US justice department seeks to expand FBI’s hacking powers
April 26, 2016
Shah Sheikh (1294 articles)

US justice department seeks to expand FBI’s hacking powers

A justice department bid to rewrite an arcane rule has critics warning of a dramatic expansion of the FBI’s power to hack suspect computers — no matter where in the world they are located.

Federal prosecutors say the change is needed to keep pace with technology that lets computer users mask their identity and thwart the traditional process for obtaining search warrants. Magistrate judges can usually authorise searches only of property located within their geographic districts. The justice department wants them empowered to approve remote searches of computers anywhere, even outside the US.

“This is a major policy change,” says Ron Wyden, the Democratic Senator from Oregon. “It vastly expands the government’s hacking authority . . . This gives the government authority to plant malware on 1m computers with one warrant from one judge.”

The FBI’s hacking campaign has attracted far less attention than the bureau’s ongoing battle with Appleover encryption technology. But it comes as many Europeans are already alarmed by the overseas reach of US law, as in the DoJ’s bid to force Microsoft to surrender emails stored in Ireland. Some critics now warn that the FBI’s legal hacking risks further embroiling foreign computers in US police work.

Justice department officials say the proposed change in “Rule 41” of the federal rules of criminal procedure is a modest tweak that does not alter the government’s existing powers. The proposal, which also makes it easier for the government to target automated networks of computers known as “botnets”, is among two dozen changes expected to be adopted by the Supreme Court by May 1. Barring congressional intervention, the new rules take effect on December 1.

However modest, the Rule 41 proposal has ignited a broader debate about the FBI’s roughly 15-year-old legal hacking effort.

Technology companies such as Google, the American Civil Liberties Union and an association representing more than 10,000 criminal defence attorneys fear the shift will open the door to unconstitutional searches. All say that the rule change — and the FBI’s use of sophisticated digital tools — should be debated by Congress.

Over a two-year period, the FBI used hacking techniques in at least 16 cities, including Los Angeles, Miami, New Orleans and St Louis, according to a recent law journal article by Brian Owsley, a law professor at Texas Tech University School of Law. Agents employed the tools, more commonly used by digital outlaws, to investigate bomb threats, bank fraud and identity theft.

When authorised by a judge, the FBI uses special software — known as a network investigative technique or NIT — to remotely search computers suspected of criminal use. The technology is often used to investigate child pornography websites hosted on the Tor browser, which cloaks users’ identities by bouncing their digital traffic among numerous servers. When an individual logs on to a site hosting illegal sexual images of children, the NIT delivers malware to their computer that extracts its IP address and other identifying information.

If agents know a suspect’s email address, they may use a “phishing” approach, sending an email that invites the recipient to click on a link or download an attachment that activates the data-extraction software.

Chuck Grassley, the chairman of the Senate Judiciary Committee, last year questioned the government’s spyware use in a letter to FBI Director James Comey, saying it raised “serious privacy concerns”.

David Bitkower, principal deputy assistant attorney-general, said the FBI’s remote computer searches were lawful and would not be broadened by the rule change. And he dismissed what he called “the parade of horribles” invoked by critics as ill-informed.

In October, the Judicial Conference, the national policymaking body for federal courts, backed the government. “Much of the opposition reflected a misunderstanding of the scope of the proposal,” it concluded.

Some types of FBI malware activate a computer’s webcam, search the hard drive, and generate latitude and longitude coordinates for its location, all of which is then transmitted to FBI agents. In one such case in 2013, involving allegations of bank fraud and identity theft, Magistrate Judge Stephen Smith in Texas denied the government’s search warrant request warning of the risk that “innocent” computers would be infected, perhaps in other countries.

That rejection launched the justice department on its effort to rewrite the rule. Mr Bitkower could not say how many warrant applications have been denied for jurisdictional reasons. But prosecutors have reason to worry that what so far has been a limited problem will only grow.

Last week, a judge in Massachusetts threw out evidence gathered by FBI spyware in a case against a man accused of possessing child pornography. District Judge William Young ruled that the magistrate judge in the Eastern District of Virginia who had approved the warrant application lacked authority to do so because the defendant’s computer was located in Massachusetts.

Mr Young called the FBI’s hacking devices “legitimate law enforcement tools” and said that “perhaps” magistrate judges should have the power to issue such warrants. “Today, however, no magistrate judge has the authority to issue this NIT warrant,” he ruled.

The government suffered another setback in a courtroom in Tacoma, Washington, where a school teacher is being tried on felony charges of possessing and receiving child pornography. Jay Michaud of Vancouver, Washington, was arrested last year following an FBI investigation of a website called Playpen, described as the largest online collection of child sexual images in the world.

FBI agents seized the server that hosted Playpen in February 2015 and kept the website active for two weeks in order to identify its patrons. Investigators infected Playpen with malware that collected about 1,300 IP addresses belonging to individuals who logged on to the password-protected site, which was accessible only via special software.

Prosecutors now are fighting Judge Robert Bryan’s order to disclose to the defence the technical details of the FBI’s malware deployment. In a heavily redacted filing, prosecutors argued that the defence already has access to the computer code that searched Mr Michaud’s hard drive and does not need to know how the malware was transmitted.

A hearing on the government’s motion to reconsider the order is scheduled for May 13.

Source | FT