Sergey Nivens - Fotolia

Activists, DOJ spar over Rule 41 changes to enhance FBI searches

EFF and privacy activists oppose Rule 41 changes, while the Department of Justice claims the changes do not alter 'traditional protections' under the Fourth Amendment.

The fight over changes to Rule 41 kicked into high gear this week, as privacy rights activists and tech firms joined forces to protest the changes in an open letter to congressional leaders, urging them to block the changes before they become permanent at the end of the year.

Meanwhile, the Department of Justice has clarified its position on Rule 41, with a new blog post defending the changes. The changes to Rule 41 of the Federal Rules of Criminal Procedure expand the authority of federal judge magistrates to issue search warrants for hacking and surveillance of computers located outside the jurisdiction of the judge issuing those warrants.

The updates to Rule 41 "do not change any of the traditional protections and procedures under the Fourth Amendment, such as the requirement that the government establish probable cause," Leslie R. Caldwell, assistant attorney general of the criminal division of the Department of Justice, wrote in the blog post. "Rather, the amendments would merely ensure that at least one court is available to consider whether a particular warrant application comports with the Fourth Amendment."

More than 50 tech companies, including Google, PayPal and Evernote, joined with civil and privacy rights activist organizations, including the Electronic Frontier Foundation and the American Civil Liberties Union, to oppose changes to the formerly obscure Rule 41. The coalition signed an open letter to Congress leadership, in which they called the changes to Rule 41 dangerously broad.

"The changes to Rule 41 give federal magistrate judges across the United States new authority to issue warrants for hacking and surveillance in cases where a computer's location is unknown," the letter read. "This would invite law enforcement to seek warrants authorizing them to hack thousands of computers at once -- which it is hard to imagine would not be in direct violation of the Fourth Amendment. It would also take the unprecedented step of allowing a court to issue a warrant to hack into the computers of innocent internet users who are themselves victims of a botnet."

Caldwell, however, disagreed: "This change would not permit indiscriminate surveillance of thousands of victim computers -- that is against the law now, and it would continue to be prohibited if the amendment goes into effect."

The open letter charged the changed Rule 41 "fails to provide appropriate guidelines for safeguarding privacy and security, and it circumvents the legislative process that would provide Congress and the public the critically necessary opportunity to evaluate these issues."

According to Caldwell, however, the changes to Rule 41 would apply only in two narrow circumstances. The first instance is "where a suspect has hidden the location of his or her computer using technological means," such as by using the Tor anonymizing network or a virtual private network connection. "The changes to Rule 41 would ensure that federal agents know which judge to go to in order to apply for a warrant," she wrote.

Caldwell argued the changes to Rule 41 would have prevented the recent suppression of evidence in some federal courts that were hearing cases where defendants were using such means to avoid detection. In those cases, the FBI had used a network investigative technique to deanonymize Tor users who were subsequently charged in relation to an investigation into a child pornography site hosted on a hidden server on the Tor network.

The other circumstance in which the changes to Rule 41 would have effect is "where the crime involves criminals hacking computers located in five or more different judicial districts." Caldwell wrote that "the changes to Rule 41 would ensure that federal agents may identify one judge to review an application for a search warrant, rather than be required to submit separate warrant applications in each district -- up to 94 -- where a computer is affected."

According to Caldwell, the change to Rule 41 would not give the government access to any type of search, or use of any technique for search, not permitted under current law. "The use of remote searches is not new, and warrants for remote searches are currently issued under Rule 41," she wrote. "In addition, most courts already permit the search of multiple computers pursuant to a single warrant, so long as necessary legal requirements are met."

There is bipartisan opposition to the Rule 41 changes led by Sens. Ron Wyden (D-Ore.) and Rand Paul (R-Ky.), who introduced the Stopping Mass Hacking Act last month in an effort to stop the changes to Rule 41. The rule change is due to take effect on Dec. 1, 2016, and was approved by the Standing Committee on Rules and the Judicial Conference, and adopted by the U.S. Supreme Court this April 28.

Next Steps

Find out more about Rule 41, and why privacy and security experts are wary of the changes.

Read about the FBI's stance on the necessity for encryption backdoors.

Learn more about the FBI's efforts to bypass encryption and avoid the "going dark" problem.

Dig Deeper on Emerging cyberattacks and threats