Google Blasts DOJ's Request For Expanded Search Powers; Calls Proposal A Threat To The Fourth Amendment

from the to-keep-up-with-the-bad-guys,-we're-just-going-to-need-the...-EVERYTHING dept

The DOJ wants to amend Rule 41 (Search and Seizure) to grant its agencies unilateral powers to hack any computer in the world. This would expand its reach beyond the US, using warrants granted by magistrate judges to facilitate searches and seizures of remote data. This would obviously open up a whole diplomatic can of worms, what with the FBI hacking into computers whose locations it can’t ascertain until after the fact.

Not that the DOJ is bothered by the implications of the amendment it’s pushing. It argues that the law already has determined searches in known jurisdictions legal. What’s left to be established is whether it’s similarly legal to search computers whose true location is unknown, thanks to the use of proxies and VPNs. That operating extraterritorially might cause some diplomatic strain or possibly even be illegal in the country the search takes place doesn’t seem to have crossed its mind. In its opinion, this is the natural progression of Rule 41, which must be updated to reflect the change in technology.

Google has fired back at the DOJ in its comments on the proposed wording change, pointing out not only the damage it could cause to international relationships, but also its further dismantling of Fourth Amendment protections.

Although the proposed amendment disclaims association with any constitutional questions, it invariably expands the scope of law enforcement searches, weakens the Fourth Amendment’s particularity and notice requirements, opens the door to potentially unreasonable searches and seizures, and expands the practice of covert entry warrants.

Google then suggests that if the DOJ wishes to keep stripping away these protections, it should have the decency to do it the way it’s usually been done: through acts of Congress.

The substantive changes offered by the proposed amendment, if they are to occur, should be the work of congressional lawmaking. Such was the case with a slew of legislation providing law enforcement with the ability to use technological means to conduct invasive searches on targets, including the Foreign Intelligence Surveillance Act, which provides law enforcement with the ability to legally surveil and collect foreign intelligence information; Title III of the Omnibus Crime Control and Safe Streets Act of 1968, which provides law enforcement with the ability to legally intercept wire, oral, and electronic communications; the Stored Communications Act, which provides law enforcement with the ability to legally access electronically stored communications; and the Pen Registers and Trap and Trace Act and USA PATRIOT Act, both of which provide law enforcement with the ability to legally intercept real-time telephony metadata. In passing this legislation, Congress was able to openly debate and weigh the various constitutional issues at play.

This would seem to be the least the DOJ can do, rather than trying to sidestep the process it forces American citizens to use.

“I empathize that it is very hard to get a legislative change,” Amie Stepanovich, senior policy counsel with Access, a digital-freedom group, told the judicial panel during a meeting called to review the proposal in November. “However, when you have us resorting to Congress to get increased privacy protections, we would also like to see the government turn to Congress to get increased surveillance authority.”

Google also warns that the non-specific wording of the proposal lends itself to all sorts of shady tactics.

There are a myriad of serious concerns accompanying the government’s use of NITs [Network Investigative Techniques]. These are outlined in detail in other comments submitted to the Committee and include, among other things, the creation of vulnerabilities in the target device thereby increasing the target’s risk of exposure to compromise by other parties, actual damage to the target device, the creation of a market for zero-day exploits, and unintended targets’ exposure to malware. Additionally, the remote facilities accessed by the government may in fact identify and disclose the ‘hack’ or take action to prevent it or retaliate against its use. These are serious concerns that are more appropriately considered and balanced by Congress than by the Committee.

Again, with the exception of the eventuality listed last, these are side effects the DOJ couldn’t care less about. Collateral damage is almost always acceptable, and at this point — considering what we’ve learned about the tactics deployed by the NSA and other intelligence agencies — making things worse and less safe for the world’s citizens is just another essential part of fighting Wars on Things.

The DOJ seems to view its proposal as a necessity in the race against technological advance, rather than a dangerous expansion of power that could result in some very negative repercussions. Unfortunately, the nation’s prosecutors and magistrate judges seem to be very much aligned with the DOJ. Both refer to the Rule 41 change as “filling a significant gap” in existing law.

