A court reviewing whether a magistrate correctly determined that probable cause exists should afford the magistrate’s determination of probable cause great deference. See Gates,
B. Analysis
Defendant first challenges the NIT Warrant on its face, arguing that it is not based on probable cause, even if the Court were to ignore the warrant application’s inaccuracies. See Doc. 18 at 11-12; Doc. 33 at 3. The Government, in contrast, argues that the facts contained in the 31-page affidavit written by a 19-year FBI veteran with specialized training and experience in this field, “along with the reasonable inferences to be drawn therefrom, support probable cause to believe that registered users of Playpen intended to.view and trade child pornography.” Doc. 24 at 17.
The Court FINDS that the magistrate possessed a substantial basis for determining that probable cause existed to support the issuance of the NIT Warrant. Taking the affidavit at face value, it outlines numerous affirmative steps that one must take to find Playpen on the Tor network, it fully describes Playpen’s home page and registration terms, and it details Playpen’s content. See Def. Ex. IB. Examining the totality of these circumstances leads to the conclusion that a fair probability existed that those accessing Playpen intended to view and trade child pornography and that the NIT would help uncover evidence of these crimes.
The affidavit describes the Tor network and its emphasis on anonymity. See Def. Ex. IB at 10-11. It states that “the TARGET WEBSITE is a Tor hidden service.” Id. ¶ 10. It explains that a user cannot access a hidden service unless he or she knows the particular website address. Id. The affidavit, therefore, describes numerous affirmative steps that one must take even to find Playpen on the Tor network, The Court credits SA Alfiri’s testimony that it would be extremely unlikely for someone to stumble innocently upon Playpen. The magistrate thus justifiably concluded that the chances of someone innocently discovering, registering for, and entering Playpen were. slim.
Additionally, the affidavit illustrates Playpen’s home page, detailing the picture of the two prepubescent females as well as the text. Id. ¶ 12. The affiant explained that based on his training and experience, he knew that “‘no cross-board reposts’ refers to a prohibition against material that is posted on other websites from being ‘re-posted’ to the TARGET WEBSITE; and ‘.7z’ refers to a preferred method of compressing large files or sets of files for distribution.” Id. ¶ 12. The affidavit also explained that users viewed a warning message upon accessing the “register, an account” hyperlink, informing them not to enter a real email address or to post identifying information. Id. ¶ 13. It also warned that the website “is not able to see your IP ...” Id. ¶ 13.
In addition, the affidavit described Playpen’s contents. It noted that “the entirety of the TARGET WEBSITE is dedicated to child pornography.”
Therefore, it was not unreasonable for the magistrate judge to find that Playpen’s focus on anonymity, coupled with Playpen’s suggestive name, the logo of two prepubescent females partially clothed with their legs spread apart (or, as discussed below, the one scantily clad minor), and the affidavit’s description of Playpen’s content, endowed the NIT Warrant with probable cause. In fact, other courts have found that probable cause supported this exact NIT Warrant. In Epich, for example, the Eastern District of Wisconsin adopted a magistrate judge’s report and recommendation, which “pointed to the complicated machinations through which users had to go to access the web site (meaning that unintentional users were unlikely to stumble onto it); the fact that the web site’s landing page contained images of partially clothe[d] prepubescent females with them legs spread apart; the existence of statements on the landing page that made it clear that users were not to re-post materials from other web sites, and provided information for compressing large files (such as video files) for distribution; the fact that the site required people to register to use it, and advised registrants to use fake e-mail addresses and emphasized that the site was anonymous; and the fact that once a user went through all of those steps to become a registered user, the user had access to the entire site, which contained images and/or videos that depicted child pornography.”
IV. A Franks Hearing Is Not Warranted
A. Legal Standards
In Franks v. Delaware, the Supreme Court held that if a “defendant makes a substantial preliminary showing that a false statement knowingly and intentionally, or with reckless disregard for the truth, was included by the affiant in the warrant affidavit, and if the allegedly false statement is necessary to the finding of probable cause, the Fourth Amendment requires that a hearing be held at the defendant’s request.”
