Google is not going to sit tight on this one, they have decided to come out and boldly go against the United States Justice Department which is seeking to expand federal powers to be able to search and take away your PC, laptop, mobile phones, or any other electronic device that they deem unsafe. Changes like these would allow the United States government to hack into any facility around the world.
The search company told us that with the updated proposal(s), the FBI would have the authority to conduct raids on servers (not limited to their location). This will give the United States access to massive amounts of information.
— Anon.Dos (@AnonDos_AnonHQ) March 19, 2015
The letter that was sent from Google to the Judicial Conference Advisory Committee on Criminal Rules states:
“Google Inc. (“Google”) writes in opposition to the proposed amendment to Federal Rule of Criminal Procedure 41. Google makes available a variety of Internet-related products and services for people and businesses around the world, including webmail, search, maps, news, and image storage and organization. Google’s mission is to organize the world’s information and make it universally accessible and useful. Google has a significant interest in protecting its users and securing its infrastructure. The proposed amendment substantively expands the government’s current authority under Rule 41 and raises a number of monumental and highly complex constitutional, legal, and geopolitical concerns. Google urges the Committee to reject the proposed amendment and leave the expansion of the government’s investigative and teleological tools, if any are necessary or appropriate, to Congress.”
Image Source: Google Image – Agents from the FBI and other law enforcement agencies work at a 24-hour operations center.
The Proposed Amendment Is a Substantial Expansion of the Government’s Search Capabilities That Should Be Left to Congress:
- The government cannot seize evidence outside the United States pursuant to a search warrant that permits remote access of servers abroad.
Under current Rule 41, federal prosecutors must generally seek a warrant in the judicial district to search for and seize a person, or property, located within the district. This territorial limitation is subject to limited exceptions. Yet, the proposed amendment to Rule 41 would permit a court within any district where activities related to a crime may have occurred, to issue a warrant authorizing remote access searches of electronic information located within or outside said district.
There are two circumstances: first, where the location of, “the media or information has been concealed through technological means,” and second, where the search involves, “an investigation of a violation of 18 U.S.C. § 1030,” and, “the media are protected computers that have been damaged without authorization and are located in five or more districts.” Remote searches of media or information that have been, “concealed through technological means,” may take place anywhere in the world. This concern is not theoretical. A magistrate judge in the Southern District of Texas recently denied an application for a Rule 41 warrant that would have permitted U.S. law enforcement agents to hack a computer whose location was unknown, but whose IP address was most recently associated with a country in Southeast Asia. Such searches clearly violate the extraterritorial limitations of Rule 41. The Department of Justice (or DOJ) urges that, “in light of the presumption against international extraterritorial application, the proposed amendment does not purport to authorize courts to issue warrants that authorize the search of electronic storage media located in a foreign country or countries.” But despite this weak assurance that the amendment does ‘not purport’ to expand the current scope of Rule 41, in reality, it will. The nature of today’s technology is such that warrants issued under the proposed amendment will, in many cases, end up authorizing the government to conduct searches outside the United States.
The government has previously offered up the theory that a search or seizure does not occur pursuant to a Rule 41’s warrant until the government examines the data. Under this rationale, a remote search by the government of media or information located in another country would not violate Rule 41’s extra territoriality limitations because no search would occur outside U.S. borders. But this logic must be, and has been, rejected. A search or seizure occurs at the moment when the government secures the data. Therefore, where the government accesses servers located abroad to obtain information pursuant to a Rule 41 warrant, there is no doubt that a seizure of such data will occur outside U.S. territorial limits.
Accordingly, while the proposed amendment purports not to substantially expand the government’s search powers under Rule 41, it in effect does so anyway. Such a change is for Congress to effect, not the Committee.
Moreover, as the Committee must understand, the United States has long recognized the sovereignty of nations. To this end, it is well established that, “absent a treaty or other agreement between nations, the jurisdiction of law enforcement agents does not extend beyond a nation’s borders.” Stated differently, “state’s law enforcement officers may exercise their functions in the territory of another state only with the consent of the other state, given by duly authorized officials of that state.” The U.S. has many diplomatic arrangements in place with other countries to co-operate in investigations that cross national borders, including Mutual Legal Assistance Treaties (MLATs). Generally, these arrangements allow, “for the exchange of evidence and information in criminal and related matters.” Google, and many other service providers, have long encouraged and supported the efforts of the administration and Congress to improve these processes, but the proposed amendment undermines those efforts.
The Proposed Amendment Would Authorize Remote Searches of Millions of Computers:
The proposed amendment authorizes searches for investigations under §1030(a)(5) of the Computer Fraud and Abuse Act (CFAA). As the Committee notes, “the proposal would enable investigators to obtain warrants to search computers in many districts simultaneously.” Such search capabilities would enable law enforcement to investigate robot networks, or botnets, which are, “automated malware programs that scan blocks of network addresses and infect vulnerable computers.” According to the FBI, a network of botnets can number, “in the hundreds of thousands or even millions.” The implications of such searches should be left to Congress to weigh and to craft a statute that balances the privacy rights of affected network owners or operators with the investigative needs of law enforcement.
Subpart (B) of the proposed amendment extends beyond botnet searches, however. The definition of ‘damaged computer’ under the CFAA is broad, encompassing, “any impairment to the integrity or availability of data, a program, a system, or information.” ‘Damage’ may encompass, for example, software infected with unwelcome code, malware, or viruses. As noted by another commentator, it is estimated that nearly thirty percent of computers in the United States are infected with some form of malware.
Therefore, computers that have suffered ‘damage’ encompasses computers belonging to millions of average Americans, many of whom are the victims of cybercrime, and the proposed amendment would permit remote searches into those computers.
The question is, have we become so mistrustful of our own government and law enforcement agencies that we do not trust their judgments and are willing to go against them?