FBI Wants More Authority to Hack Your Computer

The Guardian reports that the FBI is trying to drill yet another hole in the 4th Amendment, this time by going to an obscure federal commission to get the wording of a regulation changed that would make it easier for them to hack into your computer.

The FBI is attempting to persuade an obscure regulatory body in Washington to change its rules of engagement in order to seize significant new powers to hack into and carry out surveillance of computers throughout the US and around the world.

Civil liberties groups warn that the proposed rule change amounts to a power grab by the agency that would ride roughshod over strict limits to searches and seizures laid out under the fourth amendment of the US constitution, as well as violate first amendment privacy rights. They have protested that the FBI is seeking to transform its cyber capabilities with minimal public debate and with no congressional oversight…

But under the proposed amendment, a judge can issue a warrant that would allow the FBI to hack into any computer, no matter where it is located. The change is designed specifically to help federal investigators carry out surveillance on computers that have been “anonymized” – that is, their location has been hidden using tools such as Tor.

The amendment inserts a clause that would allow a judge to issue warrants to gain “remote access” to computers “located within or outside that district” (emphasis added) in cases in which the “district where the media or information is located has been concealed through technological means”. The expanded powers to stray across district boundaries would apply to any criminal investigation, not just to terrorist cases as at present.

Were the amendment to be granted by the regulatory committee, the FBI would have the green light to unleash its capabilities – known as “network investigative techniques” – on computers across America and beyond. The techniques involve clandestinely installing malicious software, or malware, onto a computer that in turn allows federal agents effectively to control the machine, downloading all its digital contents, switching its camera or microphone on or off, and even taking over other computers in its network.

“This is an extremely invasive technique,” said Chris Soghoian, principal technologist of the American Civil Liberties Union, who will also be addressing the hearing. “We are talking here about giving the FBI the green light to hack into any computer in the country or around the world.”

They justify this by claiming it’s necessary to fight terrorists, but if that were true then why aren’t they limiting it only to terrorism investigations? For the same reason they didn’t limit the use of sneak and peek warrants to terrorism, because they intend to use that power in routine criminal cases as well. Sneak and peek warrants over the last three years were used about 11,000 times by the FBI, only 51 of them involving terrorism. It’s just another power grab and another nail in the coffin of the 4th Amendment.

POPULAR AT PATHEOS Nonreligious
What Are Your Thoughts?leave a comment
  • http://www.ranum.com Marcus Ranum

    Note that the FBI is still pretending to care about warrants. NSA already collects whatever it wants. FBI’s concern about warrants really represents FBI’s unwillingness to have to go to the intelligence community and ask politely for something.

  • http://www.ranum.com Marcus Ranum

    The techniques involve clandestinely installing malicious software, or malware, onto a computer

    If I do that, it’s a felony.

  • chisaihana5219

    They are only trying to get official powers to do what the NSA is aleady doing. As the NSA has admitted to collecting email and phone calls, they probably hack computers too.

  • Trebuchet

    Why do I have to hear about this via a British publication?

  • http://en.uncyclopedia.co/wiki/User:Modusoperandi Modusoperandi

    Look, these people who are hiding behind anonymizing technologies are doing so because they have something to hide. The simple fact that that they’re hiding proves they’re guilty of something! How is Law Enforcement supposed to find out what they’re guilty of if it’s bound by the very Laws it’s supposed to be enforcing? How is it supposed to protect the Constitution if the Constitution itself stops them from protecting it? How?!!!

  • Kevin Kehres

    Dear FBI: Talk to the folks at McAfee. They have no problem hijacking my computer every day or so even though I don’t use any of their products.

  • David C Brayton

    Orin Kerr over at the Volokh Conspiracy is questioning whether there is an actual increase in the number of sneak-and-peak warrants.

    His main arguments seems to be: 1. the increase includes all warrants with delayed or no notice (such as GPS trackers on cars), not just sneak-and-peek warrants; and 2. The Patriot Act authorized such warrants whereas before the Patriot Act, the government simply did such searches without any judicial oversight or via a simple subpoena (in the case of cell record requests to phone companies).

    I don’t know whether this is good or bad. As Orin writes: “Ironically, the increase in the reported numbers may reflect more privacy protection rather than less.”

  • Chiroptera

    Actually, I wouldn’t be opposed to law enforcement taking reasonable measures to acquire information to help investigate a crime when they have probable cause to believe they know who committed the crime. I just wish that the granting of warrants didn’t seem like a mere formality. Sometimes I’m reminded of the North American colonial days when the royal customs officials had blank warrants; they would just fill in the spaces and sign it themselves and they had a warrant.

  • wscott

    Normally I share your concerns about overreaching surveillance and the weakening of the 2nd Amendment. But I don’t think this is one of those cases. I’ve read through the actual proposed amendment, which the Guardian links to (but doesn’t actually quote from). https://www.documentcloud.org/documents/1347875-fbi-proposed-amendment-rule-41-1.html There are two changes proposed.

    .

    The first change says that when a judge issues a warrant for the government to search a computer, and that computer turns out to be located in a different District, the warrant is still valid. That’s it. Still requires probable cause, still requires a judge to issue a warrant, etc. All that would change here is that if the FBI in New York starts an investigation, gets a Magistrate in that District to issue a warrant, and the actual server turns out to be physically located in California, they don’t have to go to another Magistrate in that District to get another warrant. Or if it’s a differentiated server spread out over multiple states, they don’t have to get separate warrants in each District. That…seems like a pretty reasonable idea to me.

    .

    The 2nd change just clarifies that if they use remote access to search a computer – an authority they already have – they are still required to serve a copy of the warrant on the owner, and says can use electronic means to make that notification. Which makes sense, since in some cases that may the only method they have to reach the owner.

    .

    The increasing proliferation of warrantless searches and the like concerns me too. But as long as they’re forced to actually get a warrant, I don’t have a problem with streamlining an administrative requirement that made sense when crimes were more likely to be limited to one location but doesn’t make sense in the modern Internet age. If I’ve missed something, please point that out to me, but as far as I can tell this looks to me like much ado about nothing. Let’s save our outrage for the cases that actually matter.

    [Standard IANAL disclaimers apply]

  • http://www.ranum.com Marcus Ranum

    Chiroptera @#8 –

    Sometimes I’m reminded of the North American colonial days when the royal customs officials had blank warrants; they would just fill in the spaces and sign it themselves and they had a warrant.

    Nowadays, all the NSA or FBI have to do is pause for a second, close their eyes, and think really hard about a warrant. What they’re complaining about is that it’s really hard; they want to just be able to casually visualize a warrant. Because: terror!

  • http://www.youtube.com/watch?v=_R2XG9CnOj8 Olav

    Trebuchet, #4:

    Why do I have to hear about this via a British publication?

    Rhetorical question, I suppose?

  • zmidponk

    But under the proposed amendment, a judge can issue a warrant that would allow the FBI to hack into any computer, no matter where it is located. The change is designed specifically to help federal investigators carry out surveillance on computers that have been “anonymized” – that is, their location has been hidden using tools such as Tor.

    Little bit of irony for you. Want to know who actually helped invent Tor? The Office of Naval Research and the Defense Advanced Research Projects Agency. Why did they do it? To provide a way for government agents of various descriptions to use the internet without it being plain that they were government agents. Setting up such a network, and then only having government agents on that network would defeat the purpose of it, so they had to make Tor freely available to the public. Now the FBI is trying to de-anonymize this anonymous network.

  • LightningRose