You may not have heard of a botnet. If you have, you may have linked it to election shenanigans and nothing else. But if you are reading this on a computer or smartphone, there is a good chance you are in contact with a botnet right now.
Botnets, sometimes called “Zombie Armies,” are networks of devices linked by a computer virus and controlled by cybercriminals. Botnets operate on everyday devices owned by millions of Americans, and thus pose a substantial threat to individual device owners as well as the nation’s institutions and economy.
Accordingly, the United States government has been fighting back vigorously against botnets. As botnets advance in sophistication, the government’s methods for taking them down have become more intrusive. In executing a botnet takedown, the government collects IP addresses of the computers interfacing with the botnet. Because botnets are camouflaged in personal computers and devices, the government is unable to know which devices are infected until the takedown is effectuated.
But what about the Fourth Amendment rights of innocent owners, whose devices are enabling the botnet without their consent or knowledge? Takedowns are beneficial to the owners because they liberate devices, but should we acquiesce to a government cyber-invasion simply because of this benefit? This Note argues no.
Although the Fourth Amendment is implicated in botnet takedowns, this should not mean the government cannot perform the search; it simply means that the government needs to get a warrant authorizing the search first. This Note argues that the 2016 amendment to Rule 41 of the Federal Rules of Criminal Procedure, which allows multi-district warrants to be issued by one judge, is a positive development for the Fourth Amendment and for the fight against cybercriminals. But Rule 41 must be implemented in a way that protects Fourth Amendment rights. To address this concern, this Note argues that judges should be trained regarding cybercrime, botnets, and the government’s takedown efforts so that judges can do their jobs: Make sure the warrants are reasonable and protect the Fourth Amendment rights of innocent victims.
Keeping the Zombies at Bay: Fourth Amendment Problems in the Fight Against Botnets,
27 Wash. & Lee J. Civ. Rts. & Soc. Just. 359
Available at: https://scholarlycommons.law.wlu.edu/crsj/vol27/iss1/10