Since earlier this year, the Department of Justice has been trying for an expansion of the rules governing its ability to hack into peoples computers as part of a criminal investigation.
Under an expanded version of the key rule, known as Rule 41, many domestic law-enforcement agencies such as the FBI, the ATF, and the DEA would be able to remotely hack multiple computers using only one warrant, even when the physical locations of the machines are unknown.
This was originally reported by Network World, one of the ostensible reasons for this change in the rules is to provide government agencies with more efficient ways to take down botnets, as “the changes would allow law enforcement to target multiple PCs in various locations and districts using just one warrant.”
The current rules allow federal agents to use malware in an investigation, but only on machines known to be in the district where the warrant is being issued; also, a warrant has to be issued for each machine separately. Under the new rules, warrants could be issued targeting multiple machines at once, and targeting machines where “the district where the media or information is located has been concealed through technological means.”
The proposal originally went public in May, according to Bloomberg, although the Justice Department emphasized at the time that the proposed changes would not affect “the traditional rules governing probable cause and notice.” The investigators still need to provide explicit details about what is being sought, but such hacking operations could be kept secret for up to 30 days, with a judge approving a longer term if needed.