I'm just an unfrozen caveman lawyer (and not your lawyer), but if the following is the relevant part then it appears the change here is only that the judge who issues the warrant may be where the victim is located rather than where the servers are located. Normally, a warrant must be issued by a judge sitting where the evidence is to be collected. This seems to say that if you're hiding your location, the judge in the victim's district can issue the warrant instead of having the Catch-22 of not being able to find the right district because you can't track down the server because you don't have a warrant.
Magistrate judges issuing warrants is normal -- they do most of the day-to-day evidence work outside of trials.
a magistrate judge with authority in any district
8 where activities related to a crime may have
9 occurred has authority to issue a warrant to use
10 remote access to search electronic storage media
11 and to seize or copy electronically stored
12 information located within or outside that district
13 if:
14 (A) the district where the media or information
15 is located has been concealed through
16 technological means
(edit: added language from the PDF -- key is the "if")
(edit 2: Original headline was "FBI seeks automatic warrants against users of VPN and Tor (p. 338) [pdf]" since it's going to get changed)
Yep, as <slapshot> says, the HN headline is in error and should be changed.
At the very least the word "automatic" should be deleted. It incorrectly implies lack of discretion on the part of the magistrate judge.
Now, perhaps many magistrate judges may be too willing to issue warrants, but that's a different discussion. And there have been plenty of examples where they've raised important issues dealing with electronic surveillance; I highlighted Magistrate Judge Orenstein's opinion re: warrantless cell tracking in this 2005 article: http://news.cnet.com/Police-blotter-Cell-phone-tracking-reje...
It may be worthwhile for you to review the prepared comments of the many civil liberties groups that analyzed the proposed rule change and raised the same concerns as the DC attorney below. Her analysis, like theirs, is focused on application of the rule change and how it would in effect swallow the other safeguards in the rule and elsewhere. http://www.uscourts.gov/uscourts/RulesAndPolicies/rules/2014...
Here is a legal analysis written by an attorney in DC: "It’s called Federal Rule 41(b), and the requested change would allow law enforcement to obtain a warrant to search electronic data without providing any specific details as long as the target computer location has been hidden through a technical tool like Tor or a virtual private network. It would also allow nonspecific search warrants where computers have been intentionally damaged (such as through botnets, but also through common malware and viruses) and are in five or more separate federal judicial districts. Furthermore, the provision would allow investigators to seize electronically stored information regardless of whether that information is stored inside or outside the court’s jurisdiction." [1]
I believe the HN headline is in error. This proposed amendment appears to authorize a wider range of magistrate judges to issue a warrant if the jurisdiction cannot be determined because the computers in use have had their location concealed (via Tor or VPN, among other technologies, is the inference the original poster appears to make). How do we leap from "Feds can ask more magistrate judges for warrants" to "Automatic warrants?" It still has to pass someone's sniff test, right?
> a magistrate judge with authority in any district where activities related to a crime may have occurred
Weasely enough that the warrant-seeker could pick a pet court wherever they have computers. There's a judge who made Marshall, East Texas the place to find software patents infringed with maximum damages. A similar venue would pop up.
There is nothing about "automatic" warrants in that document, just an amendment that would:
1) Extend venue for warrants for remote searches, in cases where the location of the servers is either obscured or in certain cases where the targeted computers located in five or more districts, to magistrate judges in any district, rather than just magistrate judges in the district where the computers are located (Rule 41 amendments pp. 338-339, lines 14-21), and
2) Specify how notice must be provided when searches are conducted on the basis of a warrant for remote access search (id., lines 33-43).
(6) a magistrate judge with authority in any district
7 where activities related to a crime may have
8 occurred has authority to issue a warrant to use
9 remote access to search electronic storage media
10 and to seize or copy electronically stored
11 information located within or outside that district
12 if:
13 (A) the district where the media or information
14 is located has been concealed through
15 technological means; or
Note that this doesn't even point out VPN/Tor by name, just "concealed through technological means", which might even be broadly interpreted to include WHOIS privacy guard services or other really silly things.
It's not clear to me how these warrants are "automatic". FTAmendments:
"a magistrate judge [...] has authority to issue a warrant to use remote access to search electronic storage media [...]" (emphasis mine)
IANAL, though; could someone who knows more explain what's going on? How will the procedure and requirements for obtaining a warrant for such "remote access" differ from those for searching, say, a house?
