Skip to main content /TECH with /TECH

Concerns remain about FBI's 'Carnivore' wiretap

(IDG) -- There are still plenty of legal, technical and philosophical concerns to explore with the U.S Federal Bureau of Investigation's controversial "Carnivore" Internet surveillance tool, according to panelists who spoke about the sniffer technology during the Computers, Freedom and Privacy conference.

Some of the technical and legal points hinge on what data Carnivore is capable of capturing when it is implemented, panelists said. Carnivore, which is now referred to by the FBI as DCS1000, is a software program that monitors packets of data passing through an ISP's (Internet service provider's) network.

"The problem from legal angles is that it captures all sorts of IP (Internet Protocol) information," said panelist Mark Rasch, vice president for cyberlaw at Predictive Systems in Reston, Virginia, and the former head of the Computer Crime Unit at the U.S. Department of Justice. It can offer information such as what Web sites a user has visited, cookies, time of searches and log on/log off information, he said.

Related Stories
Visit an IDG site

With any wiretap technology, the goal is to minimize or get as specific as possible on what is being looked for, he said. Carnivore has automated the process of looking for specific information and that opens up possibilities for greater use. It is relatively quick to set up and comes at minimal cost, Rasch said.

That is why it is crucial that federal hurdles already in place that limit utilization of Carnivore remain, said panelist Harold Krent, a law professor and associate dean for faculty and interprofessional activities at Chicago-Kent College of Law, Illinois Institute of Technology. Without requirements for law enforcement, there is potential for rogue or negligent applications of the sniffing technology, said Krent, who helped review Carnivore last year.

According to Krent, the FBI used Carnivore between 25 and 30 times last year. Approximately 25 percent of the time, it was used in situations where it was approved by individuals for their own protection, such as in stalking cases.

Two types of searches can be done, he said. One type is a "pen register," which provides addressing information, and the other type is the full-content search, he said. Most of the searches last year were pen register searches because law enforcement officials do not have to show probable cause to get a court order to look for the information, Krent said. A full-content search requires a judge's approval.

The FBI and U.S Department of Justice also have internal reviews that often can require law enforcement to wait up to six months before the sniffer technology can be used for investigatory reasons. Federal officials must prove that less invasive search methods could not be used instead, Krent said.

On the technology side, there is the question of whether Carnivore can determine the target it is looking for from a non-target, said panelist Matt Blaze, who is with the secure systems research department at AT&T Labs and has testified before Congress on Carnivore. It could be a technological pitfall for evidence gathering by law enforcement, he said.

One example is if dynamic IP addresses are being used, he said. If Carnivore is supposed to look at a specific IP address for an individual and it actually has been assigned to someone else, it could pose a serious problem, he said.

Another potential technological concern is creating fraudulent packets for Carnivore, he said. There is a question of whether Carnivore could distinguish real network traffic versus traffic generated to trick the technology, he said.

As far as philosophical questions go, there is the point of trusting the FBI with the technology, said panelist David Sobel, general counsel for the Electronic Privacy Information Center (EPIC), which has sued the FBI for access to information on the Carnivore program.

The sniffer technology provides the FBI with access to all traffic on an ISP. The public has to trust that federal law enforcement will only look at data necessary for its investigation, Sobel said.

A greater check on the government would be to give the ISPs the Carnivore program and let them run it for federal law enforcement when necessary, he said.

It is unclear what the future holds for Carnivore, as Sobel shared a quote from newly appointed U.S. Attorney General John Ashcroft that suggests he believes that federal law enforcement agencies already impose too much on the lives of private citizens.

Consumer group: Online privacy protections fall short
January 26, 2001
States to weigh in on Net privacy rules
January 25, 2001
High-tech trade group unveils Net privacy principles
January 19, 2001
Documents reveal plan to develop Carnivore
October 23, 2000
FBI urges companies to trust government
October 20, 2000

Congress starts scrutinizing online privacy
Conference scrutinizes privacy in the computer age
U.S. beats Europe in online privacy protection
Advance notice may have helped block attacks
FBI battles computer crime 'epidemic'
Was there a global youth plot to cripple the Web?
(The Industry Standard)
Carnivore gets a name change


4:30pm ET, 4/16

Back to the top