Because affidavits supporting search warrants are presumed valid, in order to “mandate an evidentiary hearing, the challenger’s attack must be more than conclusory and must be supported by more than a mere desire to cross-examine.” Id. at 171-72,
In order to be material, the falsity or the omission in the affidavit “must do more than potentially affect the probable' cause determination: it must be ‘necessary to the finding of probable cause.’” Colkley,
B. Analysis
Defendant alleges that the NIT affidavit contains, at a minimum, recklessly misleading statements and omissions that are material to the probable cause deter
The Court FINDS that Defendant has not made a substantial showing to justify a Franks hearing. Although SA Alfin admitted that he saw Playpen as it appeared With the new logo on February 19, 2015, there is no evidence before the Court that SA Alfin ever informed SA Macfarlane of the change in the few hours between the conclusion of the residential search in Florida and SA Macfarlane’s seeking the magistrate’s authorization to use the NIT. The Court also finds that it was not reckless for the affiant not to examine the website one more time on the day he sought the warrant’s authorization, as he had recently examined the website and confirmed that nothing had changed. Therefore, the Court FINDS that SA Macfarlane did not act intentionally or with any doubt as to the validity of his affidavit when he brought the warrant to the magistrate judge.
Additionally, the Court FINDS that the logo change was not material to the probable cause determination. Although the Court questions what caused the increase in visitors after February 20, 2015, even if the warrant had included the description of the new logo instead of the description of the old logo, probable cause still would have existed. Indeed, SA Alfin described the new logo as depicting “a single prepubescent female wearing fishnet stockings and posed in a sexually suggestive manner.” Doc. 59 at 33. Had SA Alfin or Macfarlane described the new image differently, then perhaps the logo change would have been material. However, the Court posits that replacing “two images depicting partially clothed prepubescent females with their legs spread apart,” Def. Ex. IB ¶ 12, with an image of “a single prepubescent female wearing fishnet stockings and posed in a sexually suggestive manner,” Doc. 59 at 33, is not significant. Additionally, the logo change lacks significance because the probable cause rested not solely on the site’s logo but also on the affiant’s description that the entire site was dedicated to child pornography, Playpen’s suggestive name, the affirmative steps a user must take to locate Playpen, the site’s repeated warnings and focus on anonymity, and the actual contents of the site.
The Western District of Washington, in considering similar , challenges to the same NIT Warrant, orally denied the defen
Therefore, Defendant has not made a substantial preliminary showing that the affiant included the inaccurate description of Playpen’s home page either intentionally or recklessly. Furthermore, even if Defendant had made such a showing, a Franks hearing is not warranted because the logo change was immaterial to the probable cause determination. Thus, the Court DENIES Defendant’s request for a Franks hearing.
Y. The NIT Warrant Did Not Lack Specificity
A. Legal Standards
The Fourth Amendment to the United States Constitution requires that search warrants particularly describe the place to be searched and the persons or things to be seized. U.S. Const, amend. TV. This requirement of particularity “applies to the warrant, as opposed to the application or the supporting affidavit submitted by the applicant.” E.g., United States v. Hurwitz,
B. Analysis
Defendant argues that the NIT Warrant is overbroad. Doc. 18 at 23. Defendant bases; this argument on the fact that the NIT Warrant authorized the FBI to search any of the tens of thousands of computers that accessed Playpen', regardless of the user’s activities on Playpen. Id. at 23-26. Indeed, the warrant “authorized the FBI to execute searches on a population of potential targets so large that it exceeds the population of Charlottesville, Virginia, and many other small cities.” Id. at 26. Defendant claims that the NIT Warrant did not establish probable cause to search a particular location, because it “purportedly gave the FBI broad discretion in deciding when and against whom to deploy its malware technology.” Id. at 23. Thus, Defendant likens the NIT Warrant to a general warrant. Id, at 24. Defendant analogizes to a case from the Eastern District of Arkansas, in which the court held that:
[W]hen, as in this case, a warrant’s scope is so broad as to encompass “any and all vehicles” at a scene, without naming any vehicle in particular, the probable cause on which it stands must be equally broad. Specifically, the Fourth Amendment requires that the probable cause showing in support of an “any and all vehicles” warrant must demonstrate that, at the time of the search, a vehicle’s mere presence at the target location is sufficient to suggest that it contains contraband or evidence of a crime.
