Opinion
CRIMINAL ACTION 20-03-DLB-CJS
04-26-2021
UNITED STATES OF AMERICA PLAINTIFF v. DAVID THOMAS SOWARD DEFENDANT
REPORT AND RECOMMENDATION
Candace J. Smith United States Magistrate Judge
This matter is before the Court on Defendant David Thomas Soward's Motions to Suppress (R. 26; R. 58). As to his first Motion to Suppress (R. 26), the Government responded (R. 31), Defendant replied (R. 35), and the Government sur-replied (R. 36). An oral argument and then an evidentiary hearing were held. (R. 38; R. 40; R. 41). The Government was thereafter permitted to file a declaration from the National Center for Missing and Exploited Children ("NCMEC") (R. 42). Filings and proceedings as to the first Motion to Suppress were concluded, with the exception of awaiting the Sixth Circuit's decision in the pending appeal in Case No. 18-5578, United States v. Miller, an appeal originating from this district, Case No. 2:16-cr-47, and involving suppression issues similar to those raised by Soward in his first Motion to Suppress filed in this case. (See R. 48).
Defendant's Motion to Suppress filed on February 4, 2021, is titled "Supplemental Motions to Suppress." (R. 58). The Court generally considers supplemental to mean the addition of new information related to an existing issue in the case. Defendant's February 4, 2021 Supplemental Motions to Suppress challenges the Government's use of evidence from a search of his cellphone and his Gmail account. Such issues are separate from the issues raised in his first Motion to Suppress (R. 26). For simplicity's sake, the Court will refer to the February 4, 2021 Supplemental Motions to Suppress as Defendant's second Motion to Suppress.
). Staff of NCMEC's Exploited Children Division (ECD) "cannot alter or change information submitted by a reporting party to the CyberTipline." (Id.). NCMEC is a "private, nonprofit corporation, incorporated under the laws of the District of Columbia" with the mission to "help find missing children, reduce child sexual exploitation, and prevent child victimization." (R. 42-1, Affidavit of John Shehan of NCMEC). Mr. Shehan represents that "the majority of CyberTipline reports NCMEC receives relate to apparent child pornography and are from electronic service providers ("ESPs")." (Id.
The Sixth Circuit issued its decision in United States v. Miller on December 3, 2020, affirming this District Court's denial of Miller's suppression motion. United States v. Miller, 982 F.3d 412 (6th Cir. 2020), petition for cert, filed, 89 U.S.L.W. 3327 (U.S. Feb. 25, 2021) (No. 20-1202). Defendant Soward then filed a Status Report in this case informing that although the appeal in United States v. Miller had now been decided, request for further review of the Sixth Circuit's decision was likely. (R. 52). Soward further informed that the Government had provided additional discovery, with more to be disclosed later. (Id.). Defendant requested the Court continue to hold any ruling on his first Motion to Suppress in abeyance until all of the new discovery was received and any additional suppression issues considered. (Id.). Defendant was given until February 4, 2021 to supplement his first Motion to Suppress or file a new motion to suppress based upon receipt and review of the new discovery. (See R. 57).
On February 4, 2021 Defendant filed his second Motion to Suppress (R. 58) raising two new issues. The Government responded (R. 63). Defendant did not reply and had until March 26, 2021 to do so. The Motions to Suppress (R. 26; R. 58) are now ripe for consideration and preparation of a Report and Recommendation. See 28 U.S.C. § 636(b)(1)(B). For the reasons below, it will be recommended that Defendant's first Motion to Suppress (R. 26) be denied and his second Motion to Suppress (R. 58) be granted in part and denied in part.
I. FACTUAL BACKGROUND
On May 22, 2019, an individual using Yahoo! ("Yahoo") email account sowardd@yahoo.com sent and received from the same email address at least three images of apparent child pornography. (R. 26, Page ID 93; R. 31, Page ID 118). This email account was later determined to be Defendant's. Yahoo, through its own internal process, began an investigation of the entire Yahoo account. (R. 31). Yahoo, operated by Oath Holdings, Inc., now known as Verizon Media, has a "zero-tolerance policy for child sexual abuse material ("CSAM") and operates a robust digital safety program designed to detect and remove CSAM from [its] platforms." (R. 41, Plaintiffs Exhibit 1, Verizon Wireless Company Policy on Efforts to Combat Online Child Exploitation). Yahoo utilizes "PhotoDNA technology, which is capable of matching the digital signature of an uploaded image to large databases of known CSAM maintained by [NCMEC.]" Id. Yahoo also makes "extensive use of expert human reviewers, who scrutinize accounts flagged by PhotoDNA ... to identify additional CSAM that automated scanning may have missed, often because the image or video has not been previously identified and added to a CSAM database." Id. Yahoo then "reports all CSAM to NCMEC," including in its reports to NCMEC "subscriber information for the user who uploaded the CSAM, which helps NCMEC identify the offender." Id. Yahoo includes a link to "PhotoDNA" on its webpage, which directs a user to Microsoft.com. (Id.; see PhotoDNA, https://www.microsoft.com/en-us/photodna (last accessed April 15, 2021)). Microsoft's website explains that PhotoDNA "creates a unique digital signature (known as a 'hash') of an image which is then compared against signatures (hashes) of other photos to find copies of the same image." Id.
Yahoo permits users "who create a Yahoo email account, to send, receive and upload content to themselves or to other persons online." (R. 26-1, Page ID 88). Although not clear from the record, the Court assumes that Yahoo's search of Defendant's account included not only his emails but also any uploaded or received content.
The United States submitted as an exhibit an email received from an employee of Verizon Media which includes a link to Verizon's policies regarding combatting online child exploitation. See Verizon's Efforts to Combat Online Child Exploitation FAQs, https://www.verizon.com/about/ourcompany/company-policies/verizons-efforts-combat-online-child-exploitation-faqs (last visited April 14, 2021). There was no objection to its entry in the record and the Court will reference Verizon's policies per the webpage, as necessary. (See R. 41).
Yahoo alerted NCMEC to its findings through two CyberTipline Reports, and later supplemented its initial reports with a third report. (R. 31-1, CyberTipline Report #49879859; R. 31-3, CyberTipline Report #49879860; R. 31-2, CyberTipline Report #50154444). CyberTipline reports contain four sections. Section A "contains information submitted by the reporting person or reporting ESP. (R. 42-1, Page ID 263). NCMEC cannot revise or edit any information in Section A. (Id.). Other than the "Incident Type" and "Incident Time" fields in Section A, all information provided by the reporting person or reporting ESP in any other fields is voluntary. (Id.). Section B "contains automated information that NCMEC Systems automatically generate based on information provided by a reporting ESP." (Id.). Section C contains "additional information compiled and documented by NCMEC based on the information submitted in Section A." (Id.). Section D contains "information documented by NCMEC relating to the law enforcement agency to which the CyberTipline report was made available." (Id.). The CyberTipline reports submitted by NCMEC in this case indicate that Yahoo viewed the "entire contents" for every image file uploaded across the three reports, except for one image in Report #49879860 labeled "image.75-l.jpeg." (R. 31-1; R. 31-2; R. 31-3). NCMEC during its review of Yahoo's submission viewed some of the images uploaded in the CyberTipline reports and identified the IP addresses that accessed the Yahoo account. (R. 31-1; R. 31-2; R. 31-3; R. 42). All three reports were submitted to the Kentucky State Police. (Id.). The Kentucky State Police then forwarded the CyberTipline reports it received from NCMEC to the Kenton County Police Department because the reports had ties to Kenton County. (R. 26-1, Page ID 89).
