Last year when US Senator Ted Kennedy was
detained for being on a no-fly list, I
discussed his plight in relation to intrusion detection system "false positives." If an IDS is operating correctly, every alert it sees is the result of an action it was programmed to take. In other words, when a functioning IDS sees "cmd.exe", it reports seeing "cmd.exe".
It doesn't matter if the appearance of "cmd.exe" on the wire is not part of an actual intrusion; a rule to alert on "cmd.exe" does not cause "false positives" if the IDS reports seeing "cmd.exe". A real false positive involves the IDS reporting "cmd.exe" when no such content passed on the wire. Therefore, there are no such things as false positives. Blame the signature writer or IDS developer, not the IDS.
Let's move from the realm of IDS false positives to the land of canine false positives. Yesterday the
US Supreme Court issued its opinion in the case of
ILLINOIS, PETITIONER v. ROY I. CABALLES. This is a case where false positives involve a dog's ability to sniff for illegal drugs.
Justice Ginsberg's dissenting opinion summarizes the facts of the case:
"Illinois State Police Trooper Daniel Gillette stopped Roy Caballes for driving 71 miles per hour in a zone with a posted speed limit of 65 miles per hour. Trooper Craig Graham of the Drug Interdiction Team heard on the radio that Trooper Gillette was making a traffic stop. Although Gillette requested no aid, Graham decided to come to the scene to conduct a dog sniff.
Gillette informed Caballes that he was speeding and asked for the usual documents–driver’s license, car registration, and proof of insurance. Caballes promptly provided the requested documents but refused to consent to a search of his vehicle. After calling his dispatcher to check on the validity of Caballes’ license and for outstanding warrants, Gillette returned to his vehicle to write Caballes a warning ticket. Interrupted by a radio call on an unrelated matter, Gillette was still writing the ticket when Trooper Graham arrived with his drug-detection dog.
Graham walked the dog around the car, the dog alerted at Caballes’ trunk, and, after opening the trunk, the troopers found marijuana."
Justice Stevens' majority opinion held that "the dog sniff was performed on the exterior of respondent's car while he was lawfully seized for a traffic violation. Any intrusion on respondent's privacy expectations does not rise to the level of a constitutionally cognizable infringement... A dog sniff conducted during a concededly lawful traffic stop that reveals no information other than the location of a substance that no individual has any right to possess does not violate the Fourth Amendment." In other words, it's ok for police to use dogs to inspect cars for drugs during traffic violation stops (or at other times), even if there is no suspicion of drugs involved.
I do not agree with this opinion, for several reasons. The first reason involves false positives, and was correctly diagnosed in
Justice David Souter's dissenting opinion:
"I would hold that using the dog for the purposes of determining the presence of marijuana in the car’s trunk was a search unauthorized as an incident of the speeding stop and unjustified on any other ground...
The infallible dog, however,
is a creature of legal fiction... [T]heir supposed infallibility is belied by judicial opinions describing well-trained animals sniffing and alerting with less than perfect accuracy, whether owing to errors by their handlers, the limitations of the dogs themselves, or even the pervasive contamination of currency by cocaine...
In practical terms, the evidence is clear that
the dog that alerts hundreds of times will be wrong dozens of times.
Once the dog’s fallibility is recognized, however... the sniff alert does not necessarily signal hidden contraband, and opening the container or enclosed space whose emanations the dog has sensed will not necessarily reveal contraband or any other evidence of crime."
Justice Ginsberg expresses the second reason for my disagreement. Returning to her dissent, we see that beyond a Fourth Amendment violation, there are other problems with allowing canine searches prone to false positives:
"A drug-detection dog is an intimidating animal... Injecting such an animal into a routine traffic stop changes the character of the encounter between the police and the motorist. The stop becomes broader, more adversarial, and (in at least some cases) longer. Caballes –- who, as far as Troopers Gillette and Graham knew, was guilty solely of driving six miles per hour over the speed limit -– was exposed to the
embarrassment and intimidation of being investigated, on a public thoroughfare, for drugs...
Under today’s decision, every traffic stop could become an occasion to call in the dogs, to the distress and embarrassment of the law-abiding population...
Today’s decision... clears the way for
suspicionless, dog-accompanied drug sweeps of parked cars along sidewalks and in parking lots... Nor would motorists have constitutional grounds for complaint should police with dogs, stationed at long traffic lights, circle cars waiting for the red signal to turn green."
My third and final reason for disagreeing with the Court's opinion is based on
Justice Stevens' majority opinion. He writes for the Court:
"We have held that
any interest in possessing contraband cannot be deemed 'legitimate,' and thus, governmental conduct that only reveals the possession of contraband 'compromises no legitimate privacy interest.'"
Now, what if the definition of contraband is extended beyond illegal drugs? How about music or movies in digital form, or pirated software? Is the Court opening the door to knock down privacy rights, since means to discover contraband do not infringe Fourth Amendment rights? The Court continues:
"The legitimate expectation that information about perfectly lawful activity will remain private is categorically distinguishable from respondent’s hopes or expectations concerning the nondetection of contraband in the trunk of his car."
The Court also brushes aside the false positive concerns:
"Although respondent argues that the error rates, particularly the existence of false positives, call into question the premise that drug-detection dogs alert only to contraband, the record contains no evidence or findings that support his argument."
I find this ruling very disturbing. I expect to see canine units used in increasing numbers in the coming months, where false positives will continue to plague innocent people. For example, yesterday
National Public Radio reported that a man carrying cash to close on his house purchase was arrested when a dog alerted to supposed traces of illegal drugs on the money. Apparently traces of drugs on US currency is
not an urban legend!
If any lawyers want to contribute to this, please do. In my post 
Complacency, it seems, abounds. A large proportion of security execs admitted they're not in compliance with regulations that specifically dictate security measures their organization must undertake or risk stiff sanctions, up to and including prison time for executives. Some of these regulations—such as California's security breach law, the Health Insurance Portability and Accountability Act (HIPAA), and non-U.S. laws such as the European Union Data Privacy Directive—have been around for years. .. 
