[uniformlyrandom]

> Google’s hash match may well have established probable cause for a warrant to allow police to conduct a visual examination of the Maher file.

Very reasonable. Google can flag accounts as CP, but then a judge still needs to issue a warrant for the police to actually go and look at the file. Good job court. Extra points for reasoning about hash values.

[pdonis]

> a judge still needs to issue a warrant for the police to actually go and look at the file

Only in the future. Maher's conviction, based on the warrantless search, still stands because the court found that the "good faith exception" applies--the court affirmed the District Court's finding that the police officers who conducted the warrantless search had a good faith belief that no warrant was required for the search.

[AcerbicZero]

I wonder what happened to fruit of the poisoned tree? Seems a lot more liberty oriented than "good faith exception" when police don't think they need a warrant (because police never seem to "think" they need a warrant).

[alphazard]

This exactly. Bad people have to go free in order to incentivize good behavior by cops.

You and I (as innocent people) are more likely to be affected by bad police behavior than the few bad people themselves and so we support the bad people going free.

[HideousKojima]

>You and I (as innocent people) are more likely to be affected by bad police behavior than the few bad people themselves and so we support the bad people going free.

I know anecdotes aren't data, but my only negative interactions with cops have basically been for traffic tickets. Meanwhile my negative interactions with criminals have been far more numerous, along with several second-order effects caused by their mere existence (like not going to certain neighborhoods at night because of high crime rates). I don't think there's ever been a neighborhood law abiding citizens had to avoid because of fear of cops.

Maybe I'm some kind of crazy outlier, but I'm pretty sure that most innocent people are the same.

[RHSeeger]

> I don't think there's ever been a neighborhood law abiding citizens had to avoid because of fear of cops.

I think there's a fair number of stories of POC be accosted by police officers because they were in a neighborhood they didn't "belong" in, so your statement is likely inaccurate.

[rendall]

The threat to innocent people posed by incompetent or tyrannical police is arguably much greater than by ordinary criminality.

In small towns across America, corrupt police departments hassle outsiders and issue minor citations as a way to generate revenue. If someone is found to have large amounts of cash for some reason, they often will confiscate it in a process called civil forefeiture. Many US police officers act with impunity because their misconduct will be protected by local prosecutors and judges. There absolutely are towns and neighborhoods good people should avoid because of the police.

[wbl]

Dan White shot the mayor and a supervisor in cold blood and confessed everything to the cops. They managed to stop him from spilling out his premeditation on tape by interrupting him as his confession was getting rolling and the DA failed to win the easiest conviction of his career. The cops then went on a spree of beating people gratuitously in the Castro.

Cops aren't there to enforce the law without fear or favor. They routinely engage in petty corruption and complain when they have to be professional when on duty.

[Workaccount2]

There is a reality distortion field in existence now because almost every police interaction is recorded (body cams are everywhere nowadays) and the ones that go bad are put on full blast across social media and the news, despite them being somewhere on the order of 1 in 1,000,000 encounters.

Seriously, if car accidents were reported like police accidents, we probably would have been forced by confused ideologues to ban automobiles 2 years ago.

[shadowgovt]

Given that they're over 100 deaths a day in the US (as of 2022), we probably should consider car accidents more than we do.

(But they pretty much do report on them consistently on local news... People won't stop driving because the social benefit is so large).

[sarlalian]

That’s called luck.

Personally I’m a cis white male, who’s been a mostly law abiding citizen, and I’ve had dozens of poor interactions with police throughout my life. Additionally I have a probably unusual number of family and friends who work in law enforcement. The stories I’ve heard about co-workers from them are absolutely terrifying. My father’s (retired police officer) advice when I became a teenager was “only call the police when what is about to happen is worse than going to jail.”

I deeply respect the difficulty of the profession and don’t believe that all or even most police are bad people, but there are way too many who have no business being in that profession.

[DrillShopper]

Honest question: are you white?

[wizzwizz4]

> Bad people have to go free in order to incentivize good behavior by cops.

And they will, next time, and everyone knows it. We don't need an actual example of a bad person going free if the potential is certain enough.

Unless, of course, you're trying to encourage good behaviour in the general case (rather than a codified list of specifics); but that's expecting police officers to be experts in right and wrong. As obvious as such things are to me, I'm aware that a lot of people struggle a lot more with these things. (Or, perhaps, struggle less: I spend a lot of time thinking about morality and ethics, more than is reasonable to expect a salaried worker to spend.)

[refulgentis]

I think its okay that we expect cops to be good _after_ the rule exists, rather than set the bad guys free to (checks notes) incentivize cops to take our new rule super seriously.