The CyberTipline began operation in 1998 and "was created to allow persons to report online (and via toll-free telephone) the enticement of children for sexual acts, child sexual molestation, child pornography, child sex tourism, child sex trafficking, unsolicited obscene materials sent to a child, misleading domain names, misleading words or digital images on the Internet." (R. 52, Page ID 262). The majority of CyberTipline reports are submitted by ESPs, but anyone may submit a report. (Id.).
The file, "image.75-l.jpeg," which Yahoo did not provide information on regarding whether Yahoo viewed the entire contents of the uploaded file, has the exact same hash-value as that of "image.75-1 jpeg" on Page ID 174, which Yahoo indicated it had reviewed the entire contents of. Yahoo provides the "MD5" of both images which are identical, indicating that the images are exact copies of one another. MD5 is short for Message Digest 5 and "is a 128-bit hash algorithm that creates a hash value based on the unique bit-by-bit makeup of the file." Robyn Burrows, Judicial Confusion and the Digital Drug Dog Sniff: Pragmatic Solutions Permitting Warrantless Hashing of Known Illegal Files, 19 Geo. Mason L. Rev. 255, 262 (2011) (citing James Michael Stewart, Security +: Fast Pass 120 (2004)). Thus, the "image.75-1 jpeg" that Yahoo did not provide an answer for as to whether it viewed the entire contents of the file is an exact copy of the "image.75-1.jpeg" that Yahoo did view the entire contents of, and is thus part of Yahoo's "private search."
Kenton County Police Department's Internet Crimes Against Children ("ICAC") Investigator Brian Jones, who serves as a Task Force Officer ("TFO") with the FBI's child exploitation task force, was assigned to investigate the three CyberTipline reports on June 5, 2019. (R. 26-1, Page ID 92). Upon receipt of the three reports, he "reviewed all of the images associated with each[.]" (R. 31-4, Page ID 199). Using the reported IP addresses from the reports, Detective Jones utilized the American Registry for Internet Numbers, "a publicly available registry accessed through the Internet" and determined that the IP addresses "are used as internet leases by both Charter Communications and Cincinnati Bell Fuse Internet." (R. 26-1, Page ID 92). Detective Jones "executed a search warrant on Oath Holdings, Inc. in reference to the reported account of sowardd@yahoo.com" (R. 26-1, Page ID 94; R. 31-4, Page ID 198), and a Grand Jury subpoena was issued by the Kenton County Commonwealth Attorney's office to Charter Communications regarding two of the IP addresses associated with the Yahoo account. (R. 26-1, Page ID 94).
One of the IP addresses was traced to a Burger King in Edgewood, Kentucky, and tracing information was unavailable for the second. (Id.). A separate subpoena was issued to Cincinnati Bell regarding the third IP address associated with the Yahoo account. (Id., Page ID 95). The Cincinnati Bell IP address was traced to the Kenton County Public Library. (Id.). The branch manager of the library checked the library's records and confirmed that "a David Soward had library card activity on May 22, 2019 at approximately 1712 hours" at the Erlanger branch. (Id.). The branch manager then provided information for the library card holder, Defendant, to include his address and phone number. (Id., Page ID 96). TFO Jones also confirmed the CyberTipline reports' assertion that Defendant was a registered sex offender through Kenton County Dispatch inquiries. (Id., Page ID 97).
Defendant was later arrested on December 17, 2019, on state child pornography charges. (R. 58-2, Page ID 303). Defendant was searched upon arrest and "a cell phone was located on his person" and seized, and search warrants were later executed at Defendant's home and on his vehicle. (Id., Page ID 305; R. 58, Page ID 298).
Soward was subsequently federally indicted on January 9, 2020 in a one count indictment for knowingly transporting child pornography in violation of 18 U.S.C. § 2252(a)(1). (R. 1). Defendant was arrested by federal law enforcement on January 15, 2020, the date upon which he made his initial appearance in this Court. (R. 7; R. 8). He later filed his first Motion to Suppress on April 23, 2020, challenging the warrantless opening of his emails, the scope of the Government's review as beyond that by Yahoo, and that Yahoo acted as a state actor in searching his emails. (R. 26).
Meanwhile, law enforcement's investigation of Defendant continued. During review of the return of the search warrant for Defendant's Yahoo account, law enforcement discovered an email sent to a Google Gmail account: sowarddavidl@gmail.com which read "test." (R. 63, Page ID 315). On May 28, 2020, law enforcement was contacted by an attorney who represented Sara Austin, identified as Defendant's former girlfriend, who wanted to report information she observed in the sowarddavidl@gmail.com email account. She confirmed the account was used by Defendant. (Id.). Austin and her attorney met with law enforcement for an interview on June 3, 2020. (Id.).
On July 15, 2020, law enforcement obtained a search warrant from the undersigned in case number 2:20-mj-2533-CJS for information associated with the sowarddavidl@gmail.com account. The warrant application was based, in part, on information provided by Austin. (R. 63, Page ID 316). This search warrant along with law enforcement's search of Defendant's cell phone seized when he was arrested form the subject of Defendant's second Motion to Suppress (R. 58). In its Response filed March 12, 2021, the Government explains that 47 images from this email account have been submitted to NCMEC for an identification report and that, while a report from NCMEC has not yet been received, the ICAC Investigator believes that approximately 19 of the 47 images depict CSAM. (Id.).
Defendant seeks to suppress all evidence obtained in this case accumulated via the Yahoo and NCMEC reports, his cellphone seized from his person upon his arrest, and his Gmail account.
II. ANALYSIS
The Fourth Amendment provides in relevant part that "[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated." U.S. Const, amend. IV. Fourth Amendment protections attach when a "search" occurs. A "search" occurs when the government infringes on an expectation of privacy that society is prepared to consider reasonable, see United States v. Jacobsen, 466 U.S. 109, 115 (1984), or where the government physically intrudes on a constitutionally protected area for the purpose of obtaining information, see United States v. Jones, 565 U.S. 400, 407-08 (2012). Fourth Amendment protections do not apply to a private search. Jacobsen, 466 U.S. at 113. Nor do they apply if the government merely replicates a prior private search. Id. at 115.
Additionally, the Fourth Amendment requires that "[n]o warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." U.S. Const, amend. IV. "Probable cause exists when 'there is a fair probability that contraband or evidence of a crime will be found in a particular place.'" United States v. Grubbs, 547 U.S. 90, 95 (2006) (citing Illinois v. Gates, 462 U.S. 213, 238 (1983)). The Supreme Court has adopted the totality of the circumstances approach to determine whether probable cause exists. Gates, 462 U.S. at 238. Under that approach, the issuing judge is required "to make a practical, commonsense decision ... given all the circumstances set forth in the affidavit. . ., including the 'veracity' and 'basis of knowledge' of persons supplying hearsay information." United States v. Murphy, 241 F.3d 447, 457 (6th Cir. 2001) (quoting Gates, 462 U.S. at 238). These elements are not separate and independent requirements. Rather, "a deficiency in one may be compensated for, in determining the overall reliability of a tip, by the strong showing as to the other, or by some other indicia of reliability." Gates, 462 U.S. at 233.
