Remember that e-mail joke you forwarded about the comical demise of an unscrupulous ex-president? Would the FBI be interested in reading that joke? They may already have, and you didn’t even know it. If you stopped to examine all the e-mail you’ve written (or jokes you’ve forwarded) over the past few years, how much of it would contain words, that when taken out of context, might be a “red flag” to someone in and of itself? Depending upon how you use your e-mail, and what things you discuss, the result might be surprising. A new crime fighting tool called “Carnivore” is now in use by the Federal Bureau of Investigation. Carnivore is a filtering tool, designed to get specific e-mail and ignore extraneous matter, essentially seeking the “meat” of what the FBI is investigating – hence, the name.
Carnivore is installed at the Internet Service Provider (ISP) level and is utilized upon court order, similar to the permission sought before a wiretap is implemented. The ISP than initiates access to all e-mail traffic flowing through it, from which Carnivore sifts out information that would aid in an investigation of specific crimes. The program collects data and then sifts through it, seeking the key words or phrases that are the subject of the investigation. Law enforcement personnel than use that information to gather further evidence or build their case. Carnivore has sparked a debate among technology attorneys as to what is acceptable use of technology in criminal investigations. The Washington Lawyer, the official publication of the District of Columbia Bar, recently highlighted a panel debate that examined the pros and cons of Carnivore at a recent discussion sponsored by the District of Columbia Bar.
At the conference, Larry R. Parkinson, General Counsel of the FBI, argued that privacy concerns were taken into consideration when Carnivore was developed. He noted that the system may only be utilized upon court order; even then, the system only sifts out pertinent data subject to the court order. This way, the system, unlike a telephone tap, greatly eliminates the unnecessary information that investigators learn about from the targeted individual.
Nonetheless, the results are still disturbing to those who argue that too much intrusion might be the result of Carnivore.
Another panel member, David Sobel of the Electronic Privacy Information Center, argued that Carnivore could be used to collect all data, which is then sifted, but retained in raw form. In other words, he asks whether the data is being collected “just in case”. Given the nature of the system, Sobel argues, the public is expected to trust that extraneous information is being filtered out, but he queries, would the public accept such a system under an aggressive FBI regime, like that of J. Edgar Hoover?
Other panelists like John Ryan, Associate Vice President of America Online, suggested that adjustments be implemented so that Carnivore is not controlled by government agents, but instead by the ISP’s themselves. Still, this raises the question of whether an ISP might be tempted to use the information for its own commercial gain. Stewart Baker, former General Counsel to the National Security Agency, noted that Carnivore presents a challenge to our existing framework of law, which is inadequate to deal with changes in technology, such as Carnivore. Baker noted that more information is becoming available for commercial reasons than ever before; he questions why law enforcement should be denied access to that which private business can readily obtain. He suggests that a solution may be to require that the government indicate when it is accessing data from specific individuals. At present, such investigations take place, and no one, besides a few individuals, including the approving court and the investigating body, may ever know it has occurred. Baker also recommended that information collected on an individual, who is never charged, be destroyed immediately.
Yet, the final problem remains: We need a system like Carnivore in today’s criminal world of cyber terrorism, child pornography, and electronic fraud. Clearly, sophisticated criminals like Osamah Bin Laden, who is recently reported to have begun using unconventional means of communication, such as foot messengers and couriers, instead of e-mail and cellular phones, will still find ways to elude systems like Carnivore. Nonetheless, for sophisticated, but unwary criminals, such as splinter groups, hackers, or minors, Carnivore can still have tremendous value as a crime-fighting tool. But, the unresolved question seems to be, who will “guard the guards” of our technology? Ultimately, the outcome may be a court resolved, or legislatively mandated, balancing between our desire for privacy and our need to keep up with sophisticated criminals.
The importance of this debate is that we must come to realize that we are no longer in a “telephone world” as one executive in the panel put it – our laws must come to evolve with technology as well, facilitating the balance we need. Consistency, re-evaluation, and comprehensiveness, seem to be one solution. We, as members of the technology and business community, must encourage our legislators to re-evaluate our current laws and keep pace with changes in technology, in order to properly balance our need for protection with our rights to privacy; otherwise, we run the risk of missing an opportunity to fight crime with one new device, while at the same time failing to protect a fundamental right with another.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.