ACLU Issues Guide for Defense Attorneys on Unconstitutional Government Use of Bulk Hacking

In 2015, the FBI used a single warrant, issued by a single judge, to hack into and search more than 8,000 computers in 120 countries around the world. The government designed software to infiltrate computers and bypass security- and privacy-enhancing technologies their users had put in place in order to identify and prosecute those users for visiting particular websites.

This kind of bulk hacking flies in the face of our Fourth Amendment rights, which require that the government justify any search with individualized probable cause and a particularized warrant. The 8,000-computer warrant also violated the Federal Rules of Criminal Procedure that were in place at the time that it was issued.

This is not the first time that the government has relied on mass hacking in an investigation. And because it won’t be the last, criminal defendants must be armed with the tools to fight back. That is why the ACLU—along with the Electronic Frontier Foundation and the National Association of Criminal Defense Lawyers—released a guide for criminal defense attorneys today, which helps attorneys identify if secret government “malware”—that is, hostile computer code—was installed on a client’s computer, and outlines a range of potential legal challenges to such government bulk hacking. The guide explains what malware is, why it exists, and how the government uses it, then uses existing cases as a roadmap to offer legal arguments that criminal defense attorneys can use to seek suppression of evidence and dismissal of any case in which malware was used.

The guide focuses on the best known and most frequently litigated form of government bulk hacking: “watering hole” operations (so-called because the term derives from the concept of poisoning a watering hole where groups of animals drink). Through such operations, the government commandeers a website associated with criminal activity, continues to operate it, and uses the site to surreptitiously deliver malware to every computer—possibly thousands—that connects to the site. The government can deliver the malware through a link that a user clicks on, or by programming the malware to secretly install itself on a computer once a user visits a particular page. Unbeknownst to the user, the malware then takes partial control of his or her computer in order to search it and send identifying information, including the computer’s IP address, back to a law enforcement server.

The guide is important for criminal defendants and their attorneys, but it is also important for anyone who browses online anonymously through tools like Tor. To date, known government investigations using bulk hacking have focused on child pornography websites. But, as with all new technologies, the government’s use of malware will inevitably expand to other contexts and be used for increasingly intrusive searches. And even existing operations have swept up services used by dissidents and journalists—including Tormail, a now defunct anonymous email service.

We must be vigilant against government attempts to stretch the limits of the Constitution by deploying the newest technology against the least sympathetic individuals. Our Fourth Amendment right to be free from unreasonable searches applies regardless of the technology involved. That means that hacking always requires a warrant based on individual suspicion. This guide will help ensure this fundamental right is respected.

View comments (10)
Read the Terms of Use


It only takes one rogue Executive and Legislative Branch government in 3-7 years to completely nullify the 4th Amendment.

In other words in a 3-7 year period, it only takes one election of lawless officials, disloyal to their Oath of Office, to scoop up years worth of data. Most telecoms store data 3-7 years, think one company keeps it for 8 years.

Why does this matter: maybe you made some legal First Amendment exercises on Facebook or other social media site and you legally promoted legal issues.

For example: maybe in 2010 you promoted overturning "Citizens United" or supported police body cameras - perfectly legal and admirable for a citizen to do. The government then in 2010 was largely loyal to their Oath of Office or there was a threat of government watchdogs.

If in 2017, we happen to get a lawless set of government officials and the watchdogs are fired - you could be punished for your First Amendment exercises from 2010 - which is illegal under the First Amendment and it's relevant federal statutes.

The net effect will be a chilling of legal First Amendment activity - you will be illegally punished for legal constitutional exercises. The U.S. Supreme Court has placed the burden of proof on citizens instead of the perpetrators violating their Oath of Office and federal criminal statutes.


These tactics sound like a modern day "CoinTelPro" blacklisting - outlawed by Congress in the 1970's.

This type of non-confrontational blacklisting is the most evil tactic practiced by federal, state and local officials. It appears to originate at the local level, then years or decades later, the local authorities illegally defame citizens among state and federal agencies.

The net result is innocent American citizens are literally destroyed by local, state and federal officials. The "crime" could be not attending church regularly or not the right church in a local theocracy. The local officials can never confront the blacklistee because there is no real crime in the equation, only what the officials fabricated or engineered themselves.

Case in point: Blacklistees (with no criminal record) from at least the 1980's were uploaded to post/2001 watchlists, where local officials blacklisted, defamed and fabricated evidence against innocent citizens. Today each state operates at least one blacklisting center - Fusion Centers - driven and funded by federal tax dollars that simply harass everyone on their lists. Apparently the goal of these unconstitutional centers is to make their blacklistees think they are under 24/7 surveillance so they won't commit any attacks. The problem is that probably 99+% of the blacklistees are NOT criminals or terrorists. These innocent Americans have been harassed for over 5000+ days since 2001 and can't be removed from the lists.

For some reason, the U.S. Supreme Court has no interest in policing CoinTelPro tactics!


I cannot believe that this was done during the Obama administration. Where was the mass outcry that we now see against everything that President Trump is doing?

The Free Texan

Malware, Intrusion software, or whatever you want to call it is here and here to stay. No machine or computer is immune from Ones and Zeros. All electronic machines are "hackable". So please don't be surprised that Government agencies are also "hacking". For decades gov agencies have been in AT&T central telephone offices tracking whoever they want. Often warrantless.
What's different now? Different agents, different targets but same "spy" like protocol. Codified privacy laws are the only protections. Like me you may not care about drugs, But also know you protect phedophiles and sex traffickers. So what do we do?

The Barely Free...

What do we do? We (FBI) stop sweeping the public web to find needles in the haystack. Use traditional police methods to track down ACTUAL PEDOPHILES & SEX TRAFFICKERS. Stop behaving like the Dream Police & arresting thousands of people for masturbating to pics on the web. Stop allowing the Moral Zealots of America to dictate laws & influence people with unwarranted fear of nothing. Thereby allowing Americans to return to a normal (not hyper-moral fearing) state of mind. Basically, we learn how to mind our own business & leave innocent people alone.

Reality Cjeck

If you are masturbating to "illegal" images of boys and girls on the internet you are part of the problem. Supply and demand are not extinct. If you masturbate to pictures of boys and girls on the internet you ARE a pedophile that needs to seek help. At the very least you have a sex addiction that leads to harm to yourself or others.


If you are looking for Managed WordPress Hosting that is isolated from other users on the server, We provides you with everything for which you have been waiting for. Our hosting is built on a blazing-fast SSD latest hardware That's Highly tuned for optimum performance. The hosting includes the latest WP version, plugins, themes, automated daily backups, anytime money back, 99.97% uptime and 24x7 support.

Indigent of Nor...

Amazing Technology!!! What happens to Intellectual and Copyright? Maybe Google knows the answer!! S.Finnerty


Find the best Criminal Defense lawyer with MyAdvo. With over a lawyer network of 10,000+ lawyers pan India, MyAdvo has established itself in the hearts of 15,000+ satisfied clients. Link us to at

D Harvey

I am a previous employee of the City of Omaha Police who was fired, shot by a police informant, then arrested and convicted of a federal offense I did not commit. My assigned CJA counsel and the Government kept from me details about a Tor sting run by agents during November to December 2012. This was the exact factual basis for when downloads went to my laptop which had no virus protection. I believe a Trojan type downloader was present on my laptop. I did not find out about the Tor sting until after my conviction. I have a Direct Appeal in progress in the 8th Circuit but I believe I have a very strong Brady/Strickland violation, too.

Stay Informed