Computers and Warrants: Some Senators Oppose Justice Plan (go.com) 47
A group of bipartisan senators introduced a bill on Thursday that blocks a pending judicial rule change allowing U.S judges to issue search warrants for remote access to computers in any jurisdiction, even overseas. Associated Press reports: Justice Department officials say that requirement is not practical in complex computer crime cases where investigators don't know the physical location of the device they want to search. In instances when cybercriminals operate on networks that conceal their identity and location, the government wants to ensure that any magistrate in a judicial district where a crime may have occurred can sign off on a search warrant that gives investigators remote access to the computer. The Obama administration says that authority is especially critical in cases involving botnets, which are networks of computers infected with a virus that spill across those districts. As it now stands, federal officials say, they might have to apply for nearly identical warrants in 94 different courthouses to disrupt a botnet.The U.S. Justice Department has pushed for the rule change since 2013. It has assumed it as a "procedural tweak" needed to modernize the criminal code to pursue sophisticated 21st century criminals, reports Reuters. Congress has until Dec 1 to vote to reject, amend or postpone the changes to Rule 41 of the federal rules of criminal procedure. If lawmakers fail to act, the change will automatically take effect, a scenario seen as likely given the short timeline. ZDNet has more details.
Where is the server, exactly? (Score:5, Funny)
What are they going to do to figure out the jurisdiction anyway? Use Maxmind Geoip? Thats hopelessly unreliable! How else are they supposed to do this?
Hey, I know! Lets set up a special UN taskforce!
We can call it UNIT; United Nations Internet Taskforce! Need some kind of doctor and brigadier though.
Re:Where is the server, exactly? (Score:5, Insightful)
There are already judges that can give them the warrants they need. The only rational purpose of the rule change is to let them ask less experienced judges when they want to slip something past them.
Re:Where is the server, exactly? (Score:5, Insightful)
There are already judges that can give them the warrants they need. The only rational purpose of the rule change is to let them ask less experienced judges when they want to slip something past them.
This.
This makes judge-shopping so much easier! No more pesky jurisdictional issues! Simply pick the judge most in-line ideologically/politically with your prosecutorial/investigative agenda and goals, and bam! A done deal!
If allowed to stand this rule would permit some wack-job ideologue/extremist judge in some backwater hick jurisdiction to issue warrants to search computers anywhere including in Washington D.C., Alexandria VA, Hollywood CA...or Hong Kong.
If they allow this I say find a backwater-jurisdiction judge who leans hard libertarian and have him issue a warrant to search computers of those in Congress, the SCOTUS, and the DoJ/Executive branches in Washington, D.C. on suspicion of RICO/racketeering/criminal corruption violations.
Strat
Re: (Score:2)
And there are plenty of "wack-job ideologue/extremist judges" in SF and NYC. You needn't go to "some backwater hick jurisdiction" to find them.
Re: (Score:3)
The magistrate that can issue the warrant is the one in the district that the crime occurred in, aka the victim's district.
The Feds have been known to choose where to deem a computer/internet crime occurred to favor jurisdictions where they feel they have the best chance of a favorable outcome. This just turns it around so that they don't have to care where the crime occurred, any magistrate of their choosing can issue a warrant. It's a huge judicial/executive power-grab.
Strat
Re: (Score:3)
The Feds have been known to choose where to deem a computer/internet crime occurred to favor jurisdictions where they feel they have the best chance of a favorable outcome.
You mean forum shopping.
Like prosecuting a California web site in Tennessee or Florida on pornography charges. http://www.pcworld.com/article... [pcworld.com]
Re: (Score:2)
IANAL, but I thought you cannot simply file a case in any jurisdiction you want. You can only file it in a jurisdiction where the court has an interest. A New York company wanting to go after a hacker in Thailand can't go to a court in Virginia can they?
Re: (Score:3)
The physical issue you bring up doesn't really prevent them from *issuing* a search warrant. But it does inhibit their ability to *execute* the warrant. Executing it might require working with another government, or remotely hacking a server, or something like that. Do warrants state *how* they will be executed? Ex: If they get a warrant to search a computer, does the warrant state that they can or cannot hack it -vs- that they can sieze it -vs- they can copy the HD contents?
Re: (Score:1)
Wait. Who does what where? (Score:2)
... the government wants to ensure that any magistrate in a judicial district where a crime may have occurred can sign off on a search warrant that gives investigators remote access to the computer.
And if the remote computer is located somewhere that local magistrate doesn't have any jurisdiction?
Re: (Score:2)
Here is the short and skivvy if we are to believe the general numbers found by a Google search there are about 15 million reports of identity theft a year at a cost of over $50 billion in the US many of which are computer related crimes and a lot of social engineering. What do you purpose we do about it? Better security sure but if there is no way to locate or stop them they will just keep trying until they beat that too.
Re:Wait. Who does what where? (Score:4, Informative)
... the government wants to ensure that any magistrate in a judicial district where a crime may have occurred can sign off on a search warrant that gives investigators remote access to the computer.
And if the remote computer is located somewhere that local magistrate doesn't have any jurisdiction?
