Privacy Groups say FBI Hacking went too Far!

Uploaded on 2017-02-21 in FREE TO VIEW, GOVERNMENT-Law Enforcement, TECHNOLOGY--Hackers

Privacy advocates are claiming in court that an FBI hacking operation to take down a child pornography site was unconstitutional and violated international law.

That’s because the operation involved the FBI hacking 8,700 computers in 120 countries, based on a single warrant, they said.

“How will other countries react to the FBI hacking in their jurisdictions without prior consent?” wrote Scarlet Kim, a legal officer with UK-based Privacy International.

Recently, that group, along with the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union of Massachusetts, filed briefs in a lawsuit involving the FBI’s hacking operation against Playpen.

The child pornography site was accessible through Tor, a browser designed for anonymous web surfing. But in 2014, the FBI managed to take it over.

In a controversial move, the agency then decided to use the site to essentially infect visitors with malware as a way to track them down.

As a result, the FBI is prosecuting hundreds who were found visiting the site, but it also happened to hack into computers from 120 countries.

Recently, the three privacy groups filed briefs in a case involving Alex Levin, a suspect in the FBI’s Playpen investigation who’s appealing the way the agency used malware to gather evidence against him.

Privacy International claims that the warrant the FBI used to conduct the hacking is invalid. This is because the US was overstepping its bounds by conducting an investigation outside its borders without the consent of affected countries, the group said.

According to Privacy International, the case also raises important questions: What if a foreign country had carried out a similar hacking operation that affected US citizens? Would the US welcome this?

The EFF and ACLU also claim that the FBI’s warrant was invalid, but they cite the US Constitution, which protects citizens from unreasonable searches.

“Here, on the basis of a single warrant, the FBI searched 8,000 computers located all over the world,” EFF attorney Mark Rumold wrote in a blog post. “If the FBI tried to get a single warrant to search 8,000 houses, such a request would unquestionably be denied.”

A key concern is that a warrant to hack into so many computers will set a precedent. “Even serious crimes can’t justify throwing out our basic constitutional principles,” Rumold said.

US attorneys have argued in court that the FBI followed proper procedures in obtaining its warrant from a federal judge. They said the FBI’s hacking techniques managed to identify hundreds of Playpen users who otherwise were cloaked in anonymity.

Allowing the Playpen suspects “to evade capture and carry on abusing children in the dark shadows of Tor would be repugnant to justice,” the US attorneys argued in court in October.

Computerworld:

 

« Handbook Of Russian Information Warfare
Law to Imprison Journalists for Publishing Leaks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Paraben

Paraben

Paraben provides digital forensics solutions for mobile devices, smartphones, email, hard drives, and gaming system.

International Association of Professional Security Consultants (IAPSC)

International Association of Professional Security Consultants (IAPSC)

Members of the IAPSC represent a unique group of respected, ethical and competent security consultants.

Northbridge Insurance

Northbridge Insurance

Northbridge is a leading Canadian business insurance provider. Services offered include Cyber Risk insurance.

Ubisecure

Ubisecure

Ubisecure provide Identity & Access Management solutions.

Norwegian Center for Information Security (NorSIS)

Norwegian Center for Information Security (NorSIS)

NorSIS) is an independent organization that works to increase knowledge and understanding of information security for businesses and individuals.

NopSec

NopSec

NopSec provides automated IT security control measurement and risk remediation solutions to help businesses protect their IT environments from security breaches.

Tevora

Tevora

Tevora is a specialized management consultancy focused on cyber security, risk, and compliance services.

Securepoint

Securepoint

Securepoint is the market leader in the development of professional “Unified Threat Management” solutions in Germany.

SkillCube

SkillCube

SkillCube is one of the pioneers in India focusing on Cyber Security Skill Development Solutions.

CONCORDIA

CONCORDIA

Concordia is a Cybersecurity Competence Network with leading research, technology, and competences to build the European Secure, Resilient and Trusted Ecosystem.

Lexsynergy

Lexsynergy

Lexsynergy is a global domain name management and online brand protection company.

GreyNoise Intelligence

GreyNoise Intelligence

GreyNoise Intelligence is a cyber security company that collects, labels, and analyzes Internet-wide scan and attack data.

CampusGuard

CampusGuard

CampusGuard focuses on the cybersecurity and compliance needs of campus-based organizations including higher education, healthcare, and state and local government.

Nova Microsystems

Nova Microsystems

Nova's mission is to revolutionize cybersecurity through continuous data analysis and dynamic AI-driven encryption.

RELIANOID

RELIANOID

RELIANOID is an application delivery controller and load balancing system that ensures high performance and security of IT services on a massive scale.

Aprio

Aprio

Aprio is a premier business advisory and accounting firm. We deliver advisory, tax, managed, and private client services to build value, drive growth, manage risk, and protect wealth.