FBI cans Carnivore

Critics question oversight of FBI's Internet monitoring practices

Carnivore, the FBI's controversial surveillance program that monitors e-mail and chat rooms, has been swept aside by newer, more effective technology, leaving some privacy experts to question if congressional oversight has kept pace with software advances.

In fiscal 2002 and 2003, bureau officials did not use Carnivore, according to FBI reports submitted to Congress and obtained by the Electronic Privacy Information Center through a Freedom of Information Act request.

The bureau is increasingly going directly to Internet service providers, said Paul Bresson, an FBI spokesman. "Our preference has been for the ISPs to conduct the intercepts," Bresson said.

The FBI reports do not include the number of counterterrorism and counterintelligence wiretaps approved under the Patriot and the Foreign Intelligence Surveillance acts, nor do they tally the number of times an ISP handed data to the bureau.

Privacy advocates first decried the Carnivore system when it was unveiled in 2000. Carnivore identified and copied a targeted person's Internet traffic through real-time monitoring by an FBI computer attached to an ISP's server. Copying data packets moving in real time carries an inherent danger of collecting more information than approved under a court warrant, said Matthew Blaze, an associate professor of computer and information science at the University of Pennsylvania.

"The packets that you're seeing at any given point may not be exactly the same as the targets of a wiretap," he said.

An FBI Internet wiretap searching for counterterrorism information in 2000 did precisely that, and a technical employee had to erase the whole intake as a result.

Some privacy advocates know less about the extent of the FBI's Internet surveillance because bureau officials are not reporting all of the Internet wiretaps they conduct.

"When the FBI uses Carnivore or some sort of similar technology, there are reporting requirements to Congress," said Marcia Hofmann, staff counsel of the Electronic Privacy Information Center. "When the FBI goes to the ISPs for information, we may not know as much about that in the future."

This lack of oversight is harmful to the FBI in the long term, said Ari Schwartz, associate director of the Center for Democracy and Technology. "There are going to be cases where the power is abused, and we'll find out through some back channels," he said. The public's inevitable reaction will result in a severe clampdown on Internet investigation tools, he said.

"We're not opposed to wiretapping," Schwartz added. "We just think it needs to be done with oversight."

About the Author

David Perera is a special contributor to Defense Systems.

2014 Rising Star Awards

Help us find the next generation of leaders in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above