Computer access in criminal probes is debated
Washington — The Justice Department is at odds with Google and privacy advocates over the government’s push to make it easier to locate and hack into computers in criminal investigations, a simmering conflict with constitutional and policy implications.
Federal prosecutors say better tools are needed to track down computer users who hide their locations while committing crimes on the Internet. But civil libertarians fear that the proposal, now under consideration by a federal advisory committee, would grant the government expansive new powers to reach into computers across the country.
The proposal would change existing rules of criminal procedure that, with limited exceptions, permit judges to approve warrants for property searches only in the districts where they serve. The government says those rules are outdated in an era when child pornographers, drug traffickers and others can mask their whereabouts on computer networks that offer anonymity. That technology can impede or thwart efforts to pinpoint a suspect’s geographic location.
The Justice Department wants the rules changed so that judges in a district where “activities related to a crime” have occurred could approve warrants to search computers, even those outside their districts. The government says that flexibility is needed for cases in which the government can’t figure out the location of a computer and needs a warrant to access it remotely, and for investigations involving botnets — networks of computers infected with a virus that spill across judicial districts.
There are 94 federal judicial districts in the country — at least one in every state, and as many as four in some.
“There is a substantial public interest in catching and prosecuting criminals who use anonymizing technologies, but locating them can be impossible for law enforcement absent the ability to conduct a remote search of the criminal’s computer,” Justice Department lawyers wrote in one memo.
The advisory committee considering the rule change is meeting this month.
The proposal has generated fierce pushback from privacy organizations, including the American Civil Liberties Union, which say the rule change could violate a constitutional requirement that search warrant applications be specific about the property to be searched. They also say the proposal is unclear about exactly what type of information could be accessed by the government, and fails to guarantee the privacy of non-suspects who might have had access to the same computer as the target, or of innocent people who may themselves be victims of a botnet.
“What procedural protections are going to be in place when you do these types of searches? How are they going to be limited?” asked Alan Butler, senior counsel at the Electronic Privacy Information Center.
Among the critics is Google, which says the proposal “raises a number of monumental and highly complex constitutional, legal and geopolitical concerns that should be left for Congress to decide.”
Privacy advocates are also concerned that the proposal would lead to more frequent use by the FBI of surveillance technology that can be installed remotely on a computer to help pinpoint its location. Such tactics caught public attention last year when FBI Director James Comey acknowledged that in 2007 an agent posing as an Associated Press reporter had sent to a bomb-threat suspect a link to an article that, once opened, revealed to investigators the computer’s location and Internet address.
“To the extent that the government has been prevented from doing lots of these kinds of searches because they didn’t necessarily have a judge to go to, this rule change raises the risk that the government will start using these dubious techniques with more frequency,” said Nathan Freed Wessler, an ACLU lawyer specializing in privacy and technology.
The Justice Department says the proposal simply makes sure that investigators have a judge to go to for a warrant in cases where they can’t find a computer, and that the proposal would not provide the government with new technological authorities that it doesn’t already have.
The scope of the problem is uncertain. Justice Department lawyers acknowledge that in past cases they have successfully argued for search warrants that extend outside a judge’s district.
But in one case from 2013, a magistrate judge in Texas rejected a request to search a computer that the government said was being used to commit bank fraud but whose location was unknown. Prosecutors sought authority to install software on the machine that would have extracted records and location information. The judge, Stephen Smith, said he lacked the authority to approve the search for a computer “whose location could be anywhere on the planet” but said “there may well be a good reason to update the territorial limits of that rule in light of advancing computer search technology.”
The proposal is before a criminal procedure advisory committee of the Judicial Conference of the United States — a panel made up of judges and lawyers — that meets twice a year, including this month. If approved, it will then be forwarded to the Supreme Court and ultimately to Congress, which does not have to approve it but can block it. It would take effect in December 2016.