Back to News & Commentary

老澳门开奖结果 Issues Guide for Defense Attorneys on Unconstitutional Government Use of Bulk Hacking

cover of hacking report
cover of hacking report
Vera Eidelman,
Staff Attorney,
老澳门开奖结果 Speech, Privacy, and Technology Project
Share This Page
March 30, 2017

In 2015, the FBI used a single warrant, issued by a single judge, to hack into and search in 120 countries around the world. The government designed software to infiltrate computers and bypass security- and privacy-enhancing technologies their users had put in place in order to identify and prosecute those users for visiting particular websites.

This kind of bulk hacking flies in the face of our Fourth Amendment rights, which require that the government justify any search with individualized probable cause and a particularized warrant. The 8,000-computer warrant also violated the Federal Rules of Criminal Procedure that were in place at the time that it was issued.

This is not the first time that the government has relied on mass hacking in an investigation. And because it won鈥檛 be the last, criminal defendants must be armed with the tools to fight back. That is why the 老澳门开奖结果鈥攁long with the Electronic Frontier Foundation and the National Association of Criminal Defense Lawyers鈥攔eleased a guide for criminal defense attorneys today, which helps attorneys identify if secret government 鈥渕alware鈥濃攖hat is, hostile computer code鈥攚as installed on a client鈥檚 computer, and outlines a range of potential legal challenges to such government bulk hacking. The guide explains what malware is, why it exists, and how the government uses it, then uses existing cases as a roadmap to offer legal arguments that criminal defense attorneys can use to seek suppression of evidence and dismissal of any case in which malware was used.

The guide focuses on the best known and most frequently litigated form of government bulk hacking: 鈥渨atering hole鈥 operations (so-called because the term derives from the concept of poisoning a watering hole where groups of animals drink). Through such operations, the government commandeers a website associated with criminal activity, continues to operate it, and uses the site to surreptitiously deliver malware to every computer鈥攑ossibly thousands鈥攖hat connects to the site. The government can deliver the malware through a link that a user clicks on, or by programming the malware to secretly install itself on a computer once a user visits a particular page. Unbeknownst to the user, the malware then takes partial control of his or her computer in order to search it and send identifying information, including the computer鈥檚 IP address, back to a law enforcement server.

The guide is important for criminal defendants and their attorneys, but it is also important for anyone who browses online anonymously through tools like . To date, known government investigations using bulk hacking have focused on child pornography websites. But, as with all new technologies, the government鈥檚 use of malware will inevitably expand to other contexts and be used for increasingly intrusive searches. And even existing operations have swept up services used by dissidents and journalists鈥, a now defunct anonymous email service.

We must be vigilant against government attempts to stretch the limits of the Constitution by deploying the newest technology against the least sympathetic individuals. Our Fourth Amendment right to be free from unreasonable searches applies regardless of the technology involved. That means that hacking always requires a warrant based on individual suspicion. This guide will help ensure this fundamental right is respected.

Learn More 老澳门开奖结果 the Issues on This Page