A committee of judges that sets national policy governing criminal investigations will try to sort through it all. It’s weighing a proposal made public yesterday that would give federal agents greater leeway to secretly access suspected criminals’ computers in bunches, not simply one at a time.
The underlying goal is to take rules written for searching property and modernize them for the Internet age. The proposal arrives at a precipitous time for a government still managing backlash to electronic spying by the National Security Agency that was exposed last year by contractor Edward Snowden.
“What I think we’re looking for as a society is a way to investigate crime while limiting the exposure of information that should be kept private,” said Stephen Saltzburg, a law professor at George Washington University.
While the intent of the proposal is reasonable, the idea of law enforcement potentially placing malware on computers of innocent Americans that can access personal data is a cause for concern, he said.
“I don’t think many Americans would be comfortable with the government sending code onto their computers without their knowledge or consent,” Nathan Freed Wessler, a lawyer with the American Civil Liberties Union, said in a telephone interview. “The power they’re seeking is certainly a broad one.”
Child pornographers and other criminals are increasingly using technology to shield their identities, according to the department. Such technology includes proxy servers that mask the true Internet addresses of a criminal’s computer, or the use of hundreds or thousands of compromised computers known as a botnet.
Still, privacy advocates contend the more aggressive hacking powers may violate rights of the innocent.
“We have real concerns about allowing the police too much ability to search with too little oversight,” said Hanni Fakhoury, a lawyer at the San Francisco-based Electronic Frontier Foundation, a privacy group. The DOJ proposal would “dramatically expand the reach of federal prosecutors and investigators.”
The rule would lift the geographical restriction on warrants for computer investigations, permit agents to remotely access computers when locations have been “concealed through technological means,” and allow a single warrant for searches of certain computers located in five or more judicial districts.
It has a long way to go before getting approval.
If the standing committee agrees to take up the matter, the proposal would be opened for public comment in August for six months. It could be amended before the comment period begins and would eventually need to be reviewed by Congress for changes.
The Justice Department includes the Federal Bureau of Investigation, Drug Enforcement Administration and the Bureau of Alcohol, Tobacco, Firearms and Explosives.
Federal agents now can obtain warrants allowing them to send malicious software over the Internet to computers suspected of being used in crimes. However, the law limits those remote searches to the district where the judge who issued the warrant is located, when the actual locations of computers used in crimes may not be known.
Botnet computers could be spread across many or all of the nation’s 94 judicial districts. Going after them requires judges in each different district to issue warrants, a time consuming process that creates delays and wastes investigative resources, according to the Justice Department.
“This proposal ensures that courts can be asked to review warrant applications in situations where it is currently unclear what judge has that authority,” a Justice Department spokesman, Peter Carr, said in an e-mailed statement. “The proposal makes explicit that it does not change the traditional rules governing probable cause and notice.”
The proposal was published yesterday for consideration by the Judicial Conference Committee on Rules of Practice and Procedure, commonly called the standing committee, which meets at the end of the month.
“The proposed amendment would enable investigators to conduct a search and seize electronically stored information by remotely installing software on a large number of affected victim computers pursuant to one warrant issued by a single judge,” according to an analysis by the committee. “The current rule, in contrast, requires obtaining multiple warrants to do so, in each of the many districts in which an affected computer may be located.”
The government can keep these so-called remote access operations secret from their target for as many as 30 days -- longer if an extension is approved by a judge.
Obtaining a single warrant to use malware to search potentially thousands of computers in unknown locations would violate constitutional requirements that court-authorized searches be narrow and particular, Fakhoury of the Electronic Frontier Foundation said.
He said he questions whether investigators could use the new rule to bypass legal requirements in accessing data stored online, such as within Google Inc. (GOOG)’s Drive cloud service or Microsoft Corp. (MSFT)’s Outlook e-mail accounts.
A Google spokeswoman, Niki Christoff, and a Microsoft spokeswoman, Kathy Roeder, said their companies declined to comment.
The department must describe the computer it wants to target with as much detail as possible. For example, an investigator may be covertly communicating with a suspected child molester and know an IP address, and then obtain a warrant to use malware to find the actual location. In the case of botnets, malware might be used to try to free the compromised computers from a criminal’s control.
The Justice Department’s effort appears to be in response to an April 2013 court ruling denying a search warrant for a remote-access operation, said Wessler, with the ACLU.
In that case, U.S. Magistrate Judge Stephen Smith of the Southern District of Texas picked apart the government’s request to secretly install software on an unknown computer in an unknown location that could extract stored electronic records and even activate the computer’s built-in camera.
Smith said the computer could be located in a public place or used by family members or friends not involved in illegal activity, and that the request didn’t satisfy constitutional requirements.
Wessler said the government should be required to exhaust other options for finding and accessing computers suspected of being used in crimes, such as serving individual warrants on Internet service providers.
While federal investigators make efforts to use other tactics, “the use of remote searches is often the only mechanism available to law enforcement to identify and apprehend” criminals, said Carr, the Justice Department spokesman.