Article Lead Image

Photo via domoyega/Getty Images

FBI hacking powers expand as efforts to block Rule 41 changes fail

Critics worry the rule changes would allow the U.S. government to hack innocent Americans.

 

Andrew Couts

Tech

Posted on Nov 30, 2016   Updated on May 25, 2021, 11:44 am CDT

An effort to block expansion of government hacking powers failed on Wednesday, ushering in a new era of uncertainty for digital privacy. 

Sens. Ron Wyden (D-Ore.) and John Cornyn (R-Texas) attempted to block changes to Rule 41 of the Federal Rules of Criminal Procedure, approved by the Supreme Court in April, that will allow judges to issue search warrants that give the FBI authority to remotely access devices in any jurisdiction, or even outside the United States. Ordinarily, magistrate judges may only issue warrants for cases within their jurisdiction.

The changes allow investigators to access devices whose locations are “concealed through technological means”—such as the Tor anonymity network or virtual private networks (VPNs)—or devices that are used in botnets. 

The DOJ argues that it needs these powers to investigate modern internet criminals, like pedophiles who conceal their identities to trade in sexualized images of children or discuss their abuse, and hackers’ botnets that have become powerful cyberweapons

In short, the rule changes free federal investigators from geography to match the global nature of the internet itself.

In a speech on the Senate floor, Wyden argued that the Rule 41 amendments would give federal investigators “unprecedented authority to hack into Americans’ personal phones, computers, and other devices.” 

Other critics of the changes worry that it would give the Department of Justice unfettered ability to hack anyone who attempts to keep their identities private online, or innocent Americans whose devices have been infected with botnet malware without their knowledge—which could be a violation of the Fourth Amendment’s protections against unreasonable search and seizure. 

U.S. Assistant Attorney General Leslie Caldwell shot down these concerns in a blog post on the DOJ’s website, arguing that investigators accessing the computers of botnet victims “would, typically, be done only to investigate the extent of the botnet, or to obtain information necessary to liberate victims’ computers from the botnet.”

Caldwell added: “It would be strange if the law forbade searching the scene of a crime.” 

She further argues that the changes to Rule 41 merely address the issue of venue—that is, the jurisdiction covered by a warrant—rather than the laws governing search and seizure itself. 

Further still, Caldwell argued that the changes would not allow FBI investigators to conduct “mass hacking” and, in fact, failing to implement the changes “would make it more difficult for law enforcement to combat mass hacking by actual criminals.”

“The possibility of such harm must be balanced against the very real and ongoing harms perpetrated by criminals,” Caldwell wrote, “such as hackers, who continue to harm the security and invade the privacy of Americans through an ongoing botnet, or pedophiles who openly and brazenly discuss their plans to sexually assault children.”

Share this article
*First Published: Nov 30, 2016, 8:02 pm CST