The Government contends that the “NIT warrant described the places to be searched—activating computers of users or administrators that logged into Play.pen—and the things to be seized—the seven pieces of information obtained from those activating computers—with particularity.” Doc. 24 at 29. The Government asks the Court to “decline the defendant’s invitation to read into the Fourth Amendment a heretofore undiscovered upper bound on the number of searches permitted by a showing of probable cause.” Id. In the Government’s view, the fact that “a warrant authorizes the search of a potentially large number of suspects is an indication, not of constitutional infirmity, but a large number of criminal suspects.” Id. at 35.
As noted in Levin, “NITs, while raising serious concerns, are legitimate law enforcement tools.”
First, in Michaud, the Western District of Washington considered this very issue.
Similarly, in Epich, the Eastern District of Wisconsin, adopting a magistrate judge’s report and recommendation, rejected the defendant’s particularity challenge to the NIT Warrant.
The Court FINDS that the NIT Warrant did not violate the Fourth Amendment’s particularity requirement. The Court also FINDS that the warrant was not broader than the probable cause upon which it was based. As discussed above— putting aside the admitted inaccuracies
VI. The Triggering Event Occurred
A. Legal Standards
Anticipatory warrants are “based upon an affidavit showing probable cause that at some future time (but not presently) certain evidence of a crime will be located at a specified place.” United States v. Grubbs,
B. Analysis
Defendant contends that the NIT Warrant represents an anticipatory warrant “because it prospectively authorized searches whenever unidentified Playpen visitors signed on to the site, with the ‘triggering event’ for those searches being the act of accessing the site.” Doc. 18 at 26. Defendant argues that merely logging into Playpen did not constitute the triggering event; rather “navigating through the internet homepage described in the warrant application” represented the triggering condition. Doc. 33 at 2. Since the warrant application incorrectly described Playpen’s home page logo, Defendant could not log into Playpen via the home page described in the warrant application because that home page no longer existed. Id. at 3. Thus, Defendant argues, “the search conducted here was not authorized by the NIT Warrant.” Id.
The Government notes that Defendant’s “claim that the NIT warrant was void because, as an anticipatory warrant, the ‘triggering event’ never occurred is little more than a rehash of the same probable cause and Franks challenges that have already been addressed.” Doc. 24 at 35-36. The Government contends that the relevant triggering event was “the defendant’s decision to enter his username and password into Playpen and enter the site.” Id. The
Defendant’s argument that the triggering event never occurred is novel, but the Court FINDS that logging into Playpen— which the warrant application identified by its URL—represents the relevant triggering event. See Def. Ex. 1A, Thus, the triggering event was not conditional upon the website’s home page logo but upon whether a user or administrator of Playpen logged into the site, which the warrant identified by its URL. The FBI deployed the NIT here after someone with the user-name “Broden” logged into Playpen. Thus, the Court FINDS that the triggering event did occur.
The Court notes that if it were to rule that logging into Playpen through the home page—exactly as it was described in the application—represented the triggering event, as opposed to ruling that simply logging into the website represented the triggering event, such a ruling would provide operators of websites such as Playpen with incentive to frequently change their home pages’ appearances. While this consideration would not be an issue if the FBI had assumed control over the website pri- or to obtaining the search warrant—as it had in this case—if the FBI obtained a warrant to search computers logging into a site that the FBI had not yet taken over, the website operator’s ability to change his or her website’s home page at will would always defeat probable cause for this type of anticipatory warrant. Again it should be noted that the Government did not employ the NIT until Defendant took the additional step of clicking on an actual child pornography forum or section within Playpen.