That's the whole point of the rule change. It would allow them to go to one magistrate and get the required warrant in situations where either they would need warrants from dozens of magistrates due to multiple locations (bot net example) or if they simply can't geolocate the computer they need to get into. It makes sense, on the surface at least. However this is law enforcement so you know there is some way they can use this to completely screw over the people.
Re: (Score:2)
due to multiple locations (bot net example) or if they simply can't geolocate the computer they need to get into.
Should you be subject to total loss of personal privacy and having your digital life turned upside-down by the gov't due to a search warrant of your machines, just because a computer on your LAN (Possibly a visiting friend's computer) happened to be compromised and joined in a Botnet? I don't think so. These foreign judges are not part of our local representative government
They should pu
Re: (Score:2)
due to multiple locations (bot net example) or if they simply can't geolocate the computer they need to get into.
Should you be subject to total loss of personal privacy and having your digital life turned upside-down by the gov't due to a search warrant of your machines, just because a computer on your LAN (Possibly a visiting friend's computer) happened to be compromised and joined in a Botnet?
Why are you asking me? I'm just responding to the OP on WHY they wanted the change. My name is EvilSS not Obama
The notion of having a capability for judges to write search warrants against people in outside jurisdictions, where the judge is not accountable to the local populous is very dangerous and anti-democratic as well....
Since when are federal judges accountable to the local populous of their districts? They are appointed at the federal level, not elected.
Re: (Score:2)
They can already go to a district court judge for that. The downside for them is that district judges tend to be more experienced and harder to slip things past.
Full list of senators? (Score:2)
A group of bipartisan senators [go.com] introduced a bill on Thursday that blocks a pending judicial rule change allowing U.S judges to issue search warrants for remote access to computers in any jurisdiction, even overseas.
I saw Rand Paul on their, but certainly this is something Bernie Sanders would support as well, right? Does anyone have a link for the full list?
Re: (Score:1)
There's more information at Wyden's press release [senate.gov].
In addition to Senators Ron Wyden, D-Ore., and Rand Paul, R-Ky., the original cosponsors are Sens. Tammy Baldwin, D-Wis., Steve Daines, R-Mont., and Jon Tester, D-Mont. I would hope Bernie Sanders would support the bill but I don't personally know how much one can read into him not being an original cosponsor.
The above press release includes a link to a readable (warning, PDF) 1-page summary [senate.gov]. The last sentence lists other supporters/commenters of the bill:
For more information, see comments by ACLU [aclu.org], Google [blogspot.com], EFF/Access [accessnow.org], OTI [newamerica.org], CDT [cdt.org], NACDL [nacdl.org], the security researchers Bellovin, Blaze, and Landau [columbia.edu], and the Agenda Books [uscourts.gov] from the U.S. Courts.
Really? (Score:2)
But yet a Chinese IP "attacking" their systems is grounds enough to start a war with China.
Strange world you Americans live in.
Re: (Score:2)
Re: (Score:2)
http://www.wsj.com/articles/SB... [wsj.com]
Cyberattack as provocation for war. (Score:4, Informative)
But yet a Chinese IP "attacking" their systems is grounds enough to start a war with China.
Strange world you Americans live in.
It depends what they're doing with the "attacks." A cyberattack that kills people can obviously be grounds for war.
Nobody is saying a cyberattack is enough to provoke a nuclear response. But if you don't want to get hit and the world has no policemen, you learn to defend yourself and you learn to hit back, until you both realize that it's more productive not to fight.
Your response doesn't need to be the same kind of hit the other person used--it just has to hurt them enough to show them it is unprofitable to continue. (But not so much that they must retaliate because of public demand).
A cyberattack that kills people can obviously be (Score:2)
Re: (Score:2)
If a Chinese, state sponsored, cyberattack were to cause a nuclear missile (somehow...) to launch and take out DC, would you consider that good enough to start a war? If not, why not?
Re: (Score:2)
And thus Global Hacking War 1 starts (Score:1)
Here in the Netherlands, and probably everywhere else as well, we have the exact same discussion. Law enforcement wants the capability to remotely hack into computers, even when the jurisdiction is unclear and the remote computer my be abroad.
This could in theory end up in a Global Hacking War where law enforcement of countries will hack law enforcement of other countries because they hacked into systems in the first countries jurisdiction which the first country considers to be illegal. repeat ad infinitum
Better Solution (Score:5, Insightful)
Perhaps a better idea is to create a new court that can issue warrants in a "cyber jurisdiction" - ie an IP address or address space. That court can be highly specialized and have expertise in issuing such warrants, and have no jurisdiction over any physical area. Once the results of any searches authorized under the "cyber warrant" are resolved to a physical location, then new warrants can be obtained from the traditional courts for those jurisdictions.
Re: (Score:3)
I suggested a similar idea to that in a face-to-face meeting with a United States Senator in May of 2000 after the MafiaBoy DDOS attacks. He thought that sounded like a great idea.
You'll notice that nothing has been done on that front.
Group of bipartisan senators (Score:2)
Surely it's a bipartisan group of senators. I find it hard to believe that anyone bipartisan could get selected by one party, let alone both.