Protect your privacy: Resist mass cracking by US law enforcement
The changes will go into effect December 1, 2016, unless a bipartisan bill called the Stopping Mass Hacking Act* is approved. You can help stop this unprecedented and dangerous expansion of government cracking authority!
* "Hacking" is often misused to identify those who break computer security - we call them crackers.*
In 2014, the Judicial Conference of the United States, which frames policy guidelines for courts in the US, proposed changes to Rule 41 of the FRCrmP that gives federal magistrate judges the authority to issue warrants for cracking and surveillance in cases where the targeted computer's location is unknown. That means law enforcement could request warrants allowing mass cracking of thousands of computers at once. The Supreme Court, which oversees the Rules, submitted the changes to the US Congress in April. This is an unprecedented, broad government cracking authorization, and it is dangerous to the privacy and security of all Internet users.
The FSF opposes these changes and — in spite of its misleading use of the word "hacking" — supports the Stopping Mass Hacking Act (S. 2952, H.R. 5321), bipartisan legislation that would block the changes. The two bills are currently under review by the Judiciary Committees of the US Senate and House. Take action: Free software activists around the world can tell the US Congress to pass the Stopping Mass Hacking Act by using the EFF's No Global Warrants tool or by looking up your representatives if you're in the US. Not in the US? Raise your concerns with your government representative.
The changes to Rule 41 must not be allowed to go in to effect. They have the potential to touch every Internet user, allowing federal judges to authorize warrants that:
aren't limited by location, so law enforcement could crack any computer in the world if they wish;
implicate any computer whose location is "concealed through technological means," like using Tor or a VPN;
target computers that have been "damaged without authorization," including those infected with a virus or other damaging code;
and infiltrate computers that may be part of a botnet, further victimizing computer users whose computers have already been accessed with malicious intent.
Much like in our fight against bulk surveillance by government programs, including PRISM, we urge you to resist mass cracking by US law enforcement authorities, who should not sacrifice the privacy of all Internet users in an attempt to catch criminals.
This is a free software issue: the FSF aims to defend the rights of all software users, in part by promoting and supporting free software-licensed privacy tools like GnuPG for email encryption and decentralized Web applications that emphasize user control and privacy. The changes to Rule 41 target Internet users who take steps to protect their online privacy — this could discourage use of privacy tools, and even weaken their effectiveness by exploiting vulnerabilities in such tools rather than helping to fix them. Also, these new powers could be used to target people doing things we defend as moral even though they are currently illegal, such as sharing anti-circumvention technology to break Digital Restrictions Management schemes.
Stop the Rule 41 changes from threatening Internet users: contact US Congress, use privacy and decentralization tools, and subscribe to the Free Software Supporter for updates on this and other free software issues. You can also read EFF's letter to Congress, endorsed by a coalition of concerned digital rights organizations and tech companies, as well as the Center for Democracy & Technology's written statement on the issue.