War on hacking
"I don't think the basic thing--that they broke in--is debatable," said Stanford's Granick. "The ramifications? Now, they are debatable."
Currently, Gorshkov's lawyer, Kenneth Kanev, is attempting to block any use of the data from the Russian servers based on privacy and Fourth Amendment violations. However, because Ivanov and Gorshkov are not United States citizens and the data was kept in another country, some legal experts say it's likely the data will be admissible in court.
When reached at this office, Kanev refused to comment on the case.
In fact, a case from the United States' War on Drugs seems to support the search of a server in a foreign country. In 1986, Mexican police picked up the suspected leader of a narcotics ring and delivered him to the Mexico-United States border, where he was arrested by US officials. Agents of the Drug Enforcement Agency and Mexican officials later searched the suspect's homes in Mexico without a warrant.
The US Supreme Court ruled four years later that a search of a non-US citizen's foreign residence is legal, and no search warrant is necessary.
That decision could influence a ruling in this case, but that may not be the only fallout. By deeming such actions legal, the United States could kick off a spate of similar cross-border hacking, said Patricia Bellia, assistant professor of law at Notre Dame University and a former Justice Department attorney.
"I do think that (countries) are going to continue to have an urge to get evidence like this," she said. "They are getting frustrated with their inability to get evidence."
And while US law may deem the agents' actions legal, international law--the expectations of treatment that exist between countries--will, without a doubt, condemn them, she added.
"If Russia did this to us, we would object diplomatically," she said. The Embassy of Russia in Washington, DC, would not comment on the case, nor on whether the country intended to lodge an international complaint against the United States for a violation of its sovereignty.
In a paper studying the legal ramifications of remote cross-border searches, Bellia concludes that current mutual legal assistance treaties and the Cybercrime Convention being drafted by the Council of Europe won't add much clarity to the issue. Both require that countries promise to aid foreign law enforcement in searching for evidence that may reside on servers in their territory.
However, arranging for such searches takes weeks or, more often, months. Neither allows law enforcement to react fast enough to prevent data from being deleted.
Still, without an immediate solution, constraint should be the rule, said Bellia.
"If we can do it, then everybody else can do it to us--that's a very disturbing notion," she said. "The United States is the repository of so much data; it is very dangerous to go down that road."
