FBI’s TOR, VPN-targeted Warrants Amount to Court Sanctioned Mass Surveillance

| Analysis

Anonymous Web surfing, VPNs, TOR, and even falling victim to malware could soon be enough justification for the FBI to brand you a criminal. Proposed Federal court changes will give judges the authority to issue mass search and seizure warrants—including remotely hacking into computers anywhere—that include victims of crimes as well as suspects. The rule amendments are so broad sweeping they amount to court sanctioned mass surveillance.

New warrant rules give DOJ sweeping surveillance powersNew warrant rules give DOJ sweeping computer surveillance powers

The changes where made at the Department of Justice's request and are part of what's known as Rule 41. Unless Congress overrides them, they will go into effect on December 1. The key change states:

A magistrate judge with authority in any district where activities related to a crime may have occurred has authority to issue a warrant to use remote access to search electronic storage media and to seize or copy electronically stored information located within or outside that district if: (A) the district where the media or information is located has been concealed through technological means; or (B) in an investigation of a violation of 18 U.S.C. § 1030(a)(5), the media are protected computers that have been damaged without authorization and are located in five or more districts.

The change affects two groups: technology users who have taken any action that obscures who they are online, or their physical location; and devices with any form of malware installed. It also lets Federal judges authorize related search and seizure warrants outside their own jurisdiction, which ultimately could include other states or countries.

Targeting internet users who hide their online activity or location makes sense from the perspective that criminals are likely to do just that. DOJ spokesperson Peter Carr said,

Criminals now have ready access to sophisticated anonymizing technologies to conceal their identity while they engage in crime over the Internet, and the use of remote searches is often the only mechanism available to law enforcement to identify and apprehend them.

The problem is that criminals, hackers, and terrorists aren't the only people using these technologies. Considering far more people use these tools for legitimate purposes, the likelihood is high the FBI will ultimately intrude into private lives where it has no legitimate business snooping.

"There are countless reasons people may want to use technology to shield their privacy," said EFF Activism Director Rainey Reitman. "From journalists communicating with sources to victims of domestic violence seeking information on legal services, people worldwide depend on privacy tools for both safety and security."

She added,

If this rule change is not stopped, anyone who is using any technological means to safeguard their location privacy could find themselves suddenly in the jurisdiction of a prosecutor-friendly or technically-naïve judge, anywhere in the country.

The second group of people, those using malware-laden computers, face a double threat: not only is their computer susceptible to data loss and theft, but they could be hacked by the government who are remotely accessing their data, as well. Considering the government's less than stellar history with securing its own intrusion code, that creates a new potential security weakness for hackers to exploit.

In other words, the DOJ could be creating new security weaknesses in the computers it targets with remote surveillance warrants. Since the warrants can include 

While the DOJ and FBI say these new rules are necessary to protect us, not everyone agrees. Senator Ron Wyden (D-OR), who sits on the Senate Intelligence Committee, said the changes will treat victims like criminals, so he's going to introduce a bill in a move to block them from going into effect.

Senator Wyden said,

Under the proposed rules, the government would now be able to obtain a single warrant to access and search thousands or millions of computers at once; and the vast majority of the affected computers would belong to the victims, not the perpetrators, of a cybercrime.

Passing legislation to block the amendments to Rule 41 sounds like a good move, but it may be difficult to implement. The DOJ has many supporters for its efforts to extend its reach into personal and private data, and passing legislation linked to controversial topics is painful at best during a presidential election year.

Hopefully Senator Wyden will be able to find enough support in both the House and Senate to block the changes before December. If not, get ready for the FBI's criminal investigation search warrants that amount to little more than mass surveillance tools.

Popular TMO Stories

Comments

Jamie

Good grief, let’s hope Congress kills it. This is getting beyond scary at this point, and it’s just another excuse. How much longer will it be before they start banning free speech online, too? Our modern-day firemen need to wake up, before we start burning things.

wab95

The problem is that criminals, hackers, and terrorists aren’t the only people using these technologies. Considering far more people use these tools for legitimate purposes, the likelihood is high the FBI will ultimately intrude into private lives where it has no legitimate business snooping.