But it does far more than that. The DOJ argues it’s just a needed tweak, but it gives its agencies unprecedented extraterritorial powers and encourages these investigators to view anonymous connections as inherently suspicious.

Filed Under: , , , , , ,
Companies: google

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Google Blasts DOJ's Request For Expanded Search Powers; Calls Proposal A Threat To The Fourth Amendment”

Subscribe: RSS Leave a comment
That One Guy (profile) says:

Say hello to plausible deniability

I wonder if it’s even crossed their little minds that by making it legal for them to hack foreign targets, they open themselves up for the same?

Wasn’t too long ago the USG was throwing a (symbolic and utterly useless) fit about some chinese hackers, but with something like this in play all those hackers and their government backers would have to do is point out the USG’s claims that such actions are perfectly legal. Or perhaps just claim that they had no idea that their targets were systems located in the US, and only learned that after they’d hacked in.

At that point any further protests by the USG would just make them look all kinds of stupid and hypocritical, though I suppose that’s a specialty of politicians these days.

… actually, I take it back, I’m sure it has occurred to them, it’s just that they, much like pretty much every other government agency, simple don’t care. Who cares if their actions cause massive collateral damage and open up US systems to being hacked with impunity, as long as it makes their job easier, it’s all good as far as they’re concerned.

Violynne (profile) says:

There’s a great deal of hypocrisy coming from Google.

“We don’t want the government intruding on our services, bypassing security, and invading the privacy of our millions of users.

Instead, they should just pay for the data we capture like everyone else does, as we waste little time tracking each and every one of our users.”

Furthermore, if Google doesn’t like what you do with its services, they’ll be more than happy to give this information to the very same entity it’s screaming about.

Google can go straight to hell.

That One Guy (profile) says:

Re: Re:

Why do people continue to bring this comparison up, as though they are even remotely similar?

Don’t like Google tracking you and/or harvesting your data to sell to others? Don’t use their services, and block their stuff. All they really care about is maximising profits, so if you make it too difficult for them to do so via you, they’ll move on to someone else.

Don’t like a government agency tracking you and/or harvesting your data to use against you? Too bad, other than an incredibly expensive lawsuit that will almost certainly be shot down by a judge sympathetic to the government, there’s pretty much nothing you can do about it, and in fact even trying will garner you even more attention.

Don’t like what Google does? Don’t use their stuff.
Don’t like what the government does? Tough luck.

Violynne (profile) says:

Re: Re: Re:

This is the apologist thinking of people who don’t understand how Google works (as well as other companies).

Let’s get something clear: I don’t use Google services but I’m still being tracked.

In fact, Techdirt uses the same tools offered by these companies which tracks me. Google analytics is nothing we can “stop using”, nor does the FB API prevent it.

That’s the problem, and you need to know this because while you’re defending “my” problem with Google, it underscores the true issue.

Do you really think it matters that Google isn’t “breaking into” networks or circumventing security to achieve the same goal of abusing our right to privacy?

That’s absurd. Yes, I know other companies are doing the same thing, from my ISP to Microsoft, but therein lies the problem the public excuses because it’s NOT the government doing it.

It’s the same dichotomy as screaming “FREE SPEECH!” as companies shut down the conversation because it’s NOT the US government.

You can pretend all you want that our choices are based on usage service (or the lack of not using them), but what goes on behind the scenes is irrelevant.

Try to remember this the next time a company decides to stick in a “super cookie” into a service you AREN’T EVEN USING because a third party is.


That’s why I said it was hypocritical of Google to be calling out the government for doing the same damn thing and that’s INVADING OUR PRIVACY.

How one invades the 4th Amendment should be the scope, not who is doing it.

John Fenderson (profile) says:

Re: Re: Re: Re:

“Google analytics is nothing we can “stop using”, nor does the FB API prevent it.”

Of course it is. There are browser plugins to do this (like NoScript) or you can firewall off access to, or block access to that domain through your hosts file. That’s what I do.

