NOTICE: This opinion is subject to motions for reargument under V.R.A.P. 40 as well as formal
revision before publication in the Vermont Reports. Readers are requested to notify the Reporter
of Decisions by email at: JUD.Reporter@vermont.gov or by mail at: Vermont Supreme Court, 109
State Street, Montpelier, Vermont 05609-0801, of any errors in order that corrections may be made
before this opinion goes to press.


                                          2018 VT 92

                                          No. 2017-127

State of Vermont                                               Supreme Court

                                                               On Appeal from
   v.                                                          Superior Court, Rutland Unit,
                                                               Criminal Division

Stuart Lizotte, Jr.                                            March Term, 2018


Cortland Corsones, J.

Thomas J. Donovan, Jr., Attorney General, and Ultan Doyle, Assistant Attorney General,
 Montpelier, for Plaintiff-Appellee.

Allison N. Fulcher of Martin & Associates, Barre, for Defendant-Appellant.

Christopher J. Schmidt, St. Louis, Missouri, Logan Rutherford, Kansas City, Missouri, and
 Lawrence G. Scarborough, New York, New York, of Bryan Cave LLP, for Amicus Curiae
 The National Center for Missing and Exploited Children.


PRESENT: Reiber, C.J., Skoglund, Robinson, Eaton and Carroll, JJ.


          ¶ 1.    SKOGLUND, J. This case requires us to consider whether defendant’s Fourth

  Amendment rights were violated when his online service provider, AOL, searched his

  transmissions, detected suspected child pornography, and sent information to the National Center

  for Missing and Exploited Children (NCMEC), which opened the email and attachment and

  provided it to law enforcement. We conclude that AOL was not acting as an agent of law

  enforcement when it searched defendant’s transmissions, and that NCMEC and law enforcement

  did not expand AOL’s private search by viewing the file already identified by AOL as containing

  child pornography. In addition, any expansion of the search by opening the related email did not
 invalidate the warrant because the other information in the affidavit independently provided

 probable cause to search. We affirm.

           ¶ 2.   The following facts are not disputed. Defendant registered an account with

 America Online, now known as AOL, an electronic service provider (ESP) and internet service

 provider (ISP), which was in effect in March 2013. He registered it under the screenname

 “lilstuisthebest.” This is the account used to send the emails and attachments at the heart of this

 case. To use AOL’s services, AOL requires its users to agree to its Terms of Service and Privacy

 Policy (TOS). The terms are designed to protect AOL’s rights and to control members’ behavior

 online and when using its services. At the time in question, the TOS specifically stated, among

 other things, that AOL could access the content of communications if it believed a crime had

 been committed, and that users could not post, transmit, or distribute illegal content. In addition,

 the TOS explained that if illegal material was posted or transmitted, then AOL would cancel the

 account and cooperate with law enforcement.

           ¶ 3.   AOL monitors the content users send on its network through tools including

 Image Detection Filtering Process (IDFP).1 IDFP uses the MD5 algorithm to compute the hash

 value of attachments and embedded images in messages sent by, replied to, or forwarded by an

 AOL user. The MD5 hash values are obtained by applying a mathematical algorithm to a digital

 file or data set. The resulting hash value is a unique numerical representation of that digital file

 or data set. Two images that are pixel-for-pixel identical will have the exact same hash value,

 and therefore, the hash value is referred to as a digital fingerprint. See United States v.

 Henderson, 595 F.3d 1198, 1199 n.2 (10th Cir. 2010) (explaining that hash value is unique




       1
          AOL is not required by law to monitor transmissions by its users for child pornography,
but it must report any suspected child pornography if it is discovered. See infra, ¶ 22. AOL began
monitoring transmissions in response to complaints from its users, who were receiving child
pornography in their email.
                                                2
alphanumeric sequence developed from pixel-by-pixel analysis of particular image or video and

called “digital fingerprint” because it is, “so far as science can ascertain presently, unique”).

       ¶ 4.    MD5 hash values are a well-established means of identifying and verifying

electronic files. Using the hash algorithm, the scanning system can scan numerous files and

identify those files with known hash values. The hash values used to identify images of apparent

child pornography within AOL’s system are created by AOL. All the hash values contained in

AOL’s data set were derived from images of apparent child pornography that have at one time

been viewed by an AOL Graphics Review Team representative and determined to contain

apparent child pornography. If the image is altered in any way, the hash value will not match.

       ¶ 5.    When a file is identified by AOL using IDFP as having the same hash value as a

file previously categorized as apparent child pornography, the file does not reach its intended

destination, the sender’s email account is terminated, the account is preserved, and AOL

automatically files a report with NCMEC’s CyberTipline. AOL sends a copy of the full email,

the header information, and a copy of any image or files attached or embedded in the email. The

header information is metadata about the email including routing information. AOL does not

necessarily view the flagged file prior to submitting it to NCMEC, relying solely on the

identification of the images by the hash value and its previous observation of the image with the

same hash value.     NCMEC cannot tell whether the file has been opened, but the report

transmitted has a place for the ESP to indicate whether the file has previously been viewed.

