Should the government be able to get a warrant to search a potentially unlimited number of computers belonging to unknown people located anywhere in the world? That’s the question posed by the Playpen case, involving the FBI’s use of malware against over a thousand visitors to a site hosting child pornography. The prosecutions resulting from this mass hacking operation are unprecedented in many ways, but the scope of the single warrant that purportedly authorized the FBI’s actions represents perhaps the biggest departure from traditional criminal procedure.

The Need for Particularity

Warrants are often considered the basic building block of the Fourth Amendment. Whenever the government seeks to engage in a search or seizure, it must first get a warrant, unless a narrow exception applies. In a previous post, we explained the significance of the Fourth Amendment “events”—several searches and seizures—that occurred each time the government employed its malware against visitors to Playpen.

But simply calling something a warrant doesn’t make it a constitutionally valid warrant. In fact, the “immediate evils” that motivated the drafters of the Bill of Rights were “general warrants,” also known as “writs of assistance,” which gave British officials broad discretion to search nearly everyone and everything for evidence of customs violations. In the words of colonial lawyer James Otis, general warrants “annihilate” the “freedom of one’s house” and place “the liberty of every man in the hands of every petty officer.”

As a result, the Fourth Amendment says exactly what a warrant has to look like in order to be constitutional: “no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

These requirements—the demonstration of probable cause and the particular description—accomplish separate objectives, but both ultimately work to narrow the authority given to officers executing a warrant, ensuring they won’t go on fishing expeditions and will instead conduct only searches authorized by a neutral and detached magistrate. Probable cause is a notoriously nebulous concept, but it generally ensures that the government has significant evidence supporting its application for a search warrant. Meanwhile, the particularity requirement works to limit the scope of the warrant: law enforcement must tie the specific evidence they have to specific persons or places they want to search. But, critically, both elements must be satisfied for the warrant to be valid.

As with other unconstitutional searches, courts deter the government from obtaining insufficiently particular search warrants by throwing out or “suppressing” evidence that results from searches under these warrants.

Was the Playpen Warrant Constitutional?

No. The warrant [.pdf] that the FBI obtained to install malware on computers visiting Playpen was astonishingly broad: it allowed the FBI to deploy the malware against any “activating computer,” defined as any computer logging into the site. The warrant and its attachments say nothing about whose computers these are or where they are located. Court documents reveal that the site had as many as 150,000 users, and that in the two weeks that the FBI operated the site and deployed its malware, the number of visitors subject to search was in the thousands. And when the FBI identified the visitors, they were located all over the country and indeed all over the world.

The argument—advanced by EFF in amicus briefs in several Playpen cases—is that this warrant fails the Fourth Amendment’s particularity requirement:

The Warrant here did not identify any particular person to search or seize. Nor did it identify any specific user of the targeted website. It did not even attempt to describe any series or group of particular users. Similarly, the Warrant failed to identify any particular device to be searched, or even a particular type of device. . . . Compounding matters, the Warrant failed to provide any specificity about the place to be searched—the location of the “activating computers.”

As the Ninth Circuit Court of Appeals has explained, "Search warrants . . . are fundamentally offensive to the underlying principles of the Fourth Amendment when they are so bountiful and expansive in their language that they constitute a virtual, all-encompassing dragnet[.]" A warrant that authorizes the FBI to search an potentially unbounded number of users without specifying their locations or otherwise limiting the search is far closer to a “virtual, all-encompassing dragnet” than a specific, particularized warrant that satisfies the Fourth Amendment.

Uncharted Territory

The nature of the technology the FBI used in investigating Playpen puts the warrant in uncharted territory. As the noted professor of constitutional law and computer crime Orin Kerr writes, it’s a “serious question” whether searches conducted using the government’s malware pursuant to the Playpen warrant can be properly analogized to searches in the physical world.

Even when compared to extreme examples of warrants that seem to push against the boundaries of the particularity requirement, the Playpen warrant is vastly less specific in its description. For example, some courts have authorized “all persons warrants,” which allow officers to search everyone in a specific place, in scenarios where simply being on the premises provides probable cause that the person is committing a crime. But these searches are tied to a physical location and thus provide spatial limitations on both the area to be searched and the number of people who can be present. No court we’re aware of has ever upheld an all persons warrant authorizing the search of even 100 people, let alone thousands. Similar limitations are involved in a “roving wiretap,” a type of warrant that authorizes electronic surveillance of specific individuals who may move from place to place. Roving wiretaps allow the government to follow these people as they use burner phones, for example, but the warrant must specify who will be subject to such a wiretap. No court would authorize a roving wiretap on unspecified persons because such a wiretap would be indistinguishable from a general warrant.

Defenders of the Playpen warrant have described it as “anticipatory,” based on probable cause to believe that at some future time evidence of a crime will be found at a specific place. But anticipatory warrants require the government to demonstrate a likelihood that a “triggering condition” will occur in order to render the search valid. The Supreme Court has made clear that the government can’t get an anticipatory warrant to search every house in the country on the condition that a package containing contraband is delivered to the house; it has to demonstrate the likelihood that a specific house will receive such a package. The Playpen warrant does not demonstrate the likelihood of a specific user logging into the site, instead defining the activating condition as any user logging in. The result is a general search that can be executed on unknown computers in unknown places.

Finally, it’s worth noting that the particularity requirement doesn’t mean the FBI is helpless to investigate serious crime occurring on hidden sites like Playpen and committed by users who take steps to hide their locations. As we described in an earlier post, the FBI took over the site’s server, enabling it to serve visitors with malware. But that also meant that the FBI had access to the server logs and a wealth of information about individual users (though the use of Tor would of course have obscured their public IP addresses). As a result, the FBI could have sought warrants to go after these individual users, describing their illegal activity on the site in a particularized way. This is more than just requiring the government to jump through hoops—it’s what stands between a constitutional, particularized search and precisely the type of generalized warrant the Fourth Amendment was designed to prevent.