Has the Government’s Ability to Hack Civilian Computers Gone Too Far? The Controversial Expansion of Rule 41 of the Federal Rules of Criminal Procedure

Rule 41
Find a Lawyer Near You

As of Dec. 1, 2016, via the power of a single search warrant, the FBI can legally hack into an unlimited quantity of computers well-beyond the judicial district where said warrant is issued. Th is new expansion of power is a function of the recently amended Rule 41 of the Federal Rules of Criminal Procedure. Rule 41 is a set of instructions that governs criminal investigations and prosecutions in the federal court system, specifically as to how search warrants can be authorized. Previously, FBI agents were territorially limited to searches of computers and devices within the judicial district of a given warrant’s issuance. But now, federal magistrates are authorized to permit the widespread searches of computers located in any judicial district, state or foreign country.

Support for the modification of Rule 41 largely stems from an FBI investigation in early 2015, which targeted one of the largest child pornography forums on the dark Web, previously known as Playpen. After physically seizing the computer server running the website, FBI agents obtained a single search warrant from Magistrate Theresa C. Buchanan of the Eastern District of Virginia to continue operating Playpen and subsequently investigate its users. For approximately two weeks, the FBI maintained the website and deployed forms of malware resulting in the identification of more than 8,000 true Internet protocol (IP) addresses from thousands of computers in 120 countries. At its conclusion, over 1,000 American users of Playpen were arrested and charged as a result of the solitary search warrant.



Many of the Playpen defendants have challenged the validity of the search warrant, by arguing that Magistrate Buchanan violated the territorial component of Rule 41. Accordingly, while at least 14 federal courts found that the warrant was not properly issued, there has not been a universal agreement as to suppression of the evidence. Concurrently, aft er several years of petition by the Department of Justice, on April 28, 2016, the Supreme Court of the United States, via the Committee on the Federal Rules of Criminal Procedure, conveyed to Congress its proposed changes to Rule 41. In summation, these changes would (1) permit the government to remotely access electronic devices although the location of the device may be unknown; and (2) permit the Department of Justice to search multiple computers in numerous districts as part of a large-scale investigation of computer crimes.

Congress was given until Dec. 1, 2016, to pass counter-legislation, which did not occur. Aft er three unsuccessful attempts to postpone the implementation of the new rule, Senator Ron Wyden of Oregon stated on his website, “By sitting here and doing nothing, the Senate has given consent to this expansion of government hacking and surveillance.” Senator Wyden has further indicated his desire to “introduce legislation to reverse these amendments shortly, and to request details on the opaque process for the authorization and use of hacking techniques by the government.”

Unlike the opponents of changing Rule 41, who classify the amendments as substantive and invasive, the Department of Justice points to the significantly alleviated procedural aspects, as well as the newfound ease in its pursuit of suspected cybercriminals. Assistant Attorney General Leslie Caldwell recently stated on justice. gov, “When a child abuser has successfully anonymized their identity and location online, investigators do not know where the abuser’s computer is located,” and thus, “the [existing] rules do not clearly identify which court the investigators should bring their warrant application to.”


PPC for Legal

While supporters of the amendment to Rule 41 find solace knowing that the FBI has less obstacles in its fight against illegal activities, others have expressed disappointment for what has been perceived as overly broad and undermining of the Fourth Amendment. On the eve of the amendment’s effective date, Edward Snowden tweeted, “Without a debate or any new law, the rights of every American – and basic privacy of people around the world – have been narrowed. #Rule41” Senator Tammy Baldwin of Wisconsin echoed the same message tweeting, “Very disappointed a massive expansion of government hacking authority took effect today without Congress ever having any debate. #Rule41”

Going forward, future implementation and reception of Rule 41 will certainly continue to generate debate from both supporters and adversaries alike. Ian Friedman


Computer Forensics

Ian Friedman

Ian Friedman is a partner at Friedman & Nemecek, L.L.C., based in Cleveland. He defends individuals and entities faced with criminal and cyber-based allegations throughout the United States. He is also an adjunct professor at the Cleveland-Marshall College of Law where he teaches computers and criminal law. Brad Wolfe is a law clerk at Friedman & Nemecek, L.L.C. He is also a graduate of the Cleveland-Marshall College of Law.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts