Slashdot Mirror

← Back to Stories (view on slashdot.org)

Computers and Warrants: Some Senators Oppose Justice Plan (go.com)

Posted by msmash on from the throttling-FBI's-hacking-authority dept.

A group of bipartisan senators introduced a bill on Thursday that blocks a pending judicial rule change allowing U.S judges to issue search warrants for remote access to computers in any jurisdiction, even overseas. Associated Press reports: Justice Department officials say that requirement is not practical in complex computer crime cases where investigators don't know the physical location of the device they want to search. In instances when cybercriminals operate on networks that conceal their identity and location, the government wants to ensure that any magistrate in a judicial district where a crime may have occurred can sign off on a search warrant that gives investigators remote access to the computer. The Obama administration says that authority is especially critical in cases involving botnets, which are networks of computers infected with a virus that spill across those districts. As it now stands, federal officials say, they might have to apply for nearly identical warrants in 94 different courthouses to disrupt a botnet.The U.S. Justice Department has pushed for the rule change since 2013. It has assumed it as a "procedural tweak" needed to modernize the criminal code to pursue sophisticated 21st century criminals, reports Reuters. Congress has until Dec 1 to vote to reject, amend or postpone the changes to Rule 41 of the federal rules of criminal procedure. If lawmakers fail to act, the change will automatically take effect, a scenario seen as likely given the short timeline. ZDNet has more details.

28 of 47 comments (clear)

  1. Where is the server, exactly? by myowntrueself · · Score: 4, Funny

    What are they going to do to figure out the jurisdiction anyway? Use Maxmind Geoip? Thats hopelessly unreliable! How else are they supposed to do this?

    Hey, I know! Lets set up a special UN taskforce!

    We can call it UNIT; United Nations Internet Taskforce! Need some kind of doctor and brigadier though.

    --
    In the free world the media isn't government run; the government is media run.
    1. Re:Where is the server, exactly? by sjames · · Score: 4, Insightful

      There are already judges that can give them the warrants they need. The only rational purpose of the rule change is to let them ask less experienced judges when they want to slip something past them.

    2. Re:Where is the server, exactly? by BlueStrat · · Score: 5, Insightful

      There are already judges that can give them the warrants they need. The only rational purpose of the rule change is to let them ask less experienced judges when they want to slip something past them.

      This.

      This makes judge-shopping so much easier! No more pesky jurisdictional issues! Simply pick the judge most in-line ideologically/politically with your prosecutorial/investigative agenda and goals, and bam! A done deal!

      If allowed to stand this rule would permit some wack-job ideologue/extremist judge in some backwater hick jurisdiction to issue warrants to search computers anywhere including in Washington D.C., Alexandria VA, Hollywood CA...or Hong Kong.

      If they allow this I say find a backwater-jurisdiction judge who leans hard libertarian and have him issue a warrant to search computers of those in Congress, the SCOTUS, and the DoJ/Executive branches in Washington, D.C. on suspicion of RICO/racketeering/criminal corruption violations.

      Strat

      --
      Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
    3. Re:Where is the server, exactly? by GLMDesigns · · Score: 1

      A judge "who leans hard libertarian" wouldn't want to search Congress or Executive Branch employees without a warrant either. That's what makes him a "hard libertarian."

      And there are plenty of "wack-job ideologue/extremist judges" in SF and NYC. You needn't go to "some backwater hick jurisdiction" to find them.

      --
      If you're scared of your govt then you need to further restrict its powers
      Vote 3rd Party in 2016 and beyond
    4. Re:Where is the server, exactly? by BlueStrat · · Score: 2

      The magistrate that can issue the warrant is the one in the district that the crime occurred in, aka the victim's district.

      The Feds have been known to choose where to deem a computer/internet crime occurred to favor jurisdictions where they feel they have the best chance of a favorable outcome. This just turns it around so that they don't have to care where the crime occurred, any magistrate of their choosing can issue a warrant. It's a huge judicial/executive power-grab.

      Strat

      --
      Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
    5. Re:Where is the server, exactly? by MobyDisk · · Score: 1

      IANAL, but I thought you cannot simply file a case in any jurisdiction you want. You can only file it in a jurisdiction where the court has an interest. A New York company wanting to go after a hacker in Thailand can't go to a court in Virginia can they?

    6. Re:Where is the server, exactly? by nbauman · · Score: 2

      The Feds have been known to choose where to deem a computer/internet crime occurred to favor jurisdictions where they feel they have the best chance of a favorable outcome.

      You mean forum shopping.

      Like prosecuting a California web site in Tennessee or Florida on pornography charges. http://www.pcworld.com/article...

