Privacy

by Tim Cushing


Filed Under:
congress, doj, fbi, hacking, oversight, rule 41



Legislators Demand Answers From DOJ On Expanded Hacking Powers It's Seeking

from the the-first-rule-of-the-new-Rule-41:-there-are-no-rules dept

There's only a couple of months left until the DOJ's proposed Rule 41 changes become law. All Congress has to do is nothing. This is a level of effort Congress is mostly amenable to. If this becomes law, worldwide deployments of malware/spyware during investigations will be unable to be challenged in court. In addition, the DOJ wants to be part of the cyberwar. It's seeking permission to remotely access zombie computers/devices used in cyberattacks to "clean" them.

The rule changes would also add a presumption of guilt to an activity performed by millions of computer users around the world:

Opponents of the pending change to Rule 41 say that it unlawfully confers a new authority that changes substantive rights. First off, they contend that it adds a criminal taint to a perfectly legal practice: using location to cloak your location.

“There are countless reasons people may want to use technology to shield their privacy,” wrote the Electronic Frontier Foundation earlier this year. “From journalists communicating with sources to victims of domestic violence seeking information on legal services, people worldwide depend on privacy tools for both safety and security.”

The DOJ has argued that these Rule 41 amendments are just "clarifications" of existing law:

“The amendment would not authorize the government to undertake any search or seizure or use any remote search technique not already permitted under current law,” the DOJ told Consumerist in May, noting that law enforcement would still need to demonstrate probable cause.

This statement obviously isn't true considering how many federal judges have agreed the warrant it used in the Playpen investigation exceeded existing jurisdictional limits.

Fortunately, there are legislators pushing back against the DOJ's proposed changes. Ron Wyden has sent a letter [PDF] to the DOJ -- co-signed by 22 other legislators -- asking for clarification on the DOJ's interpretation of the changes it's seeking.

One of the questions the group has is how the DOJ can produce probable cause to search thousands of devices.

Please describe any differences in legal requirements between obtaining a warrant for a physical search versus obtaining a warrant for a remote electronic search. In particular, and if applicable, please describe how the principle of probable cause may be used to justify the remote search of tens of thousands of devices. Is it sufficient probable cause for a search that a device merely be "damaged" and connected to a crime?

The letter also raises the issue of forum shopping. With jurisdictional limits removed, federal law enforcement officers are free to find judges more willing to sign off on their warrant requests, rather than being forced to work with those in the locality the alleged criminal activity took place.

The DOJ's proposed botnet cleaning efforts raise a whole set of new troubling questions, ones that Wyden and co. would like to see answered before allowing the rule changes to slide by unopposed. First, there's the question of unforeseen collateral damage -- efforts that hurt more than help.

We are concerned that the deployment of software to search for and possibly disable a botnet may have unintended consequences on internet-connected devices, from smartphones to medical devices. Please describe the testing that is conducted on the viability of "network investigative techniques" to safely search devices such as phones, tablets, hospital information systems, and internet-connected video monitoring systems.

Then there's the question about the proposed "cleaning" efforts. Under what authority will law enforcement break into Americans' computers and screw around with their software and hardware?

Will law enforcement use authority under the proposed amendments to disable or otherwise render inoperable software that is damaging or has damaged a protected device? In other words, will network investigative techniques be used to "clean" infected devices, including devices that belong to innocent Americans? Has the Department ever attempted to "clean" infected computers in the past? If so, under what legal authority?

Good questions. Hopefully, we'll see the answers sometime before December 31st.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 31 Oct 2016 @ 3:11pm

    My confidence in the DoJ is very low. I have no faith in the DoJ to so much as entertain a debate on the Rule 41 changes they want.

    reply to this | link to this | view in chronology ]

    • identicon
      Christenson, 31 Oct 2016 @ 3:34pm

      Re: Trust the DoJ!

      My confidence in the DOJ is *very high*...

