|
|
<<
^
>>
Date: 2002-05-29
Des & Info ueber Carnivore
Dieses Dokument aus dem Frühjahre 2000, das EPIC nun veröffentlicht hat, kann man ganz anders werten, als es die Veröffentlicher und Medien wie die Washington Post et al. tun.
Dass ein FBI-Techniker vor nunmehr zwei Jahren mit einer Windows-Kiste nicht zurecht gekommen ist, weil es sich beim Carnivore um eine mächtiges aber patschertes [tappsig für die im Westen Sprachraums lebenden, bzw. clumsy] Programm handle - das ist die Message, die herüberkam.
Patschert ist Carnivore vielleicht in der Windows Portierung für das FBI anfangs gewesen. Wie aus den früheren Carnivore-Papieren ersichtlich ist, enstammt das Datenfresspro/gramm dem Hause derer von Solaris, wobei eine ganz andere Agentur dahintersteht.
Patschert war der FBI-Agent vielleicht deshalb, weil das Personal des FBI sich in den letzten Jahren höchst erfolgreich darauf konzentriert hat, in großem Stil Daten aus [Mobil]Telefonienetzen abzuzapfen und zu verarbeiten.
Zwei Jahre danach, also heute, hat man neben den Circuit Switched Networks - die überdies weit besser zuordenbare Daten liefern - auch das viel schwieriger überwachbare TCP/IP schon besser im Griff.
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
[...]
The incident, which occurred in March 2000, is described in newly-released FBI documents obtained under court order by the Electronic Privacy Information Center (EPIC). A written report describes the incident as part of a "pattern" indicating "an inability on the part of the FBI to manage" its foreign intelligence surveillance activities.
An internal FBI e-mail message dated April 5, 2000, and sent to M. E. (Spike) Bowman, Associate General Counsel for National Security Affairs, recounts how the Carnivore "software was turned on and did not work correctly." The surveillance system captured not only the electronic communications of the court-authorized target, "but also picked up E-Mails on non-covered" individuals, a violation of federal wiretap law. According to the Bureau document, the "FBI technical person was apparently so upset that he destroyed all the E-Mail take, including the take on [the authorized target]."
The botched surveillance was performed by the FBI's International Terrorism Operations Section (ITOS) and its "UBL Unit," which refers to the government's official designation of bin Laden. The Bureau document indicates that an official at the Justice Department's Office of Intelligence Policy and Review (whose name has been deleted) became aware of the problem, and "To state that she is unhappy with ITOS and the UBL Unit would be an understatement of incredible proportions."
The reported problem apparently was not the first to arise during the course of FBI implementation of the Foreign Intelligence Surveillance Act (FISA). The internal document concludes its report of the "UBL Unit" incident by noting, "When you add this story to the FISA mistakes covered in [another, unreleased document], you have a pattern of occurrences which indicate to OIPR an inability on the part of the FBI to manage its FISAs."
Two Bureau documents written one week later discuss Carnivore's tendency to cause "the improper capture of data," and note that "[s]uch unauthorized interceptions not only can violate a citizen's privacy but also can seriously 'contaminate' onging investigations" and that such interceptions are "unlawful." An FBI lawyer (whose name has been deleted) writes that the Bureau must "go out of our way to avoid tripping over innocent third party communications." The lawyer concludes, "I am not sure how we can proceed to test [Carnivore] without inadvertently intercepting the communications of others, but we really need to try."
The Bureau lawyer notes that "missteps under FISA lead to mandatory reporting to the President's Foreign Intelligence Advisory Board, and such errancies must be reported/explained/justified to Congress." The documents do not indicate whether the "UBL Unit" incident was reported to either body.
Since its existence became public in 2000, the Carnivore system has been criticized by EPIC and other privacy groups, as well as members of Congress, because it gives the FBI unprecedented, direct access to the data networks of Internet service providers. The FBI has publicly downplayed the system's potential for over-collection of private communications, although internal documents released earlier to EPIC confirmed such a risk. An independent review of Carnivore commissioned by the Justice Department also found that the system is capable of "broad sweeps" and recommended technical changes to address the problem. Neither DOJ nor the FBI has indicated publicly whether those recommendations were ever implemented.
The newly-released FBI documents were provided to EPIC on Friday, May 24, in response to a court order issued by U.S. District Judge James Robertson in the privacy group's ongoing Freedom of Information Act lawsuit seeking the disclosure of material concerning Carnivore. The order directed the Bureau to conduct a second search for relevant documents after EPIC successfully argued (over the Bureau's objections) that an initial FBI search was inadequate and likely overlooked responsive records.
The case is being litigated by EPIC's General Counsel, David Sobel, who said, "These documents confirm what many of us have believed for two years - Carnivore is a powerful but clumsy tool that endangers the privacy of innocent American citizens. We have now learned that its imprecision can also jeopardize important investigations, including those involving terrorism." Sobel added, "As we suggested when it first became public, Carnivore's use should be suspended until the questions surrounding it finally can be resolved. Our FOIA lawsuit shows that there's a great deal about Carnivore that we still don't know."
The newly-released FBI documents are available at:
http://www.epic.org/privacy/carnivore/
Washington Post May 29, 2002 Pg. 7
'Carnivore' Glitches Blamed For FBI Woes
Problems With E-Mail Surveillance Program Led to Mishandling of Al Qaeda Probe in 2000, Memo Says
By Dan Eggen, Washington Post Staff Writer
The FBI mishandled a surveillance operation involving Osama bin Laden's terror network two years ago because of technical problems with the controversial Carnivore e-mail program, part of a "pattern" indicating that the FBI was unable to manage its intelligence wiretaps, according to an internal bureau memorandum released yesterday.
An attempt in March 2000 to secretly monitor the e-mail of an unidentified suspect went awry when the Carnivore program retrieved communications from other parties as well, according to the memo, which was obtained by the Electronic Privacy Information Center (EPIC), a Washington-based advocacy group opposed to the technology.
Carnivore, which has been renamed DCS1000, is a computer program that allows investigators to capture e-mails sent to and from criminal and terrorist suspects. But the newly released memo indicates that, in at least one case, the program also retrieved e-mails from innocent people not involved in the investigation.
The incident joined a rapidly growing list of alleged FBI mistakes made before Sept. 11, including evidence that FBI headquarters bungled the quest for a search warrant in the Zacarias Moussaoui case and ignored pointed warnings from an Arizona field agent about terrorists in flight training. It also invited fresh criticism of Carnivore, a program already derided by civil libertarians, and cast doubt on repeated FBI assurances that the program provides a "surgical" ability to grab targeted e-mails out of cyberspace.
[...]
FBI spokesman John Collingwood said yesterday that the case was a rare mistake that resulted from technical problems encountered by the Internet service provider, not by the FBI.
"This is an uncommon instance where a surveillance tool, despite being tested and employed with the assistance of a service provider, did not collect information as intended," Collingwood said.
The one-page memo at issue, dated April 5, 2000, and sent via e-mail, was intended to outline the problems that had arisen in a Denver terrorism case for Marion "Spike" Bowman, the FBI's associate general counsel for national security. Yesterday, Bowman declined to comment and authorities declined to identify the memo's author or provide further details about the case.
The probe involved the FBI team that investigates suspected operatives of the al Qaeda network. It is known as the Usama bin Laden, or UBL, unit for the agency's spelling of the al Qaeda leader's name. The same unit has come under congressional scrutiny in recent weeks over its role in shelving a July 2001 memo from Phoenix FBI agent Kenneth Williams, who had suggested that al Qaeda members might be infiltrating aviation schools and requested that the FBI canvass them for Middle Easterners.
In the latest case to come to light, the UBL unit acquired in March 2000 a warrant under the Foreign Intelligence Surveillance Act (FISA) for use against a suspect in an investigation based in Denver, according to the memo released yesterday.
[...]
The memo says that on March 16, 2000, the Carnivore "software was turned on and did not work properly," capturing e-mails involving both the target and others unconnected to the case.
The memo goes on to say that "the FBI technical person was apparently so upset that he destroyed all the E-Mail take, including the take" from the target. Collingwood, the FBI spokesman, said that the memo is incorrect and that the e-mails gathered in the operation were kept and remain under seal in the court that administers secret wiretaps.
The memo makes clear that the Justice Department's Office of Intelligence Policy and Review (OIPR), which oversees FISA warrants, was enraged by the blunders in the case, in part because the Justice Department office was allegedly not told that Carnivore was considered experimental at the time.
[...]
The memo also refers to an electronic communication outlining other "FISA mistakes" and alleges "a pattern of occurrences which indicate to OIPR an inability on the part of the FBI to manage its FISAs."
[...]
The FBI has been using the system for almost three years, subject to court authorization, to tap into Internet communications, to identify e-mail writers online and to record the contents of messages. It does so by capturing "packets" of information containing those details.
Civil liberties advocates and some lawmakers have expressed concerns because the system could scan private communication on the legal activities of people other than those under investigation. But agency officials have said repeatedly in response to criticism that the system poses no threat to privacy because it can take narrow, targeted slices of communication.
[...]
Shortly before the Sept. 11 terrorist attacks, an FBI spokesman said the agency rarely used Carnivore because Internet service providers had become so adept at meeting the technical demands of approved surveillance of suspects' Internet traffic. The agency said it had used Carnivore only twice from January through mid-August.
[...]
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
edited by Harkank
published on: 2002-05-29
comments to office@quintessenz.at
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
<<
^
>>
|
|
|
|