VII. Rule 41(b)(4) Authorized the Issuance of the NIT Warrant
A. Legal Standards
Both Federal Rule of Criminal Procedure 41(b) (“Rule 41(b)”) and Section 636 of the Federal Magistrates Act (“Section 636”) concern the scope of a magistrate judge’s authority. Rule 41(b) details a magistrate judge’s authority to issue a search warrant. See Fed. R. Crim. P. 41(b). It provides that:
(1) a magistrate judge with authority in the district—or if none is reasonably available, a judge of a state court of record in the district—has authority to issue a warrant to search for and seize a person or property located within the district;
(2) a magistrate judge with authority in the district has authority to issue a warrant for a person or property outside the district if the person or property is located within the district when the warrant is issued but might move or be moved outside the district before the ■warrant is executed;
(3) a magistrate judge—in an investigation of domestic terrorism or international terrorism—with authority in any district in which activities related to the terrorism may have occurred' has authority to issue a warrant for a person or property within or outside that district;
(4) a magistrate judge with authority in the district has authority to issue a warrant to install within the district a tracking device; the warrant may authorize use of the device to track the movement of a person or property located within the district, outside the district, or both; and
(5) a magistrate judge having authority in any district where activities related to the crime may have occurred, or in theDistrict of Columbia, may issue a warrant for property that is located outside the jurisdiction of any state or district, but within any of the following:
(A) a United States territory, possession, or commonwealth;
(B) the premises—no matter who owns them—of a United States diplomatic or consular mission in' a foreign state, including any appurtenant building, part of a building, or land used for the mission’s purposes; or
(C) a residence and any appurtenant land owned or leased by the United States and used by United States personnel assigned to a United States diplomatic or consular mission in a foreign state.
Fed. R. Crim, P. 41(b). Section 636(a) of the Federal Magistrates Act addresses a magistrate judge’s jurisdiction and provides, in relevant part:
(a) Each United States magistrate judge serving under this chapter shall have within the district in which sessions are held by the court that appointed the magistrate judge, at other places where that court may function, and elsewhere as authorized by law—
(1) all powers and duties conferred or imposed upon United States commissioners by law or by the Rules of Criminal Procedure for the United States District Courts_ .
28 U.S.C. § 636. As the District of Massachusetts noted in Levin, “the Court’s anal-yses of whether the NIT Warrant was statutorily permissible and whether it was allowed under Rule 41(b) are necessarily intertwined.”
B. Analysis
i Defendant Has Standing to Challenge the Magistrate Judge’s Authority and Jurisdiction
In Rakas v. Illinois, the Supreme Court of the United States stressed that “'“Fourth Amendment rights are personal rights which, like some other constitutional rights, may not be vicariously asserted.’ ”
The Government, argues that Defendant does not have standing to assert these challenges to the NIT Warrant, characterizing his Third Motion as one “regarding how the issuance of the NIT warr rant would apply to. a third party found outside of the Eastern District of Virginia.” See Doc. 53 at 6.
However, the Government deployed the NIT onto Defendant’s own computer, and Defendant is challenging the warrant that purportedly authorized the Government to search that computer. Thus, Defendant possesses standing to challenge the warrant upon which the Government relied. Cf. United States v. Castellanos, 716 F.3d
ii. The Magistrate’s Authority and Jurisdiction
Defendant argues that the magistrate judge “ignored the clearly established jurisdictional limits set forth in Federal Rule of Criminal Procedure 41” in authorizing the search of computers located anywhere in the world. Doc. 24 at 5-6. Defendant alleges that a warrant issued without authority under Rule 41 necessarily leads to a constitutional violation of Section 636. Doc. 34 at 10; Doc. 55 at 3. The Government contends that Rule 41(b)(1), (2), and (4) support the issuance of the warrant and that a violation of Rule 41 does not automatically result in a constitutional violation. Doc. 53 at 12-16
Several courts have held that the magistrate judge lacked authority and jurisdiction to issue the NIT Warrant used in this case. E.g., Werdene, No. 2:15-cr-00434, ECF No. 33; Levin,
The Court FINDS that Rule 41(b)(4) authorized the magistrate judge to issue this warrant. Rule 41(b)(4) endows a magistrate with authority to issue a warrant authorizing the use of a tracking device. Fed. R. Crim. P. 41(b)(4). The tracking device must be installed within the magistrate judge’s district, but the warrant “may authorize use of the device to track the movement of a person or property located within the district, outside the district, or both.” Id.
