Proposal To Massively Expand FBI’s Legal Hacking Abilities Moves Forward

Proposal To Massively Expand FBI’s Legal Hacking Abilities Moves Forward

Oh, good. A US Department of Justice-proposed rule change that would make it way easier for FBI agents to obtain warrants to hack a computer from basically anywhere was just approved by a US Court committee.

Which is to say, we’re one step closer to having our digital privacy rights eviscerated in the name of US federal investigations.

In the old world, federal search warrants are typically only valid within the issuing judge’s jurisdiction. Law enforcement officials needs to demonstrate probable cause, find the right jurisdiction to petition for a warrant, and notify the person they’re planning on searching. (That last bit is a cornerstone of our Fourth Amendment privacy rights.)

In rare cases, the Feds have gotten permission to legally conduct remote computer searches, outside of the issuing judge’s jurisdiction. To make it easier for the FBI to conduct these sorts of remote hacks and track down criminals who use anonymising software, the DoJ would now like to expand that power.

Unfortunately, the latest bright idea for doing so amounts to a massive crap all over the Fourth Amendment. Not only would the rule change permit judges to authorise FBI agents to surveil and exfiltrate any suspect’s computer anywhere, the vague language of the rules might make it totally acceptable in certain cases to search our computers without ever telling us.

By and large, the proposed rule change has been met with disgust from the tech community. Here’s what Google lawyer Richard Salgado had to say about it in a blog post this past February:

The proposed change threatens to undermine the privacy rights and computer security of Internet users. For example, the change would excuse territorial limits on the use of warrants to conduct “remote access” searches where the physical location of the media is “concealed through technological means.”

The proposed change does not define what a “remote search” is or under what circumstances and conditions a remote search can be undertaken; it merely assumes such searches, whatever they may be, are constitutional and otherwise legal. It carries with it the specter of government hacking without any Congressional debate or democratic policymaking process.

The good news is, there’s still plenty of opportunity for the proposed rule change to get shot down. It has to be approved later this year by the US Judicial Conference, then the Supreme Court. If it clears both those hurdles, and barring any Congressional intervention, it could take effect as early as December 2016. Perhaps we can count on Congress’s knack for shooting down any new ideas to save us here, but continuing to complain about the rule change loudly and openly won’t hurt, either. [Ars Technica]

Top image via Shutterstock