Internet
and Data Interception Capabilities Developed by the FBI,
Statement for the Record, U.S. House of Representatives, the
Committee on the Judiciary, Subcommittee on the Constitution,
07/24/2000, Laboratory Division Assistant Director Dr. donald
M. Kerr
The Nation's communications networks
are routinely used in the commission of serious criminal activities,
including espionage. Organized crime groups and drug trafficking
organizations rely heavily upon telecommunications to plan and
execute their criminal activities.
The ability of law enforcement
agencies to conduct lawful electronic surveillance of the communications
of its criminal subjects represents one of the most important
capabilities for acquiring evidence to prevent serious criminal
behavior. Unlike evidence that can be subject to being discredited
or impeached through allegations of misunderstanding or bias,
electronic surveillance evidence provides jurors an opportunity
to determine factual issues based upon a defendant's own words.
Under Title III, applications
for interception require the authorization of a high-level Department
of Justice (DOJ) official before the local United States Attorneys
offices can apply for such orders. Interception orders must be
filed with federal district court judges or before other courts
of competent jurisdiction. Hence, unlike typical search warrants,
federal magistrates are not authorized to approve such applications
and orders. Further, interception of communications is limited
to certain specified federal felony offenses.
Applications for electronic surveillance
must demonstrate probable cause and state with particularity
and specificity: the offense(s) being committed, the telecommunications
facility or place from which the subject's communications are
to be intercepted, a description of the types of conversations
to be intercepted, and the identities of the persons committing
the offenses that are anticipated to be intercepted. Thus, criminal
electronic surveillance laws focus on gathering hard evidence
-- not intelligence.
Applications must indicate that
other normal investigative techniques will not work or are too
dangerous, and must include information concerning any prior
electronic surveillance regarding the subject or facility in
question. Court orders are limited to 30 days and interceptions
must terminate sooner if the objectives are obtained. Judges
may (and usually do) require periodic reports to the court (typically
every 7-10 days) advising it of the progress of the interception
effort. This circumstance thus assures close and ongoing oversight
of the electronic surveillance by the United States Attorney's
office handling the case. Extensions of the order (consistent
with requirements of the initial application) are permitted,
if justified, for up to a period of 30 days.
Electronic surveillance has been
extremely effective in securing the conviction of more than 25,600
dangerous felons over the past 13 years. In many cases there
is no substitute for electronic surveillance, as the evidence
cannot be obtained through other traditional investigative techniques.
In recent years, the FBI has
encountered an increasing number of criminal investigations in
which the criminal subjects use the Internet to communicate with
each other or to communicate with their victims. Because many
Internet Service Providers (ISP) lacked the ability to discriminate
communications to identify a particular subject's messages to
the exclusion of all others, the FBI designed and developed a
diagnostic tool, called Carnivore.
The Carnivore device provides
the FBI with a "surgical" ability to intercept and
collect the communications which are the subject of the lawful
order while ignoring those communications which they are not
authorized to intercept. This type of tool is necessary to meet
the stringent requirements of the federal wiretapping statutes.
The Carnivore device works much
like commercial "sniffers" and other network diagnostic
tools used by ISPs every day, except that it provides the FBI
with a unique ability to distinguish between communications which
may be lawfully intercepted and those which may not. For example,
if a court order provides for the lawful interception of one
type of communication (e.g., e-mail), but excludes all other
communications (e.g., online shopping) the Carnivore tool can
be configured to intercept only those e-mails being transmitted
either to or from the named subject.
Carnivore serves to limit the
messages viewable by human eyes to those which are strictly included
within the court order. ISP knowledge and assistance, as directed
by court order, is required to install the device.
The use of the Carnivore system
by the FBI is subject to intense oversight from internal FBI
controls, the U. S. Department of Justice (both at a Headquarters
level and at a U.S. Attorney's Office level), and by the Court.
There are significant penalties for misuse of the tool, including
exclusion of evidence, as well as criminal and civil penalties.
The system is not susceptible to abuse because it requires expertise
to install and operate, and such operations are conducted, as
required in the court orders, with close cooperation with the
ISPs.
The FBI is sharing information
regarding Carnivore with industry at this time to assist them
in their efforts to develop open standards for complying with
wiretap requirements. The FBI did so two weeks ago, at the request
of the Communications Assistance for Law Enforcement Act (CALEA)
Implementation Section, at an industry standards meeting (the
Joint Experts Meeting) which was set up in response to an FCC
suggestion to develop standards for Internet interception.
This is a matter of employing
new technology to lawfully obtain important information while
providing enhanced privacy protection.
This document was originally found at http://www.fbi.gov/programs/carnivore/carnivore.htm