The Court recognizes that other courts have held this provision inapplicable to the NIT Warrant. See, e.g, Levin,
Because the NIT enabled the Government to determine Playpen users’ locations, it resembles a tracking device. Thus, the NIT Warrant authorized the FBI to install a tracking device on each user’s computer when that computer entered the Eastern District of Virginia—the magistrate judge’s district. Contrary to the opinion conveyed in Michaud,
Because the Court FINDS’ that the magistrate judge complied with Rule 41(b) in issuing this warrant, her actions did not contravene Section 636, because she exercised authority that was “conferred or imposed ... by the Rules of Criminal Procedure for the United States District Courts.” 28 U.S.C. § 636(a)(1). ■
VIII. Even If the Magistrate Judge Issued the NIT Warrant Without Authority or Jurisdiction, Suppression Is Not Warranted
A. The Government Did Not Need a Warrant to Deploy the NIT ’
The ' Court FINDS that no Fourth Amendment violation occurred here because the Government did not need a warrant to capture Defendant’s IP address. Therefore, even if the warrant were invalid or void, it was unnecessary, so no constitutional violation resulted from the Government’s conduct in this case.
i Legal Standards
The Fourth Amendment provides, “[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the ■ place to be searched, and’the persons or things to be seized.” U.S. Const, amend. IV. Although holding that the Fourth Amendment protects a person’s “reasonable expectation of privacy,” the Supreme Court cautioned in Katz v. United States that “the Fourth Amendment cannot be translated into a general constitutional ‘right to privacy.’”
Traditionally, the privacy concerns embedded in the Fourth Amendment only applied to government actors’ physical trespasses. See, e.g., United
In Katz, the Supreme Court considered whether a reasonable expectation of privacy exists within an enclosed telephone booth.
Like information revealed to a third party, “[w]hat a person knowingly exposes to the public, even in his own home or office, is not a subject of Fourth Amendment protection.” Katz,
Similarly, in Minnesota v. Carter, the Supreme Court considered whether a police officer who peered through a gap in a home’s closed blinds conducted a search in violation of' the Fourth Amendment.
ii Analysis
a. Defendant Has No Expectation of Privacy in His IP Address
The Court first focuses on - the Government’s discovery of Defendant’s IP address, as the IP address ultimately led the Government to Defendant. Without the IP address, the Government presumably would have been unable to locate Defendant, even if the NIT had provided the FBI with the six other pieces of .information seized. Here, the Court FINDS that Defendant possessed no reasonable expectation of privacy in his computer’s IP address, so the Government’s acquisition of the IP address did not represent a prohibited Fourth Amendment search.
