The Supreme Court has approved a rule change that could allow the US’ FBI to hack into computers around the world, and could see investigators accessing the systems of those who have already been attacked by cyber-criminals.
The change (PDF), approved last week, broadens the powers of US magistrate judges to approve searches of computer systems. Previously magistrate judges could only approve such searches if they knew the location of the computer in question, to ensure it was located in their jurisdiction.
The changes, which are to take effect on 1 December unless Congress modifies or rejects them, mean searches can be approved for computers using tools such as Tor that mask their location – meaning the systems could be located in other countries around the world.
The changes also allow investigators to search computers that have been compromised by botnets, which allow those controlling the botnet to order affected computers to carry out malicious actions.
The US Department of Justice said the changes were necessary to combat the use of anonymisation technologies.
“The use of remote searches is often the only mechanism available to law enforcement to identify and apprehend (criminals),” the DoJ stated. “The amendment makes explicit that it does not change the traditional rules governing probable cause and notice.”
Critics said the change would significantly broaden the FBI’s ability to carry out hacks on computers around the world.
“What we’re talking about is government hacking, and this obscure rule change would authorise a whole lot more of it,” said Kevin Bankston, director of the Open Technology Institute, in a statement.
“Such a monumental change in the law should not be snuck by Congress under the guise of a procedural rule,” said Neema Singh Guliani of the ACLU.
Digital rights group Access Now said the changes risk further traumatising those who have already been attacked by criminal botnets.
“The proposed amendment unilaterally expands [FBI] investigations to further encompass the devices of the victims themselves, those who have already suffered injury and are most at risk by the further utilisation of the botnet,” said Amie Stepanovich, senior policy counsel for Access Now, in testimony before a judicial panel that considered the changes before it reached the Supreme Court.
Democratic Senator Ron Wyden said the amendments would have “significant consequences” for privacy and said he planned to introduce legislation to reverse the move.
Are you a security pro? Try our quiz!
Apple shares surge on optimism that new AI-focused hardware launches will drive renewed sales, starting…
Biden vetoes Republican-backed measure amidst dispute over 'joint employer' status for contract workers, affecting tech…
Lawyers in US social media addiction action say strict controls on Douyin in China show…
More than 10,000 London black cab drivers sue Uber claiming company acted illegally to obtain…
Liverpool's Alder Hey children's hospital turns away electric car from car park due to 'fire…
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…