Visit the Greatest Surveillance City on Earth, Compelled Decryption, DFU Litigation Review, Wearables & More
Vol. 4, Issue 12
December 4, 2023
Welcome to Decrypting a Defense, the monthly newsletter of the Legal Aid Society’s Digital Forensics Unit. Diane Akerman invites you to visit NYC to see and be seen this holiday season. Joel Schmidt discusses a pending compelled decryption case before the United States Supreme Court. Benjamin Burger reviews some of the cases litigated by the Digital Forensics Unit in 2023. Finally, Brandon Reim explains how to acquire data from a wearable.
The Digital Forensics Unit of The Legal Aid Society was created in 2013 in recognition of the growing use of digital evidence in the criminal legal system. Consisting of attorneys and forensic analysts, the Unit provides support and analysis to the Criminal, Juvenile Rights, and Civil Practices of The Legal Aid Society.
A Guide to the Holidays in NYC
Visit the City That Never Sleeps Stops Watching
Diane Akerman, Digital Forensics Staff Attorney
Christmas in New York City is iconic, with traditions immortalized in classic holiday films. Macy’s storied window displays in Miracle on 34th Street. Kevin McCallister making a lonely wish in front of the Rockefeller Center Christmas tree in Home Alone 2. The Empire State Building lit up for the holidays in Elf. This year, you could stay home and watch the magic of the holidays in New York City play out on the small screen again, or you could pack the family up in the car and come let New York City watch you.
Getting Around
The options to be tracked as you travel around the city are endless! Love sitting in traffic? With over 300 automated license plate readers (ALPR) maintained by the NYPD around (and rising!), you can rest assured that photos of your license plate, as well as images of the driver and passengers, will be captured and retained in a searchable database, along with two million other plates, for at least five years. Say cheese and wave!
Prefer to use our extensive, world class, public transportation? Be sure to use the new OMNY system, where every tap of your debit card is available to the NYPD for the asking. Want to go old school and buy a plastic MetroCard? Go ahead, the NYPD can also access records of every single swipe across the entire city at any time! Good thing that pesky MTA privacy bill didn’t pass last session. Enjoy the ride, but make sure to watch for pickpockets because surveillance does not actually prevent crime!
Things to see
You could spend hours gawking at the department store window displays. Start at Macy’s flagship Herald Square store, move uptown to the Bergdorf and Bloomingdale’s windows, and cap it off with the legendary displays at Saks. While you’re watching the windows, the department stores will be watching you, using some of the most high-tech private surveillance equipment in the city. The Lower Manhattan Security Initiative isn’t just in lower Manhattan anymore, guaranteeing that the stores’ personal security force NYPD is watching - in real time!
As you wind through the streets of New York City and head to Rockefeller Center, fully immerse yourself in the holiday spirit and soak up the multiple opportunities to be captured on NYPD cameras. Take the scenic route and swing through the ever bustling Times Square. Rather than grab a photo op with a life-sized costumed character, head over to the subway station where you can meet the latest and greatest in testaments to the NYPD’s unchecked, frivolous spending - Knightscope’s K5 - an autonomous security robot. Does it fight crimes? Can it help you in a crisis? No! But it will record your image and your body heat and it’s great at selfies.
Only partway through your day and you’ve already smiled for (and with!) a crime-fighting robot, for private department store cameras, and ALPR cameras - could it get any better? Yes! With thousands of Argus cameras all over the city, and yet another legislative failure to pass a biometrics ban, the opportunities for your face to get captured on grainy video and fed into unreliable facial recognition software, ensnaring you in something you have nothing to do with are innumerable. Don’t worry! I’m sure they’ll clear that mistake up quick enough to get you back home for Christmas dinner.
Once you make it to Rockefeller Center, stay awhile. Roam around the holiday market, rent some skates, and take to the rink. Make yourself part of a picture perfect NYC holiday scene. Literally! An NYPD drone may be overhead taking gorgeous aerial shots for no nefarious reason at all, and fully within the bounds of the law.
Thanks for visiting!
We hope you’ve enjoyed your trip to the greatest surveillance city on earth, and we thank you for contributing your personal data to the NYPD’s many extremely secure databases. By now you’ve made it back to your car, which you hopefully managed to park legally despite being faced with multiple conflicting signs. A true Christmas miracle. As a bonus, if your car backfires as you pull away, you’ll be ushered out of town by a parade of NYPD officers responding to a false ShotSpotter alert. Ho ho ho.
Happy Holidays to everyone from the Digital Forensics Unit! Well, to everyone except the architects of the surveillance state! May you be haunted by a 100 Muppets singing songs of your evil deeds each time you leave your home.
In the News
Compelled Decryption and Self-Incrimination
Joel Schmidt, Digital Forensics Staff Attorney
You have the right to remain silent.
Most people in America are familiar with the Fifth Amendment, whether it be from the ever-present Miranda warnings in film and TV or from the popular expression “I plead the Fifth.”
