Play Pen, the NIT Warrant, and Malware

By Zachary Margulis-Ohnuma

For about two weeks last year, the FBI took over a website called the Play Pen that hosted and made available huge amounts of child pornography. It delivered illegal porn to as many as 100,000 computers around the world, along with malware – the so-called “NIT,” or Network Investigative Technique – that secretly infected the machines. The malware was used to send back identifying information to the FBI. About 190 people were searched, arrested and prosecuted based on this technique. And it was all supposedly authorized by a warrant issued by a federal magistrate judge in Virginia.

But, as it turns out, the warrant was no good. Or at least some courts have so held. Yesterday, the latest opinion from the Southern District of Iowa, agreed with decisions in Oklahoma and Massachusetts finding that the Virginia magistrate did not have the power to authorize searches of computers outside Virginia. The FBI had no right to rely on a bad warrant: “a warrant issued without proper jurisdiction is void ab initio and any search conducted pursuant to such warrant is the equivalent of a warrantless search.” The evidence against the defendant was suppressed and, if the decision is upheld, the case will likely be dismissed. Although other decisions have found that the Virginia NIT warrant was valid, a proposal is pending to change Rule 41 of the Federal Rules of Criminal Procedure to extend the power of federal magistrate judges to issue out-of-state warrants. While that may empower every magistrate judge in the country to allow your computer to be infected with malware, the 190 or so defendants arrested under current law will still have to slug it out in court to avoid harsh child pornography penalties.