This story is over 5 years old.


US Judges Can Now Sign Global Hacking Warrants

At midnight changes to Rule 41, which the Department of Justice says is to combat criminals who use anonymization technology, came into effect.

On Thursday, changes to the rules around US search warrants came into effect, meaning that magistrate judges can now authorize the hacking of computers outside of their own district.

Legal experts have described the move as the broadest expansion of extraterritorial surveillance power since the FBI's inception, an agency that has already embarked on international hacking operations. The Department of Justice, meanwhile, has defended the changes, arguing they are crucial for policing crime in an age of anonymization technology such as Tor.


The move centers around Rule 41 of the Federal Rules of Criminal Procedure, which regulates when and under what particular circumstances judges can issues warrants for searches and seizures, including remote searches of suspects' computers.

According to the Department of Justice, the problem is that when a criminal suspect is using Tor—perhaps to post child pornography on a dark web site—it's very difficult to know where the person is currently located.

"So in those cases, the Rules do not clearly identify which court the investigators should bring their warrant application to," Assistant Attorney General Leslie R. Caldwell wrote in a blog post published last week.

What the FBI has done in response is go to one magistrate judge and ask them to authorize the hacking of computers that were used to view illegal material, "wherever located." That's what the agency did for its 2015 investigation into dark web child pornography site Playpen. The FBI ended up hacking some 8,700 computers in 120 countries.

But, up until today, magistrate judges were only able to sign warrants for searches within their own district—in the Playpen case, the Eastern District of Virginia—unless the case overlapped with some exceptions, such as involving terrorism.

Plenty of courts found that the Playpen warrant breached Rule 41 because it attempted to greenlight searches outside of the respective district. Some judges even threw out evidence because of the rule violation.


The new tweaks change all of that. If issued today, the Playpen warrant would likely not violate Rule 41.

"We believe technology should not create a lawless zone merely because a procedural rule has not kept up with the times," Caldwell added in the blog post.

Senator Ron Wyden (D-OR) and a group of bipartisan senators have attempted to block the Rule 41 changes by introducing a bill, the Stopping Mass Hacking Act.

"This is a dramatic expansion of the government's hacking and surveillance authority. Such a substantive change with an enormous impact on Americans' constitutional rights should be debated by Congress, not maneuvered through an obscure bureaucratic process," Sen. Wyden said in a statement at the time.

Susan Hennessey, a fellow in national security at the Brookings Institution think tank and a former National Security Agency attorney, took issue with Sen. Wyden's characterization that the rules had been changed with an obscure process.

"This is the way that they're supposed to be pursuing these rule changes," she told Motherboard in a phone call. The Supreme Court approved the changes in April of this year. Now that the changes have come into effect, Congress can still appeal, and have a debate about the rules and their appropriateness, she added.

Referring to the Playpen operation, Sen. Wyden told Motherboard in a statement that because of the changes "hacking more than 8,000 computers on one warrant will not only be legal, but could seem modest once prosecutors start testing the limits of this new authority."

Get six of our favorite Motherboard stories every day by signing up for our newsletter.