  2. Wait. Who does what where? by fahrbot-bot · · Score: 1

    ... the government wants to ensure that any magistrate in a judicial district where a crime may have occurred can sign off on a search warrant that gives investigators remote access to the computer.

    And if the remote computer is located somewhere that local magistrate doesn't have any jurisdiction?

    --
    It must have been something you assimilated. . . .
    1. Re:Wait. Who does what where? by pr0fessor · · Score: 1

      Here is the short and skivvy if we are to believe the general numbers found by a Google search there are about 15 million reports of identity theft a year at a cost of over $50 billion in the US many of which are computer related crimes and a lot of social engineering. What do you purpose we do about it? Better security sure but if there is no way to locate or stop them they will just keep trying until they beat that too.

    2. Re:Wait. Who does what where? by EvilSS · · Score: 3, Informative

      ... the government wants to ensure that any magistrate in a judicial district where a crime may have occurred can sign off on a search warrant that gives investigators remote access to the computer.

      And if the remote computer is located somewhere that local magistrate doesn't have any jurisdiction?

      That's the whole point of the rule change. It would allow them to go to one magistrate and get the required warrant in situations where either they would need warrants from dozens of magistrates due to multiple locations (bot net example) or if they simply can't geolocate the computer they need to get into. It makes sense, on the surface at least. However this is law enforcement so you know there is some way they can use this to completely screw over the people.

      --
      I browse on +1 so AC's need not respond, I won't see it.
    3. Re:Wait. Who does what where? by mysidia · · Score: 1

      due to multiple locations (bot net example) or if they simply can't geolocate the computer they need to get into.

      Should you be subject to total loss of personal privacy and having your digital life turned upside-down by the gov't due to a search warrant of your machines, just because a computer on your LAN (Possibly a visiting friend's computer) happened to be compromised and joined in a Botnet? I don't think so. These foreign judges are not part of our local representative government

      They should pursue means of willing cooperation that provide limited information, but just enough information for the necessary part of their job (To attempt to find the source of the botnet).

      The notion of having a capability for judges to write search warrants against people in outside jurisdictions, where the judge is not accountable to the local populous is very dangerous and anti-democratic as well....

    4. Re:Wait. Who does what where? by sjames · · Score: 1

      They can already go to a district court judge for that. The downside for them is that district judges tend to be more experienced and harder to slip things past.

    5. Re:Wait. Who does what where? by EvilSS · · Score: 1

      due to multiple locations (bot net example) or if they simply can't geolocate the computer they need to get into.

      Should you be subject to total loss of personal privacy and having your digital life turned upside-down by the gov't due to a search warrant of your machines, just because a computer on your LAN (Possibly a visiting friend's computer) happened to be compromised and joined in a Botnet?

      Why are you asking me? I'm just responding to the OP on WHY they wanted the change. My name is EvilSS not Obama

      The notion of having a capability for judges to write search warrants against people in outside jurisdictions, where the judge is not accountable to the local populous is very dangerous and anti-democratic as well....

      Since when are federal judges accountable to the local populous of their districts? They are appointed at the federal level, not elected.

      --
      I browse on +1 so AC's need not respond, I won't see it.
  3. Full list of senators? by XxtraLarGe · · Score: 1

    A group of bipartisan senators introduced a bill on Thursday that blocks a pending judicial rule change allowing U.S judges to issue search warrants for remote access to computers in any jurisdiction, even overseas.

    I saw Rand Paul on their, but certainly this is something Bernie Sanders would support as well, right? Does anyone have a link for the full list?

    --
    Taking guns away from the 99% gives the 1% 100% of the power.
    1. Re:Full list of senators? by Anonymous Coward · · Score: 1

      There's more information at Wyden's press release.

      In addition to Senators Ron Wyden, D-Ore., and Rand Paul, R-Ky., the original cosponsors are Sens. Tammy Baldwin, D-Wis., Steve Daines, R-Mont., and Jon Tester, D-Mont. I would hope Bernie Sanders would support the bill but I don't personally know how much one can read into him not being an original cosponsor.

      The above press release includes a link to a readable (warning, PDF) 1-page summary. The last sentence lists other supporters/commenters of the bill:

      For more information, see comments by ACLU, Google, EFF/Access, OTI, CDT, NACDL, the security researchers Bellovin, Blaze, and Landau, and the Agenda Books from the U.S. Courts.

  4. Re:Doubt it applies anywhere in the world by MobyDisk · · Score: 2

    The physical issue you bring up doesn't really prevent them from *issuing* a search warrant. But it does inhibit their ability to *execute* the warrant. Executing it might require working with another government, or remotely hacking a server, or something like that. Do warrants state *how* they will be executed? Ex: If they get a warrant to search a computer, does the warrant state that they can or cannot hack it -vs- that they can sieze it -vs- they can copy the HD contents?