The Fifth Amendment to the United States Constitution provides many protections – including the right to a jury trial, protections against being tried twice for the same offense, and the right to a fair trial – but it is perhaps most famous for its prohibition on anyone being “compelled in any criminal case to be a witness against [them]self.”
Contrary to popular belief, this right to remain silent benefits everyone, irrespective of guilt or innocence. The United States Supreme Court has emphasized "that one of the Fifth Amendment's basic functions is to protect innocent persons who might otherwise be ensnared by ambiguous circumstances.” Most lawyers will likely tell you that the same applies even when circumstances are not ambiguous.
Keiron K. Sneed lives in central Illinois where he was accused of remotely depositing two forged paychecks using an app on his phone. In order to search his phone the police were required to and did obtain a search warrant, but they were nonetheless unable to access the contents of the phone because it was password-protected and, understandably, Mr. Sneed was not willing to divulge it. (Although certain technology can frequently, but not always, allow the police to crack a phone’s passcode the police department in this case did not [PDF] have access to such technology.)
Undeterred, prosecutors in the case asked the court to issue an order compelling Mr. Sneed to either divulge the phone’s password or enter it into the phone himself. The judge refused, holding that to do so would violate Mr. Sneed's Fifth Amendment right against self-incrimination. However, an Illinois appellate court reversed the trial court and that reversal was affirmed [PDF] by the Illinois Supreme Court. The matter has now been appealed [PDF] to the United States Supreme Court.
In an amicus brief filed [PDF] with the US Supreme Court, the Electronic Frontier Foundation urged it to take the case and follow the lead of the Pennsylvania Supreme Court which in 2019 held [PDF] that the Fifth Amendment prohibits a court from ordering an individual to reveal a computer password. (A case in which the Pennsylvania Supreme Court noted that the Fifth Amendment “is often a protection to the innocent.”)
In its brief, the Electronic Frontier Foundation emphasized that cellphones “record our most intimate communications, thoughts, and interests; what we read, view, and listen to; who we call, text, or email; our whereabouts and travel; and even data about our health and fitness,” and that given the availability of sophisticated forensic extraction tools and the hundreds of thousands of cellphone searches conducted by law enforcement in all 50 states using these tools “every American is at risk of having their phone forensically searched by law enforcement.”
Hopefully the United States Supreme Court will do the right thing and keep our Fifth Amendment intact.
In the Courts
2023 In Review
Benjamin Burger, Digital Forensics Staff Attorney
The Legal Aid Society’s Digital Forensics Unit takes an active role litigating cases in New York State. In conjunction with other attorneys at The Legal Aid Society, we file motions to controvert digital search warrants, Frye motions to preclude unproven scientific testimony, and certificate of compliance challenges regarding missing discovery. In 2023, our Unit successfully litigated an Article 78 petition against the New York City Police Department (NYPD), won numerous motions holding that body worn camera audit trails were required to be turned over in criminal discovery, and fought against overbroad digital search warrants. The summaries below are just some of the many cases litigated by the Digital Forensics Unit.
People v. Torres, 79 Misc.3d 1204[A] (Crim. Ct., Queens Co. 2023); People v. Champion, 2023 N.Y. Slip Op. 23312 (Crim. Ct., N.Y. Co., 2023)
The New York City Police Department began using body worn cameras in 2017. Since that time, the Digital Forensics Unit has been at the forefront of litigating discovery issues related to the cameras. This year, the Unit focused on audit trails (or logs), which track all the activity associated with an uploaded video, device, case, or user (depending on the specific type of audit trail). Initially, trial courts were hostile to the idea that audit trails were discoverable, mistakenly believing that they did not contain any information relevant to the subject matter of the case.
Unit attorneys, particularly Shane Ferro, focused on educating judges on the actual nature of audit trails and why they constitute discovery. In Torres, the Court reviewed the public documentation about the software used by NYPD to store body worn camera videos - Evidence.com - and determined that audit trails were discoverable under CPL § 245.20(1). The Court noted that police officers can use Evidence.com to “subjectively categorize and tag videos” and “write notes” that appear in the audit trails. At a minimum, audit trails were “basic PDF documents describing the NYPD’s chain of custody of a video file . . ..”
The decision in Torres has been followed by additional cases litigated by the Digital Forensics Unit. In People v. Champion, the Court reinforced Torres by noting that “the notes, comments, and categorizations of police officers entered into the device and evidence logs are expressly discoverable under [CPL § 245.20(1)(e)].” Furthermore, both the Torres and Champion decisions held that the prosecution could not credibly claim that they did not exercise “control” over the audit tails. Both the Queens and Manhattan District Attorneys’ Offices confirmed that they had access to the audit trails by logging into accounts on Evidence.com.
