The Supreme Court on Thursday approved a rule that will allow federal judges to issue warrants permitting the FBI and other law enforcement agencies to hack and surveil computers outside of their jurisdiction. The rule was proposed by the Department of Justice in 2014.
Prior to the decision, Rule 41 of the Federal Rules of Criminal Procedure authorized search and seizure by law enforcement only within their own jurisdiction. Approved amendments to the code now permit the FBI and others to hack into computers and seize data, even if that computer’s actual location “has been concealed through technical means” such as Tor, software that enables anonymous communication over the internet.
“As it stands, the proposed amendment allows the FBI to use a wide array of invasive (and potentially destructive) hacking techniques where it may not be necessary to do so, against a broad pool of potential targets that could be located virtually anywhere,” Ahmed Ghappour wrote for Just Security on September 16, 2014.
In the summer of 2015, the FBI used its network investigative technique (NIT) hacking tool to gain control of an alleged child pornography bulletin board, Playpen, operating on the so-called dark web.
An FBI complaint described the site as “the largest remaining known child pornography hidden service in the world.” After the FBI seized the server running the site in Lenior, North Carolina, it ran the site from its own servers in Newington, Virginia, and used NIT to infect around 1,300 computers.
NIT forces a computer to perform a number of tasks, including covertly uploading files, emails, photographs, and other data. It can even activate a computer’s microphone and camera.
“NITs come in all sorts of different forms, and have been used since at least 2002,” notes Joseph Cox, writing for Motherboard. “Malware has been delivered to bomb threat suspects via phishing emails, and the FBI has also taken over hosting services and surreptitiously exploited a known bug in Firefox to identify users connecting with the Tor Browser Bundle.”
The FBI’s initiative, dubbed “Operation Torpedo,” used a single warrant to target a large number of computers. “We’re not talking about searching one or two computers. We’re talking about the government hacking thousands of computers, pursuant to a single warrant,” said Christopher Soghoian, principal technologist at the American Civil Liberties Union.
The Supreme court ruling and hacking practices by the FBI are not limited to child pornograpy. In a number of cases, the agency has surveilled individuals and organizations engaged in legal political activities, most notably during its COINTELPRO operation that supposedly ended in the 1970s.
More recently, the FBI’s Joint Terrorism Task Force targeted “peaceful political activists for harassment and building files on constitutionally-protected political activities and associations that have nothing to do with terrorism or other criminal activity,” the ACLU reported in 2012.
The FBI’s attempt to force Apple to build a backdoor to circumvent encryption on its popular iPhone reveals the government considers piracy and anonymous communication a threat to its ability to surveil and potentially target political activists.
“From the Pentagon to the FBI and all the way down to our state and local law enforcement, the message is clear: dissent is a threat that must be neutralized, and surveillance is the first step towards maintaining the status quo,” writes Privacy SOS, a website highlighting the activities of the surveillance state.
The FBI will continue to rationalize its behavior by insisting it is going after terrorists and child pornographers, but as the above case demonstrates, the agency often engages in criminal activity in order to entrap victims.
The same can be said for its program of enticing and entrapping people, often the mentally ill, into committing terrorist acts they would have otherwise not engaged in without encouragement by informants and undercover agents.