United States v. Stanley and the Fourth Amendment Implications of Using “Moocherhunter” To Locate the User of An Unsecured Wireless Network

In United States v. Stanley, 2012 WL 5512987 (W.D.Pa. Nov. 14, 2012) (Conti, J.), the district court evaluated a novel Fourth Amendment question: Does tracing the location of a user of an unsecured wireless network constitute a Fourth Amendment search? The court’s answer: No.

In this case, a Pennsylvania state police officer investigating the distribution of child pornography over peer-to-peer software learned that a computer at a particular IP address was sharing images of child pornography. The investigator, Erdley, obtained a search warrant to search the home associated with the IP address. The search was unsuccessful, however, and Erdley concluded that someone nearby was using the wireless connection from the home that had been left unsecured. With the consent of the homeowner, Kozikowski, Erdley used a software program called “Moocherhunter” to find the physical location of the individual who was accessing the network. Moocherhunter works by measuring the distance between the wireless router and the computer connecting to it: By moving the antenna of the wireless router, and knowing the MAC address of the computer connected to the wireless router, Erdley was able to trace the location of the computer connecting to the wireless router to a specific apartment. Erdley then obtained a search warrant and searched the apartment, finding child pornography on the computer of the defendant, Richard Stanley.

The District Court ruled that use of Moocherhunter was not a search under Smith v. Maryland, 442 U.S. 735 (1979):

Based upon Smith‘s rationale, the court finds Stanley did not have a legitimate expectation of privacy in the wireless signal he caused to emanate from his computer to the Kozikowski wireless router or in the signal being sent from the router back to his computer, and therefore, Erdely’s use of Moocherhunter™ did not constitute a search in violation of the Fourth Amendment. In Smith, the pen register was used to record the telephone numbers people voluntarily dialed and thus, conveyed, to the telephone company by monitoring electrical impulses caused when the dial on the telephone was released. Here, Moocherhunter™ monitored the strength of a signal that Stanley voluntarily caused to send from his computer to Kozikowski’s wireless router and to receive a signal back from the wireless router in order to gain unauthorized access to Kozikowski’s internet connection. In both cases, the party seeking suppression of evidence assumed the risk that information disclosed to a third party may be turned over to the police. Notably, Moocherhunter™, like the pen register, did not reveal the contents of the communications; it only revealed that communications were taking place.

The court finds that Stanley did not have a reasonable expectation of privacy in the wireless signal he caused to emanate from his computer to Kozikowski’s wireless router or the wireless signal he received from Kozikowski’s wireless router in order to connect to the internet. The information logged on that wireless router was accessible to Kozikowski and through his consent, to Erdely. This information showed the private IP address of Stanley’s computer. Stanley, therefore, could have no reasonable expectation of privacy in the signal he was sending to or receiving from Kozikowski’s wireless router in order to connect to the internet.

Stanley argued that Moocherhunter was like the thermal imager in Kyllo v. United States, 533 U.S. 27 (2001), but the district court disagreed:

Stanley argues that Moocherhunter™ is a technology that is not in general public use and was used to discover that a computer was located inside of Stanley’s home, and therefore, Erdely’s use of Moocherhunter ™ constituted a violation of his Fourth Amendment rights.

Kyllo, however, is distinguishable from this case, Smith, and its progeny. First, in Smith and this case, the defendant conveyed information directly to third parties in order to facilitate communication-a telephone call in Smith and a signal to connect to the internet in this case. In Kyllo, although the defendant caused the heat by using high-intensity lamps, he did not send it to a third party and to the extent he could, he contained the heat in his garage. InSmith, the defendant conveyed the telephone numbers directly to the telephone company. When subscribing to the internet, people provide personal information such as their addresses, birthdates, and billing information directly to their ISPs. When browsing the internet, people convey their IP addresses directly to the websites they wish to visit. It follows that there is no reasonable expectation of privacy in this information because it was purposefully conveyed to a third party.

[FN] The government’s use of the technology further distinguishes this case from Kyllo. In Kyllo, the government agents sat in front of the petitioner’s house and pointed the thermal-imaging device right at the house. Those agents knew the information they received would come from the petitioner’s house because that was the exact location they were searching. Erdely, however, started his investigation with Kozikowski’s wireless router inside Kozikowski’s home. He followed the signal, which was sent by Stanley, outside Kozikowski’s home and did not know where it would lead. But-for the information Stanley voluntarily sent to Kozikowski’s wireless router, i.e. the signal which caused the router to log his IP address, the 95 MAC address, and which ports he was accessing, Erdely could not have traced the signal from Kozikowski’s wireless router to the sidewalk in front of Stanley’s home. Stanley conveyed the information to a third party, thus exposing himself to the risk that it may be disclosed to the police.

I think that’s correct under Smith. And more broadly, it’s a pretty interesting set of facts.