Broad Expansion of FBI’s Hacking Authority Begins Today
Lest we incorrectly assume that the United Kingdom stands alone in expanding surveillance power, today a controversial rule change granting the FBI much broader authority to remotely hack into computers comes on line.
Rule 41 of the Federal Rules of Criminal Procedure was updated earlier in the year, but didn't come into force until today, which gave Congress time to stop the rule change if it so wanted. This update to the rule allows federal law enforcement to seek permission to hack into large numbers of computers in any jurisdiction with a single judge's permission. Before today a judge could only authorize hacking into computers within his or her own district.
What's the big deal about this? Understand that this isn't just about hacking into computers of suspected criminals. It's about hacking into any computer that is connected to any sort of criminal investigation, and that potentially (and very likely) includes completely innocent parties who have had their own computers hacked and/or unwittingly installed malware to give a hacker access.
Tech companies and privacy activists have been critical of the broad scope of the rule change and are concerned about the potential consequences. From USA Today:
Opponents of the new rule, including Google and other big tech companies, say it would hurt crime victims twice by letting the government hack them after they've already been hit by criminal hackers. The government could potentially damage victims' computers and smartphones and destroy their data, critics say.
Federal agents must make "reasonable efforts" under the new rule to tell law-abiding Americans that their devices have been hacked by the government, but privacy advocates said that requirement is weak and victims may never be told about the intrusion.
"We can't give unlimited power for unlimited hacking — putting Americans' civil liberties at risk," [Sen. Steve] Daines said.
Daines and a small group of bipartisan legislators had been trying in Congress to delay the rule's implementation, but they failed.
So be warned. If you end up getting hacked somehow, the FBI may well be poking around inside your machine looking for the culprit without you even noticing.