      I'm confident they are the very scum they say they are trying to stop, and I have faith that they will stop at nothing.

      See James Comey and this weekend's very public re-opening of the Hillary Clinton e-mail investigation because her aide's husband is possibly a child molester and somehow that might be classified information!

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 31 Oct 2016 @ 4:05pm

        Re: Re: Trust the DoJ!

        You're mixing up the FBI with the DoJ.

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 31 Oct 2016 @ 4:21pm

        Re: Re: Trust the DoJ!

        The FBI and the DoJ aren't the same; the DoJ has been shown to have no control over the FBI.

        And the re-opening of the e-mail investigation has to do with other emails found on Weiner's computer while investigating his racy communications with a 15 yo. Emails between his wife and the Clinton Foundation.

        So you should base your confidence/lack thereof on other failings of the DoJ itself (there's lots to choose from) instead of inserting straw men and muddying up the issue.

        reply to this | link to this | view in chronology ]

  • icon
    Padpaw (profile), 31 Oct 2016 @ 3:16pm

    I somehow doubt they demanded and more likely politely asked.

    reply to this | link to this | view in chronology ]

    • icon
      Anonymous Anonymous Coward (profile), 31 Oct 2016 @ 3:26pm

      Re:

      Not only that, the response will be in doublespeak, filled with lies and false innuendo. When all is said and done, they will go out and do exactly what they intended from the get go, despite anything Congress has to say about it.

      The DOJ's point of view is justice is what we say it is, now get off my lawn.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 31 Oct 2016 @ 5:32pm

      Re: I somehow doubt they demanded and more likely politely asked.

      More like: photo copied the letter they agreed on in closed meetings, and sent it back to them through public channels to create a paper trail.

      reply to this | link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 31 Oct 2016 @ 4:00pm

    Evidence against the DoJ

    What evidence to we have that the DoJ acts more as a rogue agency than in service of the United States public?

    Oh yeah! This.

    reply to this | link to this | view in chronology ]

  • identicon
    SpaceLifeForm, 31 Oct 2016 @ 4:01pm

    More retro-cover

    Likely has already been happening
    for many years now, nee decade plus.

    https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html?m=1

    Note that ms not happy about this
    disclosure and that ms has been
    'backporting' 'fixes' to win7+.

    reply to this | link to this | view in chronology ]

  • identicon
    Norahc, 31 Oct 2016 @ 6:04pm

    I'm willimg to bet

    I'm willing to bet the DOJ will delay their response until 2017 so the Rule 41 changes will go into effect. And whatever response they do give won't mean a thing since they will just go ahead and interpret it however they want.

    reply to this | link to this | view in chronology ]

  • icon
    orbitalinsertion (profile), 1 Nov 2016 @ 10:51am

    (...)the DOJ wants to be part of the cyberwar.

    But have you seen the ads from the military? Sexy.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 1 Nov 2016 @ 6:52pm

    Once upon a time, the kind folks at the Windows Technical Support called me and wanted remote access to my computer. They said my computer had lots of viruses. I asked them how they knew, and they told me that they monitor this sort of thing. I didn't want to spread viruses, so I installed a program that let them remotely access my computer.

    They proceeded to show me lots of scary warnings and errors and then directed me to an anti-virus program. The program founds lots more problems! I was happy to pay $150 to clean up the viruses.

    I thank the kind folks at Windows Technical Support for cleaning my computer. And I would be glad to see the government get in the business of remote access as well! Think of all the problems the DOJ could clean if the DOJ had remote access to my computer!

    I don't want to be a bad Internet citizen. Do you?

    reply to this | link to this | view in chronology ]

  • icon
    David Collier-Brown (profile), 1 Dec 2016 @ 1:51pm

    Typo

    You wrote "using location to cloak your location."
    Perhaps you meant "using technoogy", "encryption"? "trained mice"?

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Show Now: Copymouse
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.