Hacker News new | past | comments | ask | show | jobs | submit login
U.S. judges propose updating warrants for Tor, remote searches: p338 (2014) (uscourts.gov)
155 points by mkempe on Jan 20, 2015 | hide | past | favorite | 46 comments

I'm just an unfrozen caveman lawyer (and not your lawyer), but if the following is the relevant part then it appears the change here is only that the judge who issues the warrant may be where the victim is located rather than where the servers are located. Normally, a warrant must be issued by a judge sitting where the evidence is to be collected. This seems to say that if you're hiding your location, the judge in the victim's district can issue the warrant instead of having the Catch-22 of not being able to find the right district because you can't track down the server because you don't have a warrant.

Magistrate judges issuing warrants is normal -- they do most of the day-to-day evidence work outside of trials.

  a magistrate judge with authority in any district
  8 where activities related to a crime may have
  9 occurred has authority to issue a warrant to use
  10 remote access to search electronic storage media
  11 and to seize or copy electronically stored
  12 information located within or outside that district
  13 if:
  14 (A) the district where the media or information
  15 is located has been concealed through
  16 technological means
(edit: added language from the PDF -- key is the "if") (edit 2: Original headline was "FBI seeks automatic warrants against users of VPN and Tor (p. 338) [pdf]" since it's going to get changed)

Yep, as <slapshot> says, the HN headline is in error and should be changed.

At the very least the word "automatic" should be deleted. It incorrectly implies lack of discretion on the part of the magistrate judge.

Now, perhaps many magistrate judges may be too willing to issue warrants, but that's a different discussion. And there have been plenty of examples where they've raised important issues dealing with electronic surveillance; I highlighted Magistrate Judge Orenstein's opinion re: warrantless cell tracking in this 2005 article: http://news.cnet.com/Police-blotter-Cell-phone-tracking-reje...

Can anyone please suggest an accurate title? We will change it.

This might work:

"U.S. judges propose updating warrants for Tor, remote searches: p338 (2014)"

It captures that the source of these recommendations is a judicial conference of federal judges, not the FBI, and that it's dated August 2014. And it mentions the more interesting section (to me) on page 340, which is the fact that warrants could authorize "remote access to search electronic storage and seize or copy electronically stored information" via the Internet.

Not perfect, but it seems workable...

Thanks! We'll use that unless someone suggests a better one.

FBI seeks flexibility for venue of warrants against users of VPN and Tor (p. 338)

seems like a reasonable improvement.

Where "flexibility" means dropping a constitutional requirement.

"... no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

We'll just invade a computer hiding its location, your honor. No, probably not in your district. Sign here.

Or, it is keeping with it by saying that the logical place to be searched is a acceptable description. That seems appropriate for a logical entity (or at least one where the physicality of it is transient and irrelevant).

If the requirement to issue a warrant is merely that one is using a technological means of hiding one's location, the warrant becomes an automatic consequence of using VPN or Tor. The warrant would be for the FBI to remotely search and grab electronic records.

If you use or have used VPN or Tor, then any judge anywhere in the US, could sign a warrant for the FBI to invade your computer.

Thank you for taking the time to clarify this for us!

It may be worthwhile for you to review the prepared comments of the many civil liberties groups that analyzed the proposed rule change and raised the same concerns as the DC attorney below. Her analysis, like theirs, is focused on application of the rule change and how it would in effect swallow the other safeguards in the rule and elsewhere. http://www.uscourts.gov/uscourts/RulesAndPolicies/rules/2014...

Here is a legal analysis written by an attorney in DC: "It’s called Federal Rule 41(b), and the requested change would allow law enforcement to obtain a warrant to search electronic data without providing any specific details as long as the target computer location has been hidden through a technical tool like Tor or a virtual private network. It would also allow nonspecific search warrants where computers have been intentionally damaged (such as through botnets, but also through common malware and viruses) and are in five or more separate federal judicial districts. Furthermore, the provision would allow investigators to seize electronically stored information regardless of whether that information is stored inside or outside the court’s jurisdiction." [1]

[1] http://fee.org/freeman/detail/youll-never-guess-whos-trying-...

No offense to your friend in DC, but she's obviously not a criminal lawyer.

The rest of Rule 41 (of the Federal Rules of Criminal Procedure) still applies. It has about 5 pages of detail about how to get a warrant, what the process is, what the standards are, etc. All this does is change the location where a judge may issue a warrant.


Flip through the rest of Rule 41. Then look at the decades (centuries?) of caselaw about warrants.

> All this does is change the location where a judge may issue a warrant.

This is patently untrue based on a reading of the document. This proposed amendment also changes the command "must give a copy of the warrant" to "must make reasonable efforts", which seems to me to be a bigger issue although others seem to be ignoring it. Basically the courts would like to say, "well, we aren't really sure how one leaves notice of service electronically, so, whatever, we won't actually require it."