Generally, one has no reasonable expectation of privacy in an IP address when using the-Internet. See, e.g., Forrester,
Even an Internet user who employs the Tor network in an attempt to mask his or her, IP address lacks a reasonable expectation of privacy in his or her IP address. Presumably, one using the Tor network hopes for, if not possesses, a subjective expectation of privacy in his or her identifying information. Indeed, Tor markets .itself as a tool to “prevent! ] people from learning your location ...” .See Tor Project: Anonymity Online, https://www. torproject.org (last visited May 24, 2016). However, such an expectation is not objectively reasonable in light of the way the Tor network operates. In United States v. Farrell, researchers operating the Tor nodes observed the IP address of the- alleged operator of Silk Road 2.0, a Tor hidden service. No. CR15-029,
Other courts, however, have not limited the reasonable expectation of privacy inquiry to whether the FBI acquired a defendant’s IP address by accessing his computer or by obtaining the information from a cooperative third party. E.g., Werdene, No. 2:15-cr-00434, ECF No. S3. For example, in another case involving Playpen, the Eastern District of Pennsylvania found that the defendant “had no reasonable expectation of privacy in his IP address,” because “[a]side from providing the address to Comcast, his internet service provider, a necessary aspect of Tor is the initial transmission of a user’s IP address to a third-party.” Id. The court noted in Werdene that “the type of third-party to which [the defendant] disclosed his IP address—whether a person or an ‘entry node’ on the Tor network—does not affect the [c]ourt’s evaluation of his reasonable expectation of privacy.” Id. Because the defendant “was aware that his IP address had been conveyed to a third party, [ ] he accordingly lost any subjective expectation of privacy in that information.” Id. Thus, the Eastern District of Pennsylvania found that since the defendant “did not have a reasonable expectation of privacy in his IP address, the NIT cannot be considered a ‘search’ within the meaning of the Fourth Amendment.” Id. Similarly, the Western District of Washington in Michaud stated that the defendant “ha[d] no reasonable expectation of privacy of the most significant information gathered by deployment of the NIT, [his] assigned IP address, which ultimately led to [his] geographic location.”
It is clear to the Court that Defendant took great strides to hide his IP address via his use of the Tor network. However, the Court FINDS that any such subjective expectation of privacy—if one even existed in this case—is not objectively reasonable. SA Alfin testified that when a user connects to the Tor network, he or she must disclose his or her real IP address to the first Tor node with which he or she con
The Court recognizes that the NIT used in this case poses questions unique from the conduct at issue in Farrell,
b. Defendant Has No Reasonable Expectation of Privacy in His Computer
While the Court holds that the use of the NIT, which resulted in the Government’s ultimate capture of Defendant’s IP address, does not represent a prohibited search under the Fourth Amendment, the Court acknowledges that the warrant purported to authorize searches of “activating computers.” See Def. Ex. 1A. Without deploying the NIT to a user’s computer, the Government would not have been able to observe any Playpen user’s IP address. Additionally, the Government obtained the six other pieces of identifying data from users’ computers; unlike its acquisition of the IP addresses, which the FBI observed and captured during transmission of the data, the FBI gathered this additional data directly from suspects’ computers. To be sure, “the appropriate [Fourth Amendment] inquiry [is] whether the individual had a reasonable expectation of privacy in the area searched, not merely in the items found.” E.g., United States v. Horowitz,
Examining the search of computers in the Fourth Amendment context, in 2007, the Ninth Circuit held that a defendant had both a subjective expectation of priva
Here, the NIT was programmed to collect very limited information. Like the pen register in Smith that only captured the numbers dialed,
Additionally, like the employee in Si-mons who was put on notice that his computer was not entirely private,
