Wednesday the Advisory Committee on Criminal Rules of the Administrative Office of the United States Courts held a small public hearing about a proposed change to Rule 41 of the Federal Rules of Criminal Procedure. The Department of Justice is quietly seeking to amend the current rule’s provisions that govern how and where the government can get a search warrant to essentially allow for remote hacking of computers worldwide, with potentially far-reaching ramifications.
Rule 41 currently permits federal judges to only grant search warrants for evidence within their district, of which there are 94 nationwide. The proposed changes requested by the DOJ would give magistrates the authority to grant remote electronic searches of computers for evidence of any sort of crime in any district, so long as the computers are suspected of being part of a botnet or have had their locations concealed through technical means—the latter condition being primarily aimed at users of the Tor anonymizing service. Rather than entailing a substantive change, the DOJ contends that the new provisions merely provide law enforcement a venue for making remote search warrant requests.
The Advisory Committee heard from advocates and technologists representing privacy and civil liberties groups, who all opposed the rule change. The witnesses sought to increase the panel’s awareness of the significant constitutional, technical, and foreign relations concerns that the rule change presents.
Foremost is the concern that regardless of intent, the adoption of the remote search provisions would grant legitimacy to practices that have yet to be found constitutional under the requirements of the Fourth Amendment. Remote searches of computers whose location is unknown inherently lack particularity, a key requirement of a constitutional search. In addition, allowing for remote searches of such anonymized computers also would necessarily lead to government access of computers located in foreign countries—extraterritorial applications of warrant authority that are not permitted by law, and are distinctly frowned upon by foreign governments. Given that these substantive issues have not yet been debated by Congress or had their days in court, the witnesses aimed to make clear that adoption of a rule allowing for remote searches is clearly putting the cart before the horse.
Just as important for the witnesses were the significant technical ramifications of remote searches. The technologists explained that the FBI’s remote search capability is reliant on network investigative techniques, a euphemism for hacking and social engineering designed to gain access to a computer they seek to search. Contrary to law enforcement’s belief, users of location-masking tools online are not inherently bad actors, but are regularly dissidents, journalists, or minorities in oppressive regimes. Undermining the integrity of such services through hacking—regardless of intent—would significantly harm the ability for such communities to communicate and organize.
The technologists also explained to the panel that collateral damage is bound to occur in the context of botnet investigations. Attempting to hack botnets, which often infect thousands or millions of computers worldwide, can damage many of the computers connected to them, or might lead to the unintentional propagation of whatever malware or tool that the FBI is using to access them.
While the panel was receptive to witnesses remarks, the DOJ has ultimately defended the proposed change — saying it was merely procedural, and not substantive. The most common refrain is that the panel’s adoption of the rule would making no judgment as to the constitutionality or legality of remote searches, but merely provide law enforcement with a place for their remote search warrant requests to be heard. Given the efforts of the FBI to preserve and expand its surveillance capabilities in recent months, at the expense of user privacy and confidence in the tech industry’s products and services, this defense claiming mere procedural efficiency rings a bit hollow.
For more information and CCIA’s perspective on the proposed change to Rule 41 of the Federal Rules of Criminal Procedure, please see our press release.