[everforward]

It would seem that the inverse would need to apply in order for the justice system to have any semblance of impartiality. That is that we now have to let both of them off the hook, since neither had been specifically informed they weren’t allowed to do the thing beforehand.

That is why many people think this should be tossed out. Ignorance that an action was a crime is almost never an acceptable defense, so it should not be an acceptable offense either.

[refulgentis]

> we now have to let both of them off the hook, since neither had been specifically informed they weren’t allowed to do the thing beforehand.

I'm not trying to be funny, or aggressive, or passive aggressive, seriously: there's two entities in the discussion, the cops, and the person with a photograph with a hash matching child porn. I'm phrasing that as passively as possible because I want to avoid the tarpit of looking like I'm appealing to emotion:

Do you mean the hash-possessor weren't specifically informed it was illegal to possess said hash?

> It would seem that the inverse would need to apply in order for the justice system to have any semblance of impartiality...That is why many people think this should be tossed out.

Of course, I could be missing something here because I'm making a hash of parsing the first bit. But, no, if the cops in good faith make a mistake, there's centuries of jurisprudence behind not letting people go free for it, not novel with this case.

[_Algernon_]

The 4th amendment was written in 1791

[GuB-42]

The 4th amendment is about unreasonable searches and seizures, it is also about "persons, houses, papers, and effects", that is, not files stored in someone else's computer.

The police here considered that a hash match was a reasonable enough condition to conduct a search, and that Google's TOS allowed it. They were wrong, but it is not obvious that they were by just reading the 4th amendment, and the situation is rather new, so it is reasonable to assume that the police acted in good faith.

[mobb_solo]

And one thing we learn as we've been hanging around in Time long enough to recognize larger cycles, is the world changes, people dont. Even as we change the world.

[banku_brougham]

That rule has been around for quite a while, and looks worse for wear now

[refulgentis]

> That rule has been around for quite a while

The rule established in this case is new, hence TFA, and all the time the lawyers and judge wasted on it :)

If I may suggest where wires are getting crossed:

You are sort of assuming it's like a logic gate: if 4th amendment violation, bad evidence, criminal must go free. So when you say "the rule", you mean "the 4th amendment", not the actual ruling.

That's not how it works, because that simple ultimatum also has edge cases. So we built up this whole system around nominating juries and judges, and paying lawyers, over centuries, to argue out complicated things like weighing intentionality.

[whoknew1122]

The cited ruling answers your question

The court ruled that at the time, when the State Police opened the file, they had no reason to believe that a warrant was required. While the search was later ruled unconstitutional, no court had ruled it was unconstitutional *at the time of the search*. One of the cornerstones of American jurisprudence is that you cannot go back in time and overrule decisions based on contemporary jurisprudence.

From the opinion: 'the exception can also apply where officers “committed a constitutional violation” by acting without a warrant under circumstances that “they did not reasonably know, at the time, [were] unconstitutional.”'

If you're interested, the discussion of a good faith exemption (and why fruit of the poison tree doesn't apply here) begins at page 40 of the doc.

[krageon]

As someone not from the US the fact that "uwu we didn't know" is an adequate defense for the police to do something illegal is really weird. Is there some crucial context I'm missing?

[whoknew1122]

It dates back to the constitutional ban on "ex post facto" laws. Meaning, the government can't retroactively make something illegal. Which is a good thing, IMO.

So, for example, it's illegal at the federal level to manufacture machine guns (and I'm not going to get into a gun debate or nuances as to what defines a machine gun--it's just an example). But a machine gun is legal as long as it was manufactured before the ban went into place. Because the government can't say "hey, destroy that thing that was legal to manufacture, purchase, and own when it was manufactured."

This concept is extrapolated here to say "The cops didn't do anything illegal at the time. We have determined this is illegal behavior now, but we can't use that to overturn police decisions that were made when the behavior wasn't illegal. In the future, cops won't be able to do this."

[chipsa]

The government has totally said “destroy the thing that we said was legal to manufacture, purchase, and own when it was manufactured.” That was the entire point of the bump stock ban, which attempted to reclassify an item that they had previously said was not a machine gun into a machinegun, and therefore illegal to own (and was always illegal to own, so they weren’t going to compensate people for them either).

More strictly, machine guns aren’t banned by the federal government, but rather you have to have paid a tax to own it, and they’ve banned paying the tax for gun made after X date. If they decide to ban the ownership, grandfathering is not guaranteed.

[michaelt]

> Because the government can't say "hey, destroy that thing that was legal to manufacture, purchase, and own when it was manufactured."

