Menu
Criminal defendants demand to see FBI's secret hacking tool

Criminal defendants demand to see FBI's secret hacking tool

Courts are facing a decision: Expose the FBi's techniques or allow defendants to see the evidence against them

A secret FBI hacking tool, used to compromise the Tor anonymous browser in one investigation, is facing challenges from criminal defendants, perhaps putting its future in doubt.

Defendants have demanded to see details of the FBI network investigative technique (NIT), the agency's name for the relatively recent hacking tool, in a handful of criminal cases, but the agency has refused to disclose the information.

A judge in a high-profile child pornography case, in which a website called Playpen was accessible only through Tor, is trying to decide whether the FBI should disclose the NIT"s source code to the defendant.

If the FBI shares the source code, its hacking tools may be compromised in future cases, but the U.S. Constitution's Sixth Amendment gives the defendant a right to confront his accusers and challenge their investigation.

Judge Robert Bryan of the U.S. District Court for the Western District of Washington wrestled with the competing interests in a case status order he issued in the U.S. v. Michaud case this week. 

The defendant's request for the NIT source code "places this matter in an unusual position," Bryan wrote. "What should be done about it when, under these facts, the defense has a justifiable need for information in the hands of the government, but the government has a justifiable right not to turn the information over to the defense?"

Ars Technica, which reported on Bryan's order this week, noted that two other judges, in Oklahoma and Massachusetts, have ruled this year to suppress NIT-obtained evidence. And a defense attorney in West Virginia has filed to withdraw a guilty plea in a case involving NIT evidence.

In another order this week, Bryan refused Mozilla's request for the government to disclose the vulnerability in Tor. Tor is based on Mozilla's Firefox browser.

The FBI's strategy with NIT-aided investigations appears to involve hiding its use of hacking tools, and, in some cases, pressing for guilty pleas before defendants and their lawyers question the investigative techniques, said Nathan Freed Wessler, a staff attorney with the American Civil Liberties Union.

The ability of defendants to confront the evidence against them is "absolutely essential" to conducting fair trials, Wessler said. Secret evidence is "irreconcilable" with the U.S. justice system, he added.

The FBI has defended NITs, saying their use is limited. "The use of Network Investigative Techniques is lawful and effective, and only employed when necessary -- against some of the worst offenders," the agency said in a statement. "The technique is time and resource intensive, and is not a viable option for most investigations ..."

The Michaud case raises several sticky issues, technology and legal experts said.

Both sides should have access to evidence in a criminal case, but FBI disclosure of the NIT's source code could kill the tool's effectiveness going forward, said Paul Fletcher, security evangelist for security vendor Alert Logic.

"Sharing that detailed information in this scenario doesn’t necessarily mean that information should be released to the public," he said by email. "The implications of the FBI being forced to share these techniques could expose their technical capacity and/or their dependence on external sources to help with hacking techniques. In other words, the general public would begin to understand the level of technical capabilities of the FBI." 

In the Michaud case, the defendant's lawyer had agreed earlier to view the source code using FBI-approved security measures, but the FBI backed away from that compromise.

Look for inconsistent rulings across the U.S. related to secret government hacking tools, added James Goodnow, a lawyer with the Fennemore Craig law firm in Phoenix.

"This is a classic example of the law not keeping up with technology," Goodnow said by email. "The law on the disclosure of source code is murky, at best."

The issue is "ripe" to go to an appeals court, or even the U.S. Supreme Court, he added.

In addition, expect more defendants to challenge government hacking techniques, with their lawyers questioning whether the hacking exceeded the limits of a warrant, Goodnow added.

"When it comes to source code, defendants are going to argue that they have a constitutional right to explore whether the officer provided the judge with enough specificity about how evidence was being obtained and whether the obtained evidence is within the scope of that warrant," he said. "No code; no due process; no conviction -- at least that’s how the argument will go."

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments