U.S. gains expanded hacking powers thanks to rule changes

To the dismay of privacy advocates, the U.S. government has gained expanded hacking powers under rule changes that took effect today.

The changes in Rule 41 of the Federal Rules of Criminal Procedure give judges power to authorize warrants beyond their jurisdictions and makes it easier for the FBI to get permission to remotely hack into computers both in the U.S. and overseas during a criminal investigation.

The Justice Department had pushed for the changes, saying the government needed it to keep up with the times, and technological advances that are being exploited by criminals. In a blog post in June, Assistant Attorney General Leslie R. Caldwell of the Criminal Division said the amendments apply in “two narrow circumstances”: when a suspect is using technology to hide his location, and when a hack involves five or more judicial districts.

Critics, which include tech companies such as Google and PayPal, say the rule changes could be more harmful than that.

Wednesday, as he and a couple of other senators tried in vain to get Congress to hold hearings on the issue, Sen. Ron Wyden, D-Oregon, reportedly called the changes “one of the biggest mistakes in surveillance policy in years” that would give the government “unprecedented authority to hack into Americans’ personal phones, computers and other devices.”

The Electronic Frontier Foundation, the San Francisco-based digital-rights advocacy group, earlier this year expressed its concerns about the changes, noting that anyone who uses anonymity software for whatever reason — such as journalists or domestic-violence victims, for example — could be affected.

“Anyone who is using any technological means to safeguard their location privacy could find themselves suddenly in the jurisdiction of a prosecutor-friendly or technically-naive judge, anywhere in the country,” Rainey Reitman, activism director for the EFF, wrote in April.

Another senator raised concerns Wednesday about the FBI’s expanded power in hacking investigations.

“What this means is that the victims of hacks could be hacked again by their very own government,” said Sen. Steve Daines, R-Montana, who also gave a speech Wednesday lamenting the fact that Congress never held hearings on the rule changes.

The EFF’s Reitman warned about the same thing: “Victims of malware could find themselves doubly infiltrated: their computers infected with malware and used to contribute to a botnet, and then government agents given free rein to remotely access their computers as part of the investigation.”

But Caldwell of the DOJ wrote earlier this week: “The possibility of such harm must be balanced against the very real and ongoing harms perpetrated by criminals — such as hackers who continue to harm the security and invade the privacy of Americans through an ongoing botnet, or pedophiles who openly and brazenly discuss their plans to sexually assault children.”

The rule changes were proposed by an advisory committee to the Federal Rules of Criminal Procedure and were passed on to Congress by the Supreme Court. Sens. Wyden and others introduced legislation that would’ve delayed the rule changes until Congress could hold hearings on the matter but failed to get legislators to act.


Photo from Associated Press


Tags: , , , , , ,


Share this Post