No Truce With Kings

Ars Technica has an article about who decides how to pursue those suspected of cybercrime. On the one hand, it seems like a procedural change.

On the other hand, it seems like a way empower even more intrusive surveillance by the government.

As usual, read it and decide for yourself.

Feds want an expanded ability to hack criminal suspects’ computers
Proposed rules to let one judge authorize “remote access” essentially anywhere.

The United States Department of Justice wants to broaden its ability to hack criminal suspects’ computers, according to a new legal proposal that was first published by The Wall Street Journal on Thursday. [March 27^th]

If passed as currently drafted, federal authorities would gain an expanded ability to conduct “remote access” under a warrant against a target computer whose location is unknown or outside of a given judicial district. It would also apply in cases where that computer is part of a larger network of computers spread across multiple judicial districts. In the United States, federal warrants are issued by judges who serve one of the 94 federal judicial districts and are typically only valid for that particular jurisdiction.

The 402-page document entitled “Advisory Committee on Criminal Rules” is scheduled to be discussed at an upcoming Department of Justice (DOJ) meeting next month in New Orleans.

Federal agents have been known to use such tactics in past and ongoing cases: a Colorado federal magistrate judge approved sending malware to a suspect’s known e-mail address in 2012. But similar techniques have been rejected by other judges on Fourth Amendment grounds. If this rule revision were to be approved, it would standardize and expand federal agents’ ability to surveil a suspect and to exfiltrate data from a target computer regardless of where it is.
Peter Carr, a DOJ spokesperson, told Ars that he was “not aware of any figures” as to how many times such “remote access” by law enforcement has taken place.

Cracking Tor is hard!

Civil libertarians and legal experts are very concerned that this would unnecessarily expand government power.

“It is nuts,” Chris Soghoian, a technologist and senior policy analyst with the American Civil Liberties Union, told Ars.

“What’s most shocking is that they’re not going to Congress and asking for this authority. This is a pretty big shift. This is a dangerous direction for the government to go in, and if we’re going to go in that direction then we really need Congress to sign on the dotted line, and [the DOJ is] trying to sneak it through the back door.”

Carr told Ars that the change is needed to combat criminals who use “sophisticated anonymizing technologies,” like Tor.

“Our proposal would not authorize any searches or remote access not already authorized under current law,” he wrote by e-mail. “The proposal relates solely to venue for a warrant application.”