U.S. Senators Ron Wyden, D-Ore., and Rand Paul, R-Ky., yesterday introduced the Stopping Mass Hacking (SMH) Act to protect millions of law-abiding Americans from government hacking. The Stopping Mass Hacking (SMH) Act prevents recently approved changes to Rule 41 from going into effect. The changes would allow the government to get a single warrant to hack an unlimited number of Americans’ computers if their computers had been affected by criminals, possibly without notifying the victims.

Sens. Tammy Baldwin, D-Wis., Steve Daines, R-Mont., and Jon Tester, D-Mont., are original co-sponsors of the Senate bill.

“This is a dramatic expansion of the government’s hacking and surveillance authority. Such a substantive change with an enormous impact on Americans’ constitutional rights should be debated by Congress, not maneuvered through an obscure bureaucratic process,” said Sen. Wyden in a statement. “Unless Congress acts before December 1, Americans’ security and privacy will be thrown out the window and hacking victims will find themselves hacked again – this time by their own government.”

“The Fourth Amendment wisely rejected general warrants and requires individualized suspicion before the government can forcibly search private information. I fear this rule change will make it easier for the government to search innocent Americans’ computers and undermine the requirement for individual suspicion,” said Sen. Paul in a statement.

“Congress must act to prevent this threat to the privacy of law abiding Americans and ensure a rule change of this magnitude has the proper oversight.” said Sen. Baldwin in a statement. “I am proud to join this bipartisan effort. We need to stand up to this government intrusion and protect American civil liberties and freedoms.”

“Our law enforcement policies need to be updated to reflect 21st century realities with a process that is transparent, effective and protects our civil liberties,” said Sen. Daines in a statement.

“This bill reins in the government’s ability to search and seize our personal electronic information. Our right to privacy doesn’t end when we turn on a computer, send an email, or search the Internet,” said Sen. Tester in a statement. “We must ensure that law enforcement agencies have the tools they need to keep us safe while also protecting our civil liberties, and this bill is a first step in that direction.”

A House companion bill is expected to be introduced soon.

At the request of the Department of Justice (DOJ) the U.S. Federal Courts recommended an administrative change to Rule 41 of the Federal Rules of Criminal Procedure which were approved by the Supreme Court last month.

The amendments to Rule 41 would make it easier for DOJ to obtain warrants for remote electronic searches. The amendments would allow a single judge to issue a single warrant authorizing government hacking of an untold number of devices located anywhere in the world. The amendments would take effect on December 1, 2016 absent Congressional action.

MacDailyNews Note: The Computer & Communications Industry Association and The Internet Association both back this bill:

CCIA Applauds Senate Bill To Stop Surveillance Expansion

Today Senators Ron Wyden and Rand Paul introduced the Stopping Mass Hacking Act (S. 2952), a bill that would block a controversial expansion of the government’s hacking authority from taking effect. Congress currently has until December 1st to reject the Department of Justice’s proposed changes to Rule 41 of the Federal Rules of Criminal Procedure. The changes would allow magistrates to issue warrants for the government to remotely search computers outside the magistrate’s own district—including unknown locations, and to remotely access multiple computers in multiple locations that may have been the victims of hacking.

The proposed rule change has gone largely unnoticed by the public via a behind-the-scenes process usually reserved for procedural updates. The Computer & Communications Industry Association has voiced its concern about the government’s requested change for the past two years and we invite other technology advocates to join us in supporting this important legislation. The following can be attributed to CCIA President & CEO Ed Black:

“We welcome Senators Wyden and Paul’s efforts to prevent this highly controversial rule change from taking effect. They recognize that the far-reaching implications of the government’s proposed changes merit the full attention of their colleagues in Congress. There are Constitutional, international, and technological questions that ought to be addressed transparently before such a broad rule change.

“The government’s proposal is a substantive expansion of its ability to conduct electronic searches, and it deserves a public debate in Congress. These remote searches could involve foreign computers and may require so-called ‘network investigative techniques,’ which essentially amount to government hacking. While the government argues the updates are merely procedural, the use and consequences of these techniques have never received appropriate public and Congressional review.”

Statement In Support Of The Stopping Mass Hacking Act

Internet Association President and CEO Michael Beckerman issued the following statement in support of the Stopping Mass Hacking Act (S. 2952), which rejects changes to the Federal Rules of Criminal Procedure. If allowed, the misguided rules would enable magistrate judges to extend the scope of their warrants to computers outside of their jurisdiction:

“The Internet industry applauds Senators Ron Wyden, Rand Paul, Tammy Baldwin, Steve Daines, and Jon Tester for their efforts to roll back proposed rules that expand the government’s authority to hack into and remotely surveil computers in any jurisdiction. Rule 41 currently permits federal judges to grant search warrants only for evidence within their district. The proposed changes could give magistrates the authority to grant remote electronic searches of computers for evidence of any sort of crime in any district. The implications of this proposed change are far reaching, present an opportunity for Congressional oversight, and should only be addressed as part of a broader national discussion about privacy and security.”