Actually that's a totally normal way for bans to work.

If a state decides to ban a book from school libraries, the libraries don't get to keep the books on the shelves because they already had it.

The ban on ex post facto laws merely means that, if a ban on a given book is passed today a librarian can't be punished for having it on the shelves yesterday.

Grandfathering in exceptions is just politics - make a bitter pill easier to swallow for the people most impacted; delay the costs of any remediation; deal with historical/museum pieces; and simplify enforcement.

[Suppafly]

>It dates back to the constitutional ban on "ex post facto" laws.

Not really, that's not now constitutionality works with respect to the government. Ex post facto is when the government wants to act against you, not when you want the government to behave. They use new decisions regarding constitutionality to undo previous decisions all the time, they just don't want to in this specific case and are using the "well they would have been able to get a warrant anyway if they had known they'd needed one" to justify it.

[Izkata]

It wasn't illegal (unconstitutional) at the time they did it, which is different from not knowing. They would have had to see the future to know.

Also keep in mind "illegal" and "unconstitutional" are different levels - "illegal" deals with specific laws, "unconstitutional" deals with violating a person's rights. Laws can be declared unconstitutional and repealed.

[whoknew1122]

Laws can also be unconstitutional and remain a law--the law just can't be enforced. For example, in the state of Texas sodomy is still technically illegal, just the law is unenforceable. But if the Supreme Court overrules previous court decisions and says anti-sodomy laws are constitutional, the Texas law immediately becomes enforceable again.

The law is super complicated.

[stronglikedan]

I don't know. I feel that if something is declared "unconstitutional" today, then it was always unconstitutional (from inception of or amendment to the constitution). Unlike "illegal" in which laws can come and go, so something that is illegal today can be legal tomorrow. And just like "ignorance is no excuse for breaking a law", I don't thing ignorance should be an excuse for doing something unconstitutional.

[thinkingtoilet]

Just another way cops can be terrible at their job and get away with it. If only citizens could use the Chappelle defense, "I'm sorry officer, I didn't know I couldn't do that".

[whoknew1122]

Let's be clear. This guy had CSAM and was caught using digital forensics. The cops would've been able to secure the search warrant at the time had they been required to do so.

This isn't some innocent person who is spending time in prison because of a legal technicality.

[thinkingtoilet]

I understand but this is literally how rights are eroded away. It's all good when it's the worst people on the planet, but very quickly it's abused against every one else. Once these rights go away, they don't come back.

[Dylan16807]

The systemic downsides of police overreach happen whether or not a particular person was guilty. In general, throwing out the evidence is an effective way to fight back against overreach. I'm not worried about this guy, I'm worried about everyone else.

The idea that they would have been able to get a warrant limits the damage, but it's still iffy.

[dsubburam]

The opinion says at the time the warrantless search occurred, one appellate court had already held "that no warrant was required in those circumstances" (p 42). Only a year after the search occurred, did another appellate court rule the other way.

This is the main argument that the search met the good faith exception to the exclusionary rule (i.e. the rule that says you have to exclude evidence improperly obtained). This exception is supported in the opinion (at p41) with several citations including United States v. Ganias, 824 F.3d 199, 221–22 (2d Cir. 2016)

[CGamesPlay]

IANAL, but as I understood, this exception is specifically about cases where precedence is established. This same trick or others substantially like it won't work in the future, but because it was not a "known trick", the conviction still stands.

[K0balt]

Not only that, prior to the search another court had ruled that no warrant was required. The new ruling overrides the old one, but the search was in good faith.

[K0balt]

Prior to the search. A lower court had ruled that no warrant was required. The search was in good faith. The new ruling overturns the earlier ruling, but before, it had been ruled legal to do this kind of warrantless search.

[singleshot_]

Davis v. U.S. 564 U.S. 229

[kulahan]

I'm trying to imagine a more "real-world" example of this to see how I feel about it. I dislike that there is yet another loophole to gain access to peoples' data for legal reasons, but this does feel like a reasonable approach and a valid goal to pursue.

I guess it's like if someone noticed you had a case shaped exactly like a machine gun, told the police, and they went to check if it was registered or not? I suppose that seems perfectly reasonable, but I'm happy to hear counter-arguments.

[aiforecastthway]

The main factual components are as follows: Party A has rented out property to Party B. Party A performs surveillance on or around the property with Party B's knowledge and consent. Party A discovers very high probability evidence that Party B is committing crimes within the property, and then informs the police of their findings. Police obtain a warrant, using Party A's statements as evidence.

