Cybersecurity

Judiciary chairman presses FBI for details on remote cyber spying

by Cory Bennett 06/12/15 05:19 PM ET

Senate Judiciary Committee Chairman Chuck Grassley (R-Iowa) is pressing the FBI for more information about its attempts to expand remote electronic spying powers.

“Publicly available information on the FBI’s use of spyware is often inconsistent,” Grassley said. “It is unclear from public reporting which spyware programs the FBI currently uses and what their capabilities are.”

{mosads}The Justice Department is trying to amend the Federal Rule of Criminal Procedure to give judges the power to authorize warrants for electronic searches in multiple jurisdictions or when investigators don’t know the physical location of a device.

Under the current rules, judges can only grant warrants for their own jurisdictions, with some narrow exceptions.

Major tech players like Google, computer scientists and privacy advocates oppose the change, which they believe would give the FBI the authority to hack and spy computers with minimal oversight.

But officials have argue the change is simply a necessary technical one to help investigators in a digital age. Computer networks span multiple jurisdictions, and getting a warrant for each is a logistical nightmare. Additionally, it’s often difficult for law enforcement officers to identify a device’s physical location.

“The procedures used by the FBI to obtain approval to deploy spyware … raise important issues,” Grassley said.

The lawmaker wants to know exactly when the bureau uses these search methods, pointing to several instances in which the FBI came under fire for its spying tactics.

Grassley referenced reports showing “the most common delivery method for installing the spyware is phishing attacks, in which the FBI masquerades as a trustworthy source in order to trick the target into clicking on a link infected with the spyware.”

“It is also unclear from public reporting whether the FBI uses other methods of spyware deployment in addition to phishing, such as zero-day exploits, which exploit vulnerabilities in legitimate software applications,” Grassley added.

Two little-known government panels have so far approved the change. But Congress can nix the proposal after the Supreme Court signs off.

“The [Judiciary] Committee needs more specific information about the FBI’s current use of spyware in order to fulfill its oversight responsibilities,” Grassley said.