DOJ Insists That Rule 41 Change Is Not Important, Nothing To See Here, Move On Annoying Privacy Activist People
from the try-that-one-again? dept
We’ve been talking a lot about Rule 41 lately around here. As we’ve discussed, the DOJ had pushed for an update to the rule, basically granting the FBI much greater powers to hack into lots of computers, including those abroad (possibly creating diplomatic issues). We’ve been discussing the problems with the DOJ’s proposed change for years, and we haven’t been alone. Civil liberties groups and tech companies have both blasted the plans, but to no avail.
Back in March, a judicial panel approved the DOJ’s proposed changes, and the Supreme Court gave its blessing a month later. The rule changes are set to go into effect on December 1st if they’re not stopped. Senators Ron Wyden and Rand Paul have introduced a bill to block them, while the EFF, Tor and friends have kicked off a big No Global Warrants campaign, encouraging Congress to block this change.
The DOJ is being fairly proactive in trying to brush aside concerns about the Rule 41 change, and earlier this week put up a blog post insisting that there’s nothing to see here at all, and everyone who’s worried should just move along already.
The amendments do not change any of the traditional protections and procedures under the Fourth Amendment, such as the requirement that the government establish probable cause. Rather, the amendments would merely ensure that at least one court is available to consider whether a particular warrant application comports with the Fourth Amendment.
The amendments would not authorize the government to undertake any search or seizure or use any remote search technique, whether inside or outside the United States, that is not already permitted under current law. The use of remote searches is not new and warrants for remote searches are currently issued under Rule 41. In addition, most courts already permit the search of multiple computers pursuant to a single warrant so long as necessary legal requirements are met.
This is… skirting the truth, at best. Under the existing Rule 41, there are clear limits on warrants that are outside the jurisdiction of the court (see 41(b)). The new Rule 41 wipes away many of those restrictions by adding an entirely new form of warrants for “remote access to search electronic storage media.” This is the kind of thing that Congress is supposed to decide upon, not the courts at the behest of the DOJ. If Congress hasn’t granted this authority, it’s pretty ridiculous for the courts to just do it on their own, and, furthermore, to insist this is little more than an administrative change.
The DOJ also leaves out that the new rules also effectively wipe out the requirement to give a copy of the warrant to the person whose computers are being hacked. Yes, the new rules require a “receipt” but they switch to a “reasonable efforts” standard, rather than the current standard, which is that they must give it to the person or “leave a copy” where the property was taken. That pretty much guarantees that some of the people who are hacked following this won’t even know about it.
And if it were really true that this new rule doesn’t change anything, then why is the DOJ pushing so hard for it? Remember that a bunch of courts have been throwing out some of these searches as being illegal, so clearly there’s an issue here.
The DOJ insists that the new rules only apply in narrow cases WHERE YOU SHOULD ALL BE AFRAID because EXPLOITED CHILDREN ARE AT RISK IF YOU DON’T ALL SHUT UP.
First, where a suspect has hidden the location of his or her computer using technological means, the changes to Rule 41 would ensure that federal agents know which judge to go to in order to apply for a warrant. For example, if agents are investigating criminals who are sexually exploiting children and uploading videos of that exploitation for others to see?but concealing their locations through anonymizing technology?agents will be able to apply for a search warrant to discover where they are located. A recent investigation that utilized this type of search warrant identified dozens of children who suffered sexual abuse at the hands of the offenders. While some federal courts hearing cases arising from this investigation have upheld the warrant as lawful, others have ordered the suppression of evidence based solely on the lack of clear venue in the current version of the rule.
I’m all for the DOJ going after people sexually exploiting children. It seems like a pretty good use of their time. But we should always be skeptical when law enforcement starts throwing out “sexually exploited children!” and “terrorism!” as reasons to upend existing rules. Especially when they cover something as important as how broadly the FBI and DOJ can hack into people’s computers.
The FBI has a rather long history of abusing its surveillance powers, and especially seeking to avoid strict oversight. Approving such a change just because the DOJ is insisting it’s “FOR THE CHILDREN, WON’T YOU PLEASE THINK OF THE CHILDREN!” isn’t a particularly good reason. If the DOJ really thinks this kind of expansion of its ability to hack computers both at home and overseas (again: this is a diplomatic nightmare waiting to happen) is really so important, then it should have Congress pass a law, rather than insisting that it’s nothing more than an administrative change to clarify a rule.