Rule 41 Change is Major Threat to VPN and Tor Users

A very boring sounding “procedural” update to Rule 41 of the Federal Rules of Criminal Procedure is anything but procedural. The proposed amendment instead grants federal courts sweeping new powers. These will allow the FBI to hack into the computers of anyone whose location is “concealed through technological means,” or who has been a victim of botnets.

The obvious targets here are users of the Tor anonymity network and VPN users. The legislation could also cover anyone who turns off their GPS location data, or who changes their Twitter account location details in order to bypass censorship.

So even if a computer is only tangentially related to an investigation, and its owner is not suspected of any wrongdoing, it can be targeted under the new rules.  A little surreally, even the innocent victims of cybercrime (those whose computers have been infected by Botnets) will be liable to having their computers hacked by the FBI. As Gizmodo notes,

The new rule would allow the FBI to infect innocent people’s computer with malware in order to investigate cybercrime—even if their only connection to the crime is that they’re the victims. What could go wrong?”

At present, for a judge to authorise the FBI to hack a computer, the FBI must know where the computer is. It must then get a warrant in the proper jurisdiction. Under the new rules, any federal judge will be able to issue a warrant to hack any computer anywhere. The FBI can then hack any number of computers in that are in some way connected to it. The only limitation being that to hack a computer, it must be using some form of technology to hide its location.

Of course, the FBI cannot know where these computers are located before hacking them (as they are hiding their location).  The changes to Rule 41, therefore, give the FBI carte-blanch to hack computers anywhere in the world.

The new rules are obviously a clear and present threat to those who, for perfectly legal and legitimate reasons, wish to protect their online privacy. Botnet victims are even at more at risk, as they could be infected by malware twice –once by the botnet, then by the FBI! Not only does this have grave privacy implications, but insecure government malware could potentially even help spread the botnet infection!

As the Electronic frontier Foundation (EFF) warns,

Make no mistake: the Rule 41 proposal implicates people well beyond U.S. borders. This update expands the jurisdiction of judges to cover any computer user in the world who is using technology to protect their location privacy or is unwittingly part of a botnet. People both inside and outside of the United States should be equally concerned about this proposal.

So what can we do about changes to Rule 41?

The changes are being enacted under a statuary process known as the Rules Enabling Act. This is designed to enable purely procedural changes to laws relating to federal courts. For example, correcting clerical errors in court, or deciding on court holidays.

This use of an obscure procedural process to dramatically increase US government hacking powers is a major violation the democratic process. As the EFF argues,

The change to Rule 41 isn’t merely a procedural update.  It significantly expands the hacking capabilities of the United States government without any discussion or public debate by elected officials. If members of the intelligence community believe these tools are necessary to advancing their investigations, then this is not the path forward. Only elected members of Congress should be writing laws, and they should be doing so in a matter that considers the privacy, security, and civil liberties of people impacted.

The Amendment was initially proposed by the advisory committee on criminal rules for the Judicial Conference of the United States. It has been now been passed from the Supreme Court to Congress, and is due to become law on 1 December.

EFF reject Rule 41

The EFF has launched a campaign to raise public awareness about the issue, and has organized a “day of action” on 21 June. Here at BestVPN we are proud to support this campaign.

Douglas Crawford I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. Find me on Google+

Related Coverage


3 responses to “Rule 41 Change is Major Threat to VPN and Tor Users

  1. > People both inside and outside of the United States should be equally concerned about this proposal.”
    they are speaking about an old joint-venture between government & microsoft : involving the agreement of the users !
    it is the reason why applebaum & others bad actors (even in gnu-linux _debian e.g_ mailing list) are helping them by their ugly behavior : you are not payed for your opinions or choices but it is helping them {you write so you agree, you speak so you disagree … }.
    it is a down politic tactic like we are used to be informed from imposters & sly cheaters (cameron e.g.) ; unfortunately , so many users & site owners are nasty by nature , genuinely perverse, that the point is not an opinion or a civil position but who are/will be on the right side ; and where is the right balance , with the hand open or on the side of the gun ? and if you failed, will the open hand be in your home or in the world of your enemies , misjudging or misusing a rule come at the first part from your mind & depends on your health and your level of intelligence, are you sure that people have all the qualities for deciding in front of so many questions/interrogations/matters sometimes very complex said in a so vicious manner with so many oppressive tricks ?
    no, it is an us decision for us freedom only ; … two different conceptions are opposing each other ; can freedom be lived as individual privacy right or can be learned under survey first_ us educates its people by jails _ ? the basement is the economy not a philosophic point of view.
    the conclusion is obvious : you do not need this money because you will spoil it ; and you do not need safety or freedom because you are irresponsible, insane, dangerous … the answer is also obvious : the money _ das capital _ is not yours and was not voted by elected people for this job and even not for you and it is you who are dangerous etc.
    now that the scenarii (one scenario, two scenarii) & the theaters are opened , play your roles and choose your characters : it is a false comedy where all is written before, a fake, a bad joke.
    in fact , in eu or in the usa , you cannot as citizens participate because it is coming from bank manipulations who never die, never be stopped definitely, never be concerned …

Leave a Reply

Your email address will not be published. Required fields are marked *