DOJ defends new cyber snooping regulations
- By Sean D. Carberry
- Nov 28, 2016
The Department of Justice calls them procedural changes that will help the government to pursue child pornographers who use cybertechnology to conceal their identities. Opponents say they are substantive and troubling changes that will vastly expand the government’s ability to spy on innocent Americans.
The changes in question are amendments to Rule 41 of the Federal Rules of Criminal Procedure, which deals with the issuance of warrants and protocols for searches and seizures. Barring congressional action, the amendments take effect on Dec. 1.
The amendments have been under debate for the past three years and are designed to address the thorny question of which court has jurisdiction to issue warrants in cases where suspected cybercriminals are using tools such as Tor or virtual private networks to conceal their identities and locations. Journalists, human rights activists and law enforcement officials also use such tools for legal purposes.
The amendments would allow the issuance of a single warrant to potentially search millions of computers suspected of being infected by botnet malware.
The Justice Department has been posting a series of blogs in support of the new rules.
“When a child abuser has successfully anonymized their identity and location online, investigators do not know where the abuser’s computer is located,” Assistant Attorney General Leslie Caldwell wrote in a recent blog post. “So in those cases, the [existing] rules do not clearly identify which court the investigators should bring their warrant application to.”
In another post, Caldwell argued for using a single warrant to search multiple computers in different locations that are suspected of being infected by a botnet.
“The Rules [of criminal procedure] as currently written (and as conceived in 1917) would require the investigators to apply simultaneously for identical warrants in all 94 judicial districts in America -- a severe impracticality if not impossibility,” he wrote.
Privacy advocates and some lawmakers are trying to block what they see as a green light to access the personal devices of millions of Americans on the mere suspicion that they are infected with botnets.
In October, a bipartisan group of 23 members of Congress signed a letter to the attorney general asking for clarification on how the Justice Department will notify individuals whose computers are infected with botnet malware, how it will conduct searches or “clean” such computers without collateral damage and how the principle of probable cause will be applied to “justify the remote search of tens of thousands of devices.”
The Electronic Frontier Foundation also has been a vocal opponent of the changes. “The amendment to Rule 41 isn’t procedural at all,” EFF Activism Director Rainey Reitman wrote earlier this year. “It creates new avenues for government hacking that were never approved by Congress.... Congress should reject the proposal completely.”
The Justice Department released another blog post on Nov. 28 to respond to criticisms of the amendments.
“The pending amendments do not authorize the government to undertake any search or seizure or use any remote search technique that is not already permitted under the Fourth Amendment,” the post states. “The amendments neither endorse particular searches as reasonable, nor do they in any way change the traditional constitutional, statutory, and prudential factors the department relies on to determine whether to seek a warrant. They simply identify the appropriate court to ask.”
But that response has not satisfied critics, including Sen. Ron Wyden (D-Ore.), who co-sponsored legislation that would block the Rule 41 amendments from going into effect. Although his office acknowledges it is an uphill battle to pass any legislation before the rules take effect, he and others remain committed to blocking or amending the changes.
In a recent statement, Wyden said Justice officials have failed to provide details on how they intend to hack potentially millions of devices under a single warrant.
“[That] should be a big blinking warning sign about whether the government can be trusted to carry out these hacks without harming the security and privacy of innocent Americans’ phones, computers and other devices,” he said.
Sean Carberry is a former FCW staff writer who focused on defense, cybersecurity and intelligence.