We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

The Impact of the New Rule 41 on VPN Users

John Norris Technology Researcher

Rules governing how U.S. law enforcement can conduct electronic searches and mass surveillance are on the brink of change. Privacy advocates see many red flags and are speaking out in a last-ditch effort to stop the Fed's designs.

A major debate is currently raging in the U.S. over changes to a rule that dictates how law enforcement can perform electronic searches on suspects’ computers. In this FAQ, we dive deep into Rule 41, the upcoming changes, and how this will potentially affect VPN customers in the U.S. and abroad. Click here to see what you can do to stop the change.

What Is the Current Rule 41?

Rule 41 of the Federal Rules of Criminal Procedure stipulates the procedures law enforcement must follow to perform searches and seizures. In its current form, the rule says magistrate judges can only authorize electronic searches within their own jurisdictions.

What Are the New Changes?

The U.S. Supreme Court has approved a change in Rule 41, providing judges across the country with the authority to issue warrants for remote electronic searches outside their district. The judge can also grant a warrant to perform “network investigative techniques” (i.e. hacking) on suspects’ computers, even if the suspect uses tools such as VPNs or Tor browsers to hide his/her identity anywhere in the world.

Why Is the U.S. Government Seeking the Changes?

The U.S. Justice Department (DOJ) has pushed for the rule change since 2013. Painting it as a procedural tweak, the changes would enable FBI agents to seek a warrant from one judge to perform an electronic search, even if the target has computers in separate states and/or countries.

“This rule change would permit agents to go to one federal judge, rather than submit separate warrant applications to each of the 94 federal districts,” the DOJ told Politico. “That duplication of effort makes no sense.”

The DOJ also says the protections offered by the 4th Amendment of the Constitution (protection against “unreasonable” searches and seizures) are not threatened. The department sees the issue as a matter of venue streamlining; law enforcement agents still need to prove probable cause to get a judge to issue a warrant, even if the warrant’s power is increased. In addition, the rule only applies in situations when a suspect can be shown to be using technology to conceal the location of his or her computer or for an investigation into a network of hacked or infected computers, such as a botnet.

Rule 41: The DOJ says rules need to change to help fight botnet attacks

In application, the rule changes would help the FBI avoid negative rulings like recent decisions in Massachusetts and Oklahoma. In these cases, important evidence against child pornographers was dismissed because it was gained through Tor exploits on computers out of the warrants’ jurisdictions.

Will the New Rules Affect Internet Users Outside the U.S.?

Indeed, the recently approved rule change will grant the FBI the authority to seek authorization from a single judge to search and seize any computer belonging to a suspect located anywhere in the world if they are found to be utilizing privacy tools.

Do the Rule Changes Just Affect Criminal Suspects?

No, it has the potential to impact innocent users as well. Thanks to the FBI’s efforts to clean up botnets, a warrant issued under the new rule could give access to victims’ computers as well. As the Electronic Frontiers Foundation (EFF) said:

“Victims of malware could find themselves doubly infiltrated: their computers infected with malware and used to contribute to a botnet, and then government agents given free rein to remotely access their computers as part of the investigation.”

Rule 41: Will the new rules lead to more U.S. government surveillance?

When Will the Rule 41 Changes Go into Effect?

Unless the U.S. Congress takes legislative action, the rule changes will go into effect in December of 2016.

And there is a chance Congress will act. Sen. Ron Wyden (D-Oregon) recently said:

Rule 41: Se. Ron Wyden leads the pro-privacy opposition

Sen. Ron Wyden; Source: http://www.finance.senate.gov/

"These amendments will have significant consequences for Americans’ privacy and the scope of the government’s powers to conduct remote surveillance and searches of electronic devices."

In addition, powerful tech companies are not sitting still. Google issued a statement, saying:

“The proposed change threatens to undermine the privacy rights and computer security of Internet users. For example, the change would excuse territorial limits on the use of warrants to conduct ‘remote access’ searches where the physical location of the media is ‘concealed through technological means.’”

In mid-May, Wyden proposed legislation called the Stopping Mass Hacking Act. This one-page bill seeks a Senate vote to block the changes ahead of the December 1 deadline. The bill’s co-sponsors are a mix of Democrats and Republicans, including Rand Paul (R-Ky.), Steve Daines (R-Mont.), Tammy Baldwin (D-Wisc.) and Jon Tester (D-Mont.).

By late May, Congress members introduced a companion bill in the House of Representatives. To succeed, the opposition will need a majority vote of both houses in Congress as well as President Obama’s signature.

What Do the Rule 41 Changes Mean for VPN and Tor Users?

On the surface, the impending changes do not impact the protections VPN services and the Tor browser offer general users. However, users employing these services to perform illegal actions or hide from the U.S. government will be at greater exposure risk.

Also, if the opposition to the new rules fails, the government will gain an ability to gather data about innocent users without their knowledge. The DOJ denies it will do so, but this topic makes the changes worthy of more debate.

Are Other Countries Enacting Similar Legislation?

Yes. In the UK, the Investigatory Powers Bill, also knowns as “The Snooper’s Charter,” has almost finished its progress to royal assent. The draft bill has generated significant debate about balancing mass surveillance protections and privacy with the needs of law enforcement to gain targeted access to information during investigations.

Leaving on a Funny Note

The Stopping Mass Hacking Attacks Act is generally short-handed to the SMH Act. Hopefully, innocent computer users won’t be SMH after the FBI accesses their private information.

What Can You Do?

Share this article, or this one, on Facebook and Twitter.

We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

About the Author

John Norris worked as a tech writer, journalist, and instructional designer before turning to tech blogging in 2013. While focusing on digital security and privacy issues, he is interested in any tech area that can enrich people's lives.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address

Thanks for submitting a comment, %%name%%!

We check all comments within 48 hours to ensure they're real and not offensive. Feel free to share this article in the meantime.