Why VPN providers and Tor developers are against “Rule 41”
What is Rule 41? In plain English, under this rule, FBI and U.S. agencies could hack into computers after obtaining a warrant. However, U.S. is proposing to make changes to Rule 41 to allow FBI and other to hack Tor and VPN users without a warrant. In further plainspeak, if you are a Tor user or use a VPN service to surf the Internet anywhere in the world, FBI can hack you no questions asked.
As of today changes to Rule 41 is a proposed legislation but the tech industry, VPN providers, Tor developers, privacy activists and security experts are worried about the implications as and when Rule 41 is enacted. The proposed legislative changes will give FBI unseeming powers to into computers and encroach upon the privacy of users.
The tech industry is fighting hard to oppose Rule 41. A grand coalition under the aegis of EFF is fighting against its with Google,Demand Progress and FightForTheFuture. They are are joined by TOR, Private Internet Access and other VPN services seeking to block changes to Rule 41.
The amended Rule 41 will become permanent in December 2016 and hence the grand coalition is pushing for a complete block. It has already written a letter to leaders of the US House of Representatives and Senate urging them to block the rule change before it becomes permanent in December.
What is Rule 41 ???
Back in April, the U.S. Supreme Court approved a rule change that will allow FBI and other U.S. law enforcement to obtain a warrant to hack into computers and even phones anywhere in the world. The U.S. government is now proposing changes to Rule 41 to incorporate this judgement. The changes affect Rule 41 of the Federal Rules of Criminal Procedure which determines how the government investigates criminal complaints.
The changes will allow a judge to grant permission to law enforcement agencies enabling them to hack computers anywhere, provided the location of the target computer has been hidden by technical means. That means that users of TOR, VPNs, and proxies etc could all become vulnerable, regardless of why they are using such tools. But it doesn’t stop there.
“It might also extend to people who deny access to location data for smartphone apps because they don’t feel like sharing their location with ad networks,” the EFF previously warned.
To protest against the proposed amendment to Rule 41, a grand coalition of 50 organizations including Google, PayPal, the TOR Project, Data Foundry, the rather unfortunately named Hide My Ass VPN, the ACLU and the EFF have written a letter as stated above.
“The rule changes attempt to sidestep the legislative process by using a process designed for procedural rules to expand investigatory powers,” the open letter by the grand coalition says.
“The changes to Rule 41 will disproportionately undermine the privacy of those who have done the most to protect it. Specifically, the proposal would allow warrants for remote hacking in cases where privacy protective technologies obscure the location of a computer.”
Funnily the U.S. Department of Justice got supreme court to approve the proposed changes to Rule 41 before Congress could vote on it. Now all eyes will be on the Congress, which has until December 1 to pass legislation that would amend, or block, the rule change.
If it is not blocked by the U.S.Congress, Rule 41 will become a permanent law from December, 2016.