The FBI is increasingly using hacking tools such as browser exploits to identify criminal suspects all over the world, in wide-ranging investigations. But it turns out that the Department of Justice isn't keeping tabs on how many times the FBI and other agencies have been authorized, or asked for permission, to use such techniques.
According to a filing from this month, the DOJ doesn't keep any sort of central or, more importantly, "complete" listing of cases which involved network investigative techniques (NITs)—the DOJ's and FBI's term for a hacking tool.
The filing was seemingly in response to a court's oral request for figures on how many times NITs have been used by investigators. The particular case is related to the FBI's investigation of dark web child pornography site Playpen, in which the agency deployed a NIT to identify over a thousand US-based visitors of the site, as well as at least 3000 abroad.
"The Department of Justice ("DOJ") does not maintain a central and complete listing of instances in which, in the course of an investigation, DOJ, any of its components, or any other federal law enforcement agency (such as the Department of Homeland Security) sought and/or received judicial authorization to use a NIT," the filing reads.
"Law enforcement agencies employ NITs such as the one at issue in this case only with
judicial authorization," the filing continues. "NITs allow investigators to ascertain information from a computer on which the NIT runs such as the Internet Protocol address of the computer despite attempts by the computer user to obscure that information. This resource has served as a valuable tool in an array of criminal investigations."
Hacking tools have been used in attempts to track down bomb threat suspects, circumvent encryption, and in other dark web investigations. Not all of the requests for authorization have been successful, though: In 2013, a judge denied a warrant to the FBI which would have allowed the agency to collect chat logs, web history and turn on the suspect's web camera. Indeed, the DOJ, in its response to the request for NIT figures, points to some of these cases.
But the DOJ also hints that other cases may have involved the use of NITs.
"Moreover, judicial authorizations for the deployment of NITs are typically sealed to ensure operational security and to avoid jeopardizing ongoing investigations. The government is not authorized to reveal information about matters that remain under seal," the filing reads.