FBI Plan to Expand Hacking Powers Moves Forward
Justice Department dismisses concerns over privacy and other rights
A judiciary panel on Monday quietly approved a rule change that would increase the Federal Bureau of Investigation's surveillance powers, despite concerns over privacy and constitutional rights.
The Judicial Conference Advisory Committee on Criminal Rules voted 11-1 to modify a rule that gives federal judges more flexibility in approving search warrants for electronic data. If passed, it will allow judges to approve warrants for computers that are outside their judicial district, or when the location of the computer is unknown.
Opponents of the rule—which include tech giants alongside privacy advocates—have previously warned of the risks of expanding the FBI's hacking powers. The Department of Justice first requested the modification last October.
The proposed new policy "substantively expands the government’s current authority," and "raises a number of monumental and highly complex constitutional, legal and geopolitical concerns," according to Google, which filed comment with the committee last month.
The Justice Department has previously argued that expanding those judicial powers is necessary to target address changes in technology, such as in cases where a single computer network spans multiple jurisdictions, which could stall criminal investigations.
However, as Google points out in its comments, the change risks violating the Fourth Amendment, as it could authorize searches on thousands of internet users whose traffic is routed through a targeted server.
Privacy advocates have been fighting the rule change since it was introduced in November. At the time, the ACLU warned, "The government seeks to conduct its searches using techniques that pose a serious risk to cybersecurity, and that may fail" the constitution's protection against unreasonable search and seizure.
"The government does not describe the almost incomprehensibly large storage capacity of many cloud-based services, the vast amount of personal information now stored on the cloud, or the dizzying array of cloud storage services to which a computer may be connected," ACLU added in its comments to the committee.
Although the committee approved the rule on Monday, it still has to pass a review by the Standing Committee on Rules of Practice and Procedure, which generally makes decisions on proposals during its annual meeting in June. If approved by that committee, the rule would next go to the Judicial Conference in September.
From there, it would have to go through the U.S Supreme Court and Congress.
In an unusual move, the Justice Department responded to Google's concerns on Tuesday, claiming that the rule would not result in any searches not currently permitted under law.
Opponents begged to differ.
"Although presented as a minor procedural update, the proposal threatens to expand the government's ability to use malware and so-called 'zero-day exploits' without imposing necessary protections," ACLU attorney Nathan Freed Wessler said in a statement. "The current proposal fails to strike the right balance between safeguarding privacy and internet security and allowing the government to investigate crimes."