Rich Lucibella
Staff
http://www.canada.com/technology/story.html?id=7194afd2-5784-4116-b1a5-110125dc4493
Wednesday, January 19, 2005
The FBI has effectively abandoned its custom-built Internet surveillance technology, once known as Carnivore, designed to read e-mails and other online communications among suspected criminals, terrorists and spies, bureau oversight reports submitted to Congress said.
Instead, the FBI said it has switched to unspecified commercial software to eavesdrop on computer traffic during such investigations and has increasingly asked Internet providers to conduct wiretaps on targeted customers on the government's behalf, reimbursing companies for their costs.
The FBI performed only eight Internet wiretaps in the fiscal year 2003 and five in 2002; none used the software initially called Carnivore and later renamed the DCS-1000, said FBI documents submitted to U.S. Senate and House of Representatives oversight committees. The FBI, which once said Carnivore was "far better" than commercial products, said previously it had used the technology about 25 times between 1998 and 2000.
The FBI said it could not disclose how much it spent to produce the surveillance software it no longer uses, saying part of its budget was classified. Outside experts said the government probably spent between $6 million and $15 million.
The congressional oversight reports were obtained last week under the U.S. Freedom of Information Act by the Washington-based Electronic Privacy Information Center, a civil liberties group that criticized the surveillance software after it was first disclosed in 2000.
FBI spokesman Paul Bresson said the bureau moved to popular commercial wiretap software because it was less expensive and had improved in its ability to copy e-mails and other communications of a targeted Internet account without affecting other subscribers.
"We see the value in the commercially available software; we're using it more now and we're asking the Internet service providers that have the capabilities to collect data in compliance with court orders," Bresson said.
The FBI said last week it was sending back to the drawing board its $170-million computer overhaul, which was intended to give agents and analysts an instantaneous and paperless way to manage criminal and terrorism cases.
Experts said the life span of roughly four years for the bureau's homegrown surveillance technology was similar to the shelf life of products in private industry.
"It's hard to criticize the FBI trying to keep pace with technology," said James Dempsey of the Washington-based Center for Democracy and Technology.
"There is just a huge amount of innovation and development going on in the private sector."
Henry Perritt, who led an oversight study of Carnivore in 2000 for the U.S. Justice Department, said the FBI originally built its own surveillance system because commercial tools were inadequate. Perritt, a professor at the Chicago-Kent College of Law, said he was unaware of any commercial wiretap software that includes audit features robust enough to persuade a federal judge e-mails from innocent Internet users weren't captured by mistake.
"You'd like to have a package that supervisors within a field office and in Washington could do an audit and make sure they're using the tools compliant with the court order," Perritt said.
The FBI laboratory division, which produced Carnivore, was headed by Donald Kerr, who left the FBI in August 2001 to become the CIA's chief gadget-maker as head of its science and technology directorate. Kerr told legislators in 2000 Carnivore was ``far better than any commercially available sniffer.''
On the Web:
FBI: http://www.fbi.gov
Electronic Privacy Information Center:
http://www.epic.org/privacy/carnivore
Wednesday, January 19, 2005
The FBI has effectively abandoned its custom-built Internet surveillance technology, once known as Carnivore, designed to read e-mails and other online communications among suspected criminals, terrorists and spies, bureau oversight reports submitted to Congress said.
Instead, the FBI said it has switched to unspecified commercial software to eavesdrop on computer traffic during such investigations and has increasingly asked Internet providers to conduct wiretaps on targeted customers on the government's behalf, reimbursing companies for their costs.
The FBI performed only eight Internet wiretaps in the fiscal year 2003 and five in 2002; none used the software initially called Carnivore and later renamed the DCS-1000, said FBI documents submitted to U.S. Senate and House of Representatives oversight committees. The FBI, which once said Carnivore was "far better" than commercial products, said previously it had used the technology about 25 times between 1998 and 2000.
The FBI said it could not disclose how much it spent to produce the surveillance software it no longer uses, saying part of its budget was classified. Outside experts said the government probably spent between $6 million and $15 million.
The congressional oversight reports were obtained last week under the U.S. Freedom of Information Act by the Washington-based Electronic Privacy Information Center, a civil liberties group that criticized the surveillance software after it was first disclosed in 2000.
FBI spokesman Paul Bresson said the bureau moved to popular commercial wiretap software because it was less expensive and had improved in its ability to copy e-mails and other communications of a targeted Internet account without affecting other subscribers.
"We see the value in the commercially available software; we're using it more now and we're asking the Internet service providers that have the capabilities to collect data in compliance with court orders," Bresson said.
The FBI said last week it was sending back to the drawing board its $170-million computer overhaul, which was intended to give agents and analysts an instantaneous and paperless way to manage criminal and terrorism cases.
Experts said the life span of roughly four years for the bureau's homegrown surveillance technology was similar to the shelf life of products in private industry.
"It's hard to criticize the FBI trying to keep pace with technology," said James Dempsey of the Washington-based Center for Democracy and Technology.
"There is just a huge amount of innovation and development going on in the private sector."
Henry Perritt, who led an oversight study of Carnivore in 2000 for the U.S. Justice Department, said the FBI originally built its own surveillance system because commercial tools were inadequate. Perritt, a professor at the Chicago-Kent College of Law, said he was unaware of any commercial wiretap software that includes audit features robust enough to persuade a federal judge e-mails from innocent Internet users weren't captured by mistake.
"You'd like to have a package that supervisors within a field office and in Washington could do an audit and make sure they're using the tools compliant with the court order," Perritt said.
The FBI laboratory division, which produced Carnivore, was headed by Donald Kerr, who left the FBI in August 2001 to become the CIA's chief gadget-maker as head of its science and technology directorate. Kerr told legislators in 2000 Carnivore was ``far better than any commercially available sniffer.''
On the Web:
FBI: http://www.fbi.gov
Electronic Privacy Information Center:
http://www.epic.org/privacy/carnivore
