Will the changes to 'Rule 41' leave Tor and VPN users at risk of government-sanctioned hacking?
When it comes to staying anonymous online, privacy-conscious users can use software such as the Tor browser or a virtual private network (VPN) to fend off unwanted snooping. However, a new proposal passing through the legal system in the US could potentially expose these tools to unwanted government surveillance.
Amendments to Rule 41 of the Federal Rules of Criminal Procedure, recently passed by the Supreme Court in the US, could grant police and federal authorities enhanced powers to remotely tamper with devices to seize or copy data relevant to criminal investigations, the Electronic Freedom Foundation (EFF) has warned.
According to the released government filings, Rule 41 allows authorities to request a judicial warrant that permits the use of hacking "to search electronic storage media and to seize or copy electronically stored information located within or outside that district".
However, in what has been deemed a "sweeping expansion" of law enforcement powers, the EFF believes users of software like Tor – which stands for The Onion Router – will be caught up in wanted intrusion should the law pass.
"[Rule 41] creates new avenues for government hacking that were never approved by Congress," said Rainey Reitman, director of activism at the EFF. "If this rule change is not stopped, anyone who is using any technological means to safeguard their location privacy could find themselves suddenly in the jurisdiction of a prosecutor-friendly or technically-naïve judge, anywhere in the country."
Reitman added: "The Rule 41 proposal implicates people well beyond U.S. borders. This update expands the jurisdiction of judges to cover any computer user in the world who is using technology to protect their location privacy or is unwittingly part of a botnet. People both inside and outside of the United States should be equally concerned about this proposal."
The proposals are now set to head in the direction of the US Congress which reportedly has until the beginning of December to make a final decision on whether or not the amendment will make it into law.
Necessary to combat criminality?
Supporters of the changes to Rule 41 have claimed the amendments are necessary to stay up-to-date with technological advancements used by criminals online. As reported by Politico, Nicholas Weaver, a senior staff researcher on computer security at the International Computer Science Institute in Berkeley, believes the changes are appropriate. He said: "Why should the rule be 'you can hack a computer with a warrant if you know where it is but not when you don't?'"
Meanwhile, the Department of Justice attorney Rebecca Womeldorf has claimed critics of changes are misrepresenting what the government is attempting to accomplish. "The proposal addresses venue; it does not itself create authority for electronic searches or alter applicable statutory or constitutional requirements," she wrote in a statement last year.
For EFF activists, who submitted a testimonial to the US government alongside campaign organisation Access Now in relation to the law, the Rule 41 plans "seek to sidestep the legislative process while making sweeping sacrifices in our security."
It's not only the US legal system that is currently facing a shake-up in how much legal authority police have to hack suspects' computer devices. The Investigatory Powers Bill in the UK – also referred to as a Snoopers' Charter – contains numerous plans to legislate 'equipment interference' to allow for remote hacking into computers, smartphones and tablets.
© Copyright IBTimes 2024. All rights reserved.