In the first Motion to Suppress, Defendant argues that Yahoo's use of its hashing technology to search his email account without a warrant constituted a search implicating the Fourth Amendment. He also challenges TFO Jones's actions of opening and viewing the attachments to his email, which he argues no one had previously opened and viewed, without first obtaining a warrant. For the reasons discussed below, these arguments fail.
In his second Motion to Suppress, Defendant challenges the warrantless search of the cellphone seized from his person at the time of his arrest. Defendant also challenges the probable cause of the search warrant obtained by law enforcement for his Gmail account. For the reasons discussed below, Defendant's challenge to the search of his cellphone is well taken and his challenge to the search of his Gmail account fails.
A. Yahoo is not a Government Actor
Defendant challenges Yahoo's conduct of scanning his email account for child pornography by utilizing hashing technology and then seizing several images, some of which were identified as apparent child pornography. (R. 26, Page ID 78-80). Specifically, he argues that because of Yahoo's "sufficiently close" nexus with NCMEC, an entity Defendant argues qualifies as a state actor, Yahoo is also a state actor for purposes of the Fourth Amendment. And as a state actor, Yahoo's conduct of scanning his account constitutes a "search" for which a warrant is needed. (R. 26, Page ID 83-86) (citing Lansing v. City of Memphis, 202 F.3d 821, 830 (6th Cir. 2000)).
The Sixth Circuit has held that a person has a reasonable expectation of privacy in the content of his emails. United States v. Warshak, 631 F.3d 266, 284 (6th Cir. 2010). The Fourth Amendment, however, applies only to government action and does not constrain private parties "not acting as an agent of the Government or with the participation or knowledge of any governmental official." Jacobsen, 466 U.S. at 113 (quoting Walter v. United States, 447 U.S. 649, 662 (1980) (Blackmun, J., dissenting)). "Private action might still be attributed to the government if 'a sufficiently close nexus' exists between a private party and government actors." United States v. Miller, 982 F.3d 412, 425 (6th Cir. 2020) (citing Jackson v. Metro. Edison Co., 419 U.S. 345, 351 (1974)). In the search context, there are two questions "to identify these constitutional agency relationships: What was the private party's intent in undertaking a search? And did the government acquiesce to the search?" Id. (citing United States v. Bowers, 594 F.3d 522, 525-26 (6th Cir. 2010)). "If 'the intent of the private party conducting the search is entirely independent of the government's intent to collect evidence for use in a criminal prosecution,' then 'the private party is not an agent of the government.'" Bowers, 594 F.3d at 526 (quoting United States v. Hardin, 539 F.3d 404, 418 (6th Cir. 2008) (internal quotation marks and emphasis omitted)).
To support his contention that NCMEC is a state actor, and that Yahoo has a "sufficiently close nexus" with government actors, Defendant cites to the Tenth Circuit's opinion in United States v. Ackerman, which considered the issue and found that NCMEC is a state actor. See United States v. Ackerman, 831 F.3d 1292, 1296 (10th Cir. 2016) (finding NCMEC to be a governmental entity or an agent of the Government such that the Fourth Amendment applies to its searches). As Defendant acknowledges, the Sixth Circuit, which authority binds this Court, has not addressed the issue. Miller, 982 F.3d at 426. Miller did not reach the issue because it held that even if NCMEC were a state actor, the activities of the ESP in that case, Google, did not evidence that Google acted as a NCMEC "agent" when engaging in its hash-value scanning. Id.
This Court will assume, without deciding, that NCMEC is a governmental entity or an agent of the government such that the Fourth Amendment applies to its searches. Like the Court in Miller, there is no need to analyze the merits of this question because Defendant has failed to establish that Yahoo acted as a NCMEC agent when conducting its scan of his email account.
Yahoo is not a government actor because it has no mandatory scanning or "searching" requirement, it is not a "willful participant" in NCMEC's policy of searching for and finding child pornography, and the government has not encouraged nor instigated Yahoo's scanning of its users' accounts. Miller addressed similar arguments and analyzed Miller's claims under all three tests for when a private actor's conduct is governmental action: the public function test, the compulsion test, and the nexus test. Miller, 982 F.3d at 421-26. Miller found that, absent any law "that compels or encourages Google to operate its 'product abuse protection system' to scan for hash-value matches," 18 U.S.C. § 2258A does not render an ESP a governmental agent. A reporting requirement, like that in § 225 8A, standing alone, is insufficient to "transform [a service provider] into a government agent whenever it chooses to scan files sent on its network for child pornography." Id. at 424 (citing United States v. Ringland, 966 F.3d 731, 736 (8th Cir. 2020) (quoting United States v. Stevenson, 727 F.3d 826, 830 (8th Cir. 2013)); United States v. Cameron, 699 F.3d 621, 637-38 (1st Cir. 2012); United States v. Wolfenbarger, No. 16-CR-00519-LHK-1, 2019 WL 6716357, at *13-16 (N.D. Cal. Dec. 10, 2019) (citing cases)). The Miller court was also unpersuaded by the argument that, by scanning its own servers and systems, the ESP was transformed into a state actor, especially considering an ESP's intent to "rid its virtual spaces of criminal activity for the same reason that shopkeepers have sought to rid their physical spaces of criminal activity: to protect their businesses." Id. at 425 (citing Chapman v. Higbee Co., 319 F.3d 825, 834 (6th Cir. 2003)). Absent evidence that a law enforcement officer or agency influenced an ESP's decision to engage in scanning its platform for hash-value matches, a finding that the government "instigated, encouraged, or participated in the search" is unfounded. Id. (citing Burdeau v. McDowell, 256 U.S. 465, 474-75 (1921); cf. United States v. Booker, 728 F.3d 535, 540-45 (6th Cir. 2013)); see also United States v. Shepherd, 646 Fed.Appx. 385, 388 (6th Cir. 2016). Miller further found that activities such as the exchange of hash-values does not evidence that an ESP acts as a NCMEC or governmental agent. Miller, 982 F.3d at 426.
Soward, like the defendant in Miller, points to statutory reporting requirements that require Yahoo to report child pornography to NCMEC and preserve the suspected file or be subject to penalties for failing to adhere to the reporting requirements. (R. 26, Page ID 85) (citing 18 U.S.C. § 2258A). Soward also argues that Yahoo and NCMEC have "a close and collaborative relationship" evidenced by the entities providing hash values to each other and that NCMEC "encourages" Yahoo's searching activities because it "indispensably" assists NCMEC with the collection of evidence for prosecution. (Id., Page ID 85-86). Soward's argument is not persuasive. While Defendant does not expressly acknowledge this fact, § 225 8A does not require Yahoo to search for child pornography. In fact, the statute expressly states that it does not impose such a requirement: "[n]othing in this section shall be construed to require an electronic communication service provider ... to - (1) monitor any user, subscriber, or customer of that provider; (2) monitor the content of any communication of any person described in paragraph (1); or (3) affirmatively seek facts or circumstances described in sections (a) and (b)." 18 U.S.C. § 2258A(f). Instead, the statute merely requires that when an ESP discovers child pornography, it complies with its reporting requirements. The Sixth Circuit in Miller reached the same result, finding that Miller had failed to cite to any law that "compels or encourages Google to operate its 'product abuse protection system' to scan for hash-value matches." Miller, 982 F.3d at 424. Likewise, Soward has failed to cite any such law and federal law expressly disclaims such mandate. Thus, Defendant's pointing to § 2258A does not establish that Yahoo conducted its search because of any directive or encouragement by the government.
Further, many courts have found, including the Sixth Circuit in Miller, that a "reporting requirement, standing alone, does not transform [a service provider] into a government agent whenever it chooses to scan files sent on its network for child pornography." Miller, 982 F.3d at 424 (citing United States v. Ringland, 966 F.3d 731, 736 (8th Cir. 2020) (quoting United States v. Stevenson, 727 F.3d 826, 830 (8th Cir. 2013)); United States v. Cameron, 699 F.3d 621, 637-38 (1st Cir. 2012); United States v. Wolfenbarger, 2019 WL 6716357, at *13-16 (N.D. Cal. Dec. 10, 2019) (citing cases)). Here, Defendant has failed to show how Yahoo's obligation to report known facts or circumstances of apparent child pornography to NCMEC transforms Yahoo's voluntary decision to use a hashing technology, in this case PhotoDNA, to search its products for child pornography into the conduct of a governmental actor where the statute does not impose a duty to conduct a search.
Nor does the Court find merit in Defendant's argument that Yahoo's willful participation in NCMEC's policy of searching for and finding child pornography demonstrates Yahoo was acting as a governmental actor. (R. 26, Page ID 83-86). The question of whether Yahoo served as an agent of the government in performing its search of Defendant's email account for hash value matches "necessarily turns on the degree of the Government's participation in [Yahoo's] activities. Shepherd, 646 Fed.Appx. at 388 (quoting Skinner v. Ry. Labor Executives' Ass 'n, 489 U.S. 602, 614 (1989)). Consider, as Miller did, Yahoo's intent in searching its products for child pornography. Defendant cites to no authority which indicates that Yahoo was intending to act as a governmental agent. Rather, Yahoo "sought to rid its virtual spaces of criminal activity for the same reason that shopkeepers have sought to rid their physical spaces of criminal activity: to protect their businesses." Miller, 982 F.3d at 425 (citing Chapman, 319 F.3d at 834).
Further, Defendant has not presented any evidence that NCMEC or law enforcement "instigated, encouraged or participated in the search" of Defendant's Yahoo account. Shepherd, 646 Fed.Appx. at 388. Defendant asserts that NCMEC encourages Yahoo's searching activities but provides no proof of this encouragement. Rather, Defendant instead attempts to argue that the mere sharing of hash values between Yahoo and NCMEC establishes that NCMEC has an extensive knowledge of Yahoo's searches and encourages them to conduct these searches. Even assuming NCMEC may have been aware that Yahoo routinely monitors its platforms for illegal usage, and submits reports of any apparent illegal activity found, there is no evidence that NCMEC or law enforcement compelled or encouraged Yahoo to routinely monitor its platforms. And, again, Defendant cites no evidence that law enforcement influenced Yahoo's decision to scan the files in the May 22, 2019 email for hash-value matches. See Miller, 982 F.3d at 425 (citing United States v. Richardson, 607 F.3d 357, 364-65 (4th Cir. 2010)). On the contrary, law enforcement only became involved after Yahoo had performed its scan and uncovered the apparent child pornography. Id. (citing Burdeau, 256 U.S. at 474-75; cf. Booker, 728 F.3d at 540-45). Therefore, Defendant has failed to meet his burden in this respect, because he has not shown that NCMEC or law enforcement were aware of the existence of Defendant or the sowarddl@yahoo.com account prior to Yahoo's search in this case. Cameron, 699 F.3d at 638 (finding no evidence that the government instigated the search, participated in the search, or coerced the ESP to conduct the search at issue).
And, as in Miller, even if Yahoo and NCMEC's exchange of hash-values constituted assisting each other "with collecting evidence" and evidenced the entities' intentions are "clearly intertwined," these activities do not show that Yahoo was acting as a NCMEC agent because there is no evidence that the hash-values Yahoo scanned for were provided by NCMEC. Miller, 982 F.3d at 426. Nor is there evidence that Yahoo "engaged in the search with the intent of assisting the [government] in their investigative efforts." Shepherd, 646 Fed.Appx. at 388. Other than referencing the statute requiring Yahoo to report (but not search for) discoveries of child pornography to NCMEC, Defendant provides no other evidence to suggest existence of an agency relationship between Yahoo and NCMEC. "Sharing a goal with the Government is insufficient to transform [an ESP] from a private actor into a Government agent." United States v. Stevenson, No. 3:12-cr-5, 2012 WL 12895560, at *3 (S.D. Iowa June 20, 2012), affirmed, 727 F.3d 826 (8th Cir. 2013).
Here, as in Stevenson and Miller, Defendant has offered no evidence that the Government, through NCMEC or law enforcement, participated in or encouraged Yahoo's search of Defendant's email account. In fact, there is no evidence that NCMEC or law enforcement were even aware of the search of Defendant's email account prior to their receipt of the CyberTipline report. Nor is there evidence Yahoo performed the search for the purpose of assisting the Government in its investigative efforts. In fact, Yahoo's parent company, Verizon Wireless, expressly states on its website that it has a "zero-tolerance policy for child sexual abuse material and operates a robust digital safety program designed to detect and remove CSAM" from its platforms. See Verizon's efforts to combat online child exploitation FAQs, https://www.verizon.com/about/our-company/company-poUcies/verizons-efforts-combat-online-child-exploitation-faqs (last visited April 12, 2021). This demonstrates that Yahoo's actions in this case were motivated by business interests that are separate from a desire to assist law enforcement. Id. Other courts have found such evidence sufficient to demonstrate the ESP operated its file-scanning programs independently of the government, and thus the ESP was held not to have acted as an agent of the government in operating its scanning programs. Stevenson, 727 F.3d at 830-31; Cameron, 699 F.3d at 638 (stating that the fact child pornography is a government interest does not mean that an ESP "cannot voluntarily choose to have the same interest").
Thus, the evidence before the Court in the present case demonstrates that Yahoo was not acting as an agent of NCMEC or the government, but as a private entity pursuing its own business interests. Therefore, Yahoo's use of its digital safety program to search Defendant's email account does not implicate the Fourth Amendment.
B. TFO Jones's Actions did not Exceed Yahoo's Private Search
Defendant also argues that even if Yahoo's scanning of his account was not government action, TFO Jones exceeded Yahoo's private search by opening and viewing the email attachments and thereby violated his Fourth Amendment rights. This raises questions about the private search doctrine and the application of the doctrine to the circumstances here.