       ¶ 6.    NCMEC is a private, nonprofit corporation. Its mission is to help find missing

children, reduce child sexual exploitation, and prevent child victimization. NCMEC has five

main project areas: (1) missing children; (2) child sexual exploitation; (3) training; (4) safety and

prevention; and (5) child victim and family services. NCMEC has 350 employees over several

different departments and divisions. None of NCMEC’s employees are government employees

or active law enforcement officers. NCMEC is funded through private donations, federal grants,

                                                3
foundations, and corporate donations. Approximately seventy percent of its funding, around

thirty-four million dollars, comes from federal grants from the Department of Justice and the

Department of Homeland Security.

       ¶ 7.    The Child Exploitation Division of NCMEC operates the CyberTipline and a

child victim identification program. The child victim identification program uses hash values to

identify images that contain child victims. The CyberTipline receives tips related to child

exploitation. Reports can be submitted online. The CyberTipline was created through a grant

and, at the time, law enforcement did not have any involvement in the program. The government

was not involved in initiating the program and no statutes governed its operation. Since then,

the federal government has enacted several laws related to the CyberTipline. Currently, federal

law requires ESPs and ISPs to report apparent child pornography to NCMEC through the

CyberTipline. See 18 U.S.C. § 2258A(a). NCMEC is then required to forward the report to law

enforcement. Id. § 2258A(c)(1). Although ISPs and ESPs are not required to register with

NCMEC, about twenty-five percent of them are registered, including AOL. Once registered

with NCMEC, ESPs provide reports to the CyberTipline using a secure encrypted electronic

connection that gives them the ability to upload files with their reports. Of the four million tips

to the CyberTipline in 2015, ninety-eight percent were made by ESPs.

       ¶ 8.    After NCMEC receives a report, the report is locked and cannot be altered. A

staff member then uses publicly available tools to try to identify potential geographic information

pertaining to the individual who is the subject of the report, as well as the geographic information

of the ESP potentially used in the possession, receipt, or transmission of the apparent child

pornography image files. After the staff member has determined a potential geographic location

and the relevant ESP information, a CyberTipline report is made available to a law enforcement

agency in the identified potential geographic location using a secured virtual private network.

NCMEC is required by federal legislation to transmit or forward the report to the appropriate

                                                4
 law enforcement agency for investigation. See 18 U.S.C. § 2258A(c)(1)-(3) (requiring NCMEC

 to forward each report “to any appropriate law enforcement agency designated by the Attorney

 General” and allowing NCMEC to forward report to state law enforcement or foreign law

 enforcement); 34 U.S.C. § 11293(b)(1)(P) (describing that annual grant to NCMEC should be

 used to “operate a cyber tipline to provide online users and electronic service providers an

 effective means of reporting Internet-related child sexual exploitation”). NCMEC staff do not

 always open and view files before forwarding them to law enforcement. Staff sometimes open

 images for two reasons: to make sure the file was transmitted properly and to identify the location

 of the image, and therefore the involved minor, in furtherance of their goal of helping victims.

           ¶ 9.    Law enforcement uses the private network to access and obtain the report.

 NCMEC neither has control over any subsequent investigation nor does it follow up with law

 enforcement on any tips that NCMEC sent.

           ¶ 10.   In this case, AOL identified two emails that contained files with hash values

 matching AOL’s database of suspected child pornography. AOL isolated the transmissions and

 did not allow the emails to be sent to their intended recipient. AOL then submitted two reports

 to NCMEC labelled as 1812852 and 1812853.2 AOL reported an individual using an email

 address of lilstuisthebest@aol.com and provided the associated IP address. AOL identified the

 incident as child pornography based on its IDFP analysis. The attachment file name was

 referenced in the header information. The header also contained the MD5 hash value of the file

 that was sent. Staff at AOL did not view either the content of the two emails or the attachment

 at the time the report was made. Once received by NCMEC, a staff person at the CyberTipline

 viewed the video attachment and the opened the email. Using publicly available internet tools,

 that staff person determined that the IP address identified by AOL was associated with a Comcast



       2
          There were two reports because there were two separate emails that attempted to send
the same file.
                                              5
  account having a potential geographic location of Rutland, Vermont.              Consequently, the

  CyberTipline sent a notification of reports 1812852 and 1812853 to the Office of the Vermont

  Attorney General for independent review and potential investigation.

              ¶ 11.   The Attorney General’s Office has a unit called Internet Crimes Against Children

  task force (ICAC). A detective from that unit received an email from NCMEC stating a tip was

  available. He logged onto the NCMEC virtual private network and downloaded the reports

  designated as 1812852 and 1812853. The reports indicated that AOL had not viewed the

  attachment. The detective opened and viewed both the emails and the video attachment. The

  detective applied for a warrant to search defendant’s residence and any electronic devices found

  therein. The search warrant affidavit included information about NCMEC and the CyberTipline.

  The affidavit also provided the name of the attached video, a description of the video contents,

  information about the sender, and content from the emails. A subsequent search warrant was

  obtained to get information about the AOL account from AOL.

              ¶ 12.   Based on information obtained from these searches, defendant was charged with

  four counts of possessing child pornography, three counts of promoting child pornography, three

  counts of aggravated sexual assault, and one count of lewd and lascivious conduct.3 Defendant

  moved to suppress. He argued that he had a reasonable expectation of privacy in his emails and

  related attachments and that his rights under both the Fourth Amendment of the U.S. Constitution

  and Article 11 of the Vermont Constitution were violated because law enforcement opened the

  attachment and his email before obtaining a warrant.

              ¶ 13.   The court denied the suppression motion. Based on defendant’s agreement to the

  TOS with AOL, which notified defendant that his communications could be accessed or

  disclosed if there was a good faith belief a crime had been committed, the court held that



          3
              The State amended the information several times, eventually including all of the charges
listed.
                                                     6
 defendant had no reasonable expectation of privacy in the transmissions involved in this case.

 With no expectation of privacy, the court concluded there was no violation of defendant’s rights.

           ¶ 14.   The court rejected the argument that AOL and NCMEC were acting as agents of

 law enforcement and therefore that their searches required a warrant. The trial court found the

 following: that law enforcement was not involved with AOL’s process of identifying apparent

 child pornography and AOL was not working as an agent of same; no law enforcement or

 government entity was involved in setting up the CyberTipline and law enforcement did not

 direct NCMEC to establish it; the government neither directs nor provides guidance to NCMEC

 in its processing of CyberTipline reports; law enforcement is not involved with NCMEC’s

 process of collecting reports; and NCMEC has no control over any subsequent criminal

 investigation and does not follow up with law enforcement on any tips that are sent. Based on

 these findings the court concluded that neither AOL nor NCMEC were functioning as agents of

 law enforcement and their private searches were not precluded by the Fourth Amendment.

 Finally, the court concluded that, even if NCMEC was a government agent, neither NCMEC nor

 law enforcement in the form of the detective, expanded the scope of the AOL search.

           ¶ 15.   Defendant then entered a conditional guilty plea, pleading guilty to two counts of

 aggravated sexual assault, one count of possessing child pornography, and two counts of

 promoting child pornography. He reserved the right to appeal the denial of his motion to

 suppress. More information about the plea colloquy is set forth below. After a contested

 sentencing hearing, defendant was sentenced to twenty-two years to life. Defendant appealed.

           ¶ 16.   On appeal, defendant argues that the motion to suppress should have been granted

 because the search warrant was based on evidence that was obtained in violation of his Fourth

 Amendment and Article 11 rights.4 Defendant also argues that his guilty plea was invalid


       4
          Although defendant cites both the Fourth Amendment and Article 11 of the Vermont
Constitution, defendant does not provide any argument or rationale to distinguish the analysis
under the Vermont Constitution. See State v. Brillon, 2010 VT 25, ¶ 6, 187 Vt. 444, 995 A.2d 557
                                               7
 because the court failed to establish a factual basis for one of the aggravated sexual assault

 charges.

           ¶ 17.   As explained more fully below, we conclude that AOL was not functioning as an

 agent of law enforcement when it scanned defendant’s transmissions, compared the attached file

 to its database of hash values, and reported defendant’s email and attachment to NCMEC.

 However, we conclude that NCMEC was functioning as an agent of the government when it

 opened and processed the material sent by AOL and then transmitted it to law enforcement. We

 conclude that NCMEC and law enforcement did not expand the search conducted by AOL when

 they opened the video file because at some time prior AOL had already viewed that document

 and through the hashing technology law enforcement already knew what was contained therein.

 To the extent that NCMEC or law enforcement opened and viewed the contents of the email

 itself, we conclude that this was an expansion of the search conducted by AOL. We hold,

 however, that because the information from the content of the email was not necessary to provide

 probable cause, this expansion did not invalidate the warrant. Finally, we conclude that the plea

 colloquy was sufficient.