The closest "real world" analogy that comes to mind might be a real estate management company uses security cameras or some other method to determine that there is a crime occurring in a space that they are renting out to another party. The real estate management company then sends evidence to the police.

In the case of real property -- rental housing and warehouse/storage space in particular -- this happens all the time. I think that this ruling is imminently reasonable as a piece of case law (ie, the judge got the law as it exists correct). I also thing this precedent would strike a healthy policy balance as well (ie, the law as it exists if interpreted how the judge in this case interprets it would a good policy situation).

[Brian_K_White]

Is there any such thing as this surveillence applying to the inside of the renters bed room, bath room, filing cabinet with medical or financial documents, or political for that matter?

I don't think there is, and I don't think you can reduce reality to being as simple as "owner has more right over property than renter" renter absolutely has at least a few rights in at least a few defined contextx over owner because owner "consented" to accept money in trade for use of property.

[aiforecastthway]

> Is there any such thing as this surveillence applying to the inside of the renters bed room, bath room, filing cabinet with medical or financial documents, or political for that matter?

Yes. Entering property for regular maintenance. Any time a landlord or his agent enters a piece of property, there is implicit surveillance. Some places are more formal about this than others, but anyone who has rented, owned rental property, or managed rental property knows that any time maintenance occurs there's an implicit examination of the premises also happening...

But here is a more pertinent example: the regular comings and goings of people or property can be and often are observed from outside of a property. These can contribute to probable cause for a search of those premises even without direct observation. (E.g., large numbers of disheveled children moving through an apartment, or an exterior camera shot of a known fugitive entering the property.)

Here the police could obtain a warrant on the basis of landlord's testimony without the landlord actually seeing the inside of the unit. This is somewhat similar to the case at hand, since what Google alerted the police to a hash match without actually looking at the image (ie, entering the bedroom).

> I don't think you can reduce reality to being as simple as "owner has more right over property than renter"

But I make no such reduction, and neither does the opinion. In fact, quite the opposite -- this is contributory why the court determines a warrant is required!

[simoncion]

> ...Google alerted the police to a hash match without actually looking at the image (ie, entering the bedroom).

Google cannot have calculated that hash without examining the data in the image. They, or systems under there control obviously looked at the image.

It should not legally matter whether the eyes are meat or machine... if anything, machine inspection should be MORE strictly regulated, because of how much easier and cheaper it tends to make surveillance (mass or otherwise).

[aiforecastthway]

> It should not legally matter whether the eyes are meat or machine

But it does matter, and, perhaps ironically, it matters in a way that gives you STRONGER (not weaker) fourth amendment rights. That's the entire TL;DR of the fine article.

If the court accepted this sentence of yours in isolation, then the court would have determined that no warrant was necessary in any case.

> if anything, machine inspection should be MORE strictly regulated, because of how much easier and cheaper it tends to make surveillance (mass or otherwise).

I don't disagree. In particular: I believe that the "Reasonable Person", to the extent that we remain stuck with the fiction, should be understood as having stronger privacy expectations in their phone or cloud account than they do even in their own bedroom or bathroom.

With respect to Google's actions in this case, this is an issue for your legislator and not the courts. The fourth amendment does not bind Google's hands in any way, and judges are not lawmakers.

[AyyEye]

> Yes. Entering property for regular maintenance.

In every state that I've lived in they must give advance notice (except for emergencies). They can't just show up and do a surprise check.

[aiforecastthway]

Only in residential properties, typically. There are also states that have no such requirement even on residential rentals.

In any case, I think it's a bit of a red herring and that the "regular comings and goings" case is more analogous.

But also that, at this point in the thread, we have reached a point where analogy stops being helpful and the actual thing has to be analyzed.

[ok_computer]

If I import hundreds of pounds of poached ivory and store it in a shipping yard or move it to a long term storage unit, the owner and operator of those properties are allowed to notify police of suspected illegal activities and unlock the storage locker if there is a warrant produced.

Maybe the warrant uses some abstraction of the contents of that storage locker like the shipping manifest or customs declaration. Maybe someone saw a shadow of an elephant tusk or rhino horn as I was closing the locker door.

[potato3732842]

Pretty much all rental storage, shipping container, 3rd party semi trailer pool, safe deposit box type services and business agreements stipulate that the user of the arbitrary box gets to deny the owner of the arbitrary box access so long as they're holding up their end of the deal. The point is that the user is wholly responsible for the security of the contents of the arbitrary box and the owner bears no liability for the contents. This is why (well run) rental storage places make you use your own lock and if you don't pay they add an additional lock rather than removing yours.

