The feds need a search warrant before installing a Remote Access Trojan (RAT) on computers suspected of being used in crimes, but the government can keep the remote access operation a secret from their target for 30 days and sometimes even longer if a judge approves an extension. But the remote search and seizure warrant is limited to the geographical district where the judge issued it. The DOJ, which includes the FBI, the DEA and ATF, says it needs one warrant to work over many districts so it can better hunt down potential terrorists and criminals on the Internet. The Committee on Rules of Practice and Procedure (pdf) has now backed the Justice Department\u2019s proposed search and seizure changes that would give the FBI \u201cwide latitude\u201d to hack into people\u2019s computers with surveillance software.What type of information might the government be seeking after hacking into a PC? Last year, a FBI warrant sought permission to access the computer\u2019s built-in webcam in order to take photos for 30 days, to grab search terms, email contents, documents and chat logs. The investigation was into bank fraud and the warrant was based on \u201cthe attempted transfer of money from a Texas bank account to a foreign bank, using an email address similar to that of the account owner's.\u201d A Texas judge denied the FBI\u2019s request for a Trojan horse warrant.In the case of botnets, the proposal would allow the feds to use one warrant to send a RAT into thousands of computers without Americans\u2019 consent or knowledge. The EFF previously warned the DOJ\u2019s proposal \u201cwould dramatically expand the reach of federal prosecutors and investigators.\u201dOne of the Committee\u2019s changes deals with the authority to issue a warrant to use remote access even if the district where the media or information is unknown due to the use of anonymizing software and other similar tech. Rule 41 about \u201csearch and seizure\u201d starts on page 338 (pdf); the red text, italicized here, indicates the proposed changes.At the request of a federal law enforcement officer or an attorney for the government:(6) a magistrate judge with authority in any district where activities related to a crime may have occurred has authority to issue a warrant to use remote access to search electronic storage media and to seize or copy electronically stored information located within or outside that district if:(A) the district where the media or information is located has been concealed through technological means; or(B) in an investigation of a violation of U.S.C. \u00a7 1030(a)(5), the media are protected computers that have been damaged without authorization and are located in five or more districts.An example to describe 6B might be botnets; the changes would allow the feds to target multiple PCs in various geographical locations and districts with just one warrant. \u201cIn investigations of this nature, the amendment would eliminate the burden of attempting to secure multiple warrants in numerous districts, and allow a single judge to oversee the investigation,\u201d the proposal states. In other words, during such a botnet investigation, the feds could use one warrant to justify remotely installing software on thousands of innocent citizens\u2019 computers at the same time and without their knowledge.When it comes to serving a copy of the warrant, proposed changes include:For a warrant to use remote access to search electronic storage media and seize or copy electronically stored information, the officer must make reasonable efforts to serve a copy of the warrant on the person whose property was searched or whose information was seized or copied. Service may be accomplished by any means, including electronic means, reasonably calculated to reach that person.If the government uses zero-days to break into and search a computer, some civil liberties groups say such exploits might escape into the wild. Another potential problem is in limiting what the feds might snatch after hacking into a PC to grab an IP address.Nathan Wessler, an ACLU attorney for the Speech, Privacy, and Technology Project, told Nextgov, "What kind of protections are in place to make sure that any malware the government uses doesn\u2019t start spreading around the Internet or get intercepted by bad actors? All of that is totally unanswered and unaddressed by this proposal. . .There should be a debate now about what the appropriate limits should be."The FBI might claim it is after an IP address, but an agent, might "trigger the computer to upload everything that\u2019s on there: The contents of files, the metadata from the email inbox, the name of the person who edited every file is potentially accessible," Wessler said.Granted, the proposal is just a draft at this point, but Wessler said the feds made a typo in an email address on a previous warrant. "So then you have the threat of government malware being directed at some hapless person who happens to have an email address that is two characters different than the suspect\u2019s," Wessler said. "It\u2019s a good example of why we should be careful about this stuff."Cryptome has a copy of just the remote search and seizure portion (pdf) of the proposal. According to the Committee\u2019s proposal:The amendment does not address constitutional questions, such as the specificity of description that the Fourth Amendment may require in a warrant for remotely searching electronic storage media or seizing or copying electronically stored information, leaving the application of this and other constitutional standards to ongoing case law development.It seems like any change in any proposal that would allow the government to easily hack into PCs should consider the Fourth Amendment. We\u2019ve previously looked at the future of the Fourth Amendment if the feds lawfully use virtual force to remotely search computers and how the government could deploy malware for the purpose of investigating potential criminal activity. It's a future that doesn't look exceptionally bright if you care about civil liberties.\u00a0The public has until Feb. 17, 2015, to comment upon the preliminary draft of Proposed Amendments to the Federal Rules of Appellate, Bankruptcy, Civil, and Criminal Procedure (pdf). If you care about privacy, you should at least check it out and hopefully comment upon the draft.