As to the FB API, I would argue that if you’re OK with using Facebook or anything that uses Facebook APIs, then you shouldn’t be worried about Google.

Ninja (profile) says:

Re: Re: Re: Re:

Google is optional and generally Google employees have no access to the data. And yes, analytics can be stopped and it’s fairly easy. You should be concerned with smaller or less known companies that are not easy to spot with a simple no-script.

The super cookies are a clear abuse of the ISPs position as the conduits and it’s way more serious than what Google may do in your wild fantasies.

But nothing, NOTHING compares to Government surveillance. If they tap directly in the servers you CANNOT opt-out and you CAN be arrested or harassed (or tortured, go figure) by the Government if they decide they don’t like you or read something out of context. Google is plain right and there is no hypocrisy at all considering how easy it is to avoid them.

Anonymous Coward says:

Re: Re: Re:2 Re:

“Google spends billions on marketing, paying lobbyists and buying influence. It funds over 150 organisations and
overtook Goldman Sachs last year as the biggest corporate political donor in the USA.”

No. Google is a cancer in many, many ways. Our interests may sometimes coincide with theirs, but google (et al) lobbying dollars are the main thing preventing serious data protection legislation from getting up. It is not even really a separate thing from the USA coup government/security state at this point.

Anonymous Coward says:

New nsa whistleblower came forward recently, bless her, seemed very nervous at the begining, just wanted to hug her, protect her, and thank her for her bravery

Anyway, very insightful speech discussing a first person perspective of someone who was there at the time this all started, what she saw, what she did, and she actually cares

Anonymous Coward says:

Re: Re:

Also, Jessylyn Radack, who was i beleive nsa’s ethical lawyer at some point during early 2000 (dont quote me, might have been another department within the govrnment), who spoke up through official channels against the first time she saw torture going on

does’nt work for them anymore and is still to this day being harrsed by our respective empires, a recent occurance her and thomas drake being singled out in a uk airport for “questioning”(not the first time)………..anyway, she now spends her time defending whistleblowers

Anonymous Coward says:

I’m curious what you think a better idea would be. I understand you prefer a different procedure for changing the law, but in the end, what should DOJ do to conduct online searches where it doesn’t know the location of the target machine with much certainty? Is it not better if the rules allow judges to issue warrants in these situations?

That One Guy (profile) says:

Re: Re:

If you want to see if something is dodgy, just try this simple thought exercise: Flip the positions.

Would you see anything wrong with a government agency from another country hacking into US systems(whether private, public, government or corporate), knowingly or not, who when caught claimed that they were doing so in order to check where the system was based and to gather data from the hacked system? If yes, then why, as that’s what the DOJ is claiming they should be able to do here.

Is it not better if the rules allow judges to issue warrants in these situations?

How exactly does a judge issue a legal, valid warrant when they do not know where the location to be searched is, or even if they have jurisdiction over it?

Anonymous Coward says:

We should be leading by example, not forcing our will on others, our example should not be one of imperialism, but an example of defending freedom, rights, and a pursuit of happiness……….THATS the example ALL on earth should be trying to strive for………not look at the monumental task and just give up, hence guaranteing endless violence.
All it takes is to believe, all it takes is to be vigilant, even if its just in the confines of ones own mind……..infact, ESPECIALLY that

Each generation striving to improve as much as they can for the next generation to take it even further………….give that up, and we might aswell nuke ourselves now and avoid the long suffering pain were heading towards

Im sorry, that last bit was depressing and fatalistic even for me to imagine………..i hope to god im wrong with that assesment, that we reach a point that a nuke would have been preferable to the current missery…………i wont give up just yet, join me in not giving up

GEMont (profile) says:

All these doors and all these keys - all we need is an auto-warrant!

Hmmmm…. Komodia (and likely a few dozen other companies) inserts backdoors in computers via software, worldwide…

DOJ wants to be able to enter and search computers legally, worldwide, without even having to know where the computer might be located….

Nah. No connection there, I’m sure. 🙂

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...