The amendment to the Federal Rule of Criminal Procedure 41 (Rule 41) would expand jurisdiction for judges to issue warrants to investigate technologically concealed locations. It was first proposed to the Advisory Committee on Criminal Rules (ACCR) in September 2014. Since then, there has been a public consultation which resulted in Google strongly urging the ACCR to consider the residual effects this may have globally.
Google stressed that the amendment to Rule 41 is an extensive increase in government power and should be handled by Congress on a larger scale.
Google explained that currently under Rule 41, “federal prosecutors must generally seek a warrant in the judicial district to search for and seize a person or property located within the district. This territorial limitation is subject to limited exceptions”.
Whereas, the requested amendment generalizes broad situations in which warrants could be issued to locations outside their district given that it was purposely concealed, or where technology has been damaged and also located in more than five districts in violation of the Computer Fraud and Abuse Act (CFAA).
“Remote searches of media or information that have been ‘concealed through technological means’ may take place anywhere in the world. This concern is not theoretical”.
According to Google, the US has been fairly successful at maintaining proper arrangements with other countries when conducting investigations, pointing out Mutual Legal Assistance Treaties (MLATs).
“Google and many other service providers, have long encouraged and supported the efforts of the Administration and Congress to improve these processes, but the proposed amendment undermines those efforts”.
Another point made by Google was the violation of the Rules Enabling Act, as well as alteration of US constitutional rights. The Rules Enabling Act allowed for adaptation of practical, procedural an evidentiary rules, as long as the updates did not interfere with any substantive right.
Contrary to government claims, Google suggested, “it invariably expands the scope of law enforcement searches, weakens the Fourth Amendment‘s particularity and notice requirements, opens the door to potentially unreasonable searches and seizures, and expands the practice of covert entry warrants”.
The specifications of what may be searched and how it may be obtained are not clear in the amendment. Remote access is mentioned in the means of searching, seizing or copying digitally stored data, however, this term can be interpreted in many ways. Google declared that remote access could be used to expose a target device’s IP address through the installation of software used to report pertinent information back to law enforcement. Another example of a remote access investigation technique is redirecting user information that is entered into specific websites of interest so that law enforcement can collect data from a target. Google mentioned the large potential for innocent parties’ information to be taken through an investigative technique such as this, as well as the increased exposure to possible malware. The proposed amendment also puts those who use Virtual Private Networks (VPNs) at higher risk to be searched because it would seem that their intentional use of encryption meant they were concealing their location.
The broad statement of damage to a computer in violation of the CFAA would encompass millions of American computers alone. Google reported that in order for the government to search more than five districts at a time, the use of botnets would be needed. These botnet searches, by default, would infiltrate the computers of law abiding Americans by the definition of their damaged computer. Google explained that around thirty percent of American computers contain malware and would be considered damaged. The searches seem to have no restrictions with the broad language that was used.
What is Google’s overall warning about Rule 41?
This amendment is bigger than the ACCR and could potentially become bigger than Congress. Google is the only major tech company that has spoke out against the private data search expansion. The proposed amendment should be rejected by the ACCR with the understanding that “the proposed amendment substantively expands the government’s current authority under Rule 41 and raises a number of monumental and highly complex constitutional, legal, and geopolitical concerns that should be left to Congress to decide”.
About the Author Kerri Heitner:
Kerri Heitner is a recent graduate of Utica College in New York where she completed her Master of Science (M.S.) in Cybersecurity this past December. To learn more about Kerri and her research in cybersecurity, please visit www.linkedin.com/in/kerrianneheitner.
Edited Pierluigi Paganini
(Security Affairs – Rule 41, FBI)