Home » Featured » Amendments to Rule 41 and What Is Happening to Stop Them
Click Here To Hide Tor

Amendments to Rule 41 and What Is Happening to Stop Them

If something isn’t done by December 1st, the proposed changes to Rule 41 would allow the government to only need a single warrant to search millions of computers at one time. With the majority of these numbers being victim’s computers, not the computers of the cyber criminals themselves.

The proposed changes have come about in light of several judges deeming warrants invalid due to jurisdictional boundaries. The amendments were approved by the supreme court, and would give any magistrate the power to issue a warrant to search computers anywhere in the world. Thus making the jurisdictional limitations vanish, and the FBI’s NIT use wouldn’t be able to be challenged.

rule1

The DOJ is justifying their rule changes due to the fact that so many cyber criminals anonymize they’re locations making it almost impossible to find them. It looks grim that congress will take any action on these changes, which were set up to go into effect if congress does just that, nothing. Ron Wyden is heading the opposition, and with little support it would seem.

There are a few others as well that have started to take action against the proposed changes to Rule 41. Access Now, ACLU, Government Accountability Project, Tor, and the National Association of Criminal Defense Lawyers, among others too to the EFF’s declared day of action, which was yesterday.

A group of bipartisan senators have introduced the Stopping Mass Hacking Act to keep the changes to Rule 41 from going into effect.  The bill’s sponsor Senator Ron Wyden posted on Twitter and explained why it’s essential that Congress pass the Stopping Mass Hacking Act.

Dozens of websites have started running the “Reject the Rule 41 Proposal” banner on their sites, as well as joined with the EFF in signing a letter to Congress. Tor, Open Technology Institute, R Street Institute, DuckDuckGo, Google, PayPal and a bunch more have all signed the PDF document. Thousands of regular internet users have been urging Congress not to pass the rule changes as well.

“The Senate failed to pass an amendment to expand the FBI’s National Security Letter powers and to make the “lone wolf” provision of the Patriot Act Permanent; however, the amendment will probably be voted on again soon. Senate Majority Leader Mitch McConnell switched his vote to “No” at the last minute so that he may be able to bring up the amendment during future debate. The amendment was included as part of the Commerce, Justice, Science and Related Agencies Appropriations Act, which will have a final vote on the Senate floor later this week,” an update on the EFF website read this morning.

The other issue is Amendments to a surveillance law to let the FBI issue warrantless demands for new types of Interne user records without needing to go before a judge. The FBI already feels entitled to these records using NSLs, this is why FBI Director James Comey feels the amendment is nothing more than a “typo fix”.

Currently the NSL states the types of companies who can be issued NSLs which pertain to only wire or electronic communication service providers. It also limits the records that are obtainable to name, address, length of service, and local and long distance billing records.

Its known that almost all the NSLs issued by the FBI come with a certified gag order, which makes it hard for the public to get any information about it. Out of the multiple thousands of NSLs that have been issued since 2001, the general public have only heard about a few.

rule2

An exception that was brought to light was one issued in 2004, to Nicholas Merrill, who ran a rather small ISP named Calyx. The FBI read the law to allow them to request a lot more than the basic information outlined. They asked for assigned IP addresses, as well as a lot of other information. Merrill and Calyx fought the NSL over 10 years before it was unsealed fully. The Judge noted that one key piece of evidence in this unsealing was a JOD manual claiming that the FBI could get even more information, including URL history, email headers and even cell phone location data. This information is quite a few levels above the normal metadata.

It’s pretty crystal that the FBI views the statutes information on using NSLs as guidelines and not a comprehensive list. In 2004 the FBI issued 56,507, and the EFF reported many of these as being used improperly. Its speculated that among these that tens of thousands of NSLs included requests for ECTRs seeing as how the FBI has a broad definition.

The Office of Legal Counsel finally put a stop to the FBI’s abuse of NSLs. The report filed with the OLC limited the list of information, as well as stating that the way the FBI was using NSLs was abuse by referencing ECTRs and allowing themselves to issue NSLs to other than telephone companies and requesting only subscriber information and billing records for regular phone service.

It seems the FBI payed no mind to this, and a testimony by the DOJ was issued in 2011 concluded the FBI could request IP addresses and other non-content information that was being considered ECTRs.  The FBI continued to demand ECTR info from Internet companies. In example are EFF’s unnamed client, Yahoo, who published a copy of the NSL from 2013 the FBI issued them. Most of the companies refused.

The FBI has been pushing these changes ever since it was caught abusing the NSL privilege. Two such amendments have already been proposed to help the FBI achieve its goal. Senator Cornyan proposed an amendment to the Email Privacy Act, along with several other amendments. This isn’t the only side to to the fight however. The EFF is fighting on behalf of two unnamed clients that received NSLs, saying that the gag orders are unconstitutional. After the first ruling was in the district court didn’t go their way, the EFF is going to the ninth circuit court of appeals later this year. Even when the FBI uses an NSL correctly, the gag order allows them to work in secrecy, gathering intelligence and hushing up the unlucky recipient of the NSL without the bat of an eye.

3 comments

  1. This cyberwar against the FBI needs to be on multiple fronts and it needs to be a worldwide campaign, perhaps until the end of time:

    1) We need continual legislative activity to repress, and if need be, repeal Draconian legislation, such as Rule 41.

    2) We need the best minds in computer security to design the Tor Browser and its successors and/or alternatives to be absolutely bullet-proof, so that the federal turds are powerless to unmask users, even after they have taken over a Darknet site. Ditto for absolutely secure encryption software.

    3) We need the best education, advice and instruction available to provide the best OpSec practices to whomever desires to learn. Likewise, we need to learn from the mistakes which others have made.

    4) The best defense is, of course, a good offense. We need individuals all over the World to feed the FBI, NSA, CIA, etc., false and misleading information. Lie to them, but do so securely! Feed them false reports and tips, whether it be a terrorist threat or an assassination attempt. Keep them guessing, unable to distinguish that which is real from that which is false. The best leads are short and to the point. “Talk” to them, and then STOP talking!! Leave them guessing, knowing that you’ll be wasting valuable resources and US federal money in the process!

    Cheers,

    Anonymous

    • I can’t say I agree with sending all those three letter agencies fake terrorists threats to investigate…Lives could be lost if they are wasting time on that instead of investigating real threats. We should not be stooping to their level…That is something _they_ would do to us.

  2. This is precisely why we need proprietary super encrypted hardware/software, so these turds stay the hell out of our personal lives! Those who believe that Law Enforcement will only retain information on the “bad guys” are naively mistaken, to put it nicely! Dedicated, encrypted iPad type communication devices will put an end to their snooping once and for all! Where o where are the genius level hardware/software teams to put something like this together? They would replace/outsell Apple product, even at double the price!! I think most people have had enough of these turds interjecting themselves in their lives, collecting data on every phone call, text, and email that you send! They can do this because all existing tech has been designed with back doors to allow it!! In most cases “they” (government agencies) have paid for the tech in the first place, e.g.-Facebook, Google, etc… Wake up people, time to shut these idiots down!! If you work for them remember this, you are destroying you and your childrens futures as well!!!

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *