Senators Not Impressed By DOJ's Answers On Rule 41 Changes

from the answer-the-damn-question dept

The DOJ has finally responded to questions posed by several senators about its interpretation of the proposed Rule 41 changes, due to go into effect on December 1st. Arriving shortly before the deadline -- and during the Thanksgiving holiday Black Friday news rush -- the DOJ's letter [PDF] contains a few explanations of its jurisdiction limitation-stripping and roving botnet warrants.

Unfortunately, not much is clarified other than that the DOJ still feels its proposal is nothing more than Rule 41 64-bit -- an update of existing law more in line with today's connected reality. (The DOJ offers no insight on its reluctance to update other outdated laws like the CFAA…) It also appears to believe the Fourth Amendment impact of its "one warrant, thousands of searches" proposal will be minimal and that it will maintain the same level of respect it has shown for privacy protections (also minimal) under the updated rule.

Needless to say, Sen. Wyden and co. aren't impressed by the DOJ's response.

Wyden and Coons were among 11 senators and 12 House members who queried DOJ about the hacking powers expansion last month. The department’s reply, which arrived today, should be “a big blinking warning sign about whether the government can be trusted to carry out these hacks without harming the security and privacy of innocent Americans’ phones, computers and other devices,” Wyden wrote.

The DOJ is still dodging a few questions. One question in particular was completely unaddressed in the DOJ's response. Wyden and his co-signers asked what the DOJ was going to do to prevent forum shopping for compliant judges -- something that would become far more common with jurisdictional limits removed.

The letter does not recount any specific department policies or training that would prevent forum shopping. It does stress police will only be able to seek warrants in districts where activity related to a crime has occurred and that the revised rule uses the same language as existing out-of-district warrant authorities for terrorism cases.

The DOJ either can't answer this or won't answer this. In either case, the lack of response indicates the DOJ isn't interested in preventing law enforcement agencies (like the FBI) from shopping for judges. If there's nothing in place now, it's highly unlikely any guidance will be in place by December 1st. If there is something in place, it's apparently nothing more than a suggestion that law enforcement seek warrants in their own jurisdictions. If the DOJ was truly interested in shutting down forum shopping, it would have begun putting policies in place at any point over the last couple of years while it pursued this "update" of Rule 41.

The letter does say law enforcement agencies won't be able to peek at private files while mucking about the insides of citizens' computers to shut down botnets. But the letter (and the Constitution) both say a lot of things that are great in theory, but less so in practice. Fourth Amendment violations can only be cured by visits to courtrooms, but it's something that's prohibitively expensive and subject to a large number of "GET OUT OF VIOLATION" cards (good faith, plain view, close-but-no-suppression, etc.) issued by presiding judges.

The redux of the changes is still this: if anonymization efforts are made by anyone targeted in a criminal investigation, the FBI, etc. can go find the most compliant judge available to sign off on a single warrant that can be used to search thousands of computers worldwide. It can also do this under the pretext of fighting botnets, performing the same sort of limited search for identifying info, even when all the hundreds or thousands of targets are not suspected of any wrongdoing.

Pretty much the only thing standing between the DOJ's proposal and the December 1st implementation is Congressional members' decision to "opt in" to a shutdown fight -- something the DOJ is clearly hoping won't happen. Wyden's recently-introduced bill would push the adoption back until the middle of next year, but it still requires representatives to express some sort of opinion (yes/no) on rule changes that could easily coast into existence while everyone in Congress is distracted by upcoming holidays and annual budget battles.



Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: chris coons, doj, fbi, hacking, jurisdiction, malware, nit, ron wyden, rule 41


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 28 Nov 2016 @ 3:58am

    A few Questions

    The letter does say law enforcement agencies won't be able to peek at private files while mucking about the insides of citizens' computers to shut down botnets.

    How will they find the malware that hides inside various data files then? What do they define as private files? Will they apply the third party doctrine to files that are shared with other people, like emails?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Nov 2016 @ 5:22am

      Re: A few Questions

      The obvious reply to all your questions is that they'll lie.

      link to this | view in chronology ]

      • icon
        That One Guy (profile), 28 Nov 2016 @ 5:27am

        Re: Re: A few Questions

        Nonsense, government agencies don't lie, they provide 'least untruthful answers', which is totally different from lying because reasons.

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Nov 2016 @ 5:33am

    I realize this isn't the place for this, I'm not exactly sure what is. But since I got that PIA VPN service this site has been promoting, my damn comments are being held for moderation, or I get a gateway error. It really sucks to put serious thought in a post, edit it, and try to post it, only to have it never show up or error out.

    I feel like I need to put a quick snarky/test post first, just to see if it goes thru before I go thru all the effort.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Nov 2016 @ 5:34am

    I realize this isn't the place for this, I'm not exactly sure what is. But since I got that PIA VPN service this site has been promoting, my damn comments are being held for moderation, or I get a gateway error. It really sucks to put serious thought in a post, edit it, and try to post it, only to have it never show up or error out.

    I feel like I need to put a quick snarky/test post first, just to see if it goes thru before I go thru all the effort.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Nov 2016 @ 5:36am

      Re:

      Ok, THIS post was held for moderation. I turned the damn PIA service off, and it posted first try. If you guys don't want people using the PIA/VPN service, why the hell are you promoting/selling it on your web site?

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 28 Nov 2016 @ 6:06am

        Re: Re:

        !

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 28 Nov 2016 @ 6:06am

          Re: Re: Re:

          Ok. Workaround is to choose an out of country server. If you chose a U.S. server, you get held for moderation. Interesting...

          link to this | view in chronology ]

  • icon
    Groaker (profile), 28 Nov 2016 @ 6:12am

    Past behavior is a good predictor of future behavior. The DOJ, FBI, et al, will abuse this to the point where nothing is private. Almost all notebooks have cameras and microphones, as do many desktops. Your computer is the panopticon of the future, if not the present.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Nov 2016 @ 6:27am

      Re:

      "Past behavior is a good predictor of future behavior. The DOJ, FBI, et al, will abuse this to the point where nothing is private."

      They really need to be careful with that. I remember reading a couple of weeks ago on this site someone in the Gov. that was very pro data collection/hacking that now realizes the keys to the city are changing hands to a Republican key holder, and are now scared to death. Funny how that works...

      link to this | view in chronology ]

      • icon
        Groaker (profile), 28 Nov 2016 @ 7:29am

        Re: Re:

        You really need to shake the idea that this is a Democratic v Republican issue. The first massive data collection effort that I know of (outside of IRS and the census) was the 1987 sale of bundles of pen data to governments large and small by a leading communications company. That was as I recall a Republican administration.

        This data gathering is a characteristic of parties in power, not their brand.

        And no, I am neither D nor R, but rather a strict constructionist. The Constitution and the Amendments mean what they say they mean, not some asinine interpretation to fit some power hungry despots self serving twisted exegesis.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 28 Nov 2016 @ 7:45am

          Re: Re: Re:

          "You really need to shake the idea that this is a Democratic v Republican issue. "

          I think you misunderstood me. My point was that indeed it's not a "Democratic v Republican" issue.

          However, when one side or the other is making laws or rules, they should consider that their team may not always be in office and that the rules they are making now, could one day be used against them depending on how the political winds blow.

          link to this | view in chronology ]

          • identicon
            Anonymous Coward, 28 Nov 2016 @ 10:52am

            Re: Re: Re: Re:

            Yes; I took your comment to mean that recent governments have been the victims of "small thinking" where they ignore the larger context to make something "true" in a smaller context, so that they can "fix" it. When the context changes, so does their fix (but they aren't the ones in charge anymore).

            link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Nov 2016 @ 6:29am

    "one warrant, thousands of searches"

    Why stop with thousands? There are billions of people (or "suspects" as the DOJ calls them) in the world.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Nov 2016 @ 6:37am

      Re: "one warrant, thousands of searches"

      Why stop with the warrant?

      We already break every law we have on the books, whats a few more, on wait... they are already being broken ad nausea. I think the DoJ needs to hold a press meeting where they take the Constitution out of its protective case and wipe their fucking asses with it.

      No need for words, just drop trow, wipe, and walk away with a shit stained constitution laying on the ground behind the stage.

      They have already done it in spirit and there is barely any outrage among "The People".

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 29 Nov 2016 @ 7:14am

        Re: Re: "one warrant, thousands of searches"

        > They have already done it in spirit and there is barely any outrage among "The People".

        Anyone protesting would obviously need to be put on some watch list and "investigated" for a long time.

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Nov 2016 @ 7:24am

    it [DOJ] will maintain the same level of respect it has shown for privacy protections (also minimal) under the updated rule.

    This is probably true. When you don't respect something at all in the first place, maintaining that same level of lack of respect going forward is pretty easy.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Nov 2016 @ 9:06am

    Good, the sooner we get all of these shady lawyers behind bars the better.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Nov 2016 @ 10:25am

    Well, I doubt they are making changes to rule 34.

    link to this | view in chronology ]

  • identicon
    Rekrul, 28 Nov 2016 @ 8:50pm

    "Wyden's recently-introduced bill would push the adoption back until the middle of next year, but it still requires representatives to express some sort of opinion (yes/no) on rule changes that will easily coast into existence while everyone in Congress is distracted by upcoming holidays and annual budget battles."

    FTFY

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.