USA - espionnage - voir aussi : echelon
Surveillance Proposal: Half Empty or Half Full?
ACLU Investigating 'Carnivore's' Diet
Media Feasts on Carnivore
WASHINGTON – Democrat and Republican members of a U.S. House of Representatives subcommittee launched a barrage
of questions at U.S. Federal Bureau of Investigation officials on Monday about a system known as Carnivore that
federal law enforcement officials are using to track and read e-mail messages in criminal and national security
In a contentious hearing, many members of the House Judiciary Committee's Subcommittee on the Constitution expressed
grave concerns about the potential for privacy violations, and skepticism that Carnivore's operations are as confined
as the FBI says they are. At least one member, J.C. Watts, a Republican from Oklahoma, called on the FBI to suspend
the use of the system.
Some subcommittee members also suggested the FBI has not been as forthcoming about Carnivore as it should have
been. The system was brought to light only after Internet service provider Earthlink complained about it.
Under the onslaught of questions, FBI officials and representatives from the Department of Justice remained firm
in their defense of Carnivore. They called it a "minimalization tool" needed to catch drug dealers, child
pornographers and terrorists who have begun using e-mail in illegal endeavors in the same way they have used the
telephone and other technologies.
"We think it's a well-focused capability," said Donald Kerr, director of the FBI's lab division. "It
uses some of the very attributes of the Internet, in particular the Internet protocol addressing capability – the
to and from lines – of the e-mail in order to restrict our collection to just those who are the targets of the
court order. In a sense, it's automatic minimization up front."
The FBI has worked on the development of Carnivore over the past three years, Kerr said. The system has been installed
at ISPs 25 times, including in 16 cases this year – six involving criminal investigations and 10 involving national
security investigations. The law enforcement officials declined to provide specific details about the cases because
none has been fully prosecuted.
Most of the ISPs that have installed Carnivore have been small companies that don't have the equipment and technical
expertise to give investigators the information outlined in court orders. Larger ISPs, with the exception of Earthlink,
haven't been affected by Carnivore, which Kerr said is passive on the network and doesn't interfere with the delivery
of e-mail, because they have the ability to give the FBI what it needs.
In every case but the one involving Earthlink, the ISPs cooperated with the court order, Kerr said. Earthlink tried
to develop software "in real time," he said, and could not provide all the information the FBI sought.
Consequently, the agents returned to the judge and Earthlink was "compelled to move ahead," Kerr said.
Kerr described Carnivore as a desktop-like Windows-based PC and software, a package that is partly available off
the shelf. It is attached to an ISP's network either to provide investigators with either the names of people with
whom a suspect is communicating or the ability to read the full content of a suspect's e-mail. If investigators
want to read e-mail content, they must meet the higher legal standard of "probable cause," which means
they must have a strong reason to believe criminal activity is ongoing.
However, if investigators only want to know with whom a suspect is communicating, they have to meet a lower standard.
Those orders are called "trap and trace," which provide the names of the senders, and "pen register,"
which provide the names of the people to whom the suspect sends e-mail.
The name Carnivore is something the FBI now regrets, agency officials have said, because it implies that the system
devours large quantities of information the way a lion consumes fresh meat. Kerr explained that the system is actually
a packet sniffer similar to the types of technology used by network administrators to diagnose problems on their
networks. Carnivore can pick up only the packets that use the Internet protocol address to which the FBI has been
granted access by court order, Kerr said.
The system does not monitor all traffic moving across an ISP's servers but rather sees a subset of that data, which
the ISP provides, depending on the specifications of the court order, and only data permitted by the court order
is filtered out, Kerr said.
"In every case, we require a court order; that court order is specific to the [IP addresses] we can target,"
Kerr said, reiterating details that the FBI released in a press briefing on Friday. In the case of trap and trace
and pen register uses, law enforcement agents are not permitted to read the subject line of an e-mail and do not
capture that information, Kerr said.
However, there was a high degree of skepticism among members of the subcommittee on that point, because Carnivore
must gather volumes of information and analyze it to return the desired information.
Representative Spencer Bachus, a Republican from Alabama, said the FBI's explanation raised concern that some people
in the FBI or close to it could have free rein to check up on what their ex-spouses or political enemies were doing.
"You can't go to AT&T today and say, 'we are going to analyze all the phone calls that go through your
system,' but you can do that with Carnivore?" Bachus asked.
Kerr first said the FBI has neither "the right nor the ability to just go fishing," but when Bachus persisted,
saying technology would enable law enforcement officers to monitor here and there, Kerr said, "In principle
we could do that." But he said it would be extremely unlikely because an agent who did that would face a fine
and up to five years in jail.
Representative Bob Barr, a Republican from Georgia, complained that law enforcement officials are mistreating ISPs
by telling them they will not be able to monitor the system.
"There's new legal ground that you all are trying to break here where you are saying you have the authority
to harvest large quantities of information, then you will filter out what you want ... those are two very, very
large steps we are taking here," Barr said. "I don't think this has been well thought out."
Democrats were equally outraged over Carnivore and its application under wiretap laws that were written for intercepting
Rep. Jerrold Nadler, a Democrat from New York, said a person's privacy is violated if investigators find out he
has been communicating with a suspect or anyone else on the Internet using trap and trace or pen register, and
he complained that the person would find out only if there is a court case.
"As a practical matter, most people would be somewhat upset if they thought that [an investigator] was following
exactly who they were talking to on the telephone or who they were sending e-mails to," Nadler said. "The
guy should know about that, and maybe [he] should be able to say to the government, 'On what basis did you do this?'
Right now, there's no provision for that."
Rep. John Conyers, a Democrat from Michigan, said Congress might need to consult a technology expert to verify
that Carnivore in fact works the way the FBI says it does.
Kerr said the FBI was seeking an independent laboratory to carry out a verification and validation process and
has contacted the San Diego Supercomputer Center in California to ask whether it would conduct the tests. The FBI
intends to have the verification and validation within the next few months, Kerr said.
Margret Johnston writes for the IDG News Service.