FBI Plans to Expand its Hacking Powers

Uploaded on 2015-03-24 in FREE TO VIEW, GOVERNMENT-Law Enforcement, INTELLIGENCE--USA, NEWS-Cybersecurity News

A US judicial advisory panel has quietly approved a rule change that will broaden the FBI’s hacking authority despite fears raised by Google that the amended language represents a “monumental” constitutional concern.
The Judicial Conference Advisory Committee on Criminal Rules voted 11-1 to modify an arcane federal rule to allow judges more flexibility in how they approve search warrants for electronic data, according to a Justice Department spokesman.
Known as Rule 41, the existing provision generally allows judges to approve search warrants only for material within the geographic bounds of their judicial district. But the rule change, as requested by the department, would allow judges to grant warrants for remote searches of computers located outside their district or when the location is unknown.

The government has defended the maneuver as a necessary update of protocol intended to modernize criminal procedure to address the increasingly complex digital realities of the 21st century. The FBI wants the expanded authority, which would allow it to more easily infiltrate computer networks to install malicious tracking software. This way, investigators can better monitor suspected criminals who use technology to conceal their identity.

But the plan has been widely opposed by privacy advocates, such as the American Civil Liberties Union, as well as some technologists, who say it amounts to a substantial rewriting of the rule and not just a procedural tweak. Such a change could threaten the Fourth Amendment’s protections against unreasonable search and seizures, they warn, and possibly allow the FBI to violate the sovereignty of foreign nations. The rule change also could let the agency simultaneously target millions of computers at once, even potentially those belonging to users who aren’t suspected of any wrongdoing.
Google weighed in last month with public comments that warned that the tweak “raises a number of monumental and highly complex constitutional, legal and geopolitical concerns that should be left to Congress to decide.”

In an unusual move, Justice Department lawyers rebutted Google’s concerns, saying the search giant was misreading the proposal and that it would not result in any search or seizures not “already permitted under current law.”

The judicial advisory committee’s vote is only the first of several stamps of approval required within the federal judicial branch before the rule change can formally take place—a process that will likely take over a year. The proposal is now subject to review by the Standing Committee on Rules of Practice and Procedure, which normally can approve amendments at its June meeting. The Judicial Conference is next in line to approve the rule, a move that would likely occur in September.
The Supreme Court would have until May 1, 2016 to review and accept the amendment, which Congress would then have seven months to reject, modify or defer. Absent any congressional action, the rule would take place on Dec. 1, 2016.
Privacy groups vowed to continue fighting the rule change as it winds its way through the additional layers of review.
“Although presented as a minor procedural update, the proposal threatens to expand the government’s ability to use malware and so-called ‘zero-day exploits’ without imposing necessary protections,” said ACLU attorney Nathan Freed Wessler in a statement. “The current proposal fails to strike the right balance between safeguarding privacy and Internet security and allowing the government to investigate crimes.”
Drew Mitnick, policy counsel with digital rights group Access, said the policy “should only be considered through an open and accountable legislative process.”
Defenseone http://ow.ly/KINhX

« Self-driving Cars May Lead to Human Driver Ban
US Loses Contact with Drone Aircraft in Syria »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

AVR International

AVR International

AVR educate, advise, analyse and provide professional, technical consultancy and support to ensure your business is safe, compliant and protected.

NopSec

NopSec

NopSec provides automated IT security control measurement and risk remediation solutions to help businesses protect their IT environments from security breaches.

Neowave

Neowave

Neowave designs, manufactures and markets strong authentication solutions based on smart card components and digital certificates.

Center for Long-Term Cybersecurity (CLTC)

Center for Long-Term Cybersecurity (CLTC)

The Center for Long-Term Cybersecurity is developing and shaping cybersecurity research and practice based on a long-term vision of the internet and its future.

Innova

Innova

Innova is Turkey's leading IT solutions company, providing platform independent solutions to organizations in telecommunication, finance, production, public and service sectors.

Qmulos

Qmulos

Qmulos’ real-time continuous monitoring risk management suite, Q-Compliance, provides a massively flexible and scalable solution to optimizing operational security.

FireCompass

FireCompass

FireCompass SAAS platform helps CISOs & Security Teams in continuous risk assessment by mapping your attack surface and knowing the “unknown unknowns”.

Enea

Enea

Enea is one of the world’s leading specialists in software for telecommunications and cybersecurity. Our products are used to enable services for mobile subscribers, enterprise customers and IoT.

Xperience

Xperience

Xperience solves our clients’ toughest challenges by delivering business efficiency through digital transformation solutions across cloud, managed IT, CRM and ERP.

UncommonX

UncommonX

UncommonX offers enterprise-class cybersecurity protection for mid-size organizations by combining adaptive threat and intelligence software with 24/7 industry experts.

Lucata

Lucata

Lucata solutions support groundbreaking graph analytics and improved machine learning for organizations in financial services, cybersecurity, healthcare, pharmaceuticals, telecommunications and more.

link22

link22

link22 offers a high level of expertise within IT security and system solutions. We help public and private actors with highly secure IT-solutions.

Verica

Verica

Verica uses chaos engineering to make systems more secure and less vulnerable to costly incidents.

Drumz

Drumz

Drumz plc is an investment company whose investing policy is to invest principally but not exclusively in the technology sector within Europe.

Acclaim Technical Services (ATS)

Acclaim Technical Services (ATS)

ATS provide operational products, services and solutions to the defense and intelligence communities for all types of critical mission needs.

Backblaze

Backblaze

The Backblaze Storage Cloud provides a foundation for businesses, developers, IT professionals, and individuals to build applications, host content, manage media, back up and archive data, and more.