Well, if the problem is being able to distinguish the criminal from the non-criminal, perhaps the FBI could just proactively arrest everybody now who is either using these technologies, as well as the developers who wrote the code, and see what happens to the crime rate. Call it Rule 42. If criminal activity goes down, then job done. The courts can sort out who’s the criminal or not…whenever.

The second group of people, those using malware-laden computers, face a double threat: not only is their computer susceptible to data loss and theft, but they could be hacked by the government who are remotely accessing their data, as well.

So, here’s another idea. Instead of all of this political correctness and sneaking around, why not just have the DOJ create a public internet portal, kind of like AOL, except the purpose here would be to let the Feds see everything people are doing online. Let people just opt in for the service, or better yet, just enrol everyone and let them opt out. Every law abiding citizen will want to opt in, I mean, who wouldn’t, right? And, the Feds could monitor the service to make sure that they’re the only ones patrolling our computers. Everybody would be safe, because it’s not like the government ever gets hacked. Those few stragglers who don’t opt in, mainly the bad guys, would just stick out. Maybe that could be Rule 43. Brilliant.

I agree with @Jamie above. However, this is becoming so patently absurd at a time when distrust and dislike of government has seldom been higher that at some point this will backfire. If Rule 41 stands, I have little doubt that, in short order, the DOJ will be spending more time and resources fighting challenges in court than in pursuing bad guys, a case of truly diminishing returns. If the backlash is severe enough, the government could even lose ground on those legitimate occasions when surveillance of suspected bad guys is warranted.

geoduck

Jamie
I don’t expect Congress to kill it, or do anything for that matter. First it’s an election year so for the next nine months any bill brought up by any member will be killed by the members of the opposite party. Hell, they can’t even get the Supreme Court space filled. Secondly in an election campaign neither party wants to appear soft on Crime/Terrorism/Pedophiles/Boogyment/etc. They know that the opposite party will spin any vote on something like this as befriending your neighborhood terrorist not protecting your rights. But wait, it gets worse. A year from now when President Trump is in office (I honestly give it a 60-75% chance) you might as well use the constitution for TP.

So glad I escaped when I did.

Jamie

Thanks, wab95. Regarding your post, Facebook and its ilk more or less *are* our modern day AOL portal.

And yeah, I don’t either, geoduck. I would, based on conversations I’ve had, put the likelihood of a Trump presidency even slightly higher. My inner conspiracy theorist wink thinks it’s all been a setup anyway, given his past ties with the Clintons. Who knows? What I do know is that if we continue on our current course, things are going to get ugly unless we can find some kind of recourse.

Apple may not be perfect, but they are literally the only tech corporation of their magnitude that even cares a teeny little bit.

geoduck

Jamie
Funny you should say that. I was just thinking that it kinda reminds me of the Simpson’s Halloween Special where the election came down to Kang vs Kodos.

Fastflyer111

I guess they had better follow up with a rule change to make it probable cause for a search warrant if anyone installs window shades or door locks on their residences because a crime MAY HAVE occurred there.

zewazir

Welcome to the New World Order, where department heads can write new laws by calling them “rule changes”; where congress (who is supposed to be the ones writing new laws, not the executive branch) is only given the “opportunity” to override them; where the Constitution is deemed outdated and ignored at will; and where any and all personal liberties are randomly suspended under any number of excuses, from “security” to “political correctness”.

And people thought we had it bad under Bush with his administration’s FISA bill.  (At least Bush had Congress write the law.)

FCompton

After the craziness of this day, this is probably the last thing I wanted to read. This is really getting crazy.

I’m with you zewazir: do any of these guys know how our government was constructed. Most of what is coming out of there these days seems almost illegal to me. (But then, I guess he who wields the stick, makes the rules, right)

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account