In 2016, major changes were made to the Federal Rule Of Criminal Procedure 41. Changes that were considered controversial at best. Privacy advocates, legal scholars, and tech leaders in the end failed in their fight to block this rule change. After 4 years, we revisit this issue in case you missed the debate. Recent case law has also revealed where judges fall on the dubious changes in light of new appeals.
So what was the change
The change came in the mist of law enforcement having issues in obtaining warrants for suspected criminals operating under the cloak of anonymity through such technologies as the Tor Network, or virtual private networks. Situations where the suspect’s IP address is masked. Ordinarily, federal judges can only approve warrants upon these individuals if they are operating within that judge’s district. During the course of an investigation, law enforcement is aware of a crime being committed but may not know the suspect’s identity or exact location they wish to serve warrants upon. Before this rule change, investigators would have to provide blanket warrant requests to all federal districts to cover jurisdictions the crime may have taken place in. This was aimed as a way to streamline the process. Along with the rule change follows some rather interesting caveats.
According to the modified Rule 41(b)(6)(a):
“At the request of a federal law enforcement officer or an attorney for the government: a magistrate judge with the authority in any district where activities related to a crime may have occurred has authority to issue a warrant to use remote access to search electronic storage media and to seize or copy electronically stored information located within or outside that district if : the district where media or information is located has been concealed through technological means;
State sanctioned hacking
This means an expanded authority of law enforcement to not only the typical seizing of property at a location the warrant was approved for but allows for investigators to remotely access computers in the US and the world at large. They may remotely access the device that is used by the suspected criminal and even innocent victims where their device may have been compromised by a botnet. As most devices are not freely accessible to remote access, it means that federal investigators have to resort to what would otherwise be considered computer crimes under the Computer Fraud and Abuse Act (CFAA) through what they call a “network investigative technique”.
Network Investigative Technique
A network investigative technique or NIT, is just a glorified term for a type of malware or form of hacking that has been used by the FBI as early as 2002. Federal authorities have kept a tight lip on how they are created, who creates them or how they work. In as much so, they have even dropped cases to keep these techniques secret. But there is speculation they either create them themselves, through hiring companies such as Hacking Team, or forcing academia such as in the case of Carnegie Mellon University where the university was asked to offer up research on how to compromise the Tor network.
How have federal judges come down on this?
As of August 2019, the United States District Court for the Northern District of Alabama has been the 11th court of appeals to reach a decision on if these remote-access computer searches violates the Fourth Amendment. In all these cases judges have albeit through different analysis, come to the same conclusion. That evidence uncovered through a “NIT Warrant” need not be suppressed due to a good-faith exception to an exclusionary rule; which bars admission of evidence in light of Fourth Amendment violations.
A majority of these judges did however admit the NIT did violate the Fourth Amendment. Specifically because investigators had ensured the magistrates that the suspects where in their jurisdiction on their “NIT warrant” applications. Not because of the techniques employed. As a majority of these judges cite an issue with federal authorities misrepresenting the location of the committed crime, it stands to reason why there was a rule change to get their warrant without any chance of evidence suppression due to jurisdictional issues later down the road during convictions.
The moral issue, who are the good guys?
As these judges come down on this issue, the appeal decisions lack any other moral issue other than investigators misleading magistrates into believing the suspects operated in their jurisdiction for the warrant to be approved. It lacks the more obvious question. Are the police above the law? Are they granted rights to conduct investigations in ways that would otherwise be against the law for the average citizen?
In the case of the now defunct child sexual abuse material (CSAM) site, Playpen, most of these appeals have stemmed from. The case where they overtook the illicit site’s server and ran for 13 days at a government location to nab additional suspects before taking it fully offline. Is this not in violation of USC 2252(a)(1)? Are they ethically in the right while using malware to penetrate a suspect’s computer or an innocent bystander’s computer caught up in a bot network against the Computer Fraud and Abuse Act? Not easy questions but are topics that surely should be addressed at some point in future court decisions.