                                I. Reasonable Expectation of Privacy

           ¶ 18.   On appeal, defendant first argues that he had a reasonable expectation of privacy

 in the content data associated with his emails that is protected by the Fourth Amendment and

 Article 11 of the Vermont Constitution.5 Defendant also contends that any consent he gave to



(concluding state constitutional argument not adequately presented where there was no substantive
analysis of how state provision differed from federal provision). Therefore, we analyze the issues
under the existing federal standard. We do not address defendant’s state constitutional arguments
that are raised for the first time in his reply brief. See State v. Percy, 156 Vt. 468, 481 n.7, 595
A.2d 248, 255 n.7 (1990) (refusing to address constitutional argument raised for first time in reply
brief).
       5
          Defendant does not argue that he had a reasonable expectation of privacy in the
noncontent data associated with the email such as the subscriber information and associated IP
address. See State v. Simmons, 2011 VT 69, ¶¶ 13-14, 190 Vt. 141, 27 A.3d 1065 (recognizing
                                              8
 AOL by agreeing to the TOS did not diminish his expectation of privacy under the Fourth

 Amendment.        For purposes of this decision, we assume that defendant had a reasonable

 expectation of privacy in the content of his email communication, including images attached or

 embedded in those emails.6 Because we conclude that AOL was not functioning as an agent of

 law enforcement, we need not and do not reach the question of whether by accepting AOL’s

 TOS defendant consented to the search of his transmissions by AOL.

                                  II. Agents of Law Enforcement

           ¶ 19.   The U.S. Supreme Court has long held that “a wrongful search or seizure

 conducted by a private party does not violate the Fourth Amendment and that such private

 wrongdoing does not deprive the government of the right to use evidence that it has acquired

 lawfully.” Walter v. United States, 447 U.S. 649, 656 (1980). The Fourth Amendment and the

 exclusionary rule apply solely to government action because the constitutional provision

 safeguards “against arbitrary invasions by governmental officials.” State v. Schofner, 174 Vt.

 430, 431-32, 800 A.2d 1072, 1074 (2002) (mem.) (quotation omitted). In addition, the purpose

 of the exclusionary rule—to deter unconstitutional conduct—“would have little effect on a

 private person who is not acting to secure a criminal conviction.” State v. Young, 2010 VT 97,

 ¶ 12, 189 Vt. 37, 12 A.3d 510.

           ¶ 20.   Nonetheless, a private search will implicate the Fourth Amendment if the private

 party is acting as an agent of the government. United States v. Cameron, 699 F.3d 621, 637 (1st

 Cir. 2012). There is no specific test to measure whether such an agency relationship exists. The



that federal courts have held that Fourth Amendment does not protect noncontent data and holding
that subscriber information is not private under Article 11).
       6
          The State moved to strike a portion of defendant’s appellant reply brief, arguing that
defendant improperly raised new arguments to support his assertion that he had a reasonable
expectation of privacy in the content data of his emails. Because we assume that defendant had a
reasonable expectation of privacy in his emails, we need not reach the arguments advanced in
defendant’s reply brief and deny the motion as moot.
                                                  9
U.S. Supreme Court has explained that whether a private party acted as an instrument of the

government “necessarily turns on the degree of the Government’s participation in the private

party’s activities.” Skinner v. Ry. Labor Execs.’ Ass’n, 489 U.S. 602, 614 (1989). This depends

on the circumstances, including the government’s “encouragement, endorsement, and

participation” in the action. Id. at 615-16; see Young, 2010 VT 97, ¶ 14 (looking at “all the

circumstances of the case” to determine if off-duty police officer was acting as private citizen

during search). In general, “[a] search by a private person becomes a government search if the

government coerces, dominates, or directs the actions of a private person conducting the search.”

United States v. Souza, 223 F.3d 1197, 1201 (10th Cir. 2000) (quotation omitted).

        ¶ 21.   Some federal courts have established factors to be considered in determining

whether a private citizen acted as an agent of the government in conducting a search. The First

Circuit looks at three factors: “the extent of the government’s role in instigating or participating

in the search, its intent and the degree of control it exercises over the search and the private party,

and the extent to which the private party aims primarily to help the government or to serve its

own interests.” United States v. Momoh, 427 F.3d 137, 141 (1st Cir. 2005) (quotation omitted).

The Tenth Circuit has a two-part inquiry: “1) whether the government knew of and acquiesced

in the intrusive conduct, and 2) whether the party performing the search intended to assist law

enforcement efforts or to further his own ends.” Souza, 223 F.3d at 1201 (quotation omitted).

The Sixth and Ninth Circuits also look at two factors: “ ‘(1) the government’s knowledge or

acquiescence, and (2) the intent of the party performing the search.’ ” United States v. Hardin,

539 F.3d 404, 418 (6th Cir. 2008) (quoting United States v. Walther, 652 F.2d 788, 792 (9th Cir.

1981)). In all the tests, the critical facts are the government role in the private party’s action and

the private party’s motivation for conducting the search. In addition, the defendant bears the

burden of establishing that a private party acted as an agent of the government. United States v.

Richardson, 607 F.3d 357, 364 (4th Cir. 2010) (“The defendant shoulders the burden of

                                                 10
establishing the existence of an agency relationship—a fact-intensive inquiry that is guided by

common law agency principles.” (quotation omitted)). We apply these considerations in turn to

both AOL and NCMEC.

