Connect with us

Hi, what are you looking for?


Security Infrastructure

U.S. Government Expands Authority in Cyberspace

DHS Proposal Requests Visitors Provide Social Media Account Names

DHS Proposal Requests Visitors Provide Social Media Account Names

The US government is continuing its quest for greater authority in cyberspace in order to fight crime and protect national security, despite its failure to force Apple to provide access to iPhones earlier this year. Current proposals include changes to Rule 41 of the Federal Rules of Criminal Procedure; a proposal by Senate Majority Leader Mitch McConnell to expand the scope of national security letters (NSLs); and a proposal from the U.S. Customs and Border Protection agency (part of DHS) for visitors to America to provide social media details.

Amendments to Rule 41 of the of the Federal Rules of Criminal Procedure were proposed earlier this year. These were approved by the Supreme Court in April, and will now come into effect on Dec. 1, 2016.

These amendments expand the legality of FBI remote access (hacking). The first change is to relax restrictions on the location for a warrant to be issued. Rule 41 now reads, “a magistrate judge with authority in any district where activities related to a crime may have occurred has authority to issue a warrant…” 

This will enable the FBI to choose from a much wider selection of magistrates to approach for a warrant, if “the district where the media or information is located has been concealed through technological means.” This is clearly aimed at Tor and VPN users. However, the loose wording places no geographic limitations on the hacking, which could lead to problems with foreign jurisdictions. Europe, for example, has already made it clear that transnational legal issues should be processed via existing mutual legal aid treaties (MLATs). The Rule 41 changes, however, will enable the US government to hack European computers with a local warrant simply because the FBI believes a particular user is at the end of a VPN or has been using Tor.

There are also concerns that this will lead US authorities to stockpile vulnerabilities for their own use, to the general detriment of overall internet security (notice that it declined to disclose how it broke into the iPhone).

The NSL issue is currently in abeyance. McConnell switched his own vote to ‘no’ and the amendment was not passed by the Senate. The EFF suggests that this is probably a maneuver to allow him to reintroduce the amendment during a future debate.

Advertisement. Scroll to continue reading.

Since NSLs are issued in secret without judicial oversight, the scope of the NSL has been limited. McConnell’s amendment would expand that scope. The FBI’s position is that it is not an expansion but a ‘typo’ fix that will allow it to do what Congress always intended it should be allowed to do.

The U.S.Customs and Border Protection proposal was posted on the Federal Register on June 23, 2016. It proposes the inclusion of a new data request for persons entering the US, requesting that visitors provide their social media account names. It is not proposed that this should be a mandatory requirement. 

Nevertheless the proposal states, “Collecting social media data will enhance the existing investigative process and provide DHS greater clarity and visibility to possible nefarious activity and connections by providing an additional tool set which analysts and investigators may use to better analyze and investigate the case.” There is no immediate indication of what effect declining to give this information will have on the prospective visitor.

The public now has 60 days to comment on this proposal. Details are available in the Federal Register notice.

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.


Spanish Court agreed to extradite Joseph James O’Connor to he U.S., who allegedly took part in the July 2020 hacking of Twitter accounts of...


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...


Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...


A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.