The private search doctrine originates from the Supreme Court's decision in United States v. Jacobsen, 466 U.S. 109 (1984). In Jacobsen, Federal Express ("FedEx") employees discovered a damaged package and proceeded to examine its contents, which was consistent with company policy involving insurance claims. Jacobsen, 466 U.S. at 111. The container itself was made of cardboard packaging, but inside of it were crumpled newspapers concealing a 10-inch tube made of silver duct tape. Id. The employees proceeded to cut open the tube and discovered four zip-lock bags filled with an unidentified white powder. Id. FedEx notified the Drug Enforcement Agency ("DEA") of their discovery and placed the tube and its contents back in the cardboard container. Id. Upon arrival, a DEA agent discovered the partially opened container, and observed a slit in the duct tape tube. He then removed the zip-lock bags, took a sample from each, and field-tested it. The test positively identified the substance as cocaine. Id. at 112.
The Supreme Court analyzed whether the DEA agent's after-occurring warrantless search had exceeded the scope of the FedEx employees' initial private search of the package. The Court found that the agent's removal of the cocaine from the package remained within the scope of the private search because "there was a virtual certainty that nothing else of significance was in the package and that a manual inspection of the tube and its contents would not tell him anything more than he already had been told." Id. at 119. As for the chemical test, the Court held that the field test "could disclose only one fact previously unknown to the agent-whether or not a suspicious white powder was cocaine." Id. at 122. The Court concluded that no search occurred because the defendant did not have a legitimate expectation of privacy in whether the powder was contraband, and the test could not disclose any other arguable private fact. Id. at 123-24.
Thus, the private search doctrine permits a government agent to verify the illegality of evidence discovered during a private search provided the agent stays within the scope of the private search. United States v. Lichtenberger, 786 F.3d 478, 481-83 (6th Cir. 2015) (citing Jacobsen, 466 U.S. at 119-20). A government agent's invasion of a defendant's privacy "must be tested by the degree to which [the agent] exceeded the scope of the private search." Jacobsen, 466 U.S. at 115 (citing Walter v. United States, 447 U.S. 649 (1980)); Lichtenberger, 786 F.3d at 482. The Supreme Court has explained that "[o]nce frustration of the original expectation of privacy occurs, the Fourth Amendment does not prohibit governmental use of the now-nonprivate information." Jacobsen, 466 U.S. at 117.
The crux of Defendant's argument is that the search was a violation of the Supreme Court's holding in Walter, arguing that TFO Jones "conducted a distinct and warrantless search on the containers (email attachments)" for which he needed a warrant because the "nature of the contents of the container are indicated (or revealed) by descriptive material on the outside of the container" when he opened the email attachments. (R. 26, Page ID 81-82) (citing Walter, 447 U.S. at 654).
Defendant also cites to the Tenth Circuit's Ackerman decision for the proposition that his case is similar and should have the same outcome. However, he makes no legal argument for why Ackerman, which suppressed evidence based upon NCMEC's status as a state actor and its viewing of images not previously searched by AOL, should be applied here. The facts of this case are distinguishable from Ackerman. There is no evidence or allegation that Yahoo sent anything to NCMEC other than the files of images having either a hash value match to images that had previously been identified as being apparent child pornography or that Yahoo employees themselves identified by viewing the entire contents of the uploaded images. (R. 31-1; R 31-2; R 31-3). Thus, the reasoning of the Ackerman court in finding the search exceeded the scope of AOL's private search is not applicable. Instead, the issue is whether TFO Jones's opening and viewing of the more than 100 images previously identified as apparent child pornography risked exposing any private information beyond what Yahoo had reported.
In Walter, a private mail carrier mistakenly delivered 12 packages containing 871 boxes of 8-millimeter film to the wrong address. Walter, AA1 U.S. at 651. Employees of the company that received the packages opened them, finding the boxes of film. The boxes contained drawings and descriptions that alluded to the obscene content of the films. Id. at 652. One employee attempted to view portions of at least one film by holding it up to the light but was unsuccessful. Id. Soon after, the employees contacted the FBI, and an agent picked up the packages. Id. The FBI agent- without obtaining a warrant-proceeded to screen the films through a projector. Id.
The Supreme Court did not issue a majority opinion in Walter Justice Stevens, joined by Justice Stewart, announced the judgment of the Court, and found that "the Government may not exceed the scope of the private search unless it has the right to make an independent search." Id. at 657. Justice Stevens found that despite the descriptive nature of the labels on the films' packaging, the private party had not actually viewed the films and "prior to the [g]overnment screening one could only draw inferences about what was on the films." Id. at 656-57. He thus concluded that the viewing of the films was a "significant expansion" of the private search, requiring it be characterized as a separate search. Id. at 657-59.
While a majority opinion did not issue, five Justices agreed that the warrantless projection of the five films constituted a search that infringed the defendant's Fourth Amendment interests. Justices Stevens and Stewart found that the officers had violated the Fourth Amendment because they exceeded the scope of the private search. Walter, 447 U.S. at 653-60. However, Justice White, with whom Justice Brennan joined, wrote separately stating that even if there had been a private screening of the films, the agents still needed a warrant because the private search would not have exposed the content of the films to plain view. Justice Marshall concurred in the judgment without discussion. Justices Blackmun, with whom Chief Justice Burger, Justice Powell and Justice Rehnquist joined, dissented in the judgment, but agreed the legality of the government's actions must be tested by the scope of the private search that preceded them. See Jacobsen, 466 U.S. at 115-16 (discussing the various opinions in Walter). Justice Blackmun explained that because the private search in Walter exposed the labels describing the nature of the films, there was no remaining expectation of privacy in the contents of the films. He found the subsequent viewing of the films by the agents did not "change the nature of the search," and therefore their viewing did not constitute an additional search subject to the warrant requirement. Walter, 447 U.S. at 663-64.
To understand the basis for his claims, Soward asserts that Yahoo conducted "one type of new and modern search of the entire email address contents." (Id.). The "private searcher then seized and provided the attachments to law enforcement (via NCMEC) with descriptive labels on the containers stating, "apparent child pornography." (Id.). NCMEC then generated its reports, reviewing some of the images submitted by Yahoo, before forwarding its reports to law enforcement. (Id.; R. 42-1 Declaration of John Shehan of NCMEC). Here, Defendant contends the hash values of the images Yahoo located in its search are analogous to the descriptive labels on the films in Walter. (R. 26, Page ID 82-83). Under Walter, specifically he argues that TFO Jones's search was not a "re-examination" but was its own separate search because it was different in scope (Yahoo used the hash values) and in type. (Id.). Defendant argues that the attachments were "uncompromised" when sent to TFO Jones and that he "broke the seal." (Id.).
During the Suppression Hearing conducted on September 1, 2020, Defendant raised an issue related to NCMEC s viewing of the images Yahoo supplied in its CyberTipline reports. The United States previously represented that NCMEC had not viewed any of the images it submitted to law enforcement (R. 31, Page ID 133-34), but this was incorrect. The United States then procured an affidavit from John Shehan, Vice President of the Exploited Children Division at NCMEC, explaining that NCMEC staff viewed eight images included in CyberTipline Report #49879859 and two image files included in CyberTipline Report #49879860. (R 42-1). The entire contents of all ten images NCMEC viewed had previously been viewed by Yahoo during its private search of Defendant's account. (R 42-1, Page ID 264, 266). Six of the images that NCMEC viewed had "previously been viewed and categorized by NCMEC as 'Apparent Child Pornography' at the time" the reports were generated. (Id.). Four of the images NCMEC viewed had not been previously viewed or categorized by NCMEC at the time the reports were generated but, again, Yahoo had already reviewed the entire contents of these photos during its private search. In any event, regardless of whether NCMEC viewed these images, the focus of the private search doctrine is on whether TFO Jones's actions fell within the scope of Yahoo's private search, not any separate search conducted by NCMEC.
The Sixth Circuit has explained that "[u]nder the private search doctrine, the critical measures of whether a governmental search exceeds the scope of the private search that preceded it are how much information the government stands to gain when it re-examines the evidence and, relatedly, how certain it is regarding what it will find." Lichtenberger, 786 F.3d at 485-86 (citing Jacobsen, 466 U.S. at 119-20). Thus, to determine whether the Fourth Amendment is implicated by TFO Jones's opening and viewing of the attachments sent via the CyberTipline report, the Court must determine whether TFO Jones was virtually certain that his "inspection of the [attachments] . . . would not tell [him] anything more than he already had been told [by Yahoo via the CyberTipline report]." Lichtenberger, 786 F.3d at 488 (citing Jacobsen, 466 U.S. at 119); Bowers, 594 F.3d at 526 ("based on [defendant's roommate's] statements that the album contained child pornography, the agents were justified in opening the album to view the potentially incriminating evidence.... In doing so, the agents 'learn[ed] nothing that had not previously been learned during the private search' and 'infringed no legitimate expectation of privacy.'") (quoting Jacobsen, 466 U.S. at 120); United States v. Richards, 301 Fed.Appx. 480, 483 (6th Cir. 2008) ("the government's confirmation of prior knowledge learned by the private individuals does not constitute exceeding the scope of a private search.").
The Lichtenberger court further explained that when the item searched is an electronic device, the privacy interests at stake are increased because of the amount of information that is stored in such devices. Lichtenberger, 786 F.3d at 488. The court found that given the amount of data that can be stored in a laptop, '"there was absolutely no virtual certainty that the search of [defendant's] laptop would have' revealed only what Officer Huston had already been told." Id.
Importantly, Soward does not question the reliability of hashing technology. His failure to challenge the reliability, like in Miller, "satisfies Jacobsen's virtual-certainty test and triggers its private-search doctrine." Miller, 982 F.3d at 430. "The chance of two files coincidentally sharing the same hash value is 1 in 9, 223, 372, 036, 864, 775, 808." Id. (citing United States v. Dunning, No. 7:15-cr-4-DCR-l, 2015 WL 13736169, at *2 (E.D. Ky. Oct. 1, 2015)). In Miller, the Sixth Circuit found that the "the information on which the district court relied suggests that a computer's 'virtual' search of a single file creates more certainty about the file's contents than a person's "manual" search of the file. Most people who view images do not use a magnifying glass to undertake a pixel-by-pixel inspection. Common hash algorithms, by contract, catalogue every pixel." Miller, 982 F.3d at 430. Miller found that the "hash-value searches revealed much more information than those descriptions" that the image files had revealed by name alone. Id. at 431. "Google's technology 'opened' and 'inspected' the files, revealing that they had the same content as files that Google had already found to be child pornography." Id. The same is true in this circumstance, where Soward argues that that hash-value match by Yahoo alone indicated to law enforcement that the images were apparent child pornography and were descriptive enough on their own, thus requiring law enforcement to get a warrant to open the attachments. (R. 26, Page ID 82-83). This argument is unpersuasive.
A label, such as those in Walter, is not mathematically derived, nor is it intended to have unique identification features that permit one to know with near certainty that a container containing the exact label will have identical contents to that of another containing the same label. Further, the content in labeled containers can be removed or altered without changing the label. A hash value, on the other hand, is derived from an algorithm and is a unique identifier that confirms that two digital files are the same or different (often discussed as being like a digital fingerprint or DNA). In addition, changes to the contents of a digital file will change the hash value. Thus, a label, such as those at issue in Walter, is not only created differently than a hash value, but serves an entirely different purpose.
Instead of merely describing what may be in the attachments, Yahoo's search of the attachments using hashing technology revealed they contained images that were duplicates of images previously identified through hashing technology and visual inspection as child pornography. Accordingly, when TFO Jones opened and viewed the images Yahoo identified as apparent child pornography, he was virtually certain to view an exact duplicate of the original image and was merely confirming what Yahoo had told him-that the attachments contained apparent child pornography. The virtual certainty that TFO Jones would see only images of apparent child pornography is what distinguishes this case from Walter. Further, Defendant does not dispute that the images Yahoo's private search identified as matching previously tagged images of apparent child pornography were attached to the CyberTipline report. Thus, there was little to no possibility that TFO Jones's review of the image files would reveal other information beyond what the private search revealed-that the image files contained images of apparent child pornography.
Further, Soward's argument that the "virtual certainty" language in Jacobsen is not applicable because TFO Jones did not "re-examine" the attachments but rather opened "an unopened virtual container" is not persuasive. (R. 26, Page ID 82). The evidence establishes that Yahoo used its digital or virtual eye, as well as human eyes, to search the contents of Defendant's email account looking for images it had previously viewed and tagged as apparent child pornography. Once Yahoo located images within Defendant's email account having hash values that matched images it had previously viewed and tagged, and visually confirmed, as apparent child pornography, it knew from its electronic viewing and physical examination of the attachments that they contained apparent contraband. Accordingly, because hashing technology identifies files that are exact matches to images containing the same hash value, Yahoo's private search of the attachments, using its digital or virtual eye, as well as the actual eyes of its employees, frustrated Defendant's expectation of privacy in those attachments. Put simply, Yahoo's private search "compromised the integrity of the [attachments]." Jacobsen, 466 U.S. at 120 n.17. Therefore, contrary to Defendant's argument, the principles articulated in Jacobsen apply to determine whether TFO Jones's actions exceeded the scope of Yahoo's private search.
In summary, TFO Jones's opening and viewing of the images Yahoo's private search identified as having hash values that matched that of known images of apparent child pornography, which images Yahoo also visually viewed and identified as apparent child pornography, was virtually certain to reveal only the images Yahoo previously viewed and tagged. As in Jacobsen, there was a virtual certainty that nothing else of significance except suspected contraband, i.e., apparent child pornography, would be found in the attachments, and law enforcement's manual inspection of the attachments would reveal nothing more than what Yahoo's private search revealed-the attachments contained apparent child pornography.
As the United States notes, while the possibility exists that Yahoo erred in its original determination that these images constituted child pornography, that possibility is no greater than any other circumstance where a private person reports apparent child pornography. Cf. Bowers, 594 F.3d at 526 ("based on [the roommate's] statements that the album contained child pornography, the agents were justified in opening the album to view the potentially incriminating evidence. ... In doing so, the agents 'learn[ed] nothing that had not previously been learned during the private search' and 'infringed no legitimate expectation of privacy.'") (quoting Jacobsen, 466 U.S. at 120).