[ImPostingOnHN]

I don't think that argument supports the better analogy of breaking into a computer or filing cabinet owned by someone renting the space. Just because someone is renting space doesn't give you the right to do whatever you want to them. Cameras in bathrooms of a rented space would be another example.

[ok_computer]

But he wasn’t running a computer in a rented space, he was using storage space on google’s computers.

In an older comment I argued against analogies to rationalize this. I think honestly at face value it is possible to evaluate the goodness or badness of the decision.

[freejazz]

Wait until you hear about third party doctrine.

I have this weird experience where people that get all their legal news from tech websites have really pointed views about fourth amendment jurisprudence and patent law.

[DragonStrength]

The issue of course being the government then pressuring or requiring these companies to look for some sort of content as part of routine operations.

[aiforecastthway]

I agree. This is a case where the physical analogy leads us to (imo) the correct conclusion: compelling major property management companies to perform regular searches of their tenant's properties, and then to report any findings to the police, is hopefully something that most judges understand to be a clear violation of the fourth amendment.

[leereeves]

> The issue of course being the government then pressuring or requiring these companies to look for some sort of content as part of routine operations.

Was that the case here?

[aiforecastthway]

Not requiring, but certainly pressure. See https://www.nytimes.com/2013/12/09/technology/tech-giants-is... for example. Also all of the heat Apple took over rolling back its perceptual hashing.

[irq-1]

> Party A discovers very high probability evidence that Party B is committing crimes within the property ...

This isn't accurate: the hashes were purposefully compared to a specific list. They didn't happen to notice it, they looked specifically for it.

And of course, what happens when it's a different list?

[aiforecastthway]

>> Party A discovers very high probability evidence that Party B is committing crimes within the property ...

> This isn't accurate: the hashes were purposefully compared to a specific list. They didn't happen to notice it, they looked specifically for it.

1. I don't understand how the text that comes on the right side of the colon substantiates the claim on the left side of the colon... I said "discovers", without mention of how it's discovered.

2. The specificity of the search cuts in exactly the opposite direction than you suggest; specificity makes the search far less invasive -- BUT, at the same time, the "everywhere and always" nature of the search makes it more invasive. The problem is the pervasiveness, not the specificity. See https://news.ycombinator.com/user?id=aiforecastthway

> And of course, what happens when it's a different list?

The fact that the search is targeted, that the search is highly specific, and that the conduct plainly criminal, are all, in fact, highly material. The decision here is not relevant to most of the "worst case scenarios" or even "bad scenarios" in your head, because prior assumptions would have been violated prior to this moment in the legal evaluation.

But with respect to your actual argument here... it's really a moot point. If the executive branch starts compelling companies to help them discover political enemies on basis of non-criminal activity, then the court's opinions will have exactly as much force as the army that court proves capable of raising, because such an executive would likely have no respect for the rule of law in any case...

It is reasonable for legislators to draft laws on a certain assumption of good faith, and for courts to interpret law on a certain assumption of good faith, because without that good faith the law is nothing more than a sequence of forceless ink blotches on paper anyways.

[kelnos]

I don't think that changes anything. I think it's entirely reasonable for Party A to be actively watching the rented property to see if crimes are being committed, either by the renter (Party B) or by someone else.

The difference I do see, however, is that many places do have laws that restrict this sort of surveillance. If we're talking about an apartment building, a landlord can put cameras in common areas of the building, but cannot put cameras inside individual units. And with the exception of emergencies, many places require that a landlord give tenants some amount of notice before entering their unit.

So if Google is checking user images against known CSAM image hashes, are those user images sitting out in the common areas, or are they in an individual tenant's unit? I think it should be obvious that it's the latter, not the former.

Maybe this is more like a company that rents out storage units. Do storage companies generally have the right to enter their customers' storage units whenever they want, without notice or notification? Many storage companies allow customers to put their own locks on their units, so even if they have the right to enter whenever they want, regularly, in practice they certainly do not.

But like all analogies, this one is going to have flaws. Even if we can't match it up with a real-world example, maybe there's still no inconsistency or problem here. Google's ToS says they can and will do this sort of scanning, users agree to it, and there's no law saying Google can't do that sort of thing. Google itself has no obligation to preserve users' 4th Amendment rights; they passed along evidence to the police. I do think the police should be required to obtain a warrant before gaining access to the underlying data; the judge agrees on this, but the police get away with it in the original case due to the bullshit "good faith exception".

[kulahan]

This is an excellent example, I think I get it now and I'm fully on-board. Thanks.

I could easily see an AirBNB owner calling the cops if they saw, for instance, child abuse happening on their property.

[nashashmi]

Ok. But that would also be invasion of privacy. If the property you rented out was being used for trafficking and you don’t want to be involved with trafficking, then the terms would have to first explicitly set what is not allowed. Then it would also have to explicitly mention what measures are taken to enforce it and what punishments are imposed for violations. It should also mention steps that are taken for compliance.

Without full documentation of compliance measures, enforcement measures, and punishments imposed, violations of the rule cannot involve law enforcement who are restricted to acting on searches with warrants.

[kelnos]

> If the property you rented out was being used for trafficking and you don’t want to be involved with trafficking, then the terms would have to first explicitly set what is not allowed.

I don't believe that's the case. You don't need to state that illegal activities are not allowed; that's the default.

> Then it would also have to explicitly mention what measures are taken to enforce it

When Airbnb used to allow cameras indoors, they did -- after some backlash -- require hosts to disclose the presence of the cameras.

> ... and what punishments are imposed for violations.

No, I don't think that is or should be necessary. If you do illegal things, the possible punishments don't need to be enumerated by the person who reports you to the police.

Put another way: if I'm hosting someone on Airbnb in the case where I'm living in the same property, and I walk into the kitchen to see my Airbnb guest dealing drugs, I am well within my rights to call the police, without having ever said anything up-front to my guest about whether or not that's acceptable behavior, or what the consequences might be. Having the drug deal instead caught on camera is no different, though I would agree that the presence of the cameras should have to be disclosed beforehand.

In Google's case, the "camera" (aka CSAM scanning) appears to have been disclosed beforehand.

[nashashmi]

> You don't need to state that illegal activities are not allowed; that's the default

Technically you would have to say to be able to walk away from accusations of complicity.

[freejazz]

>Without full documentation of compliance measures, enforcement measures, and punishments imposed, violations of the rule cannot involve law enforcement who are restricted to acting on searches with warrants.

That's not the only way police get information...

[briandear]

In the case of in-progress child abuse, that wouldn’t require a warrant as entry to prevent harm to a person is an exigent circumstance and falls under the Emergency Aid doctrine. If they found evidence or illegal items within plain view, that evidence would be permitted under the plain view doctrine. However, if they went and searched drawers or opened file cabinets, evidence discovered in that circumstance would not be allowed (opening a file cabinet isn’t required to solve the emergency aid situation typically.)

What’s really fascinating is that Children Protective Services acts as if they never need a warrant even if there is not an exigent circumstance. To my knowledge there hasn’t been a Supreme Court case challenging that and circuits are split. Interesting reading about that if anyone is interested:

https://family.jotwell.com/ending-cps-home-searches-evasion-...

(The 4th Amendment is not limited to actual police BTW.)

[oefnak]

With their hidden camera in the bathroom.

[kulahan]

I just meant it as an analogy, not that I'm specifically on-board with AirBNB owners putting cameras in bathrooms.

Anyways, that's why I just rent hotel rooms, personally. :)

[cool_dude85]

I think the real-world analogy would be to say that the case is shaped exactly like a machine gun and the hotel calls the police, who then open the case without a warrant. The "private search" doctrine allows the police to repeat a search done by a private party, but here (as in the machine gun case), the case was not actually searched by a private party.

[ok_computer]

But this court decision is a real world example, and not some esoteric edge case.

This is something I don’t think needs analogies to understand. SA/CP image and video distribution is an ongoing moderation, network, and storage issue. The right to not be under constant digital surveillance is somewhat protected in the constitution.

I like speech and privacy and am paranoid of corporate or government overreach, but I arrive at the same conclusion as you taking this court decision at face value.

[startupsfail]

Wait until Trump is in power and corporations are masterfully using these tools to “mow the grass” (if you want an existing example of this, look at Putin’s Russia, where people get jail time for any pro-Ukraine mentions on social media).

[ok_computer]

Yeah I’m paranoid like I said, but this case it seems like the hash of a file on google’s remote storage flagged as potential match that was used as justification to request a warrant. That seems common sense and did not involve employees snooping pre-warrant.

The Apple CSAM hash detection process, that the launch was rolled back, concerned me namely because it was run on-device with no opt out. If this is running on cloud storage then it sort of makes sense. You need to ensure you are not aiding or harboring actually harmful illegal material.

I get there are slippery slopes or whatever but the fact is you cannot just store whatever you wish in a rental. I don’t see this as opening mass regex surveillance of our communication channels. We have the patriot act to do that lol.