In the recent past, the world has experienced unparalleled hacks. For example, terrorists no longer can rely on Apple to protect their electronically stored private data, as it has been publicly reported that the Government can find alternative ways to unlock Apple users’ iPhones. See Katie Benner & Eric Lichtblau, U.S, Says It Has Unlocked iPhone Without Apple, The New York Times (March 28, 2016), http:// www.nytimes.com/2016/03/29/technology/ apple-iphone-fbi-justice-department-case. html?_r=0. In addition to politicians being targets of hacking, see Nicole Gaouette, Intel chief: Presidential campaigns under cyber attack, CNN (May 18, 2016), http:// www.cnn.com/2016/05/18/politics/ presidential-campaigns-cyber-attack/index. html, Ashley Madison, see Alex Hern, Ashley Madison hack: your questions answered, The Guardian (August 20, 2015), https://www.theguardian.com/technology/ 2015/aug/20/ashley-madison-hack-your- • questions answered; Sony, see Peter El-kind, Sony Pictures: Inside the Hack of the Century, Fortune (July 1, 2015), http:// fortune.com/sony-hack-part-l/; Home Depot, see Robin Sidel, Home Depot’s 56 Million Card Breach Bigger Than Target’s, The Wall Street Journal (Sept. 18,2014), http://www.wsj.com/articles/ home-depot-breach-bigger-than-targets-1411073571; Target, see id.; the New York Times, see Nicole Perlroth, Hackers in China Attacked The Times for Last ⅛ Months, The New York Times (Jan. 30, 2013), http://www.nytimes.com/2013/01131/ technology/chinese-hackers-infiltrate-new-york-times-computers.html; a Panamanian law firm, see Panama Papers: Leak firm Mossack Fonseca ‘victim of hack’, BBC News (April 6, 2016), http://vyww.bbc.com/ news/world-latin-america-35975503; and even the United States Government, Associated Press in Washington, US government hack stole fingerprints of 5.6 million federal employees, The Guardian (September 23, 2015), https://www.theguardian. com/technology/2015/sep/23/us-government-hack-stole-fingerprints, all have experienced hacks that resulted in the compromise of unprecedented amounts of data previously thought to be private. In arguing that Defendant needs the exploit source code to determine whether Defendant’s computer experienced a hack or whether an outside source tampered with the information the NIT sent to the FBI, defense counsel even admitted that such hacks could occur by agreeing that when information travels via the Internet in unencrypted form, “anybody can tamper with it.” Doc. 86 at 38. Cases identifying a reasonable expectation of privacy in personal computer files protected with only a password, see Buckner,
Tor users likewise cannot reasonably expect to be safe from hackers. Even if Tor users hope that the Tor network will keep certain information private—just as terrorists seem to expect Apple to keep their data private—it is unreasonable not to expect that someone will be able to gain access. See John W. Little, Tor and the Illusion of Anonymity, Blogs op WáR (August 6, 2013), http://blogsofwar.com/tor- and-the-illusion-of-anonymity/ (describing that the Federal Government discovered a way “to identify the true IP addresses [of] an unknown number to Tor users” and noting that this development “should serve as a huge wake-up call” to people who believe that using Tor endows them with unassailable privacy protections). Notwithstanding the identification difficulties posed by Tor and the machinations one must undergo to access a Tor hidden service, advances in technology continue to thwart Tor’s measures.
Thus, hacking resembles the-broken blinds in Carter,
Although this Court recently noted in dicta that the possibility of hacking “is not enough to defeat an individual’s reasonable expectation of privacy” because it is illegal, see United States v. Darby, No. 2:16-cr-36, ECF No. 31 at 10-11 (E.D. Va. June 3, 2016), this Court stresses that child pornography often resembles an international crime. Similarly, much hacking occurs by foreign nations where the governments condone or participate in hacking. Child pornography is not just a national issue; it is an international issue, and at least a portion of the pornography in this case arrived from foreign sources through the World Wide Web.
The Fourth Circuit issued its en banc decision in United States v. Graham, No. 12-4659,
Although the Fourth Circuit in Graham stressed that the Government obtained the
Additionally, while the Court FINDS that the Government did not need a warrant before deploying the NIT, the Court recognizes the need to balance an individual’s privacy in any case involving electronic surveillance with the Government’s duty of protecting its citizens. Here, the balance weighs heavily in favor of surveillance.
B. Even If the Issuance of the Warrant Represented a Nonconstitutional Violation of Rule 41(b), Suppression Is Still Unwarranted
The parties agree that two categories of Rule 41 violations exist: “those involving constitutional violations and all others.” Poc. 34 at 10; Doc. 53 at 23; Simons,
As discussed above, any potential Rule 41 violation did not result in a violation of Defendant’s constitutional rights, for no warrant was needed. Thus, the Government’s use of the NIT.did not deprive Defendant of his Fourth Amendment rights. The Court here FINDS that suppression is not appropriate for any potential nonconstitutional- violation of Rule 41(b) either, because Defendant was not prejudiced and there is no evidence of intentional or deliberate disregard of the rule.