                                           A. AOL

       ¶ 22.   In considering the tests enunciated above, we conclude that AOL was not acting

as a government agent when it searched defendant’s transmissions over its network using its

hashing technology. The facts presented as to AOL are as follows. Law enforcement is not

involved in the daily operations of AOL. The law requires AOL to report suspected violations

of federal law prohibiting sexual exploitation of children, but does not require AOL to monitor

transmissions over its network to detect illegal action. See 18 U.S.C. § 2258A(a) (requiring ESP

to report suspected child pornography); id. § 2258A(f)(1)-(2) (explaining that statute should not

be construed to require ESP to “monitor any user, subscriber, or customer” or to “monitor the

content of any communication”). IDFP, AOL’s technology for identifying suspected child

pornography, was developed independent of any government agency, and the government did

not require its development. AOL developed the IDFP technology on its own to further private

business concerns including the issue that its users were complaining about receiving images of

child pornography.

       ¶ 23.   Under these circumstances, we conclude that AOL was not acting as a

government agent when it searched the transmissions defendant sent over its network using its

hashing technology. AOL monitored defendant’s transmissions based on its business interest,

not because it was encouraged or directed to by government, and the government did not know

about or participate in the action. This holding is consistent with the decisions of other courts

that ISPs do not act as agents of law enforcement by monitoring the content of transmissions for

suspected child pornography. See United States v. Stevenson, 727 F.3d 826, 831 (8th Cir. 2013)

(holding that AOL searching email for child pornography was based on its own initiative not as

                                              11
 government agent); Cameron, 699 F.3d at 637-38 (concluding Yahoo! not acting as government

 agent when searching for child pornography because it did so for its own interests and

 government did not control or direct action); Richardson, 607 F.3d at 365-67 (holding AOL not

 acting as agent of government when it scanned email for suspected child pornography); United

 States v. Stratton, 229 F. Supp. 3d 1230, 1237-38 (D. Kan. 2017) (holding that electronic service

 provider was acting as private entity when it searched content of defendant’s online gaming).

                                            B. NCMEC

           ¶ 24.   Defendant argues that NCMEC was acting as an agent of law enforcement when

 it opened his email and the related attachment. We agree.7

           ¶ 25.   We first look at whether the government instigated, encouraged, or participated

 in the search. ESPs and ISPs are required by statute to report suspected child pornography and

 NCMEC’s CypberTipline is the sole means to do so. NCMEC is required by statute to preserve

 the evidence and to forward the CyberTipline reports to law enforcement. Therefore, the

 government knew that NCMEC would be collecting reports of suspected child pornography and

 in fact through legislation directed NCMEC to do so. Although the statute does not require

 NCMEC to open the information in the reports, it does not preclude NCMEC from viewing the

 contents of the reports. The statute at least indicates that the government knew it was likely

 NCMEC would view and search the reports and at least acquiesced in this action. Further,

 NCMEC is treated like an arm of the government in that it is authorized to receive and possess

 child pornography, which is otherwise contraband. Moreover, the statute requires NCMEC to

 preserve the evidence and forward the information to law enforcement. These facts show


       7
          The undisputed facts indicate that NCMEC is largely funded by government grants and
that law enforcement officers serve on its board. Although these facts would be important to a
determination of whether NCMEC is a government entity, they are not particularly relevant to the
question of whether NCMEC was acting as a government agent when it opened and searched the
email and attachment received from AOL. The latter issue instead depends on the government’s
role in instigating or participating in the search and its control over the search, and the private
party’s purpose for conducting the search.
                                                 12
government involvement in NCMEC’s search: government knew NCMEC would be conducting

searches like the one at issue here, provided direction on how the information would be treated,

and mandated that the information obtained be shared with the government.

       ¶ 26.   The other important consideration is NCMEC’s motivation for opening the email

and the attachment. The State argues that NCMEC was not acting as an agent of law enforcement

because it was motivated by its private goals of helping to find missing children, reducing sexual

exploitation of children, and preventing child victimization. The State relies on People v. Pierre,

29 N.Y.S.3d 110, 120 (Sup. Ct. 2016), which held that NCMEC was not acting as an agent of

law enforcement because it had its own legitimate interests and motivation for creating the

CyberTipline. Pierre in turn relied in large part on a similar holding in United States v.

Ackerman, No. 13-10176-01-EFM, 2014 WL 2968164 (D. Kan. July 1, 2014), which was

subsequently overruled. On appeal, the Tenth Circuit held that NCMEC was acting as agent of

law enforcement because the government knew and acquiesced in its searches and NCMEC was

motivated at least in part by a desire to assist law enforcement. United States v. Ackerman, 831

F.3d 1292, 1301-02 (10th Cir. 2016); see also United States v. Keith, 980 F. Supp. 2d 33, 41 (D.

