Privacy Groups say FBI Hacking went too Far!

Uploaded on 2017-02-21 in FREE TO VIEW, GOVERNMENT-Law Enforcement, TECHNOLOGY--Hackers

Privacy advocates are claiming in court that an FBI hacking operation to take down a child pornography site was unconstitutional and violated international law.

That’s because the operation involved the FBI hacking 8,700 computers in 120 countries, based on a single warrant, they said.

“How will other countries react to the FBI hacking in their jurisdictions without prior consent?” wrote Scarlet Kim, a legal officer with UK-based Privacy International.

Recently, that group, along with the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union of Massachusetts, filed briefs in a lawsuit involving the FBI’s hacking operation against Playpen.

The child pornography site was accessible through Tor, a browser designed for anonymous web surfing. But in 2014, the FBI managed to take it over.

In a controversial move, the agency then decided to use the site to essentially infect visitors with malware as a way to track them down.

As a result, the FBI is prosecuting hundreds who were found visiting the site, but it also happened to hack into computers from 120 countries.

Recently, the three privacy groups filed briefs in a case involving Alex Levin, a suspect in the FBI’s Playpen investigation who’s appealing the way the agency used malware to gather evidence against him.

Privacy International claims that the warrant the FBI used to conduct the hacking is invalid. This is because the US was overstepping its bounds by conducting an investigation outside its borders without the consent of affected countries, the group said.

According to Privacy International, the case also raises important questions: What if a foreign country had carried out a similar hacking operation that affected US citizens? Would the US welcome this?

The EFF and ACLU also claim that the FBI’s warrant was invalid, but they cite the US Constitution, which protects citizens from unreasonable searches.

“Here, on the basis of a single warrant, the FBI searched 8,000 computers located all over the world,” EFF attorney Mark Rumold wrote in a blog post. “If the FBI tried to get a single warrant to search 8,000 houses, such a request would unquestionably be denied.”

A key concern is that a warrant to hack into so many computers will set a precedent. “Even serious crimes can’t justify throwing out our basic constitutional principles,” Rumold said.

US attorneys have argued in court that the FBI followed proper procedures in obtaining its warrant from a federal judge. They said the FBI’s hacking techniques managed to identify hundreds of Playpen users who otherwise were cloaked in anonymity.

Allowing the Playpen suspects “to evade capture and carry on abusing children in the dark shadows of Tor would be repugnant to justice,” the US attorneys argued in court in October.

Computerworld:

 

« Handbook Of Russian Information Warfare
Law to Imprison Journalists for Publishing Leaks »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

InfoSec People

InfoSec People

InfoSec People is a boutique cyber and technology recruitment consultancy, built by genuine experts.

Cleo

Cleo

Cleo is a leader in secure information integration, enabling both ease and excellence in business data movement and orchestration.

Covenco

Covenco

Covenco is a data management and IT infrastructure specialist. Working with customers to transform their IT environments, with data protection and security at the forefront of everything we do.

Shadowserver Foundation

Shadowserver Foundation

Shadowserver Foundation aims to improve internet security by raising awareness of compromised servers, malicious attackers and the spread of malware.

SIRP Labs

SIRP Labs

SIRP is a Risk-based Security Orchestration, Automation and Response (SOAR) platform that fuses essential cybersecurity information to enable a unified cyber response.

Research Institute in Secure Hardware and Embedded Systems (RISE)

Research Institute in Secure Hardware and Embedded Systems (RISE)

The UK Research Institute in Secure Hardware and Embedded Systems (RISE) seeks to identify and address key issues that underpin our understanding of Hardware Security.

Secura B.V.

Secura B.V.

Secura is an independent specialized cybersecurity expert, providing insights to protect valuable assets and data.

ActZero

ActZero

ActZero’s security platform leverages proprietary AI-based systems and full-stack visibility to detect, analyze, contain, and disrupt threats.

NARIS

NARIS

NARIS is the leading provider of an integrated Governance, Risk and Compliance platform called NARIS GRC.

WhizHack Technologies

WhizHack Technologies

WhizHack's mission is to not only create a pipeline of cyber security products but also to empower people to sustainable innovation in securing digital assets of tomorrow.

FortiGuard Labs

FortiGuard Labs

FortiGuard Labs is the threat intelligence and research organization at Fortinet. Its mission is to provide Fortinet customers with the industry’s best threat intelligence.

Vali Cyber

Vali Cyber

Vali Cyber was founded in 2020 with the mission of addressing the specific cybersecurity needs of Linux.

Diversified Technical Services Inc. (DTSI)

Diversified Technical Services Inc. (DTSI)

DTSI provides a wide range of technology solutions for Federal Agencies, the Department of Defense, and commerical organizations with capabilities including Cyber Security and DevSecOps.

Network Coverage

Network Coverage

Network Coverage align, maintain, and integrate technology and cloud solutions with business operations to improve productivity and security with as few issues and disruptions as possible.

Silicon Valley Cybersecurity Institute (SVCSI)

Silicon Valley Cybersecurity Institute (SVCSI)

SVCSI aims to investigate, develop, and promote technical excellence and the best security practices for dependable and secure systems and applications.

Cyber Nations

Cyber Nations

Cyber Nations is a global program designed to engage 100,000 African, Caribbean and Canadian learners to be trained in cybersecurity with a path to employment.