In a recent advancement made by the Department of Justice (DoJ), a new law proposed could make users of Tor and other anonymizing tools the main target for the Federal Bureau of Investigation (FBI).
A Department of Justice proposal to amend Rule 41 of the Federal Rules of Criminal Procedure would make it easier and legal for law enforcement agencies to break into the computers of people trying to protect their anonymity with privacy based tools.
The alteration of the search and seizure rules would allow the FBI to seize targets whose locations is “concealed through technological means.” Concealed through technological means is legal terminology for content hosted on the darknet or users of Tor, VPN’s or other anonymizing tools.
“Authority to Issue a Warrant. At the request of a federal law enforcement officer or an attorney for the government: (6) a magistrate judge with authority in any district where activities related to a crime may have occurred has authority to issue a warrant to use remote access to search electronic storage media and to seize or copy electronically stored information located within or outside that district if: (A) the district where the media or information is located has been concealed through technological means; or (B) in an investigation of a violation of 18 U.S.C. § 1030(a)(5), the media are protected computers that have been damaged without authorization and are located in five or more districts,” the proposed legal document reads.
The DoJ said in a statement that the amendment is not meant to give courts the power to issue warrants that authorize search and seizure in foreign countries.
However, the “practical reality of the underlying technology means doing so is almost unavoidable”, according to Ahmed Ghappou, a visiting professor at UC Hastings College of the Law. Ghappour outlines the potential consequence of the proposed legal power grab.
Ghappour argued that the proposal would result in the “broadest expansion of extraterritorial surveillance power since the FBI’s inception.”
When Ghappour was asked whether or not the FBI’s new extraterritorial surveillance would reach the hands of the NSA, he said that the issue may reach much further, and could affect the U.S. State Department and CIA.
In the proposed legal advancement quoted above, Ghappour notes section 6 is a form of FBI hacking and is commonly referred to as “Network Investigative Techniques.” The wording may give the FBI power to use virtual force on any machine or user of an anonymizing service. Ghappour stresses his concern over the FBI being allowed by law to hack into computers overseas. Many researchers question: Could this start a ‘cyber’ war?
“For instance, over 85% of computers directly connecting to the Tor network are located outside the United States. And since (according to the DOJ) each computer’s ‘unknown location’ is virtually indistinguishable from the next, any law enforcement target pursued under this provision of the amendment may be located overseas”, Ghappour said.
Ghappour said before amending Rule 41, there should be a “comprehensive deliberation.” Saying the FBI should only use Network Investigative Techniques in the least abusive way as possible if other less intrusive methods failed. Ghappour says the language should be changed “to narrow the class of potential targets, from targets whose location is ‘concealed through technological means’ to those whose location is not ‘reasonably ascertainable’ by less invasive means.” Ghappour also suggests:
The Rule should also limit the range of hacking capabilities it authorizes. “Remote access” should be limited to the use of constitutionally permissible methods of law enforcement trickery and deception that result in target-initiated access (e.g., requiring the target to click a link contained within a deceptive email in order to initiate delivery and installation of malware). “Search” capabilities should be limited to monitoring and duplication of data on the target (e.g., copying a hard drive or monitoring keystrokes).
The Rule should not authorize drive-by-downloads that infect every computer that associates with a particular webpage, the use of weaponized software exploits in order to establish “remote access” of a target computer, or deployment methods that risk indiscriminately infecting computer systems along the way to the target. Nor should the Rule authorize a “search” method that requires taking control of peripheral devices (such as a camera or microphone).
Government agencies are no stranger to targeting activists and journalists using Tor, leaked documents showed agencies wrongdoing in the past. Not only will this change allow the government to target users of Tor and anonymizing services, they will have the legal ability to do so across a global scale.