Mass. 2013) (concluding that NCMEC’s operation of CyberTipline “is intended to, and does,

serve the public interest in crime prevention and prosecution, rather than a private interest”). We

acknowledge that NCMEC created the CyberTipline on its own initiative and not at

government’s direction and that NCMEC has important goals unrelated to law enforcement.

Nonetheless, when NCMEC searched defendant’s transmissions, it was doing so at least in part

to assist law enforcement. The testimony indicated that NCMEC had independent reasons,

including identifying victims, to view the images and the email, but it also sought to locate the

sender of the transmission to aid law enforcement. We conclude that the combination of the

government’s knowledge and acquiescence in the search and the motive of NCMEC to assist

law enforcement indicate that NCMEC was acting as an agent of the government when it opened

                                               13
and viewed defendant’s email and video attachment. See Ackerman, 831 F.3d at 1301-02

(concluding that NCMEC was acting as agent of law enforcement).

                                       III. Expansion of Search

        ¶ 27.   Next, we turn to the question of whether the searches performed by NCMEC and

law enforcement expanded on that performed by AOL because under the private search doctrine

there is no violation of the Fourth Amendment if the police view evidence that is confined to the

scope of the initial private search.

        ¶ 28.   The private search doctrine was examined by the U.S. Supreme Court in United

States v. Jacobsen, 466 U.S. 109 (1984). In that case a package arrived a Federal Express office

damaged and torn. Employees opened the package to examine the contents. Inside, they found

a box with a tube covered with silver tape. The employees cut the tube and found a series of

plastic bags containing white powder. They notified the Drug Enforcement Administration.

When federal agents arrived, an agent removed a plastic bag from the tube and opened four bags

to remove the white substance. The federal agents tested the substance and identified it as

cocaine.

        ¶ 29.   The search was challenged by the defendant. The U.S. Supreme Court explained

that the initial invasion was done by private action and the question was whether the additional

invasions of privacy by the government “exceeded the scope of the private search.” Id. at 115.

The Court held that the Fourth Amendment does not prohibit the use of information obtained in

a third-party search, but it is implicated if the government “use[s] information with respect to

which the expectation of privacy has not already been frustrated.” Id. at 117. The Court

concluded that there was no expansion of the private search when DEA officers removed the

plastic bags from the tube and powder from the bag because “the removal of the plastic bags

from the tube and the agent’s visual inspection of their contents enabled the agent to learn

nothing that had not previously been learned during the private search.” Id. at 120. The Court

                                                 14
also held that field testing the substance did not violate the Fourth Amendment because this

action could only reveal whether the substance was cocaine, which did not compromise a

legitimate interest in privacy and therefore was not a search. Id. at 122-23.

        ¶ 30.   The question is then whether opening (1) the attachment and (2) the email to

which it was attached provided an opportunity for the government to learn something that had

not already been discovered during the private search. See United States v. Lichtenberger, 786

F.3d 478, 485-86 (6th Cir. 2015) (explaining that there is no expansion of search where

government has “near-certainty regarding what they would find and little chance to see much

other than contraband”).

        ¶ 31.   The facts relevant to the attached file are as follows. The file was identified by

AOL as having a MD5 hash value matching an image that had previously been opened and

identified by an AOL representative as child pornography. AOL did not need to open the

attachment at the time that it was detected to know what it contained because each hash value is

unique and AOL knew that the match indicated the image contained previously viewed child

pornography. Therefore, when AOL sent the report to NCMEC with the hash value, NCMEC

knew for certain that the image was (1) one that had been previously viewed by AOL; and (2)

an image that contained apparent child pornography. Like in Jacobsen where law enforcement

did not expand the search by looking in the plastic bag, when NCMEC and then law enforcement

opened the attachment forwarded by AOL, they were not expanding AOL’s search because they

already knew what was contained in the attachment and they could not learn more than was

already known by AOL about the attachment. Therefore, we hold that viewing the attachment

did not expand the search. A federal district court reached the same result on similar facts,

explaining that a hash value is not like a label written on a box; rather, it is a digital fingerprint

that conveys that the information in the file is exactly the same as what was previously viewed.

See United States v. Miller, No. 16-47-DLB-CJS, 2017 WL 2705963, at *5-6 (E.D. Ky. June 23,

                                                15
2017) (holding that law enforcement did not expand search by opening file that Google had

previously identified as apparent child pornography and matched using hashing technology).

       ¶ 32.   Defendant argues that NCMEC and law enforcement expanded on the search

conducted by AOL when they opened the email and the attachment because AOL did not open

either prior to transmitting to NCMEC. Defendant relies primarily on two cases. In Ackerman,

using its hashing technology, AOL identified one of four images attached to the defendant’s

emails as child pornography. AOL forwarded the email and all of the images to NCMEC, which

opened the email and viewed all of the images. NCMEC then alerted law enforcement. The

court held that NCMEC was acting as a government agent. 831 F.3d at 1301-04. The court

further held that NCMEC expanded the private search when it opened the three unidentified

attachments and the email itself because these items could have disclosed information

“previously unknown to the government.” Id. at 1306.