Defendant argues that the search conducted pursuant to the wax-rant would 'not have occurred had the magistrate judge not issued the warrant, and that, therefore, he has suffered prejudice. Doc. 34 at 14. However, as detailed above, the FBI did not need a warrant to deploy the NIT, so Defendant has not shown prejudice.
Additionally, Defendant has failed to show an intentional or deliberate disregard of Rule 41(b). As the Eastern District of Pennsylvania noted in Werdene, the “warrant was candid about the challenge that the Tor network poses, specifically its ability to mask a user’s physical location.” No. 2:15-cr-00434, ECF No. 33. The affidavit also specifically stated that the NIT may be deployed against an “activating computer—wherever located.” Def. Ex. IB ¶46. Thus, the Court FINDS that the FBI did not attempt to mislead the magistrate judge in any way as to the locations of the activating computers. Therefore, Defendant has shown neither prejudice nor an intentional violation of Rule 41(b), so even if there were a nonconstitutional violation of Rule 41(b), suppression would be inappropriate.
C. The Good Faith Exception
Finally, even if the Government did need to obtain a warrant in order to deploy the NIT, and even if there existed defects in the warrant or in its issuance, the Court FINDS that suppression still would be inappropriate under the good faith exception to the exclusionary mile.
Generally, if a search violates the Fourth Amendment, “the fruits thereof are inadmissible under the exclusionary rale, a judicially created remedy designed to safeguard Fourth Amendment rights generally through its deterrent' effect.” United States v. Doyle,
The Leon good faith exception applies in this case. The agents’ reliance on the NIT Warrant was objectively reasonable, and it appears to the Court that the agents acted in good faith. An experienced and neutral magistrate judge reviewed the warrant application and concluded that there existed probable cause to issue the NIT Warrant. As noted above, the FBI did not intentionally or recklessly mislead the magistrate judge in its quest to obtain the NIT Warrant, either on the scope of the warrant or on the information concerning the logo change. The warrant application detailed ample probable cause to support the issuance of the warrant. The affidavit also adequately described the items to be seized and the places to be searched: The FBI agents showed no improper conduct or misjudgment in relying upon the NIT Warrant. Therefore, the Leon good faith exception would apply, even if the NIT’s deployment constituted a search and even if the warrant were deficient in some respect.
IX. CONCLUSION
For the reasons listed above, the Court DENIES Defendant’s First and Third Motions to Suppress, Docs. 18, 34, and Defendant’s Motion to Compel Discovery, Doc. 37. The Court GRANTS Defendant’s Consent Motion for Leave to File an Expert Declaration Relevant to the Motion to Compel Discovery, Doc. 83, and the Government’s Motion to Unseal the Court’s Opinion and Order denying Defendant’s First and Third Motions to Suppress, Doc. 89.
The Clerk is DIRECTED to deliver a copy of this Order to all counsel of record.
It is so ORDERED.
Notes
. SA Alfin testified without contradiction that the FBI uncovered the user "Broden,” which it later linked to Defendant's computer, before it deployed the NIT,
. "Dedicated” to child pornography does not mean that every section actually consisted of child pornography—some forums apparently discussed how to prepare a child and exam-pies of child abuse. This distinction may explain the seeming conflict between SA Alfin’s testimony and the Government’s brief.
. In Riley v. California, the Supreme Court held that "a warrant is generally required before” searching information on a cell phone, "even when a cell phone is seized incident to arrest.” — U.S. -,
. The Court does note,. however, that it appears some of the continuing harm in this case occurred because the Government continued opérating Playpen, rather than immediately shutting it down. The Court has no role in deciding what methods the executive branch utilizes in fulfilling its duty to protect