The Very Wicked Problem of Search and Seizure in Cyberspace

The Facts

In April, the Advisory Committee on Criminal Rules proposed amendments to the Federal Rules of Criminal Procedure that would give authorities “more leeway to secretly hack into the suspected criminal’s computer,” so The Hacker News in a recent report.

According to the draft minutes of the Criminal Rules Meeting, the subcommittee on Rule 41 (Search and Seizure) envisioned the following amendment:

A magistrate judge with authority in any district where activities related to crime may have occurred has authority to issue a warrant to use remote access to search electronic storage media and to seize or copy electronically stored information within or outside that district. (p. 515)


Effectively, so the document, the change is intended to cover remotely accessed searches and seizures primarily a) to find out about the location of a computer when it is not known, and b) to search multiple computers in known locations outside the district of the issuing judge.

The Hacker News assessed the proposed amendment and translated it into plain English: With the new Rule 41, statutory law would allow authorities to “easily obtain warrants,” in order to secretly access suspects’ and witnesses’ computers

  • by employing zero-day exploits on software vulnerabilities (thus hacking into suspects’ computers)
  • whenever their location is unknown and presumably outside the jurisdiction of the issuing judge (thus in any of the other 93 judicial districts)
  • in large quantities whenever evidence or technical details related to suspected operators of botnets are targeted (hence, a single warrant could authorize the search of thousands of computers)


The Problem

Both The Hacker News and the Advisory Sub-Committee on the Criminal Rules provide a what occurs to me as an easily accessible set of reasons and justifications for the invasive proposal. It is based on the nature of cyber crime and a) how anonymizing technologies prevent the identification of the originating computer, and b) how containing and dismantling botnets require measures in many different jurisdictions.

My take on what makes the proposed amendment a messy policy problem, which will not be solved to the satisfaction of either stakeholder (government/law enforcement or civil society/privacy), builds on several layers where interests conflict with the pros of the envisioned change to the Federal Rules of Criminal Procedure:

1. The Ethical Layer: Governmental Use of Spyware
When governments employ spyware to utilize zero-day exploits and software vulnerabilities, ramifications range from the national to the global level, including:

  • A Potentially lower level of checks and balances:
    Conventional surveillance measures often have additional checks and balances on the organizational level, for example when telecommunication service providers facilitate wire-taps only after having received rightfully issued warrants. Contrarily, for the use of spyware, government agencies do not have to satisfy such external procedural requirements. Additionally, spyware suites usually equip their operators with remote access measures that may be more invasive than and exceed those that are covered by the respective warrant. In 2011, the German Bundestrojaner and its Staatstrojaners, spyware employed by German federal and state law enforcement agencies, carved out this difficulty of the government catching up with technology.
  • Negative impact on overall Internet security:
    Making zero-day exploits of vulnerabilities in commonly used software an integral part of law enforcement is likely to have negative impacts on the overall level of security in the Internet. The Heartbleed Bug and how it had reportedly been exploited over the course of a longer time by the National Security Agency serves as an example of choice, as it shows how governments can have knowledge about pervasive security flaws without sharing it. While they keep zero-day exploits secret in order to keep using them, these security gaps remain open and can be exploited by anyone who comes across them (our post about the zero-day exploit market and how suppliers cater to governments may be worth a look in this context as well).

2. The Factual Layer: Potential Extraterritoriality
Despite the intention of covering (only) all 94 judicial districts of the United States (US), the purpose of the amendment to Rule 41 is to search and seize data electronically stored on systems, whose location is not known. Accordingly, the very nature of cyberspace implicates potential search and seizure operations targeting devices that are not within the US at all. In that case, given that no prior consent has been obtained from the authority that has jurisdiction over the targeted system, a nation-state’s sovereignty may have been violated.

3. The Constitutional/Legal Layer: Particularity and Proportionality
The authorization of a search and seize of computers without knowing where they are located or how many will be subject to a (single) warrant also calls for considerations of particularity and proportionality. The draft minutes reflect the committee’s argumentation, due to which “any constitutional restriction should be addressed by each magistrate with each warrant request.” (p. 515)


Concluding Remarks

This post only introduces what occurred to me as the most striking points in favor and against the proposed amendment to Rule 41 of the Federal Rules of Criminal Procedure. Instead of recounting further arguments, my intention is to illustrate how The Onion Router (TOR) and other anonymization technologies or botnet facilitated denial of service attacks are challenging procedural law and call for innovative legislation.

With decision of May 5, the Advisory Committee recommended to publish the proposed amendment to Rule 41 for public comment (p. 486), before it will be passed on to Congress for respective enactment.

Please follow and like us:

Tags: , , , , , ,

Leave a Reply

You must be logged in to post a comment.


Untitled Document
Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Ryan D. White

Ryan D. WhiteRyan is currently a third year law student at Syracuse University College of Law, and is also pursuing a Master of Public Administration degree from Syracuse’s Maxwell School of Citizenship and Public Affairs. Ryan spent time with Homeland Security Investigations while pursuing his undergraduate degree at Wesleyan University, and spent his first summer of law school as clerk for the U.S. Attorney’s Office in the Western District of New York. He is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and participates in the Veteran’s Legal Clinic. Full biography

Shelby E. Mann

Ryan D. WhiteShelby is a second year law student at the Syracuse University College of Law. She is the 2018-9 Editor in Chief of the Syracuse Law Review, as well as a member of the Journal on Terrorism and Security Analysis, and the senior editor for the Syrian Accountability Project. During her final year at the University of Missouri, she served as a full-time news producer for ABC 17 News. Shelby spent her first summer of law school at the Shelby County District Attorney General's Office in Memphis, Tenn., in the Public Corruption and Economic Crimes Unit. Full biography

Christopher w. FolkChristopher W. Folk

is a 2017 graduate of SU College of Law. A non-traditional student, Christopher returned to academia after spending nearly twenty years in the high tech industry. Christopher served in the Marine Corps, graduated from Cornell University with a B.S. In Applied Economics and Business Management, attended Northeastern University’s High-Tech MBA Program and received a M.S. In Computer Information Systems. Christopher previously worked in Software Engineering. Christopher is currently serving his second term as Town Justice for the Town of Waterloo. Christopher externed with a Cybersecurity firm in the Washington, D.C. area between his first and second year at SU College of Law. Full biography

Anna Maria Castillo

Anna Maria Castillois 2016 graduate of Syracuse College of Law. She also holds a Master of Arts in International Relations from Syracuse University's Maxwell School of Citizenship and Public Affairs. She has interned at a London-based think-tank that specializes in transnational terrorism and global security and at the legal department of a defense contractor. She served as an executive editor in the Syracuse Law Review. Full biography

Jennifer A. CamilloJennifer A. Camillo

is a 2015 graduate of Syracuse College of Law and is a prosecutor. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She was a member of the Syracuse National Trial Team and was awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She wrote for this blog when a student. She is now a member of the U.S. Army Judge Advocate General's Corps.

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography


Follow by Email