Skip to Content

Rule Change Would Let Law Enforcement Access Computers Remotely Regardless of Location

Pillars

The Supreme Court recently adopted a proposed change to Rule 41 of the Federal Rules of Criminal Procedure that would allow a federal judge to issue warrants authorizing government agents to access computers located in any jurisdiction, possibly even outside the United States, when the computer’s location is unknown, and “to search electronic storage media and to seize or copy electronically stored information” from such a computer. This proposal is a departure from restrictions that typically limit a judge’s authority to authorize search warrants to within the judge’s jurisdiction, and it would effectively allow a federal agent to remotely access information on any computer regardless of its location. The proposal takes effect December 1, 2016, unless Congress acts to modify, reject, or defer it before then.

The FBI and DOJ have long advocated for such a change to Rule 41, citing difficulties in performing their enforcement duties in the face of increasingly prevalent technologies that can be used to conceal one’s identity online. However, some fear the proposal is too expansive and potentially unconstitutional. For example, Senator Ron Wyden of Oregon said “this rule change could potentially allow federal investigators to use one warrant to access millions of computers, and it would treat the victims of the hack the same as the hacker himself.”

Indeed, the proposed rule change poses security and privacy risks for legitimate businesses and individuals, particularly those who might be unsuspecting victims of malicious attacks. The proposal’s broad language seems to give law enforcement the authority to access and seize information from computers that might be behind proxies or firewalls (which legitimate businesses commonly use for both security and performance purposes) and computers that might be part of a botnet (a network of computers infected by malware and under the control of a malicious third party without the owners’ knowledge).

Given that it is unclear whether and how law enforcement intends to protect the confidential information of innocent parties, this rule change poses real risks for both individuals and businesses. For example, information seized by the government under the new rule could potentially be disclosable through FOIA requests, and if such information included trade secrets or confidential personnel files, that could mean liability – or at least bad publicity – for the individuals or businesses from whom the information was taken. Given the stakes at issue, it will be important to monitor whether the proposed rule takes effect or is modified in any way before December 1.

©2024 Carlton Fields, P.A. Carlton Fields practices law in California through Carlton Fields, LLP. Carlton Fields publications should not be construed as legal advice on any specific facts or circumstances. The contents are intended for general information and educational purposes only, and should not be relied on as if it were advice about a particular fact situation. The distribution of this publication is not intended to create, and receipt of it does not constitute, an attorney-client relationship with Carlton Fields. This publication may not be quoted or referred to in any other publication or proceeding without the prior written consent of the firm, to be given or withheld at our discretion. To request reprint permission for any of our publications, please use our Contact Us form via the link below. The views set forth herein are the personal views of the author and do not necessarily reflect those of the firm. This site may contain hypertext links to information created and maintained by other entities. Carlton Fields does not control or guarantee the accuracy or completeness of this outside information, nor is the inclusion of a link to be intended as an endorsement of those outside sites.

Disclaimer

The information on this website is presented as a service for our clients and Internet users and is not intended to be legal advice, nor should you consider it as such. Although we welcome your inquiries, please keep in mind that merely contacting us will not establish an attorney-client relationship between us. Consequently, you should not convey any confidential information to us until a formal attorney-client relationship has been established. Please remember that electronic correspondence on the internet is not secure and that you should not include sensitive or confidential information in messages. With that in mind, we look forward to hearing from you.