The FBI is seeking to expand its hacking and surveillance powers through “an apparently backdoor route,” the Guardian reported Wednesday, a move that civil liberties groups say could infringe upon constitutional rights.
The Department of Justice (DOJ) has proposed (pdf) an amendment to Rule 41 of the Federal Rules of Criminal Procedure, having to do with warrants for remote access to electronic data. The rule changes, according to the DOJ, would make it easier for law enforcement “to investigate and prosecute…crimes involving Internet anonymizing technologies,” such as Tor.
The federal Advisory Committee on Criminal Rules is scheduled to hear testimony on the proposal at a hearing next week.
The Guardian reports:
Under existing wording, warrants have to be highly focused on specific locations where suspected criminal activity is occurring and approved by judges located in that same district.
But under the proposed amendment, a judge can issue a warrant that would allow the FBI to hack into any computer, no matter where it is located. The change is designed specifically to help federal investigators carry out surveillance on computers that have been “anonymized”—that is, their location has been hidden using tools such as Tor.
The amendment inserts a clause that would allow a judge to issue warrants to gain “remote access” to computers “located within or outside that district” (emphasis added) in cases in which the “district where the media or information is located has been concealed through technological means.” The expanded powers to stray across district boundaries would apply to any criminal investigation, not just to terrorist cases as at present.
At that point, tech experts suggest, the FBI could employ “Network Investigative Techniques” to install malware that permits remote control of a computer and thus would allow the FBI to search and collect data from both a user’s hard drive as well as cloud-based storage systems such as Dropbox or Google Docs.
Because “[c]riminals are increasingly using sophisticated technologies that pose technical challenges to law enforcement,” the DOJ wrote in its proposal, permitting remote searches is “essential.”
But privacy advocates are warning against granting the FBI’s request too hastily or without considering the long-term technical implications.
“The Advisory Committee should proceed with extreme caution before expanding the government’s authority to conduct remote electronic searches,” the American Civil Liberties Union wrote in its submitted comments (pdf) on the rule change. “[T]he proposed amendment would significantly expand the government’s authority to conduct searches that raise troubling Fourth Amendment, statutory, and policy questions.”
The ACLU continued:
If adopted, the proposed amendment will provide authority for the government to conduct remote access electronic searches for years to come. Over the coming decades, electronic storage systems will become ever more interconnected. Interconnectivity of cloud storage will likely increase at a rapid rate, and will proceed in ways that we cannot now accurately predict. This raises the specter of the authority enacted today for one purpose inadvertently enabling future searches that are considerably more invasive than anything the Advisory Committee, or even the government, now envisions.
And watchdogs are also concerned about the way in which the DOJ is trying to expand its powers.
“This is an investigative technique that we haven’t seen before and we haven’t thrashed out the implications,” Jennifer Granick, director of civil liberties at the Stanford Center for Internet and Society, told the Guardian. “It absolutely should not be done through a rule change—it has to be fully debated publicly, and Congress must be involved.”