Will New Criminal Procedure Rule Changes Expand Gov't Hacking?
Last Thursday, the Supreme Court announced changes to the Federal Rules of Criminal Procedure, which govern criminal prosecutions in federal courts. Those amendments would make it easier to serve summons on foreign organizations without a U.S. presence, reduce the time for responding to electronic service, and allow judges to issue warrants for remote searches of electronically stored information outside of their district.
And it's that last change which will likely have the biggest impact, removing a procedural barrier to government investigations and, critics claim, expanding the government's hacking powers.
Getting Rid of Geographic Limitations to Government Hacking
Under the current rules, federal judges can issue search warrants only for property within the judge's district, with several exceptions. The new changes would remove those geographic limitations, at least when it came to remote electronic searches.
The revisions write in two more exceptions to Federal Rule of Criminal Procedure 41. The first allows judges to issue "a warrant to use remote access to search electronic storage media and to seize or copy electronically stored information within or outside that district."
That is, judges can now permit hacking into computers no matter where those computers are located -- whether they're in Thailand or Texas would make no difference.
The changes also add a second, more limited exception to Rule 41. Under this revision, courts may issue warrants specifically for damaged computers located in five or more districts, to be searched as part of an investigation brought under the Computer Fraud and Abuse Act.
But, if the changes do make it easier to get a warrant and hack into computers, at least those hacked might know about it. The revisions also require law enforcement to "make reasonable efforts to serve a copy of the warrant" when conducting remote electronic searches.
Does It Matter?
Plenty of privacy advocates and civil libertarians are up in arms about the changes.
When the rule change was being considered by the Judicial Conference of the United States, the ACLU recommended "extreme caution" before taking changes that could lead to expanded government hacking, including "the use of malware and other techniques that pose a risk to Internet security and that raise Fourth Amendment and policy concerns."
Google believes the rule change could allow the government "to conduct mass hacks on computer networks," Reuters reports.
The new Rule 41 has its defenders, however. The Department of Justice says that they are necessary to allow it to "successfully investigate and prosecute sophisticated Internet crimes," including those involving "botnets ... and Internet anonymizing technologies."
The Judicial Conference's Committee on Rules of Practice and Procedure responded to objections in it's September, 2015, report, noting that "the proposal addresses venue; it does not itself create authority for electronic searches or alter applicable constitutional requirements."
The rule changes will go into effect on December 1st, 2016, unless Congress takes action. Currently, only one Senator has raised any objections.
Related Resources:
- Rule 41 Change Nets Supreme Court Thumbs-up, But Where's It Going Next? (Politico)
- U.S. Government Was Hacked 77,000 Times Last Year (FindLaw's Technologist)
- Supreme Court Takes up Attorney's Fees in Copyright Cases (FindLaw's Technologist)
- Supreme Court Wrestles With Inter Partes Review Standards (FindLaw's Technologist)