U.S. lawmakers have introduced legislation to delay the coming into force on Dec. 1 of a rule change that aims to expand the government's ability to search computers and other digital devices across many jurisdictions with a single warrant.
The new Review the Rule Act aims to delay for discussion proposed amendments to rule 41 of the Federal Rules of Criminal Procedure until July 1 next year. The changes to the rule have already been approved by the Supreme Court in April, and if Congress doesn’t act to the contrary, they will go into effect on Dec. 1.
The modified rule would remove the current prohibition with some exceptions on a federal judge issuing a search warrant outside of the judge’s district, so as to enable the remote search by law enforcement of computers whose locations are concealed using technology such as anonymizing techniques. The changes in rule 41 were proposed by the Advisory Committee on the Rules of Criminal Procedure at the request of the Department of Justice.
The rule changes have been opposed by lawmakers, industry and civil rights groups who are concerned about their implications on privacy and surveillance.
“Remote searches of media or information that have been ‘concealed through technological means’ may take place anywhere in the world,” said Google in a filing to the committee in February last year.
Under the modified rule, a judge may issue a warrant to remotely search, copy, and seize information from a device that does not have a known location, and may not even be in the district, because the location has been concealed through technological means, according to the lawmakers who introduced the legislation. They are also concerned about a provision that allows a single judge to issue a warrant to remotely search and copy information from suspected devices across five or more districts.
“A single prosecutor should not have the power to hack into the phone or computer of virtually anyone in the United States,” said Senator Mike Lee, a Republican from Utah and a member of the Senate Judiciary Committee.
Others backing the bill are Senators Chris Coons, a Democrat from Delaware; Steve Daines, a Republican from Montana; Ron Wyden, a Democrat from Oregon, and Al Franken, a Democrat from Minnesota. The bill is also supported by Representatives John Conyers, Jr., a Democrat from Michigan and Ted Poe, a Republican from Texas. Wyden and four others had introduced in May legislation for preventing the changes from coming into effect but that went on the back burner in the election year.
The expanded surveillance authority to allow the U.S. to hack multiple computers in unknown locations, including overseas, with a single warrant has far-reaching consequences for U.S. citizens and people around the world, warned Ed Black, president and CEO of the Computer & Communications Industry Association in a statement Thursday. “This policy impacts the relationship between citizens and our government and between the U.S. and allies,” he added.
The change is scheduled to come into force a little before a new president takes over in the U.S. in January, and will take over the vast surveillance apparatus the country already runs.
A delay in the proposed changes to rule 41 is required to ensure that the newly elected Congress and administration can carefully evaluate the amendment before it goes into effect to ensure that it is constitutional and in the best interests of the American people, said Rep. Poe.
The DOJ holds that “the amendments would not authorize the government to undertake any search or seizure or use any remote search technique, whether inside or outside the United States, that is not already permitted under current law.”
“This change would not permit indiscriminate surveillance of thousands of victim computers—that is against the law now and it would continue to be prohibited if the amendment goes into effect,” wrote Assistant Attorney General Leslie R. Caldwell of the Criminal Division in June in a blog post.
The amendments would make a difference in cases where a suspect has hidden the location of his computer using technological means, so that now the investigator would know which judge to approach for a warrant and go discover the computer's location, Caldwell wrote. When a crime has affected computers in multiple judicial districts, the amendment removes the requirement to submit separate warrant applications in each district where a computer is affected, he added.
That blog post and other statements by the DOJ have not satisfied lawmakers, who wrote in October to Attorney General Loretta Lynch asking for information, among other things, on how the government intends to “prevent forum shopping” by prosecutors seeking court approval to hack into Americans' devices, and how the government plans to prevent “collateral damage” to innocent Americans' devices and electronic data during remote searches of devices such as smartphones or medical devices.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.