The FBI’s Big Plan To Expand Its Hacking Powers

FBI Director James Comey discusses race and law enforcement, Thursday, Feb. 12, 2015, at Georgetown University in Washington.

Cliff Owen/AP

AA Font size + Print

FBI Director James Comey discusses race and law enforcement, Thursday, Feb. 12, 2015, at Georgetown University in Washington.

Technology giant Google has warned that a rule change represents a 'monumental' constitutional concern.

A judicial advisory panel Monday quietly approved a rule change that will broaden the FBI’s hacking authority despite fears raised by Google that the amended language represents a “monumental” constitutional concern.

The Judicial Conference Advisory Committee on Criminal Rules voted 11-1 to modify an arcane federal rule to allow judges more flexibility in how they approve search warrants for electronic data, according to a Justice Department spokesman.

Known as Rule 41, the existing provision generally allows judges to approve search warrants only for material within the geographic bounds of their judicial district.

But the rule change, as requested by the department, would allow judges to grant warrants for remote searches of computers located outside their district or when the location is unknown.

The government has defended the maneuver as a necessary update of protocol intended to modernize criminal procedure to address the increasingly complex digital realities of the 21st century. The FBI wants the expanded authority, which would allow it to more easily infiltrate computer networks to install malicious tracking software. This way, investigators can better monitor suspected criminals who use technology to conceal their identity.

But the plan has been widely opposed by privacy advocates, such as the American Civil Liberties Union, as well as some technologists, who say it amounts to a substantial rewriting of the rule and not just a procedural tweak. Such a change could threaten the Fourth Amendment’s protections against unreasonable search and seizures, they warn, and possibly allow the FBI to violate the sovereignty of foreign nations. The rule change also could let the agency simultaneously target millions of computers at once, even potentially those belonging to users who aren’t suspected of any wrongdoing.

Google weighed in last month with public comments that warned that the tweak “raises a number of monumental and highly complex constitutional, legal and geopolitical concerns that should be left to Congress to decide.”

In an unusual move, Justice Department lawyers rebutted Google’s concerns, saying the search giant was misreading the proposal and that it would not result in any search or seizures not “already permitted under current law.”

The judicial advisory committee’s vote is only the first of several stamps of approval required within the federal judicial branch before the the rule change can formally take place—a process that will likely take over a year. The proposal is now subject to review by the Standing Committee on Rules of Practice and Procedure, which normally can approve amendments at its June meeting. The Judicial Conference is next in line to approve the rule, a move that would likely occur in September.

The Supreme Court would have until May 1, 2016 to review and accept the amendment, which Congress would then have seven months to reject, modify or defer. Absent any congressional action, the rule would take place on Dec. 1, 2016.

Privacy groups vowed to continue fighting the rule change as it winds its way through the additional layers of review.

Although presented as a minor procedural update, the proposal threatens to expand the government’s ability to use malware and so-called ‘zero-day exploits’ without imposing necessary protections,” said ACLU attorney Nathan Freed Wessler in a statement. “The current proposal fails to strike the right balance between safeguarding privacy and Internet security and allowing the government to investigate crimes.”

Drew Mitnick, policy counsel with digital rights group Access, said the policy “should only be considered through an open and accountable legislative process.”

Google did not immediately respond to a request for comment.

Close [ x ] More from DefenseOne
 
 

Thank you for subscribing to newsletters from DefenseOne.com.
We think these reports might interest you:

  • Ongoing Efforts in Veterans Health Care Modernization

    This report discusses the current state of veterans health care

    Download
  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Top 5 Findings: Security of Internet of Things To Be Mission-Critical

    As federal agencies increasingly leverage these capabilities, government security stakeholders now must manage and secure a growing number of devices, including those being used remotely at the “edge” of networks in a variety of locations. With such security concerns in mind, Government Business Council undertook an indepth research study of federal government leaders in January 2017. Here are five of the key takeaways below which, taken together, paint a portrait of a government that is increasingly cognizant and concerned for the future security of IoT.

    Download
  • Coordinating Incident Response on Posts, Camps and Stations

    Effective incident response on posts, camps, and stations is an increasingly complex challenge. An effective response calls for seamless conversations between multiple stakeholders on the base and beyond its borders with civilian law enforcement and emergency services personnel. This whitepaper discusses what a modern dispatch solution looks like -- one that brings together diverse channels and media, simplifies the dispatch environment and addresses technical integration challenges to ensure next generation safety and response on Department of Defense posts, camps and stations.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download

When you download a report, your information may be shared with the underwriters of that document.