[rangestransform]

I think the better option is a system where the cloud provider cannot decrypt the files, and they’re not obligated to lift a finger to help the police because they have no knowledge of the content at all

[ok_computer]

In my opinion, despite the technical merits of an algorithm, encryption is only as trustworthy as the computer who generates and holds a private key.

I would personally not knowingly use a cloud provider to commit a crime. That is a fairly naive take to assume because your browser is https that data at rest and in process isn’t somehow observable.

And I see where you’re coming from but I am afraid that position severely overestimates the will of US people to trade freedom/privacy for security and the legislature to hold citizens’ privacy in such high regard.

[SauntSolaire]

I only worry that, in the case that renting becomes a roundabout way of granting more oversight ability to the government, then as home ownership rates decrease, government surveillance power increases.

Sure, it's facilitated through a third party (the owner), but the extrapolated pattern seems to be: "1. Only people in group B will have fewer rights, so people in group A shouldn't worry" followed closely by "2. Sorry, you've been priced out of group A."

In the case of renting, we end up in the situation where those who have enough wealth to own their own home are afforded extra privileges of privacy.

Now to bring this back to the cloud; the cynical part of me looks towards a future of cheap, cloud-only storage devices. Or an intermediate future of devices where cloud is first party and local storage is just enough of a hassle that people don't use it. And the result is that basically everyone now has the present day equivalent of local storage scanning.

If renting de-facto grants fewer rights, then in the future where "you'll own nothing and be happy", you'll also have no rights, and all the way people will say "as a renter, what did you expect?"

[ok_computer]

OK I agree with you about setting a precedent that future storage will be scanned by default. Additionally who will control the reference hash list?, since making one necessitates hashing that illicit material.

I only hope the court systems escalate it and manage to protect free speech or unreasonable search and seizure or self incrimination or whatever if the CSAM hash comparisons are used against political opponents or music piracy or tax evasion or whatever.

Good point.

[immibis]

> You need to ensure you are not aiding or harboring actually harmful illegal material.

Is this actually true, legally speaking?

[ok_computer]

I’m unsure I wrote that from like an ethics standpoint. The silk road guy was got on conspiracy for attempting murder and not drug or human trafficking charges. So I’m unsure of legal side.

I think if you knowingly provided a platform to distribute SA/CP/CSAM and the feds become involved you will be righteously fucked.

Reddit clamped down on the creepy *bait subreddits years ago. Maybe it was self-preservation on the business side or maybe it was forward looking about legal issues.

I’m not a lawyer I was just mentioning things that I would follow for ethics morals and my sense of self preservation.

[ktsHan]

It is worse. Trump will actually put people on concentration camps! Glenn Greenwald explains the issue here:

https://www.youtube.com/watch?v=8EjkstotxpE

[jjk7]

It's like a digital 'smell'; Google is a drug sniffing dog.

[aiforecastthway]

I don't think the analogy holds for two reasons (which cut in opposite directions from the perspective of fourth amendment jurisprudence, fwiw).

First, the dragnet surveillance that Google performs is very different from the targeted surveillance that can be performed by a drug dog. Drug dogs are not used "everywhere and always"; rather, they are mostly used in situations where people have a less reasonable expectation of privacy than the expectation they have over their cloud storage accounts.

Second, the nature of the evidence is quite different. Drug-sniffing dogs are inscrutable and non-deterministic and transmit handler bias. Hashing algorithms can be interrogated and are deterministic and do not have such bias transferal issues; collisions do occur, but are rare, especially because the "search key" set is so minuscule relative to the space of possible hashes. The narrowness and precision of the hashing method preserves most of the privacy expectations that society is currently willing to recognize as objectively reasonable.

Here we get directly to the heart of the problem with the fictitious "reasonable person" used in tests like the Katz test, especially in cases where societal norms and technology co-evolve at a pace far more rapid than that of the courts.

[praptak]

This analogy can have two opposite meanings. Drug dogs can be anything from a prop used by the police to search your car without a warrant (a cop can always say in court the dog "alerted" them) to a useful drug detection tool.

[Thorrez]

>yet another loophole

What's the new legal loophole? I believe what's described above is the same as it's been for decades, if not centuries.

Disclosure: I work at Google but not on anything related to this.

[nashashmi]

If the police “wanted” to look. But what if they were notified of the material? Then the police should not need a warrant, right?

[dylan604]

Don't they?. If you tell the cops that your neighbor has drugs of significant quantity in their house, would they not still need a warrant to actually go into your neighbor's house?

[potato3732842]

Correct. A simple tip does not amount to probable cause by itself.

[jkhdigital]

There are a lot of nuances to these situations of third-party involvement and the ruling discusses these at length. If you’re interested in the precise limits of the 4th amendment you should really just read the linked document.