C. TFO Jones's Search was not a Physical Trespass
Alternatively, Defendant argues that if Yahoo's scanning was not a search and TFO Jones's opening of the files was within the scope of Yahoo's private search, that TFO Jones's opening of the email attachments was a search under the traditional trespass test. (R. 26, Page ID 79-80) (citing Ackerman, 831 F.3d at 1308; United States v. Jones, 565 U.S. 400, 406, n.3 (2012)). Specifically, he relies on the finding in Ackerman that NCMEC's opening of the email and its attachments in that case constituted a search under both the reasonable expectation of privacy test discussed by the Supreme Court in Jacobsen, Walter, and Katz v. United States, 389 U.S. 347 (1967) and the traditional trespass test discussed in Jones.
To bolster his physical trespass argument, Defendant presented testimony of his expert, Charles Matthew Curtin of Interhack, at the suppression hearing conducted by the Court on September 1, 2020. (R. 40; R. 41, Exhibit and Witness List). Mr. Curtin testified, consistent with his report, that a "container" is used commonly in computer science to refer to storage mechanisms for data." (R. 35-1, Page ID 211). "[A] container must be opened, whether a file or a database- and in many cases, outer containers such as filesystems or logical volume managers must be opened to get to the file or database." (Id.). "Once a file has been 'opened,' it must be react' meaning that a program on the computer must open to interpret the file, or container, contents and present them to the user for viewing, reading, use, etc. (Id., Page ID 212).
Defendant relies on Mr. Curtin's testimony to argue that his email and the attachments were "containers" and "constitutionally protected space" to assert that he has "substantial legal interests in his private email and thus, had a Fourth Amendment interest in its protection." (R. 26, Page ID 80) (citing 18 U.S.C. § 2701). As discussed above, the Fourth Amendment only prohibits governmental action; it is inapplicable "to a search or seizure, even an unreasonable one, effected by a private individual not acting as an agent of the Government or with the participation or knowledge of any governmental official." Jacobsen, 466 U.S. at 113 (quoting Walter, 447 U.S. at 662) (Blackmun, J., dissenting). Miller instructs that the Court cannot consider Defendant's trespass claim.
Defendant's reliance on Jones and Ackerman is misplaced because Jones did not involve the application of the private search doctrine; and Ackerman involved a finding that the Government exceeded the scope of AOL's private search by opening the email and all four attachments, not just the one attachment with the hash value match. These cases did not apply the private search doctrine and are thus fatal to Defendant's trespass claim.
Miller considered how the property-based trespass approach applies to the facts in that case surrounding the government's opening of the defendant's attachments, analogizing the attachments to "sealed" letters, and found that Jacobsen did not permit the court to consider the subject further because it was directly controlling. Miller, 982 F.3d at 433. Miller did so pursuant to Agostini v. Felton, 521 U.S. 203, 237 (1997), holding that "if a precedent of this Court has direct application in a case, yet appears to rest on reasons rejected in some other line of decisions, the Court of Appeals should follow the case which directly controls, leaving to this Court the prerogative of overruling its own decisions." Id. (citing Agostini, 521 U.S. at 237). Thus, the Sixth Circuit found that Jacobsen was directly controlling and that an analysis of the traditional trespass test was impermissible under Jacobsen and Agostini. So, too, this Court declines to consider Defendant's argument under the "trespass" approach any further given that Jacobsen is directly controlling and analogous to the case at hand.
Additionally, Soward points to the Fifth Circuit decision in United States v. Reddick in which it called computer files a "package." (R. 35, Page ID 207) (citing United States v. Reddick, 900 F.3d 636, 639 (5th Cir. 2018)). To the extent that this reliance on Reddick is intended as an argument that his email was a package, or "container," the opening of which by TFO Jones constituted a "physical intrusion," it fails. The Fifth Circuit in Reddick found that Jacobsen controlled in a case challenging Microsoft's search of defendant's account for files that had "a known child pornography hash value." Id. at 638. The Sixth Circuit in Miller even cited Reddick and agreed with the Fifth Circuit's determination that based upon the private search doctrine, "Jacobsen controls this case." Miller, 982 F.3d 431 (citing Reddick, 900 F.3d at 637-39).
Defendant also briefly refers to Carpenter v. United States, 138 S.Ct. 2206(2018), which is also unpersuasive. Miller rejected such a notion, finding that Carpenter "did not cite Jacobsen, let alone address its private-search doctrine." Miller, 982 F.3d at 431. The Sixth Circuit found that "the government did not compel Google's hash-value matching (unlike the carrier's subpoena-induced search of cell-site records). And Miller has no legitimate expectation of privacy in illegal contraband like child pornography (unlike cell-site records)." Id. (citing Jacobsen, 466 U.S. at 123). As in Miller, here there was no government compulsion and the images he seeks an expectation of privacy in were child pornography, i.e., illegal contraband.
D. Evidence Found on Defendant's Cellphone Should be Suppressed
Having addressed Soward's first Motion to Suppress (R. 26), the Court now turns to his second Motion (R. 58). Defendant argues that the Government never obtained a separate warrant to search his cellphone seized from his person during his arrest on December 17, 2019, relying upon Riley v. California, 573 U.S. 373, 381-82 (2014). (R. 58). Defendant attached a report authored by TFO Jones in which he detailed the events of Defendant's arrest and indicated that a cell phone was seized from Defendant's person and an evidence log from the search of his home on December 17, 2019, which indicated that a black Motorola Smartphone was seized from Defendant's person at the time of his arrest. (R. 58-2, Page ID 303-04; R. 58-3, Page ID 305).
The Government concedes in its Response (R. 63) that "the images located by law enforcement on the Defendant's Motorola Cellphone should be suppressed" because the device was seized from Defendant's person during his arrest at his place of employment, not at his residence as indicated by the evidence log. (R. 63, Page ID 317). The Government acknowledges that law enforcement "had no basis to search the cell phone without first obtaining a warrant[, ]" and indicated that it "will not seek to use evidence obtained from [Defendant's Motorola Cellphone] during the trial." (Id.).
That search of Defendant's cellphone without a warrant violated the Fourth Amendment. See Riley, 573 U.S. at 401. Accordingly, as to Defendant's second Motion to Suppress (R. 58), to the extent that it seeks suppression of evidence located on the cellphone seized from his person upon his arrest and searched without a search warrant, it will be recommended that the Motion be granted and the evidence suppressed.
E. The Warrant for the Gmail Account was Supported by Probable Cause
Defendant challenges the affidavit offered in support of the warrant for his Gmail account, arguing that the affidavit lacked "an indicia of reliability necessary for a warrant to issue[.]" (R. 58, Page ID 299). Defendant primarily attacks the "reliability and credibility" of the information provided to law enforcement by Defendant's ex-girlfriend and cousin, Sara Austin. (Id., Page ID 300).
