Friday, June 5, 2015

You Can Be Prosecuted for Clearing Your Browser History

You Can Be Prosecuted for Clearing Your Browser History


Khairullozhon Matanov is a 24-year-old former cab driver from Quincy, Massachusetts. The night of the Boston Marathon bombings, he ate dinner with Tamerlan and Dhzokhar Tsarnaev at a kebob restaurant in Somerville. Four days later Matanov saw photographs of his friends listed as suspects in the bombings on the CNN and FBI websites. Later that day he went to the local police. He told them that he knew the Tsarnaev brothers and that they’d had dinner together that week, but he lied about whose idea it was to have dinner, lied about when exactly he had looked at the Tsarnaevs’ photos on the Internet, lied about whether Tamerlan lived with his wife and daughter, and lied about when he and Tamerlan had last prayed together. Matanov likely lied to distance himself from the brothers or to cover up his own jihadist sympathies—or maybe he was just confused.

Then Matanov went home and cleared his Internet browser history.

Matanov continued to live in Quincy for over a year after the bombings. During this time the FBI tracked him with a drone-like surveillance plane that made loops around Quincy, disturbing residents. The feds finally arrested and indicted him in May 2014. They never alleged that Matanov was involved in the bombings or that he knew about them beforehand, but they charged him with four counts of obstruction of justice. There were three counts for making false statements based on the aforementioned lies and—remarkably—one count for destroying “any record, document or tangible object” with intent to obstruct a federal investigation. This last charge was for deleting videos on his computer that may have demonstrated his own terrorist sympathies and for clearing his browser history.

Matanov faced the possibility of decades in prison—twenty years for the records-destruction charge alone.

Federal prosecutors charged Matanov for destroying records under the Sarbanes-Oxley Act, a law enacted by Congress in the wake of the Enron scandal. The law was, in part, intended to prohibit corporations under federal investigation from shredding incriminating documents. But since Sarbanes-Oxley was passed in 2002 federal prosecutors have applied the law to a wider range of activities. A police officer in Colorado who falsified a report to cover up a brutality case was convicted under the act, as was a woman in Illinois who destroyed her boyfriend’s child pornography.

Prosecutors are able to apply the law broadly because they do not have to show that the person deleting evidence knew there was an investigation underway. In other words, a person could theoretically be charged under Sarbanes-Oxley for deleting her dealer’s number from her phone even if she were unaware that the feds were getting a search warrant to find her marijuana. The application of the law to digital data has been particularly far-reaching because this type of information is so easy to delete. Deleting digital data can inadvertently occur in normal computer use, and often does.

In 2010 David Kernell, a University of Tennessee student, was convicted under Sarbanes-Oxley after he deleted digital records that showed he had obtained access to Sarah Palin’s Yahoo e-mail account. Using publicly available information, Kernell answered security questions that allowed him to reset Palin’s Yahoo password to “popcorn.” He downloaded information from Palin’s account, including photographs, and posted the new password online. He then deleted digital information that may have made it easier for federal investigators to find him. Like Matanov, he cleared the cache on his Internet browser. He also uninstalled Firefox, ran a disk defragmentation program to reorganize and clean up his hard drive, and deleted a series of images that he had downloaded from the account. For entering Palin’s e-mail, he was eventually convicted of misdemeanor unlawfully obtaining information from a protected computer and felony destruction of records under Sarbanes-Oxley. In January 2012, the US Court of Appeals for the Sixth Circuit found that Kernell’s awareness of a potential investigation into his conduct was enough to uphold the felony charge.

At the time Kernell took steps to clean his computer, he does not appear to have known that there was any investigation into his conduct. Regardless, the government felt that they were entitled to that data, and the court agreed that Kernell was legally required to have preserved it.

Hanni Fakhoury, a senior staff attorney at the Electronic Frontier Foundation, says the feds’ broad interpretation of Sarbanes-Oxley in the digital age is part of a wider trend: federal agents’ feeling “entitled” to digital data.

Fakhoury compares the broad application of Sarbanes-Oxley in the digital realm to the federal government’s resistance to cellphone companies that want to sell encrypted phones that would prevent law enforcement from being able to access users’ data. When the new encrypted iPhone came out, FBI Director James Comey told reporters that he didn’t understand why companies would “market something expressly to allow people to place themselves beyond the law.”

“At its core,” Fakhoury says, “what the government is saying is, ‘We have to create a mechanism that allows everybody’s [cellphone] data to be open for inspection on the off-chance that one day in the future, for whatever random circumstance, we need to see that data.'”

Similarly, Fakhoury says the government’s underlying theory in cases like Kernell’s is, “Don’t even think about deleting anything that may be harmful to you, because we may come after you at some point in the future for some unforeseen reason and we want to be able to have access to that data.