I don't know the author so I don't know why you think she's my friend.

Under what circumstances would the FBI need a judge in some random district to sign a warrant based on a computer "hiding its location" using VPN or Tor? if the rules necessary to obtain a warrant are currently insufficient, can you please explain how this fixes an existing problem instead of creating a loophole.

The scenario is simple: under current rules, if you want to search a computer then the only judge who can issue a warrant is a judge where the computer is physically located. That means that it becomes impossible to search a computer behind an anonymizing proxy -- even if the probable cause standard is met and even if there is a way to remotely access that computer. This changes makes it possible for a judge in the victim's location (or anywhere that's been impacted if there are 5 or more victims) to issue the warrant instead. All of the other requirements of a warrant (probable cause, notice, scope, etc.) continue to apply. Read the rest of Rule 41 -- 41(b) only specifies _where_ the judge must be located. None of this says "if you use TOR the 4th amendment doesn't apply to you" -- the edit doesn't even take out the rest of Rule 41. And it doesn't say "random district" -- it's a district impacted by the alleged crime.

The author of that post has not read the rest of FRCrP 41. It's a little confusing because the edit doesn't recite the entire Rule (just the dif), but the full text is plenty available via Google.

> if the rules necessary to obtain a warrant are currently insufficient, can you please explain how this fixes an existing problem instead of creating a loophole.

The current rules require the warrant to be issued by a court in the jurisdiction in which the data is located.

If the location has been hidden by technological means, the appropriate district cannot be determined. Note that this does not change in one whit what information must be provided to support a warrant (except that it no longer requires information about the location and now requires information about the fact that the location is technologically obscured), or the specifity required of a warrant, or the discretion of the judge in issuing a warrant -- it just says that if the location is obscured, then a judge in any district can issue the warrant.

Since it doesn't change the substantive requirements, it doesn't create any kind of loophole. All it does is remove the possibility that the appropriate court to issue a warrant may be impossible to determine.

(There's also a change which allows a narrow set of multidistrict warrants to be issued by a judge in any district rather than requiring separate judges in each district, but this only applies when the computers being searched are the ones damaged by an attack being investigated, and they are located in more than five districts.)

Its crappy legal analysis; the proposal does not specify the required details, but that doesn't mean it allows warrants to be issued "without providing any specific details" -- because the proposal does not repeal the Fourth Amendment, from whence the requirement for specificity originates. From the "Committee Note" on the provision (p. 341 of the document):

The amendment does not address constitutional questions, such as the specificity of description that the Fourth Amendment may require in a warrant for remotely searching electronic storage media or seizing or copying electronically stored information, leaving the application of this and other constitutional standards to ongoing case law

There's a difference between recognizing that the Fourth Amendment provides the requirements for specific details and allowing warrants with no specific details.

I believe the HN headline is in error. This proposed amendment appears to authorize a wider range of magistrate judges to issue a warrant if the jurisdiction cannot be determined because the computers in use have had their location concealed (via Tor or VPN, among other technologies, is the inference the original poster appears to make). How do we leap from "Feds can ask more magistrate judges for warrants" to "Automatic warrants?" It still has to pass someone's sniff test, right?

> a magistrate judge with authority in any district where activities related to a crime may have occurred

Weasely enough that the warrant-seeker could pick a pet court wherever they have computers. There's a judge who made Marshall, East Texas the place to find software patents infringed with maximum damages. A similar venue would pop up.

There is nothing about "automatic" warrants in that document, just an amendment that would:

1) Extend venue for warrants for remote searches, in cases where the location of the servers is either obscured or in certain cases where the targeted computers located in five or more districts, to magistrate judges in any district, rather than just magistrate judges in the district where the computers are located (Rule 41 amendments pp. 338-339, lines 14-21), and

2) Specify how notice must be provided when searches are conducted on the basis of a warrant for remote access search (id., lines 33-43).

Relevant section:

  (6) a magistrate judge with authority in any district
  7 where activities related to a crime may have
  8 occurred has authority to issue a warrant to use
  9 remote access to search electronic storage media
  10 and to seize or copy electronically stored
  11 information located within or outside that district
  12 if:
  13 (A) the district where the media or information
  14 is located has been concealed through
  15 technological means; or
Note that this doesn't even point out VPN/Tor by name, just "concealed through technological means", which might even be broadly interpreted to include WHOIS privacy guard services or other really silly things.

It's also not authorizing automatic warrants; it's just increasing the range of magistrates who could be authorized to issue a warrant.

But if our headlines stick too close to the facts, they don't make it to the front page of HN, right? ;)

It's not clear to me how these warrants are "automatic". FTAmendments:

"a magistrate judge [...] has authority to issue a warrant to use remote access to search electronic storage media [...]" (emphasis mine)

IANAL, though; could someone who knows more explain what's going on? How will the procedure and requirements for obtaining a warrant for such "remote access" differ from those for searching, say, a house?

