You are here: ZDNet UK > News > Communications

Network management Toolkit

Congress isn't swallowing Carnivore

Mary Jo Foley ZDNet.co.uk

Published: 25 Jul 2000 09:01 BST

Officials from the FBI and the US Department of Justice faced a sceptical -- and at times downright hostile -- House Judiciary Committee Monday during an oversight hearing on the constitutional issues raised by the FBI's Carnivore electronic monitoring program.

Both Republicans and Democrats raised repeated concerns about how the FBI's email surveillance software operates. Committee members demanded to know why the FBI didn't inform Congress about it sooner and how the agency planned to keep Carnivore from eroding users' increasingly ill-protected online privacy. Carnivore is a program that the FBI has been developing for three years, and it allows federal law enforcement agents to monitor email communications in criminal investigations once the software is attached to the network of an Internet Service Provider.

During Monday's hearing, FBI officials acknowledged that Carnivore had been deployed 25 times since its inception, 16 times during the current calendar year.

It has been used to gather evidence in six criminal cases and ten national security cases, FBI officials testified. Email messages were scrutinised in all cases but one when Carnivore was used to monitor an FTP packet.

Despite the FBI's and DoJ's assurances, committee members raised questions about everything from Carnivore's predatory name, to the checks and balances the agency has in place to prevent potential misuse of the system.

Republican Melvin Watt asked FBI and DoJ officials what took them so long to come forward with information about Carnivore.

"You've engaged in 25 uses... but only now are attempting third-party verification?" Watt said.

"The essence of a development program is to learn as you develop and deploy," said Donald Kerr, assistant director of the FBI's lab division, who said a number of DoJ and Judiciary committee members had received briefings on Carnivore months ago.

Another committee member, Republican Robert Barr was even more combative in his line of questioning. "This is new legal ground you are trying to make here," Barr told FBI and DoJ witnesses at Monday's hearing. "You can go in and harvest large quantities of information and harvest out what you want. ISPs have indicated they can do the very same thing... but with more protection of users' privacy."

The FBI said that all uses of Carnivore had been reported in the agency's annual wiretap report in the "other" category.

"We have the legal authority to do what we're doing today," testified Kevin DiGregory, a deputy associate attorney general with the DoJ. "[Email] addressing information on the Internet is a useful and appropriate analogue to phone numbers," he added, when asked how Carnivore compares with the FBI's existing wiretapping techniques.

FBI and DoJ officials stated that without Carnivore, federal law enforcement would be unable to fight growing numbers of Net-related crimes -- from child porn to online fraud.

Only Friday, after repeated media reports and industry questions, did the FBI hold a press conference to explain Carnivore and how it works. The FBI subsequently posted some information on Carnivore to its Web site.

FBI officials testifying Monday told House Judiciary members that the agency had agreed to submit the source code for the Carnivore software to an independent, academic third-party body for review. The results will be distributed to government, academia and industry.

Kerr, of the FBI, hinted outside the hearing room that the source code might go to either the San Diego Supercomputer Centre or NASA some time within the next few months.

But FBI and Department of Justice officials held fast to their position that supplying Carnivore's source code to a larger industry group could risk exploitation of the program by Internet criminals.

Several of the third parties testifying during Monday's hearing, including the American Civil Liberties Union (ACLU), have filed for access to the FBI's Carnivore source code under the Freedom of Information Act.

In a statement released during the hearing, the ACLU characterised Carnivore as the latest piece of evidence that the FBI "is engaged in an 'unprecedented' power grab that threatens the privacy of all Americans".

Both FBI and DoJ officials emphasised that without Carnivore, federal law enforcement officials would be unable to combat the growing number of Internet-related crimes, ranging from child pornography to hacking and online fraud.

DiGregory went so far as to claim that if the government "fails to make the Internet safe", e-commerce could be in jeopardy.

The FBI's Kerr said the structure of Carnivore wasn't very different from commercial packet-sniffing programs. Filters that are part of the program allow the agency to sniff only the "To" and "From" lines in email messages or entire email threads "if we have an order to capture all the packets", he explained.

He added that the FBI had deployed Carnivore with the permission and cooperation of ISP's, only if the providers were too small or not technically savvy enough to produce information requested by the agency as part of criminal investigations.

"In every case, a court order is required" to deploy Carnivore, he reassured House committee members repeatedly. "We don't do broad surveillance."

But Republican Charles Canady wanted to know more about the EarthLink Network's experiences with Carnivore, specifically whether the software had caused a crash and disruption of service for the ISP's customers. Kerr attributed the problem to EarthLink's failure to supply the FBI with email information without the installation of Carnivore.

Robert Corn-Revere, an attorney with Hogan & Hartson representing EarthLink in an FBI lawsuit over Carnivore, also testified Monday. He advocated a "more cautious approach" when it comes to expanding electronic surveillance. Corn-Revere said Carnivore goes far beyond the "very limited surveillance authority provided by a trap and trace order", since it allows both content and header information for all messages received or sent by ISPs to be collected.

Find out who's spying on you and how they're doing it in our exclusive Echelon News Special.

What do you think? Tell the Mailroom. And read what others have said.