Computer Crime and Intellectual Property Section (CCIPS)

These Guidelines are the product of an interagency group, informally called the Computer Search and Seizure Working Group. Its members were lawyers, agents, and technical experts from the Federal Bureau of Investigation; the United States Secret Service; the Internal Revenue Service; the Drug Enforcement Administration; the United States Customs Service; the Bureau of Alcohol, Tobacco, and Firearms; the United States Air Force; the Department of Justice; and United States Attorneys' offices. Most of us have consulted widely within our own agencies to find the diversity of opinion on these topics. Our object was to offer some systematic guidance to all federal agents and attorneys as they wrestle with cases in this emerging area of the law. These Guidelines have not been officially adopted by any of the agencies, and are intended only as assistance, not as authority. They have no regulatory effect, and confer no right or remedy on anyone. Moreover, the facts of any particular case may require you to deviate from the methods we generally recommend, or may even demand that you try a completely new approach.

Many of our recommendations must be tentative, because there is often so little law directly on point. As the law develops and as technology changes (thereby altering or even transforming our assumptions), the Working Group may well find itself a Standing Committee with open membership.

If you have any comments, corrections, or contributions, please contact Marty Stansell-Gamm at the Computer Crime Unit, General Litigation Section, Department of Justice (202-514-1026). As you confront these issues in your practice, we will be eager to hear about your experience and to assist in any way we can.

Table of Contents - Main Guidelines
Supplement - Preface

As computers and telecommunications explode into the next century, prosecutors and agents have begun to confront new kinds of problems. These Guidelines illustrate some of the ways in which searching a computer is different from searching a desk, a file cabinet, or an automobile. For example, when prosecutors must interpret Rule 41 (which requires that the government obtain a search warrant in the district where the property to be searched is "located"), applying it to searches of physical items is usually uncomplicated. But when they must try to "locate" electronic data, the discussion can quickly become more metaphysical than physical.

Even so, it is important to remember throughout the process that as dazzling and confounding as these new-age searches and seizures may be, they are in many essential ways just like all other searches. The cause must be just as probable; the description of items, just as particular. The standard investigative techniques that work in other cases (like finding witnesses and informants) are just as valuable in computer cases. The evidence that seals a case may not be on the hardware or software, but in an old-fashioned form: phone bills, notes in the margins of manuals, or letters in a drawer.

The sections that follow are an integration of many legal sources, practical experiences, and philosophical points of view. We have often had to extrapolate from existing law or policies to try to strike old balances in new areas. We have done our best to anticipate the questions ahead from the data available today. Even so, we recognize that rapid advances in computer and telecom-munications technologies may require that we revisit these Guidelines, perhaps in the near future. In the meantime, as law struggles to catch up to technology, it is important to remember that computer cases are just like all others in one respect at least: under all the "facts and circumstances," there is no substitute for reasonable judgment.

Go to . . .

Table of Contents - Main Guidelines

CCIPS || Home Page