Tuesday, January 30, 2007
Via Zemblan patriot J.D.: You are certainly aware of Attorney General Alberto Gonzales's recent, rather disingenuous announcement that President Bush's illegal wiretapping program would henceforth be conducted under the supervision of the FISA court, as the law of the land dictates. You may be unaware, however, that the government has simultaneously undertaken a program of "full-pipe surveillance" -- that is to say, warrantless recording of internet traffic, from web browsing to e-mail -- on an unimaginably vast scale. The legal justification? Federal law says that snoopers must "minimize the interception of communications not otherwise subject to interception," which means that even if you have a warrant to bug a criminal suspect, you must take pains not to eavesdrop on innocent people. There is, however, an exemption for intercepted communications "in a code or foreign language" -- and one DoJ functionary, quoted in the story below, claims that since all digital communications amount to a foreign language or code, it should be perfectly obvious that "federal agents are legally permitted to record everything and sort through it later":
The FBI appears to have adopted an invasive Internet surveillance technique that collects far more data on innocent Americans than previously has been disclosed.
Instead of recording only what a particular suspect is doing, agents conducting investigations appear to be assembling the activities of thousands of Internet users at a time into massive databases, according to current and former officials. That database can subsequently be queried for names, e-mail addresses or keywords.
Such a technique is broader and potentially more intrusive than the FBI's Carnivore surveillance system, later renamed DCS1000. It raises concerns similar to those stirred by widespread Internet monitoring that the National Security Agency is said to have done, according to documents that have surfaced in one federal lawsuit, and may stretch the bounds of what's legally permissible.
Call it the vacuum-cleaner approach. It's employed when police have obtained a court order and an Internet service provider can't "isolate the particular person or IP address" because of technical constraints, says Paul Ohm, a former trial attorney at the Justice Department's Computer Crime and Intellectual Property Section . . . .
Ohm said that full-pipe recording has become federal agents' default method for Internet surveillance. "You collect wherever you can on the (network) segment," he said. "If it happens to be the segment that has a lot of IP addresses, you don't throw away the other IP addresses. You do that after the fact."
"You intercept first and you use whatever filtering, data mining to get at the information about the person you're trying to monitor," he added . . . .
"What they're doing is even worse than Carnivore," said Kevin Bankston, a staff attorney at the Electronic Frontier Foundation who attended the Stanford event. "What they're doing is intercepting everyone and then choosing their targets."
When the FBI announced two years ago it had abandoned Carnivore, news reports said that the bureau would increasingly rely on Internet providers to conduct the surveillance and reimburse them for costs. While Carnivore was the subject of congressional scrutiny and outside audits, the FBI's current Internet eavesdropping techniques have received little attention . . . .
[Bankston] said that the FBI is "collecting and apparently storing indefinitely the communications of thousands--if not hundreds of thousands--of innocent Americans in violation of the Wiretap Act and the 4th Amendment to the Constitution" . . . .
Ohm, the former Justice Department attorney who presented a paper on the Fourth Amendment, said he has doubts about the constitutionality of full-pipe recording. "The question that's interesting, although I don't know whether it's so clear, is whether this is illegal, whether it's constitutional," he said. "Is Congress even aware they're doing this? I don't know the answers."