Google Blasts DOJ's Request For Expanded Search Powers; Calls Proposal A Threat To The Fourth Amendment
from the to-keep-up-with-the-bad-guys,-we're-just-going-to-need-the...-EVERYTHING dept
The DOJ wants to amend Rule 41 (Search and Seizure) to grant its agencies unilateral powers to hack any computer in the world. This would expand its reach beyond the US, using warrants granted by magistrate judges to facilitate searches and seizures of remote data. This would obviously open up a whole diplomatic can of worms, what with the FBI hacking into computers whose locations it can’t ascertain until after the fact.
Not that the DOJ is bothered by the implications of the amendment it’s pushing. It argues that the law already has determined searches in known jurisdictions legal. What’s left to be established is whether it’s similarly legal to search computers whose true location is unknown, thanks to the use of proxies and VPNs. That operating extraterritorially might cause some diplomatic strain or possibly even be illegal in the country the search takes place doesn’t seem to have crossed its mind. In its opinion, this is the natural progression of Rule 41, which must be updated to reflect the change in technology.
Google has fired back at the DOJ in its comments on the proposed wording change, pointing out not only the damage it could cause to international relationships, but also its further dismantling of Fourth Amendment protections.
Although the proposed amendment disclaims association with any constitutional questions, it invariably expands the scope of law enforcement searches, weakens the Fourth Amendment’s particularity and notice requirements, opens the door to potentially unreasonable searches and seizures, and expands the practice of covert entry warrants.
Google then suggests that if the DOJ wishes to keep stripping away these protections, it should have the decency to do it the way it’s usually been done: through acts of Congress.
The substantive changes offered by the proposed amendment, if they are to occur, should be the work of congressional lawmaking. Such was the case with a slew of legislation providing law enforcement with the ability to use technological means to conduct invasive searches on targets, including the Foreign Intelligence Surveillance Act, which provides law enforcement with the ability to legally surveil and collect foreign intelligence information; Title III of the Omnibus Crime Control and Safe Streets Act of 1968, which provides law enforcement with the ability to legally intercept wire, oral, and electronic communications; the Stored Communications Act, which provides law enforcement with the ability to legally access electronically stored communications; and the Pen Registers and Trap and Trace Act and USA PATRIOT Act, both of which provide law enforcement with the ability to legally intercept real-time telephony metadata. In passing this legislation, Congress was able to openly debate and weigh the various constitutional issues at play.
This would seem to be the least the DOJ can do, rather than trying to sidestep the process it forces American citizens to use.
“I empathize that it is very hard to get a legislative change,” Amie Stepanovich, senior policy counsel with Access, a digital-freedom group, told the judicial panel during a meeting called to review the proposal in November. “However, when you have us resorting to Congress to get increased privacy protections, we would also like to see the government turn to Congress to get increased surveillance authority.”
Google also warns that the non-specific wording of the proposal lends itself to all sorts of shady tactics.
There are a myriad of serious concerns accompanying the government’s use of NITs [Network Investigative Techniques]. These are outlined in detail in other comments submitted to the Committee and include, among other things, the creation of vulnerabilities in the target device thereby increasing the target’s risk of exposure to compromise by other parties, actual damage to the target device, the creation of a market for zero-day exploits, and unintended targets’ exposure to malware. Additionally, the remote facilities accessed by the government may in fact identify and disclose the ‘hack’ or take action to prevent it or retaliate against its use. These are serious concerns that are more appropriately considered and balanced by Congress than by the Committee.
Again, with the exception of the eventuality listed last, these are side effects the DOJ couldn’t care less about. Collateral damage is almost always acceptable, and at this point — considering what we’ve learned about the tactics deployed by the NSA and other intelligence agencies — making things worse and less safe for the world’s citizens is just another essential part of fighting Wars on Things.
The DOJ seems to view its proposal as a necessity in the race against technological advance, rather than a dangerous expansion of power that could result in some very negative repercussions. Unfortunately, the nation’s prosecutors and magistrate judges seem to be very much aligned with the DOJ. Both refer to the Rule 41 change as “filling a significant gap” in existing law.
But it does far more than that. The DOJ argues it’s just a needed tweak, but it gives its agencies unprecedented extraterritorial powers and encourages these investigators to view anonymous connections as inherently suspicious.