Technology

Hash Values and the Fourth Amendment

Do Authorities Need a Search Warrant to Open and View Files?

Written by Pierre Grosdidier

In United States v. Miller, the U.S. Court of Appeals for the 6th Circuit was the latest federal appellate court to reject the argument that opening a file that has been hash-matched to child pornography constitutes a warrantless search under the Fourth Amendment.1 The contraband trapping technique at stake is conceptually simple: electronic communication service providers, or ESPs, filter files that pass through their servers by matching each file’s hash value against a database of hash values of known illicit pictures. A hash value is a file’s digital fingerprint; it is unique for each file and two files with the same hash value contain the same information.2 ESPs forward trapped files and their originating IP addresses to authorities, who track down and prosecute the suspect. The technique can be fully automated and does not require ESP employees to review each trapped file because a hash value match guarantees that the file is illegal.3

This trapping technique nabbed two offensive files that led to William Miller’s conviction. Google, the ESP, did not view Miller’s files but had used its own hash algorithm and employees to stock its database. At some point, therefore, at least one Google employee had viewed Miller’s files and decided they were contraband. Miller appealed his conviction on Fourth Amendment grounds, inter alia, arguing that authorities needed a search warrant to open and view his files.

The court easily rejected Miller’s first argument that Google conducted an unreasonable search by filtering his email based on hash values.4 Google, the court held, is a private entity and not technologysubject to the Fourth Amendment’s constraints regarding searches. The facts also showed that Google had not acted as the government’s agent.5

Miller’s second argument, that the detective assigned to his case invaded his reasonable expectation of privacy when he viewed the trapped files, fared no better.6 The court first applied the private search doctrine, which holds that the government does not conduct an illegal search when it is virtually certain that its search does not disclose anything beyond what a prior private search revealed.7 In Miller’s case, the detective who opened the files might have stumbled upon images other than the expected contraband—as unlikely as it was. In that event, the police search would have proceeded beyond Google’s and offended the Fourth Amendment. The question, therefore, was whether Google’s hash value matching made it virtually certain that by opening the files, the detective would discover nothing more than what Google had learned when it first viewed the files.

Recall that at some point, trained Google employees had seen copies of the files and categorized them as child pornography. The issues, therefore, turned on “whether Google’s hash value matching [wa]s sufficiently reliable” to ensure this constitutionally required virtual certainty, and on the legal test that applied to resolve this question.8 But, the court saw no need to answer these questions. Miller never challenged the reliability of Google’s hashing algorithm, and the magistrate judge found that the hashing technology was “highly reliable—akin to the reliability of DNA.”9 Because of hashing’s generally accepted reliability and Miller’s failure to object in the trial court, the court held that Google’s file matching “satisfie[d] Jacobsen’s virtual-certainty test and trigger[ed] its private-search doctrine.”10

The court also considered whether Miller’s defense that the detective’s viewing of the files amounted to a Fourth Amendment physical trespass.11 The court analogized the detective’s opening of digital files to colonial authorities’ intrusion in a person’s personal effects and papers, a practice that the Fourth Amendment clearly aimed to curtail. But here again, Google, not the detective, first matched the hash value and the private search doctrine applied.10 TBJ

NOTES

1. 982 F.3d 412 (6th Cir. 2020); see also, United States v. Reddick, 900 F.3d 636 (5th Cir. 2018); United States v. Ackerman, 831 F.3d 1292 (10th Cir. 2016) (Gorsuch, J.).

2. See generally, Richard P. Salgado, Fourth Amendment Search and the Power of the Hash, 119 Harv. L. Rev. F. 38, 39 (2005). Hash algorithms are not perfect; two different files can have the same hash value, but the odds of a “collision” are “astronomically small.” Id. The hash value depends on the file’s contents and not on its name. Id. n.5.

3. Unless there is a hash value collision with an innocuous picture (astronomically unlikely), or an error by an ESP employee who misjudged erotica (presumably, always a possibility).

4. Miller, 982 F.3d at 421–22.

5. Id. at 422–24.

6. Id. at 426 (citing Katz v. United States, 389 U.S. 347 (1967)).

7. Id. at 428 (citing United States v. Jacobsen, 466 U.S. 109, 119 (1984)).

8. Id. at 429–30.

9. Id. at 430.

10. Id.

11. Id. at 432 (citing United States v. Jones, 565 U.S. 400, 405, 406 n.3 (2012)).


Headshot of PIERRE GROSDIDIERPIERRE GROSDIDIER is an attorney in Houston. He belongs to the first group of attorneys certified in construction law by the Texas Board of Legal Specialization in 2017. Grosdidier’s practice also includes data privacy and unauthorized computer access issues and litigation. Prior to practicing law, he worked in the process control industry. Grosdidier holds a Ph.D. from Caltech and a J.D. from the University of Texas. He is a member of the State Bar of Texas, an AAA Panelist, a registered P.E. in Texas (inactive), a member of the Texas Bar Foundation, a fellow of the American Bar Foundation, and the State Bar of Texas Computer & Technology Section treasurer for 2020-2021.

 

{Back to top}

We use cookies to analyze our traffic and enhance functionality. More Information agree