       ¶ 33.   We are not persuaded that Ackerman supports a holding that there was an

expansion of the search in this case as to the video file. The facts are distinguishable because in

Ackerman there were attachments that had not been previously viewed by AOL and identified

as suspected child pornography. Moreover, Ackerman did not answer the question of whether

simply opening the one identified attachment, and not the email, would have expanded the

search. The court specifically reserved that question. Id. (explaining that court did not have to

reach question of whether only opening one image with matching hash value and not email would

have been an expansion of search).

       ¶ 34.   Defendant also relies on Keith, 980 F. Supp. 2d 33, in which AOL, using its

hashing technology, identified an email containing an image that matched a hash value for an

image containing child pornography. AOL forwarded it to NCMEC without opening or viewing

it. In that case, there was no information about how the file originally was added to AOL’s

database; the evidence did not indicate whether the image had been viewed by an AOL employee

                                               16
 who placed it in the database or whether the image had been received by AOL from a different

 ESP and then placed in the database. Based on these facts, the court concluded that when

 NCMEC viewed the file it expanded the search because all that was shown was that the identified

 file’s hash value matched that of an image in AOL’s database and there was no evidence that

 “some AOL employee had opened the file and viewed the contents.” Id. at 43. Here, in contrast,

 the undisputed evidence established that an AOL employee had previously viewed the image

 that was identified by the hashing technology. Therefore, we conclude that there was no

 expansion of AOL’s private search when NCMEC and law enforcement viewed the video file

 that was identified by AOL.

           ¶ 35.   Having analyzed the attachment, we consider whether NCMEC and law

 enforcement expanded AOL’s search by opening the email. AOL did not open the email and

 had no knowledge of what was contained in that email. Although the trial court did not make

 specific findings on whether NCMEC and law enforcement opened the email file or just the

 video attachment, it is clear from the record that both NCMEC and law enforcement viewed the

 contents of the email to which the identified video file was attached.8

           ¶ 36.   The logic underlying our conclusion that opening the video attachment did not

 expand the search is not applicable to the contents of the email to which the video was attached.

 AOL had previously viewed the video attachment and therefore when it was viewed by NCMEC

 and law enforcement, they already knew what it contained and could learn nothing more than

 had previously been learned through the private search. As to the email contents, however, AOL

 had no knowledge and this search could have disclosed information previously unknown to the

 government. See Ackerman, 831 F.3d at 1305-06 (holding that where government opened email



       8
         The undisputed evidence demonstrates that law enforcement viewed the email insofar as
the investigating detective admitted to opening the email and the affidavit of probable cause
supporting the warrant contained text from the body of the email. On appeal, in its amicus brief,
NCMEC also admits to opening the email.
                                               17
itself this amounted to expansion of private search that had only opened attachment to email);

see also Jacobsen, 466 U.S. at 120-21 (explaining that expansion of private search occurs where

government may learn information not previously revealed during private search). Therefore,

we conclude that this expanded the private search conducted by AOL.

       ¶ 37.     There are, however, no grounds to invalidate the resulting warrant because, even

without the information from the content of the email, the affidavit in support of the warrant

established probable cause. “A search warrant is not invalid merely because it is supported in

part by an affidavit containing unlawfully obtained information.” State v. Moran, 141 Vt. 10,

16, 444 A.2d 879, 882 (1982). “Where the affidavit includes allegations based on illegally

obtained evidence as well as independent and lawfully obtained information, a valid search

warrant may issue if the lawfully obtained information, considered by itself, is sufficient to

establish probable cause.” Id. In prior cases, we have made this determination for the first time

on appeal instead of remanding to the trial court. See State v. Morris, 165 Vt. 111, 129, 680

A.2d 90, 102 (1996) (recognizing that “it is not normally the function of appellate review to

make a de novo determination of probable cause,” but in accordance with prior law determining

on appeal whether after excluding some information from affidavit “remaining information

contained in the excised affidavit established probable cause for issuance of the warrant”).

       ¶ 38.     Therefore, we consider whether there was probable cause. A warrant must be

supported by probable cause, which “exists when the facts and circumstances set forth in the

affidavit are such that a judicial officer may reasonably conclude that the evidence sought is

connected to the crime and located at the place indicated.” Moran, 141 Vt. at 16, 444 A.2d at

882. The affidavit of probable cause in this case contained a detailed explanation of the

investigation.    It provided, among other things, the following: information about the

CyberTipline and the reports made by AOL and NCMEC; the name of the video attachment; a

detailed description of the video contents, including that it showed girls between six and eight

                                               18
years old engaged in sexual acts; the sender email and associated IP address; information linking

that IP address to Rutland; information from the internet provider that the IP address was

assigned to someone with defendant’s name; a visual description of the place to be searched

including that the mailbox bore defendant’s name; and an explanation that both the Department

of Motor Vehicles and law enforcement records indicated that defendant lived at that address.