People v. Mendoza, 2023 Slip Op 23291 (Sup. Ct., Queens Co. 2023)
In another case originating from Queens, the Unit helped file a motion to controvert a premises search warrant which resulted in the seizure of a firearm. The probable cause for the search warrant consisted of two screenshots which were taken from two videos posted to the social media platform Snapchat. The videos allegedly depicted an individual possessing a firearm inside of the searched premises.
In the motion to controvert, the defendant argued that the evidence derived from Snapchat was stale, in that the photos were not dated and made no indication as whether the photos were recently created or saved. In granting the motion, the Court specifically noted that the warrant application failed to demonstrate whether the videos at issue were sent real time, if they were saved to a device and resent, or if they were available to be viewed for an indefinite period of time. Because the videos could have been created months or years in advance of there viewing by law enforcement, the information was stale.
Torres, Champion, and Mendoza are prime examples of the purpose behind the Digital Forensics Unit: explaining emerging technologies to judges (and prosecutors) and litigating on behalf of our clients. Our Unit looks forward to continuing these fights into the new year.
Ask an Analyst
Do you have a question about digital forensics or electronic surveillance? Please send it to AskDFU@legal-aid.org and we may feature it in an upcoming issue of our newsletter. No identifying information will be used without your permission.
Q. My client says they were wearing a smartwatch when they were arrested. Although their phone is lost, they believe there is important evidence on the watch. Can you get data from it?
A. There are a variety of “wearables” on the market. “Wearables” is the term for smart devices that you wear on your body, such as a watch or a ring. Most can sync - or have data in two or more locations - with most smartphones through a Bluetooth connection. The connection allows the watch to mirror what is on the phone so the user can look at the watch for a convenient glance. Watches are also used to track a variety of health statistics, like heart rate, workouts, and steps. In most cases that concern health metrics, the phone the watch is paired to will also include the data.
However, not all wearables need to be connected to a smartphone. For example, some watches are sold with “cellular” capabilities, allowing you to make calls, receive texts, and do other tasks usually associated with a phone. When using this cellular capability, your watch will “share” your cellphone’s phone number. The cases where a watch receives data independent of a phone can be more complicated, as there is a chance the watch retained data that is not on the phone.
From a digital forensics standpoint, there are a few different methods we can use to extract data in a usable format. The preferred way to acquire the data is directly from the watch. Some companies sell products that allow examiners to access ports with adapters, like Mobile Edit. In these case, if there is a backup of the data on the watch, we can download a copy of it from the device. However, if the watch doesn’t have a backup, we often will rely on synched cloud data to get the information. Typically, this would be backup of the phone stored in a cloud account like iCloud. Some watches do store backups in the cloud. For example, Apple watches store their messages on the iCloud platform. They do not backup the messages locally on the watch.
When working with smartwatches, it takes a case-by-case approach to figure out the best way to get the relevant data from the device. Even if the data cannot be downloaded from the cloud or accessed locally on the watch, we can always take pictures of the messages displayed on the device with a camera. This is not the best practice, but it will suffice if there is no other way to preserve the data. In summary, most smartwatches mirror the contents of the phone. In rare cases that the phone cannot be accessed, alternative methods for getting the data from the watch will need to be researched.
Brandon Reim, Senior Digital Forensics Analyst
Upcoming Events
December 6, 2023
Immersive Tech Panel Series: Kids & Teens (Future of Privacy Forum) (Virtual)
December 6-7, 2023
The AI Summit New York (New York, NY)
February 8, 2024
Digital Part I: Geofence Warrants (NYSDA) (Virtual)
February 14-17, 2024
ABA TECHSHOW 2024 (ABA) (Chicago, IL)
February 29, 2024
Digital Part II: Cell Site Location Information (“CSLI”) and Call Detail Records (“CDR”) (NYSDA) (Virtual)
February 29 - March 7, 2024
SANS OSINT Summit & Training (SANS) (Arlington, VA & Virtual)
April 15-17, 2024
Magnet User Summit 2024 (Nashville, TN)
April 18-20, 2024
Making Sense of Science XVII: Forensic Science & the Law (NACDL) (Las Vegas, NV)
June 4-6, 2024
Techno Security East 2024 (Wilmington, NC)
Small Bytes
People Search Data Brokers, Stalking, and ‘Publicly Available Information’ Carve-Outs (LawFare)
This tiny device is sending updated iPhones into a never-ending DoS loop (Ars Technica)
How to Turn Off Smart TV Snooping Features (Consumer Reports)
Policing the City: A Conversation with Matthew Guariglia (Tech Policy Press)
FCC moves to help domestic violence victims with new rules around cellphones (NBC News)
Commercial Flights Are Experiencing ‘Unthinkable’ GPS Attacks and Nobody Knows What to Do (Vice)
Secretive White House Surveillance Program Gives Cops Access to Trillions of US Phone Records (Wired)
There’s a new sheriff in Times Square … and it’s an NYPD robot (Gothamist)