Searching over 5,500,000 cases.


searching
Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

United States v. Tagg

United States Court of Appeals, Sixth Circuit

March 27, 2018

United States of America, Plaintiff-Appellant,
v.
Derek Michael Tagg, Defendant-Appellee.

          Argued: March 7, 2018

          Appeal from the United States District Court for the Eastern District of Michigan at Detroit. No. 2:16-cr-20597-1-Paul D. Borman, District Judge.

         ARGUED:

          Mark J. Chasteen, UNITED STATES ATTORNEY'S OFFICE, Detroit, Michigan, for Appellant.

          Benton C. Martin, FEDERAL DEFENDER OFFICE, Detroit, Michigan, for Appellee.

         ON BRIEF:

          Mark J. Chasteen, UNITED STATES ATTORNEY'S OFFICE, Detroit, Michigan, for Appellant.

          Benton C. Martin, FEDERAL DEFENDER OFFICE, Detroit, Michigan, for Appellee.

          Before: COOK, McKEAGUE, and STRANCH, Circuit Judges.

          OPINION

          McKEAGUE, Circuit Judge.

          In September 2015, police executed a warrant at Derek Tagg's residence, searching for child pornography. They found plenty of it-over 20, 000 files, all stored on Tagg's computer. The search warrant was based primarily on digital evidence from an FBI operation showing that Tagg had spent over five hours browsing a website ("Playpen") that obviously contained child pornography. The district court found that the police lacked probable cause to search Tagg's house because the search warrant did not state that Tagg actually viewed any illegal images while on the site. Further, the court held that no reasonable officer would have relied on the warrant, and therefore suppressed all the evidence seized from Tagg's home. Because the warrant was supported by probable cause, we REVERSE the order granting the motion to suppress and REMAND the case for proceedings not inconsistent with this opinion.

         I

         This case arises out of federal and state investigations into child exploitation on the "dark web." The "dark web" is a sophisticated, anonymous internet network used both by criminals and by other individuals who, for whatever reason, do not want to be identified.

         A

         Until it was shut down by the FBI, Playpen operated a secret website on the "dark web." Although we think of websites as "out there" in the ether, the physical location of an ordinary website is on a computer programmed to permit access by anyone connected to the internet. Typical internet users access websites by searching for subjects through search engines (e.g., Google) in widely available web browsers (e.g., Mozilla Firefox), just like the ordinary shopper can walk into a store and look for signs indicating the location of the goods they desire. Clandestine websites like Playpen, however, sometimes require a "mask" before you can enter the computer(s) housing them. In this case, that "mask" is a web browser called "Tor, " which hides your online "face" from other people on the internet.

          Your online "face" is known as an "IP address, " a unique number assigned to every computer connected to the internet. To hide your identity, Tor effectively masks your IP address so that the people operating the website's physical computers cannot trace your IP address back to your personal identity or your residence. Because this makes it difficult for anonymous websites to track customer preferences or allow users to interact with one another, websites like Playpen require you to create an identifying "pseudonym" when you enter the website. Thus, Playpen knows what each user likes and what it has looked at, but it cannot discern who the user is outside the confines of the website.

         Further, Tor can also hide a website from all search engines entirely. In other words, a website operating on the Tor network can require you to know the exact combination of letters and numbers comprising the website's URL[1] before permitting you to see its content. And unlike intuitive URLs like cnn.com or nytimes.com, the URL of a secret Tor website like Playpen is randomized-for example, upf45jv3bziuctml.onion. Absent some statistically impossible stroke of luck, a site like Playpen is "an island that cannot be found, except by those who already know where it is." To access such a website, a newcomer must generally befriend someone who knows the URL, usually the website owner or another frequent user.

         But just like in real life, nothing on the internet can be kept totally secret. Police or malicious website owners have discovered ways to work around Tor's "mask" and identify the people who visit a website. This is done by embedding software in the fabric of the website, which creates a digital "fingerprint"[2] identifying each user's IP address. Police can then link the "fingerprint" to the user's "pseudonym, " and track what the person has viewed on the website. Police can also use a computer's IP address to discern its physical location through publicly available databases and routine subpoenas to companies like AT&T and Comcast. Thus, armed with the user's digital fingerprint, police can show a judge (a) what a user has viewed, and (b) where the user's computer is located in the real world.

         B

         This case began when the FBI obtained access to the physical computer running Playpen's website. The warrant permitting the FBI to use a bug is the "NIT warrant" in the record here.[3] Tagg does not really dispute that Playpen contained a significant amount of child pornography; neither does the government deny that Playpen also contained legal child erotica. After seizing Playpen's computers, the FBI kept the website running to try and catch some of its patrons. However, to identify Playpen's users, the FBI had to place a digital bug in the fabric of the website. Because this act counts as a Fourth Amendment "search" of the user's home computer-the bug creates a digital fingerprint that can identify the user-the FBI needed to obtain a warrant before embedding it. United States v. Horton, 863 F.3d 1041, 1046-47 (8th Cir. 2017), cert. pet. filed in No. 17-6910 (Nov. 21, 2017).

         After collecting identifying data on the individual users of the website, the FBI and its local task-force affiliates sought separate, individual warrants for the homes of the identified users ("Residential Warrants"). To support these warrants, officers explained to federal magistrate judges how they cross-referenced the user's digital fingerprint with their pseudonym and IP address to connect three data points: (a) the user's identity, (b) the items the user had viewed on the website, and (c) the physical location and address of the user's computer.

          The affidavit supporting the Residential Warrant outlined Tagg's browsing history, which neither party disputes. The Residential Warrant therefore contained the following pieces of data. (1). Tagg spent around five hours logged into Playpen's website under the pseudonym "derpderk." (2). Tagg opened the website's "index" and browsed them for topics of interest to him. (3). He clicked on the "Pre-Teen Videos" entry in the index. That link took him to a separate part of the index where he could browse "Pre-teen Videos" in more detail. (4). After browsing that topic, Tagg viewed a collection of pages under the heading "Girls HC"-which, in the pornography world, means explicit, penetrative sexual acts. (5). Tagg then accessed the message board "video collection clow85."[4] (6). On other occasions, Tagg accessed pages titled, "Drug(g)ed sleeping girl 10yo fuck-", ...


Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.