Carnivore no more

Electronic Privacy Information Center Carnivore page

Carnivore, the controversial FBI e-mail and chat room surveillance program, has been superseded by new technology.

Neither in fiscal years 2002 nor 2003 did agency officials use the custom-built, real-time data-packet monitoring program, according to bureau reports submitted to Congress and obtained by the Electronic Privacy Information Center through a Freedom Of Information Act request. Instead, the agency used commercially available software to substitute for Carnivore and is increasingly serving warrants directly to Internet service providers, said Paul Bresson, an FBI spokesman.

Carnivore was "only developed for those situations where the Internet service provider could not perform the intercepts on their own," Bresson said.

The bureau carried out eight court-approved criminal case Internet wiretaps in fiscal 2003 and five in fiscal 2002, according to the bureau reports. Causes ranged from providing material support to terrorists to child pornography.

The majority were pen register wiretaps, meaning the bureau was authorized to monitor a suspect's Internet activity, but not authorized to examine the content of the suspect's electronic exchanges.

The reports do not include the number of counterterrorism and counterintelligence wiretaps approved under the Patriot and the Foreign Intelligence Surveillance acts. Nor do they tally the number of times an Internet service provider handed data to the bureau.

Service providers "now have the ability to do this on their own, so there is no need for us to employ a Carnivore-like device," Bresson said.

Privacy advocates decried the software when its existence was revealed in 2000, but he said the program suffered mainly from its name. At the time, FBI agents told reporters the program earned its moniker because it could sniff out the meat from a clutter of data.

"It really wasn't this big, bad, ugly Big Brother system," Bresson said.

But monitoring data packets moving in real time carries an inherent danger of collecting more information than approved under a court warrant, said Matthew Blaze, an associate professor of computing at the University of Pennsylvania. "The packets that you're seeing at any given point may not be exactly the same as the targets of a wiretap," he said.

The technological challenge of network wiretapping could also account for the FBI's scant use of Carnivore-like technology, said Steven Bellovin, a computer science adjunct professor at Columbia University. Dynamically changing IP addresses means wiretaps could miss entire Internet sessions.

"I don't think the people that designed Carnivore did a bad job, they understand the issues, but there's only so far that you can go," he said.

Carnivore is separate from the bureau's Trilogy modernization effort that includes Virtual Case File, whose problems have been widely reported.

About the Author

David Perera is a special contributor to Defense Systems.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.