The U.S. Department of Justice wants new authority to hack and search remote computers during investigations, saying the new rules are needed because of complex criminal schemes sometimes using millions of machines spread across the country.
Digital rights groups say the request from the DOJ for authority to search computers outside the district where an investigation is based raises concerns about Internet security and Fourth Amendment protections against unreasonable searches and seizures.
"By expanding federal law enforcement's power to secretly exploit 'zero-day' vulnerabilities in software and Internet platforms, the proposal threatens to weaken Internet security for all of us," Nathan Freed Wessler, a staff attorney with the American Civil Liberties Union, said by email.
The proposal, which was made public Friday, raises serious privacy concerns, Wessler added, because it would "significantly expand the circumstances under which law enforcement can conduct secret, remote searches of the sensitive contents of people's computers. Our computers contain a wealth of private information about us, and it is crucial that the courts place strict limits on secret electronic searches by law enforcement."
The DOJ proposal comes after nearly a year of leaks about broad U.S. National Security Agency surveillance programs.
But a change in the federal rules of criminal procedure is needed to investigate botnets and crimes involving anonymizing technologies, the DOJ said in a September letter to the Advisory Committee on the Criminal Rules. The DOJ has asked the U.S. court system to give judges authority to issue search warrants for computers outside their districts.
Investigators are increasingly encountering crimes where they "can identify the target computer, but not the district in which it is located," Mythili Raman, then an acting assistant attorney general, wrote in the letter. "Criminals are increasingly using sophisticated anonymizing technologies when they engage in crime over the Internet."
Raman, now working at a private law firm, also pointed to criminals' use of botnets as a need for the rules change. A large botnet investigation could involve computers in dozens of judicial districts, she wrote.
"Criminals are using multiple computers in many districts simultaneously as part of complex criminal schemes, and effective investigation and disruption of these schemes often requires remote access to Internet-connected computers in many different districts," Raman wrote. "Botnets are a significant threat to the public: they are used to conduct large-scale denial of service attacks, steal personal and financial data, and distribute malware designed to invade the privacy of users of the host computers."
Yet, current rules of criminal procedure established by the U.S. court system allow magistrate judges to issue search warrants for property outside the judge's district in only limited circumstances, the DOJ noted. The DOJ's request for the rules change is scheduled to be discussed at the meeting of the U.S. courts' Committee on Rules of Practice and Procedure in Washington, D.C., later this month.
A DOJ spokesman downplayed privacy concerns, saying judges would have to issue warrants for the remote computer searches. The rules change would relate only to expanded venues for warrant applications, he said.
"The key thing to highlight is that our proposal would not authorize any searches or remote access not already authorized under current law," spokesman Peter Carr said by email. "The probable cause and particularity standards we have to meet to obtain the warrant from the court do not change, and the execution of the warrant remains under the supervision of the court."
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.