This information was sufficient for a judicial officer to reasonably conclude that evidence of

child pornography would be found at that location. In addition to the above, the affidavit reports

content from that the email containing the suspected child pornography. It states that the

identified attachment was part of series of emails in which the recipient writes “im waiting for

you to send me back plz” and defendant’s email replies “i did.” We conclude that the supporting

affidavit, absent this very limited information from the body of the email, established probable

cause. Therefore, there are no grounds to invalidate the warrant, and we affirm the court’s

decision denying defendant’s motion to suppress.

                                      IV. Plea Colloquy

       ¶ 39.   On appeal, defendant argues that as to Count 6 the plea colloquy was insufficient.

Count 6 alleged that defendant committed aggravated sexual assault based on the victim being

under the age of thirteen, 13 V.S.A. § 3253(a)(8). Defendant contends that under Vermont Rule

of Criminal Procedure 11(f), defendant must personally admit the facts underlying the charge

and in this case he simply agreed that the facts recited were alleged by the State, not that he

admitted those facts.

       ¶ 40.   Before turning to defendant’s substantive argument, we address the State’s

argument that we should not review defendant’s claim because it was unpreserved and therefore

subject to plain-error review, but defendant has not argued plain error on appeal. We agree that

defendant did not raise this objection below and therefore it is technically subject to plain-error

review. We recently held that although Rule 11(f) challenges on direct appeal are reviewed for

                                               19
plain error, our standard for reviewing these claims on direct appeal is the same as that for

collateral challenges. See State v. Bowen, 2018 VT 87, ¶ 10, __ Vt. __, __ A.3d __. In other

words, in Rule 11(f) direct-appeal challenges, the defendant need not demonstrate the typical

plain-error elements. Therefore, in this case, even though on appeal defendant did not mention

plain error or demonstrate its elements, those elements are not relevant to his particular claim.

He has argued the standard that applies to his argument and therefore we address it.

       ¶ 41.    Rule 11(f) requires the court to make “inquiry as shall satisfy it that there is a

factual basis for the plea.” V.R.Cr.P. 11(f). To satisfy this requirement, there must be “some

recitation on the record of the facts underlying the charge and some admission by the defendant

to those facts.” In re Bridger, 2017 VT 79, ¶ 21, __ Vt. __, 176 A.3d 489. The inquiry need not

be made in a particular fashion; it must demonstrate “the defendant’s admission to the facts as

they relate to the law for all elements of the charges.” Id. (quotation and alteration omitted). We

conclude that the colloquy in this case sufficed.

       ¶ 42.    At the change-of-plea hearing, the court had the following exchange with

defendant.

                THE COURT: And the nature of the allegations in Count VI are
               that between 2010 and August of 2013, Stuart Lizotte, Jr., of
               Rutland, at Rutland, was a person who was at least eighteen years of
               age and engaged in a nonconsensual sexual act with a child under
               the age of thirteen, specifically, on several occasions he made
               contact with his mouth and the penis of J.W., a child under thirteen
               years of age, in violation of 13 V.S.A. § 3253(a)(8). Do you
               understand that’s the nature of the allegations against you?

                THE DEFENDANT: I do, Your Honor.

                THE COURT: Okay. I’m going to ask the State to state the factual
               basis, and I’m going to ask you listen carefully to the factual basis,
               Mr. Lizotte, because I’m going to ask if you agree with those facts
               after the State is done.




                                                20
The prosecution provided a detailed account of the facts underlying the charge of aggravated

sexual assault. The court then asked defendant “do you agree with those facts?” and defendant

answered “I do, Your Honor.”

       ¶ 43.   We conclude that this colloquy was sufficient to satisfy Rule 11(f). The court

explained to defendant that the State was going to recite the facts underlying the charge and then

defendant would have an opportunity to indicate if he agreed with the facts. After the State’s

recitation of the facts supporting all elements of the charge, defendant indicated that he agreed

with those facts. This is unlike other cases where we have found noncompliance with Rule 11(f)

because the colloquy simply asked the defendant whether he agreed that the charging affidavits

provided a factual basis for the charges. See, e.g., Bridger, 2017 VT 79, ¶ 4 (reciting colloquy

that asked defendant if he agreed that affidavit provided factual basis). Here, rather than just

asking vaguely whether defendant agreed that the affidavit demonstrated a factual basis or that

the State had alleged facts to support the charge, the State recited the factual basis and defendant

specifically stated he agreed with those underying facts. We therefore affirm.

     Affirmed.

                                              FOR THE COURT:



                                              Associate Justice




                                               21