[stjohnswarts]

they should as a matter of course. but I guess "papers" you entrust to someone else are a gray area. I personally think that it goes against the separation of police state and democracy, but I'm a nobody, so it doesn't matter I suppose.

[petermcneeley]

No. What I send through my email is between me and God.

[gcbirzan]

Is it reasonable? Even if the hash was md5, given valid image files, the chances of it being an accidental collision are way lower than the chance of any other evidence given to a judge was false or misinterpreted.

[bluGill]

This is NOT a secure hash. This is an image similar to hash which has many many matches in not related images.

Unfortunately the decision didn't mention this at all even though it is important. If it was even as good as a md5 hash (which is broken) I think the search should be allowed without warrant because even though a accidental collision is possible odds are so strongly against it that the courts can safely assume there isn't (and of course if there is the police would close the case). However since this has is not that good the police cannot look at the image unless Google does.

[aiforecastthway]

I wish I could get access to the "App'x 29" being referenced so that I could better understand the judges' understanding here. I assume this is Federal Appendix 29 (in which case a more thorough reference would've been appreciated). If the Appeals Court is going to cite the Federal Appendix in a decision like this and in this manner, then the Federal Appendix is as good as case law and West Publishing's copyright claims should be ripped away. Either the Federal Appendix should not be cited in Appeals Court and Supreme Court opinions, or the Federal Appenix is part of the law and belongs to the people. There is no middle there.

> I think the search should be allowed without warrant because even though a accidental collision is possible odds are so strongly against it that the courts can safely assume there isn't

The footnote in the decision bakes this property into the definition of a hash:

A “hash” or “hash value” is “(usually) a short string of characters generated from a much larger string of data (say, an electronic image) using an algorithm—and calculated in a way that makes it highly unlikely another set of data will produce the same value.

(Importantly, this is NOT an accurate definition of a hash for anyone remotely technical... of course hashing algorithms with significant hash collisions exist, and is even a design criterion for some hashing algorithms...)

[freejazz]

>I wish I could get access to the "App'x 29" being referenced so that I could better understand the judges' understanding here. I assume this is Federal Appendix 29 (in which case a more thorough reference would've been appreciated). If the Appeals Court is going to cite the Federal Appendix in a decision like this and in this manner, then the Federal Appendix is as good as case law and West Publishing's copyright claims should be ripped away. Either the Federal Appendix should not be cited in Appeals Court and Supreme Court opinions, or the Federal Appenix is part of the law and belongs to the people. There is no middle there.

Just go to a law library.

Do you know that judges routinely make decisions based on confidential documents not in the public record? Is that also bad?

[aiforecastthway]

> Just go to a law library.

The closest with a copy of the Federal Appendix is ~2 hrs away from me (or on LN if I pay for a subscription). It should be free and online, because it probably can't be copyrighted and because simplifying public access to the law is an unambiguous public good.

> Do you know that judges routinely make decisions based on confidential documents not in the public record? Is that also bad?

Of course not; the particularities of a given case is a very different concern from a document whose content is critical to interpretation of precedent. Also, the copyright claims on confidential documents might be valid, whereas any copyright claims on cases in the Federal Appendix probably aren't valid; see how of the government edicts doctrine was applied in Georgia v. Public.Resource.Org.

[freejazz]

Facts are incredibly relevant to the meaning of a case's holding. The issue with confidential documents isn't their copyrightibility.

[kyleee]

We can’t access appendix 29? Is that what you are saying?

[ajsnigrutin]

You're assuming accidential collision. Images can be generated that intentionally trigger the hash algorithm while they still appear as something else (a meme, funny photo, etc.) to a person looking at them. This brings many possibilities for "bad people" to do to people they hate (like an alternative to swatting etc.)

[jjk7]

Yes. How else would you prevent framing someone?

[gcbirzan]

So you're saying that I craft a file that has the same hash as a CSAM one, I give it to you, you upload it to google, but it also happens to be CSAM, and I've somehow framed you?

My point is that a hash (granted, I'm assuming that we're talking about a cryptographic hash function, which is not clear) is much closer to "This is the file" than someone actually looking at it, and that it's definitely more proof of them having that sort of content than any other type of evidence.

[wrs]

These are perceptual hashes designed on purpose to be a little vague and broad so they catch transformed images. Not cryptographic hashes.

[fluoridation]

I don't understand. If you contend that it's even better evidence than actually having the file and looking at it, how is not reasonable to then need a judge to issue a warrant to look at it? Are you saying it would be more reasonable to skip that part and go directly to arrest?