  5. Really? by ledow · · Score: 1

    But yet a Chinese IP "attacking" their systems is grounds enough to start a war with China.

    Strange world you Americans live in.

    1. Re:Really? by 110010001000 · · Score: 1

      Government agencies are getting hacked from Chinese IP's every day, but no war so far. Strange world YOU live in.

    2. Re:Really? by ledow · · Score: 1

      http://www.wsj.com/articles/SB...

  6. And thus Global Hacking War 1 starts by Anonymous Coward · · Score: 1

    Here in the Netherlands, and probably everywhere else as well, we have the exact same discussion. Law enforcement wants the capability to remotely hack into computers, even when the jurisdiction is unclear and the remote computer my be abroad.

    This could in theory end up in a Global Hacking War where law enforcement of countries will hack law enforcement of other countries because they hacked into systems in the first countries jurisdiction which the first country considers to be illegal. repeat ad infinitum.

    This is unlikely to happen between Europe and the US, they will most likely come to some kind of agreement that will, as usual, be detrimental for their mutual citizens but benefits both states.
    Between other states it will just serve to be more verbal ammunition to accuse each other of wrongdoings by accusing the other of 'hacking' and claiming the moral high ground for oneself, which then escalates.. In other words, business as usual.

  7. Re:Doubt it applies anywhere in the world by olsmeister · · Score: 1

    What's to stop someone from setting up a bogus server, planting a lot of fake 'evidence' on it, and allowing the government to hack into it and discover whatever they want them to discover?

  8. Cyberattack as provocation for war. by SeattleLawGuy · · Score: 3, Informative

    But yet a Chinese IP "attacking" their systems is grounds enough to start a war with China.

    Strange world you Americans live in.

    It depends what they're doing with the "attacks." A cyberattack that kills people can obviously be grounds for war.

    Nobody is saying a cyberattack is enough to provoke a nuclear response. But if you don't want to get hit and the world has no policemen, you learn to defend yourself and you learn to hit back, until you both realize that it's more productive not to fight.

    Your response doesn't need to be the same kind of hit the other person used--it just has to hurt them enough to show them it is unprofitable to continue. (But not so much that they must retaliate because of public demand).

    --
    Real lawyers write in C++
  9. Better Solution by maz2331 · · Score: 4, Insightful

    Perhaps a better idea is to create a new court that can issue warrants in a "cyber jurisdiction" - ie an IP address or address space. That court can be highly specialized and have expertise in issuing such warrants, and have no jurisdiction over any physical area. Once the results of any searches authorized under the "cyber warrant" are resolved to a physical location, then new warrants can be obtained from the traditional courts for those jurisdictions.

    1. Re:Better Solution by david_bonn · · Score: 2

      I suggested a similar idea to that in a face-to-face meeting with a United States Senator in May of 2000 after the MafiaBoy DDOS attacks. He thought that sounded like a great idea.

      You'll notice that nothing has been done on that front.

  10. Group of bipartisan senators by edittard · · Score: 1

    Surely it's a bipartisan group of senators. I find it hard to believe that anyone bipartisan could get selected by one party, let alone both.

    --
    At the bottom of the /. main page it says 'Yesterday's News'. Well they got that right.
  11. A cyberattack that kills people can obviously be by whathappenedtomonday · · Score: 1

    grounds for war? You, Sir, have obviously been throughly brainwashed. Either that, or you have no idea what you are talking about.

    --
    I hope I didn't brain my damage.
  12. Re: A cyberattack that kills people can obviously by Coren22 · · Score: 1

    If a Chinese, state sponsored, cyberattack were to cause a nuclear missile (somehow...) to launch and take out DC, would you consider that good enough to start a war? If not, why not?

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  13. Re: A cyberattack that kills people can obviously by whathappenedtomonday · · Score: 1

    Due to the nature of IP packets they are inherently unsuitable as a casus belli. This is common sense and whoever says otherwise wants to make sure to be able to construct grounds for war whenever necessary. If your scenario originated in Russia and the Russians made it look like the attack came from China, or from Norway, New Guinea or the Philippines, who'd you attack? Besides, where's the "I am part of a state sponsored cyberattack" flag inside the packet and why would I as an attacker set it? You've been lied to about Iraq's WMD, so why wouldn't they lie to you about the origin of TCP packets (the source of which can be spoofed)? Etc. etc. If you think of it, the whole "a cyberattack that kills people can obviously be grounds for war" nonsense is just that -- nonsense. Don't let them brainwash you into believing it's not.

    --
    I hope I didn't brain my damage.