Major tech companies are pressuring on Congress to block a change to federal criminal procedure to allow government-run hacks on multiple computers with a single warrant. The Justice Department is trying to smooth over the consternation with an education campaign.
A group of 50 organizations, including Google Inc. and PayPal, along with the American Civil Liberties Union and the Computer and Communications Industry Association, wrote a letter Tuesday to Senate and House leaders, urging them to support legislation that would reverse new procedures that they call “dangerously broad.”
The Justice Department, the agency that requested the change, tried to assure naysayers on Monday that its requested tweaks to how computer investigations take place “do not change any of the traditional protections and procedures under the Fourth Amendment.”
The Supreme Court approved the DOJ’s requested changes to Rule 41 of the Federal Criminal Procedure in April. The changes expand the power of federal judges to issue warrants for those government-run hacking operations in any jurisdiction. Judges are currently limited to their own physical locale. Without congressional intervention, the change will go into effect Dec. 1.
People in the tech and privacy communities are worried about the expansion of federal hacking power, and they’re hoping to make waves on Capitol Hill as the December deadline draws closer.
Staunch privacy advocate Sen. Ron Wyden (D-Ore.) has introduced legislation that would reverse the court-approved changes. Rep. Ted Poe (R-Texas) sponsors the House companion version. Keith Chu, Wyden’s spokesman, said Wyden’s office has had “encouraging conversations” with other staffers and lawmakers about blocking the rule change, but neither the House or the Senate bill has been scheduled for a committee hearing.
Tuesday’s letter says the changes in procedure would “invite law enforcement to seek warrants authorizing them to hack thousands of computers at once — which it is hard to imagine would not be in direct violation of the Fourth Amendment.”
Congress “has never authorized government hacking as an investigative tool in this manner and has not established clear rules for when and how such dangerous techniques should be used,” the letter said.
The Justice Department defends its requested changes by saying the rule change wouldn’t allow remote searches that aren’t already allowed. “The amendments would not authorize the government to undertake any search or seizure or use any remote search technique, whether inside or outside the United States, that is not already permitted under current law,” Assistant Attorney General Leslie R. Caldwell wrote in Monday’s post. “The use of remote searches is not new and warrants for remote searches are currently issued under Rule 41.”
Most courts “already permit the search of multiple computers pursuant to a single warrant” if all legal requirements are met, Caldwell added.
Tech and privacy advocates also say that the rule change targets individuals who use tools to shield the location data of their computer for privacy reasons. The groups argue that there are many innocent reasons one could do this, including journalists messaging sources and domestic violence victims attempting to find legal help.
“Such tools should be actively promoted as a way to safeguard privacy, not discouraged,” the groups said.
The DOJ, however, sees the ability to break a location shield as an essential tool. “If agents are investigating criminals who are sexually exploiting children and uploading videos of that exploitation for others to see — but concealing their locations through anonymizing technology — agents will be able to apply for a search warrant to discover where they are located,” Caldwell wrote.
But it’s not just the issue of government surveillance, opponents say. It could also negatively impact international relations, specifically trade.
The changes “will further raise tensions with allies like Europe, and exacerbate existing international conflicts of law over technology and data,” CCIA President and Chief Executive Ed Black said in a separate Tuesday statement. His trade group, which represents Amazon.com Inc., Facebook Inc. and Microsoft Corp., is among the signatories on the letter.
The U.S. has endured a tense six months with the European Union analyzing the data security and the surveillance practices of the American government. European data regulators recently rejected the new data-sharing agreement with the U.S. because of fears that Europeans’ personal information could get swept up in bulk data collection.