Police authorities in Germany have been prohibited, by a February 2007 supreme court ruling, from "hacking" into a suspect's computer. The German court determined that hacking techniques couldn't be used because no legal framework exists at present. This ruling leaves room for further debate, and Germany's Interior Minister Wolfgang Schäuble will reportedly push for the legal changes needed to allow the police to perform such activities, known as "online house searches."
German law enforcement would like to search the contents of suspects' computers without the suspects knowing about it. Privacy advocates are concerned about such measures.
This formed the basis of an online survey conducted by F-Secure: Should legitimate law enforcement authorities, such as the police, be allowed to use computer applications that would in other circumstances be considered malware? Should they be allowed to use hacking techniques to investigate suspects?
The February 6th opinion poll specifically asked: Should police authorities be allowed to "hack" a suspect's computer?
Out of the 1,020 respondents, 23 percent were in favor, 11 percent were undecided, and 65 percent were against. Approximately 70 percent of the responses were from one of five locations: Sweden, Germany, Great Britain, Finland, and the United States.
Over 91 percent of Germans were against such techniques, while only 56 percent of Britons were against them.
Considering the geopolitical factors and events, such as the recent London bombings, might explain the differences between these countries.
Respondents' comments noted that many are willing to allow secret hacking techniques, as long as law enforcement first obtained a warrant.
Could such "official" hacking software be a good thing? If the internet is seen as a training camp for terrorists (as Schäuble has suggested), then hacking tools would be very useful and a potential benefit. Evidence could be gathered quickly and covertly from individuals operating within isolated cells. Covert collection of evidence is essential if all the cell members are to be identified in a timely fashion.
Recent reports from the U.K. said that Scotland Yard has uncovered evidence of a bomb plot against the headquarters of Telehouse Europe. Detectives recovered computer files showing that suspects had targeted a "high-security internet hub" in London.
On the other hand, much of this benefit is predicated on the theory that the tools will be properly handled. Police are generally trained in law enforcement and criminal investigation, not data security. It could be exceedingly difficult to corral and maintain hacking software. Once a suspect's computer is compromised, it might be infected by malware that then causes harm.
There is also the problem of the amount of data collected. "Online house searches" could yield such quantities of data that it overwhelms the signal with noise. The U.K. plot was uncovered with a series of raids. Police are trained to do physical investigations. Does the potential benefit of data collection with hack tools outweigh the potential distraction from the police force's primary task?
And how should anti-virus companies react to the existence of such malware? Detect it? Avoid detecting it on purpose? Avoid detecting hacking software used by goverments...of which country? Germany? USA? Israel? Egypt? Iran?
So should police hack? As it often is in life, even if the question is simple and straightforward, it might be hard to come up with a simple answer for it.
- Mikko Hyppönen is chief research officer, F-Secure Corp. He has been working with computer viruses since 1991.