Edit: as I typed, slapshot posted some helpful explanation.
The Federal Government seeks to change the rules to obtain warrants automatically against anyone using VPN or Tor -- because these are means of hiding the location of a computer.
If I claim that I can't determine a location, can I then pick a judge who's more likely to grant the warrant? How would someone challenge that, can the FBI just shrug and say "we couldn't figure it out" ?
I think the title of this post is misleading. For context, see the summary of the amendment on p. 324, under "ACTION ITEM—Rule 41 (venue for approval of warrant for certain remote electronic searches)".
The goal of this amendment (appears to me, a non-laywer) to be to allow judges to issue warrants for crimes that occur in their jurisdiction, for materials that may not be in their jurisdiction, when the location of the materials has been obfuscated with an anonymizing technology. I don't think this is an "automatic warrant" - they still have to establish probable cause, etc.
A more interesting sentence from p. 325 discusses the mechanism by which the search may be carried out: "The proposal speaks to two increasingly common situations affected by the territorial restriction, each involving remote access searches, in which the government seeks to obtain access to electronic information or an electronic storage device by sending surveillance software over the Internet."
An interesting side-effect of this change in warrant law would be that domestic law enforcement would be authorized to access, remotely (and possibly destructively, since it can be hard to tell precisely how a remote machine is configured), machines that are not physically located in U.S. jurisdiction, since the anonymizing proxies can make geographical origin hard to figure out.
I imagine this interpretation of the law works until and unless a major government declares that tampering with their citizens' private property without the citizens' consent while it is housed within the government's sovereign territory is tantamount to an act of war. But practically speaking, that scenario is unlikely (from any nation with enough firepower for the U.S. to care).
Would this apply retroactively to warrants already issued? We know that in the Freedom Hosting takedown, an exploit was deployed by the FBI to identify the machines of users on the Freedom Hosting network. After that incident, there has been no resulting arrests from that intelligence.
Lets suppose the FBI deployed their exploit on Freedom Hosting's servers but ran into legal issues afterwards with their search warrants due to their jurisdiction.
If this were to pass, would it retroactively legalize those warrants that were issued in July 2013?
I don't understand. Is it this sentence at pg 338?
"(A) the district where the media or information is located has been concealed through technological means"
But this applies to warrants, and would apply to all of SSL or SSH traffic ("information") or password protection of the PC or media, or sending encrypted word documents, not just vpn, ipsec or tor. Even binary formats would qualify as concealed.
I don't see anything about tor or vpn.
It isn't about concealing the information, it is about concealing the ultimate origin of the request. If you have an SSL session without going through a VPN or other proxy there is a direct relationship between you (the originator of the request) and the server (providing or receiving the possibly encrypted information).
Does this decision increase the likelihood of venue shopping? If the DOJ/FBI can ask any magistrate judge in any jurisdiction, then can't they find the most lenient judge, just by keeping statistics over time about the number of rejections or edits required, with the closest to 100% warrant issuance rate? Is there any counter-balance to this type of scenario?
If I read correctly, it's clarifying magistrate judges' authority to issue a warrant given resources behind VPN/Tor/similar might otherwise cause jurisdictional issues, among other things. It doesn't seem to be changing probable cause requirements. But I may not be reading correctly.
Thanks eagle-eyed sycophants of the state for amending the title so it's harder to understand the practical impact of this proposal. More colossal stupidity.
Next up, automatic warrants against anyone who does not live in a glass house. Because not living in a glass house is a means for obscuring illegal activity.
[+] [-] slapshot|11 years ago|reply
Magistrate judges issuing warrants is normal -- they do most of the day-to-day evidence work outside of trials.
(edit: added language from the PDF -- key is the "if") (edit 2: Original headline was "FBI seeks automatic warrants against users of VPN and Tor (p. 338) [pdf]" since it's going to get changed)[+] [-] declan|11 years ago|reply
At the very least the word "automatic" should be deleted. It incorrectly implies lack of discretion on the part of the magistrate judge.
Now, perhaps many magistrate judges may be too willing to issue warrants, but that's a different discussion. And there have been plenty of examples where they've raised important issues dealing with electronic surveillance; I highlighted Magistrate Judge Orenstein's opinion re: warrantless cell tracking in this 2005 article: http://news.cnet.com/Police-blotter-Cell-phone-tracking-reje...
[+] [-] tptacek|11 years ago|reply
[+] [-] engiekay|11 years ago|reply
[+] [-] mkempe|11 years ago|reply
[1] http://fee.org/freeman/detail/youll-never-guess-whos-trying-...
[+] [-] fixermark|11 years ago|reply
[+] [-] Tobu|11 years ago|reply
Weasely enough that the warrant-seeker could pick a pet court wherever they have computers. There's a judge who made Marshall, East Texas the place to find software patents infringed with maximum damages. A similar venue would pop up.
[+] [-] dragonwriter|11 years ago|reply
1) Extend venue for warrants for remote searches, in cases where the location of the servers is either obscured or in certain cases where the targeted computers located in five or more districts, to magistrate judges in any district, rather than just magistrate judges in the district where the computers are located (Rule 41 amendments pp. 338-339, lines 14-21), and
2) Specify how notice must be provided when searches are conducted on the basis of a warrant for remote access search (id., lines 33-43).
[+] [-] angersock|11 years ago|reply
[+] [-] fixermark|11 years ago|reply
But if our headlines stick too close to the facts, they don't make it to the front page of HN, right? ;)
[+] [-] cdwhite|11 years ago|reply
"a magistrate judge [...] has authority to issue a warrant to use remote access to search electronic storage media [...]" (emphasis mine)
IANAL, though; could someone who knows more explain what's going on? How will the procedure and requirements for obtaining a warrant for such "remote access" differ from those for searching, say, a house?
Edit: as I typed, slapshot posted some helpful explanation.
[+] [-] manulp|11 years ago|reply
The magistrate with authority in a district may only issue a warrant for a remote search if:
This doesn't say anything about obtaining warrants automatically if someone is using VPN or Tor.[+] [-] mkempe|11 years ago|reply
See page 338 of the linked PDF.
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] NoMoreNicksLeft|11 years ago|reply
If I claim that I can't determine a location, can I then pick a judge who's more likely to grant the warrant? How would someone challenge that, can the FBI just shrug and say "we couldn't figure it out" ?
[+] [-] handsomeransoms|11 years ago|reply
The goal of this amendment (appears to me, a non-laywer) to be to allow judges to issue warrants for crimes that occur in their jurisdiction, for materials that may not be in their jurisdiction, when the location of the materials has been obfuscated with an anonymizing technology. I don't think this is an "automatic warrant" - they still have to establish probable cause, etc.
A more interesting sentence from p. 325 discusses the mechanism by which the search may be carried out: "The proposal speaks to two increasingly common situations affected by the territorial restriction, each involving remote access searches, in which the government seeks to obtain access to electronic information or an electronic storage device by sending surveillance software over the Internet."
[+] [-] fixermark|11 years ago|reply
I imagine this interpretation of the law works until and unless a major government declares that tampering with their citizens' private property without the citizens' consent while it is housed within the government's sovereign territory is tantamount to an act of war. But practically speaking, that scenario is unlikely (from any nation with enough firepower for the U.S. to care).
[+] [-] harken22|11 years ago|reply
Lets suppose the FBI deployed their exploit on Freedom Hosting's servers but ran into legal issues afterwards with their search warrants due to their jurisdiction.
If this were to pass, would it retroactively legalize those warrants that were issued in July 2013?
[+] [-] rurban|11 years ago|reply
But this applies to warrants, and would apply to all of SSL or SSH traffic ("information") or password protection of the PC or media, or sending encrypted word documents, not just vpn, ipsec or tor. Even binary formats would qualify as concealed. I don't see anything about tor or vpn.
[+] [-] lbearl|11 years ago|reply
[+] [-] dsp1234|11 years ago|reply
[+] [-] Glyptodon|11 years ago|reply
[+] [-] comrade1|11 years ago|reply
[+] [-] chaostheory|11 years ago|reply
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] 0dmethz|11 years ago|reply
[+] [-] godgod|11 years ago|reply
[deleted]
[+] [-] spammyusername|11 years ago|reply
[+] [-] cryoshon|11 years ago|reply
[+] [-] wahsd|11 years ago|reply
Heil USA!