Heed well the following XKCD cartoon. Click here for the full-resolution version.

“You are not a lawyer” (YANAL) is a fascinating, brief, but effective introduction to the fallacy of using technological reasons for a jury to doubt certain evidence in court, thereby failing to meet the “reasonable doubt” qualification for guilt. I was a little disappointed by the picture that it paints of the modern legal system, which can disrupt your life even without you being guilty in the first place. This all comes down to the search and seizure process, which is the point of Ohm’s article. For whatever doubt you can invent, by resorting to some technological reasoning (e.g. a trojan, open wifi, etc) you will first be searched, and that might well be evidence of your crime (in the event that you actually committed a crime). If you didn’t do anything wrong, you have nothing to worry about, right? Not so fast: it’s hard to imagine anyone not being injured, one way or another, by the modern legal process. If you’ve done nothing wrong, at a minimum, you should still fear the search and seizure.

RTFA: http://www.freedom-to-tinker.com/blog/paul/being-a…

When techies think about criminal law, and in particular crimes committed online, they tend to fixate on this legal standard, dreaming up ways people can use technology to inject doubt into the evidence to avoid being convicted. I can’t count how many conversations I have had with techies about things like the “open wireless access point defense,” the “trojaned computer defense,” the “NAT-ted firewall defense,” and the “dynamic IP address defense.” Many people have talked excitedly to me about tools like TrackMeNot or more exotic methods which promise, at least in part, to inject jail-springing reasonable doubt onto a hard drive or into a network.

People who place stock in these theories and tools are neglecting an important drawback. There are another set of legal standards–the legal standards governing search and seizure–you should worry about long before you ever get to “beyond a reasonable doubt”. Omitting a lot of detail, the police, even without going to a judge first, can obtain your name, address, and credit card number from your ISP if they can show the information is relevant to a criminal investigation. They can obtain transaction logs (think apache or sendmail logs) after convincing a judge the evidence is “relevant and material to an ongoing criminal investigation.” If they have probable cause–another famous, but often misunderstood standard–they can read all of your stored email, rifle through your bedroom dresser drawers, and image your hard drive. If they jump through a few other hoops, they can wiretap your telephone. Some of these standards aren’t easy to meet, but all of them are well below the “beyond a reasonable doubt” standard for guilt.