Paul Ohm: ‘Searching Journalists in the Terabyte Age’

Great piece by Paul Ohm on the breadth of material taken by authorities when they confiscate modern computers:

In other words, all of the rules that govern police searches of news offices were created in the age of typewriters, desks, filing cabinets, and stacks of paper.

Now, flash forward thirty years. The police who searched Jason Chen’s home seized the following: A MacBook, HP server, two Dell desktop computers, iPad, ThinkPad, two MacBook Pros, Iomega NAS, three external hard drives, and three flash drives. They also seized other storage-containing devices, including two digital cameras and two smart phones. If Jason Chen’s computing habits are anything like mine, the police likely seized many terabytes of disk space, storing hundreds of thousands (millions?) of files, containing information stretching back years. […]

At the very least, the courts should forbid the police from looking at any file timestamped before March 18, 2010, and in addition, they should force the police to comply with the Comprehensive Drug Testing rules.

The Comprehensive Drug Testing rules (which Ohm describes in his piece) are very fair, and ought to be applied here. But the timestamp idea, however well-intentioned, isn’t practical — timestamps are trivial to change.

Tuesday, 27 April 2010