FBI spyware avoids scrutiny

With a guilty plea from a New Jersey bookmaker and a brush-off for a Texas congressman, the FBI has avoided shedding much light on its controversial computer-snooping technology.

Instead, the FBI appears to have maneuvered to use the spyware as it pleases, said David Sobel, a lawyer for the Electronic Privacy Information Center.

An admission of guilt by Nicodemo "Little Nicky" Scarfo in a Newark, N.J., courtroom Feb. 28 ended a two-year legal tussle that might have put the FBI's computer-snooping "key logger" system on trial. Meanwhile, the FBI's refusal to answer questions about another computer snooper, Magic Lantern, has stymied Rep. Ron Paul (R-Texas), who worried that Magic Lantern "could greatly impact the privacy and civil liberties of all Americans who communicate via e-mail."

The FBI maintains that disclosing the details of either technology threatens national security. But Sobel and other privacy advocates argue that giving the FBI free rein for electronic snooping threatens basic civil rights.

Both snoopers secretly record every keystroke typed on a computer keyboard, thus revealing the contents of letters, e-mail messages and other documents.

The older tool, the key logger, must be manually installed on the computer that is to be spied upon. The newer one, Magic Lantern, reportedly resembles a computer virus or worm, and can be installed remotely.

The Scarfo case fueled curiosity about the FBI's computer-spying capabilities. Federal agents had seized encrypted computer files believed to be related to an illegal gambling operation, but could not crack the encryption. In 1999, they sought and received court permission to plant a key logger on Scarfo's office computer.

After about two months of monitoring, the FBI had gathered enough data to deduce Scarfo's encryption password. With that, they broke the code and read the seized files.

Scarfo's lawyers cried foul, arguing that the key logger violated Fourth Amendment protections against unreasonable search and seizure. The device intercepted everything Scarfo wrote, not just information relevant to the case, they said. The lawyers also argued that the FBI broke federal wiretap rules against intercepting modem transmissions without a wiretap order.

Scarfo's lawyers sought a detailed explanation of how the key logger system worked, hoping to show that it had been used improperly.

The defense was overruled. In a Dec. 26 ruling, U.S. District Court Judge Nicholas Politan upheld the use of the key logger, refused to throw out evidence collected with its help and agreed that the FBI could withhold details on how the device worked.

With a March 18 trial date looming, Scarfo and his lawyers opted to plea bargain. Scarfo pleaded guilty to bookmaking Feb. 28.

Without a trial, there will be no further legal review of the use of the key logger, Sobel said.

Meanwhile, the FBI was developing a more sophisticated piece of spyware — the remote-controlled Magic Lantern.

With a court already ruling that a key logger does not violate wiretap restrictions, and without the need to break in to install the Magic Lantern, privacy advocates, including Sobel, worry that there may be little to prevent widespread FBI spying on computers.

That notion also triggered alarms for Paul, a conservative who is generally wary of the government's ability to intrude into citizens' personal lives.

In January, Paul's legislative director, Norman Singleton, asked the FBI for details about Magic Lantern, but was rebuffed.

Paul fired off a letter to FBI Director Robert Mueller asking for the information or written justification for the refusal. "Considering the potential impact of Magic Lantern, I am sure you can understand why I was disturbed by this refusal," he wrote.

Paul is still waiting for a reply, Singleton said.

FBI spokesman Paul Bresson called Magic Lantern "a workbench project [that] has never been deployed."

If it is, he said, the FBI first "must obtain lawful authorization." Investigative tools such as Magic Lantern "are always subject to vigorous scrutiny by the courts. The notion that we can apply these tools whenever we see fit is erroneous," he said.

As for the FBI's refusal to disclose details, "It should come as no surprise that law enforcement has no interest in compromising their own investigations by publicly divulging the inner workings of the tools and techniques [that] are either used or are in the process of being developed," Bresson said.


Two Kinds of Spyware

The FBI has two computer-spying technologies. Here's how they work:

Key Logger

1. Manually installed on computer.

2. Records keystrokes.

3. Data must be retrieved.

Magic Lantern

1. Arrives via network, installs like a virus.

2. Records keystrokes.

3. Transmits data back to FBI.


  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected