US Justice Department asks for new authority to hack and search remote computers

The agency asks that judges be allowed to issue warrants to search computers outside their judicial districts

The U.S. Department of Justice wants new authority to hack and search remote computers during investigations, saying the new rules are needed because of complex criminal schemes sometimes using millions of machines spread across the country.

Digital rights groups say the request from the DOJ for authority to search computers outside the district where an investigation is based raises concerns about Internet security and Fourth Amendment protections against unreasonable searches and seizures.

"By expanding federal law enforcement's power to secretly exploit 'zero-day' vulnerabilities in software and Internet platforms, the proposal threatens to weaken Internet security for all of us," Nathan Freed Wessler, a staff attorney with the American Civil Liberties Union, said by email.

The proposal, which was made public Friday, raises serious privacy concerns, Wessler added, because it would "significantly expand the circumstances under which law enforcement can conduct secret, remote searches of the sensitive contents of people's computers. Our computers contain a wealth of private information about us, and it is crucial that the courts place strict limits on secret electronic searches by law enforcement."

The DOJ proposal comes after nearly a year of leaks about broad U.S. National Security Agency surveillance programs.

But a change in the federal rules of criminal procedure is needed to investigate botnets and crimes involving anonymizing technologies, the DOJ said in a September letter to the Advisory Committee on the Criminal Rules. The DOJ has asked the U.S. court system to give judges authority to issue search warrants for computers outside their districts.

Investigators are increasingly encountering crimes where they "can identify the target computer, but not the district in which it is located," Mythili Raman, then an acting assistant attorney general, wrote in the letter. "Criminals are increasingly using sophisticated anonymizing technologies when they engage in crime over the Internet."

Raman, now working at a private law firm, also pointed to criminals' use of botnets as a need for the rules change. A large botnet investigation could involve computers in dozens of judicial districts, she wrote.

"Criminals are using multiple computers in many districts simultaneously as part of complex criminal schemes, and effective investigation and disruption of these schemes often requires remote access to Internet-connected computers in many different districts," Raman wrote. "Botnets are a significant threat to the public: they are used to conduct large-scale denial of service attacks, steal personal and financial data, and distribute malware designed to invade the privacy of users of the host computers."

Yet, current rules of criminal procedure established by the U.S. court system allow magistrate judges to issue search warrants for property outside the judge's district in only limited circumstances, the DOJ noted. The DOJ's request for the rules change is scheduled to be discussed at the meeting of the U.S. courts' Committee on Rules of Practice and Procedure in Washington, D.C., later this month.

A DOJ spokesman downplayed privacy concerns, saying judges would have to issue warrants for the remote computer searches. The rules change would relate only to expanded venues for warrant applications, he said.

"The key thing to highlight is that our proposal would not authorize any searches or remote access not already authorized under current law," spokesman Peter Carr said by email. "The probable cause and particularity standards we have to meet to obtain the warrant from the court do not change, and the execution of the warrant remains under the supervision of the court."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is

Join the CSO newsletter!

Error: Please check your email address.

Tags Nathan Freed WesslerU.S. Department of JusticePeter CarrintrusionMythili Ramansecuritylegalprivacy

More about Department of JusticeDOJIDGNational Security Agency

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place