The search warrant for Defendant's Gmail account, sowarddavidl@gmail.com, was obtained by TFO Jones on July 9, 2020, in case number 2:20-MJ-2533-CJS. It sought permission to search the account for information pertaining to "the possession or distribution of media depicting minors in a sexual performance within e-mail attachments, Google Photo storage, and/or Google Drive storage" among other information to include "how and when the e-mail account was accessed or used," the "identity of the person(s) who created or used the user ID," and "evidence indicating the e-mail account owner's state of mind as it relates to the crime under investigation."
The undersigned issued this warrant. Here, the undersigned's review of Defendant's challenge to this warrant has not been questioned. The undersigned's own review of the circumstances of issuance reveals no personal bias, prejudice, or animosity toward Defendant, and the information known to the undersigned has only been learned through the course of a judicial proceeding. As such, there is no basis for disqualification of the undersigned from considering and issuing a Report and Recommendation challenging this warrant. "To be disqualified, the judge's bias or prejudice must stem from an extrajudicial source." United States v. Almany, No. 2:07-cr-88, 2007 WL 9706788, *l-2 (E.D. Tenn. Dec. 26, 2007) (citing United States v. Jones, 801 F.2d 304, 312 (8th Cir. 1986). "The fact that a Judge may authorize the issuance of a search warrant upon a showing of probable cause does not disqualify him from later hearing the case." Id. (citing In re: Osborne, 376 F.2d 808, 810 (6th Cir. 1967).
Reviewing courts should examine the totality of the circumstances when determining whether probable cause existed. Illinois v. Gates, 462 U.S. at 230-31. The totality of the circumstances approach requires an analysis of the adequacy of all circumstances set forth in the affidavit, including the veracity and basis of knowledge of an informant. Id. at 238. A judge's probable cause determination is given great deference and should not be reversed unless that decision was arbitrarily made. United States v. Terry, 522 F.3d 645, 647-48 (6th Cir. 2008). In other words, a probable cause determination may be reversed only if the affidavit did not set forth a substantial basis for finding probable cause. Id. "Statements from a source named in a warrant application ... are generally sufficient to establish probable cause without further corroboration because the legal consequence of lying to law enforcement officials tends to ensure reliability." United States v. Hodge, 1\A F.3d 380, 384-85 (6th Cir. 2013). "[N]amed informants, unlike confidential informants, require little corroboration." United States v. Williams, 544 F.3d 683, 690 (6th Cir. 2008).
Defendant relies solely on. Illinois v. Gates, arguing that the agent "provided no information on the reliability of the informant to the Magistrate[, ]" the agent "had no prior relationship to her," information regarding Defendant's prior conviction and current charges are public record, and that Austin's "criminal record, if any, was not made known to the agent or the magistrate." (R. 58, Page ID 300). Defendant also argues that Austin's discovery of the images was not "inadvertent" because the folder she accessed and link she clicked on were from 2017. (Id.). Defendant attempts to frame Austin as a confidential informant and argues that the totality of the circumstances, particularly given the lack of information regarding credibility, proof of what Austin viewed, and the consideration that she was "attempting to avoid prosecution" indicate that the information "was not sufficiently reliable to support a search warrant being issued[.]" (Id.).
Here, the named informant, Austin, met with law enforcement and gave a detailed description of what she observed while accessing Defendant's Gmail account for the purposes of assisting her uncle, Defendant's father, with paying bills. (R. 63, Page ID 315-16). Further, Austin had previously been in a romantic relationship with Defendant and knew that the Gmail account was his. Id.; see, e.g., United States v. Kinison, 710 F.3d 678, 683 (6th Cir. 2013) (holding probable cause existed based on informant's "credibility as a named informant along with [her] decidedly intimate relationship" with the suspect). She accessed a folder labeled "Important," which contained notes with a link and login information that directed her to pornography. Id. She then accessed the Google Photos and Google Drive accounts associated with the Gmail and found more pornographic photos depicting persons she described as "'borderline' in legal age" and one which depicted a "female child between the ages of 8-10 years old" who was "prepubescent" with her vagina visible in the photograph. Id. Notably, Austin's information corroborated information that law enforcement already knew, namely that Defendant had a Gmail account, sowarddavidl@gmail.com. See United States v. Combs, 369 F.3d 925, 938 (6th Cir. 2004) (noting the informant had informed law enforcement of recent criminal activity and "his statements corroborated other information the police already had").
The basis of knowledge for Austin was recent, detailed, and potentially against her penal interests because she could have been prosecuted for providing false information if she were lying. See United States v. Couch, 367 F.3d 557, 560-61 (6th Cir. 2004) (a named informant is inherently more credible than an unnamed informant because the named informant could potentially be held liable for providing false information). These factors weigh in favor of a finding of sufficient "indicia of reliability" of Austin. Gates, 462 U.S. at 233; see also United States v. Pelham, 801 F.2d 875, 878 (6th Cir. 1986) ("When a witness has seen evidence in a specific location in the immediate past, and is willing to be named in the affidavit, the 'totality of the circumstances' presents a 'substantial basis' for conducting a search for that evidence."). The information provided by Austin, combined with Defendant's use of his Yahoo account, was sufficiently reliable to support a probable cause determination that child pornography would be found in Defendant's Gmail account. See United States v. Allen, 211 F.3d 970, 976 (6th Cir. 2000) (holding "[corroboration is not a necessity" where confidential informant's reliability was well established, and his tip was based on "direct personal observation of criminal activity.") Further, Defendant's reliance on what the affidavit lacked regarding Austin is misplaced. See id., at 975 ("[An] affidavit is judged on the adequacy of what it does contain, not on what it lacks, or on what a critic might say should have been added."). When considered in its entirety, the affidavit supports the existence of probable cause and rebuts Defendant's argument that it lacked an "indicia of reliability." Therefore, the affidavit in support of the warrant for search of the Gmail account was supported by probable cause and the warrant was properly issued.
III. CONCLUSION AND RECOMMENDATIONS
Yahoo's use of its hashing technology to scan Defendant's email account does not implicate the Fourth Amendment because it was a private search. Further, TFO Jones's actions of opening the email attachments did not exceed the scope of Yahoo's private search because it was virtually certain his actions would reveal nothing more than already reported by Yahoo and NCMEC-that the images were apparent child pornography. Additionally, as conceded by the Government, the search of Defendant's cellphone required a warrant and because one was not obtained, any evidence therefrom should be suppressed. Finally, the warrant for the search of Defendant's Gmail account was supported by probable cause.
Accordingly, IT IS RECOMMENDED that Defendant's first Motion to Suppress (R. 26) be DENIED and his second Motion to Suppress (R. 58) be GRANTED in part to the extent that he seeks suppression of evidence obtained from his cellphone seized upon his arrest and searched without a warrant and DENIED in part to the extent that he seeks suppression of evidence obtained from his Gmail account pursuant to a search warrant supported by probable cause.
Specific objections to this Report and Recommendation must be filed within fourteen (14) days of the date of service or further appeal is waived. 28 U.S.C. § 636(b)(1)(C); Fed. R. Crim. P. 59(b)(2); Thomas v. Am, 728 F.2d 813, 815 (6th Cir. 1984), aff'd, 474 U.S. 140 (1985); United States v. Walters, 638 F.2d 947 (6th Cir. 1981).