Courts across the country can’t seem to agree on whether the FBI’s recent hacking activities ran afoul of the law—and the confusion has led to some fairly alarming theories about law enforcement’s ability to remotely compromise computers.
By Joshua Kopstein | MOTHERBOARD
In numerous cases spawned from the FBI takeover of a darkweb site that hosted child abuse images, courts have been split on the legality of an FBI campaign that used a single warrant to hack thousands of computers accessing the site from unknown locations, using malware called a Network Investigative Technique, or NIT. Some have gone even further, arguing that hacking a computer doesn’t constitute a “search,” and therefore doesn’t require a warrant at all.
But a federal judge in Texas ruled this week that actually, yes, sending malware to someone’s computer to secretly retrieve information from it—as the FBI did with the NIT—is a “search” under the Fourth Amendment.
“[T]he NIT placed code on Mr. Torres‘ computer without his permission, causing it to transmit his IP address and other identifying data to the government,” Judge David Alan Ezra of wrote Friday, in a ruling for one of the NIT cases, in San Antonio, Texas. “That Mr. Torres did not have a reasonable expectation of privacy in his IP address is of no import. This was unquestionably a “search” for Fourth Amendment purposes.”