Cybersearches – Computer and Remote Access Searches

In 2007 the New Zealand Law Commission released an extensive report on search and surveillance laws and suggested that all then rules relating to searches be incorporated in an omnibus piece of legislation.

The subsequent enactment of the Search and Surveillance Act 2012 was not without controversy, but it is not the purpose of this post to discuss that. Of particular interest in the new legislation are the provisions governing computer searches and, more significantly, remote access searches – that is searches of remotely located data. What the legislation does not cover is how data that has been seized may be handled, examined and dealt with, together with the implications of the “plain view” doctrine which has been incorporated in the Act.

The Act is seen as an all-embracing piece of legislation. Its purpose is set out in s 5. It modernises the law of search, seizure and surveillance. It takes into account advances in technologies and regulates the use of those technologies in the process of search, seizure and surveillance. It emphasises the importance of the provisions of the New Zealand Bill of Rights Act 1990, the Privacy Act 1993 and the Evidence Act 2006, and recognises that the exercise of coercive powers by the state should be subject to clear and principled controls. The Act also ensures that investigative tools are effective and adequate for law enforcement needs.

Prior to the Act, the law relating to search and seizure was framed as if most information was held in hard copy. The recognition of the existence of electronic information was partial and inadequate. This created difficulties for law enforcement agencies in obtaining evidence needed to prosecute and convict offenders. The Law Commission observed that a search and seizure regime that clearly provided for access to and preservation of computer based information in a form that could be used in court was long overdue.

The paper that follows considers the structure of the search and seizure provisions as they relate to data and to computer systems. I shall then comment upon whether or not these provisions provide the answer to the problems identified by the Law Commission. It will be argued that although the legislation provides generalised solutions, considerable care will have to be undertaken by the authority seeking a search warrant and the officer issuing a search warrant to ensure that:

(a) the warrant is properly issued,

(b) it is properly grounded in terms of the pre-requisites before the issue of a search warrant, and

(c) it properly describes the target or subject of the search.

These issues will involve, at times, a consideration of the way in which a particular technology operates or the use of programs that are employed, especially in the field of remote searches.

The issue of data acquisition by search can often involve large quantities of data some of which will be relevant and some irrelevant. The Act does not address any processes that should be undertaken in assessing relevance or protecting privilege, although ss 136 to 147 of the Act address issues of privilege and confidentiality. This is in contrast to the procedures that are in place for example for examination orders. These are quite specific in terms of process and the provision of protections. The vexed question of remote access will be considered together with a discussion of issues arising in the context of extraterritorial searches. I shall consider the applicability of the ‘plain view’ doctrine as it applies to computer searches, and some of the problems that arise from Cloud based materials.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s