Edit: as I typed, slapshot posted some helpful explanation.

If my understanding is correct, it is a bit more complicated.

The magistrate with authority in a district may only issue a warrant for a remote search if:

  * The crime investigated occurred at least partially in the district.
  * The device location was hidden by any mean (vpn, tor, etc.).
This doesn't say anything about obtaining warrants automatically if someone is using VPN or Tor.

The Federal Government seeks to change the rules to obtain warrants automatically against anyone using VPN or Tor -- because these are means of hiding the location of a computer.

See page 338 of the linked PDF.



You're right. I was responding to the title. Sorry I wasn't specific on that.

Can anyone explain if the changes do what the headline suggests?

Broad sweeping authority to circumvent standard process designed to protect the rights of an individual is never a great idea.

If the current law says that you need to be in the targets jurisdiction to obtain a warrant, and you can't find the target's location because they are obscuring it via a VPN or Tor, doesn't it make sense that the government should be able to get a warrant in the jurisdiction where the crime was committed?

Can you link to the part that is changes to "broad sweeping authority"?

So, let me guess; you only read the HN title. The substance of the post proclaims nothing of the sort

My response was to a comment, which is apparently now deleted, and not to the article itself.

Will this allow for judge-shopping?

If I claim that I can't determine a location, can I then pick a judge who's more likely to grant the warrant? How would someone challenge that, can the FBI just shrug and say "we couldn't figure it out" ?

I think the title of this post is misleading. For context, see the summary of the amendment on p. 324, under "ACTION ITEM—Rule 41 (venue for approval of warrant for certain remote electronic searches)".

The goal of this amendment (appears to me, a non-laywer) to be to allow judges to issue warrants for crimes that occur in their jurisdiction, for materials that may not be in their jurisdiction, when the location of the materials has been obfuscated with an anonymizing technology. I don't think this is an "automatic warrant" - they still have to establish probable cause, etc.

A more interesting sentence from p. 325 discusses the mechanism by which the search may be carried out: "The proposal speaks to two increasingly common situations affected by the territorial restriction, each involving remote access searches, in which the government seeks to obtain access to electronic information or an electronic storage device by sending surveillance software over the Internet."

An interesting side-effect of this change in warrant law would be that domestic law enforcement would be authorized to access, remotely (and possibly destructively, since it can be hard to tell precisely how a remote machine is configured), machines that are not physically located in U.S. jurisdiction, since the anonymizing proxies can make geographical origin hard to figure out.

I imagine this interpretation of the law works until and unless a major government declares that tampering with their citizens' private property without the citizens' consent while it is housed within the government's sovereign territory is tantamount to an act of war. But practically speaking, that scenario is unlikely (from any nation with enough firepower for the U.S. to care).

Would this apply retroactively to warrants already issued? We know that in the Freedom Hosting takedown, an exploit was deployed by the FBI to identify the machines of users on the Freedom Hosting network. After that incident, there has been no resulting arrests from that intelligence.

Lets suppose the FBI deployed their exploit on Freedom Hosting's servers but ran into legal issues afterwards with their search warrants due to their jurisdiction.

If this were to pass, would it retroactively legalize those warrants that were issued in July 2013?

I don't understand. Is it this sentence at pg 338? "(A) the district where the media or information is located has been concealed through technological means"

But this applies to warrants, and would apply to all of SSL or SSH traffic ("information") or password protection of the PC or media, or sending encrypted word documents, not just vpn, ipsec or tor. Even binary formats would qualify as concealed. I don't see anything about tor or vpn.

It isn't about concealing the information, it is about concealing the ultimate origin of the request. If you have an SSL session without going through a VPN or other proxy there is a direct relationship between you (the originator of the request) and the server (providing or receiving the possibly encrypted information).

Does this decision increase the likelihood of venue shopping? If the DOJ/FBI can ask any magistrate judge in any jurisdiction, then can't they find the most lenient judge, just by keeping statistics over time about the number of rejections or edits required, with the closest to 100% warrant issuance rate? Is there any counter-balance to this type of scenario?

If I read correctly, it's clarifying magistrate judges' authority to issue a warrant given resources behind VPN/Tor/similar might otherwise cause jurisdictional issues, among other things. It doesn't seem to be changing probable cause requirements. But I may not be reading correctly.

Presumeably this will not apply to corporate VPN users...

How can they differentiate between the two?

Haha! Do you really believe that?

Sarcasm is lost on the internet.

Thanks eagle-eyed sycophants of the state for amending the title so it's harder to understand the practical impact of this proposal. More colossal stupidity.

Great, one more step toward a panopticon.

Next up, automatic warrants against anyone who does not live in a glass house. Because not living in a glass house is a means for obscuring illegal activity.

Heil USA!

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact