Taking a Byte out of Online Privacy

The FBI'S Carnivore system has drawn fire from the online privacy community. But is all the fuss over nothing?

By Fred Sandsmark

We humans can't resist naming things, and we love nicknames. We don’t say "unsolicited bulk email”; we say “spam." We don't say "facial tissue"; we say "Kleenex" (much to the chagrin of the Kimberly-Clark Corporation, which owns the trademark). Nicknames are a sort of shorthand that keeps communication clear and direct.

But a name isn’t always for convenience. Sometimes it's a peek into the very nature of the object being described. This has rarely been truer than in the case of the FBI'S recently outed e-mail-snooping software; they didn’t call it “Sniffer” or “Secret e-Agent" or "automated system for the focused surveillance of electronic communications on targeted suspects." They called it "Carnivore."

And now that Carnivore is no longer a secret, they probably regret the choice. The word "carnivore" evokes gory images from the Sunday-night broadcasts of Mutual of Omaha's Wild Kingdom I watched as a child: cheetahs running down terrified antelopes until the prey collapsed in exhaustion; frenzied sharks causing seawater to boil red with blood; yellow-eyed, snarling wolves hunting in packs, then fighting each other over the downed carcass. Carnivores rule at the top of the food chain. You don't mess with a carnivore.

The FBI'S Carnivore has caused similar visceral reaction among the Internet privacy community. The Electronic Frontier Foundation (www.eff.org) said "Systems like Carnivore have the potential to turn into mass surveillance systems that will harm our free and open society." The Electronic Privacy Information Center (www.epic.org) labeled it a “new system to monitor private communications.” And the American Civil Liberties Union (www.aclu.org) said Carnivore "maximizes law enforcement access to the communications of non-targets."

Apart from the name itself, the FBI has been less colorful than its critics in describing Carnivore. Indeed, the agency officially designates Carnivore a "diagnostic tool," not a surveillance device. But the FBI is quite adamant that Carnivore is a necessary element in its crime-fighting toolbox. "In an age of high technology, criminals and terrorists rely on e-mails to conduct their trade just like everyone else," wrote John E. Collingwood, assistant director of the FBI, in a letter to the Los Angeles Times. "We can either ignore their criminal communications at the risk to public safety or find the technology to ensure we intercept only them to the exclusion of everyone else. Carnivore lets us do that." But that sort of all-or-nothing attitude irks privacy advocates even more.

Carnivore's First Course

Carnivore has, according to the FBI, been around since early 1999 and has been used about two dozen times since then. It's probably not a complicated package. FBI assistant director Donald M. Kerr said in testimony to the House Judiciary Committee last July 24 that Carnivore is, in essence, a network analyzer or "sniffer" -- whatis.com (www.whatis.com) defines this as "a program that monitors and analyzes network traffic" -- and it runs on good old Microsoft Windows. Published reports have stated that Carnivore is based on EtherPeek, a software product you can buy for $995 at (www.etherpeek.com). Chances are your ISP already has a copy.

Carnivore doesn't reside on the Internet as a whole. Instead, it must be installed physically at the offices of an Internet service provider. The ISP's personnel have to cooperate with its installation, but they don't have knowledge of what data the Carnivore device actually collects.

"It does not search through the contents of every message and collect those that contain certain key words like 'bomb' or 'drugs,'" Kerr said to the Judiciary committee last July. "It selects messages based on criteria expressly set out in the court order, for example messages transmitted to or from a particular account or to or from a particular user." In particular, Carnivore focuses on the "header" information that travels with e-mail -- the to, from, and subject information -- when selecting e-mails to intercept.

The FBI insists that this data specificity, tied to a required court order -- which demands a higher level of approval than a simple search warrant -- provides the public with enough protection from Carnivore abuse, but the ACLU isn't so sure. In testimony before the Judiciary Committee, Barry Steinhardt of the ACLU said "Carnivore is roughly equivalent to a wiretap capable of accessing the contents of the conversations of all the phone company's customers, with the assurance that the FBI will record only conversations of the 'specified' target."

Although the FBI points out that Carnivore can only be installed with the cooperation of an Internet service provider, ISPs are not universally happy with the way the system works either. Robert Corn-Revere, a First Amendment scholar, law professor and partner in Hogan & Hartson LL.P. -- the law firm that represents EarthLink -- shared these misgivings with the House Judiciary Committee last July. "We were concerned that Carnivore would have the ability to see content and header information for e-mail messages sent or received by the ISP," he said, "and that installation of the device would far exceed the very limited surveillance authority provided by a trap-and-trace order." ("Trap and trace" means capturing the phone numbers of incoming calls.--Ed.) "We believed it would enable the government to acquire more information than the law permits," Mr. Corn-Revere continued, "not just about the person who was the target of the investigation, but potentially about a large number of other subscribers who had nothing at all to do with the investigation."  

Separating the Meat from the Bone

Separating Carnivore facts from Carnivore hyperbole is nearly impossible for two reasons. First, most of the people complaining about Carnivore haven't actually seen it in action. After The Wall Street Journal broke the Carnivore story last July 11, the system was demonstrated by a reluctant FBI for 30 reporters and "dozens" of people on Capitol Hill.

Because relatively few people have even seen Carnivore, the complaints are largely grounded in hearsay and speculation. The critics are trying to read between the lines of the FBI'S official pronouncements to learn more about Carnivore, and are simultaneously suing the FBI under the Freedom of Information Act to release details about it. Privacy advocates say the FBI is dragging its feet. The FBI says it is complying with a court order to release the information on a schedule. Attorney General Janet Reno has also agreed to have Carnivore reviewed by a "group of experts," but the people haven't been named and a schedule hasn't been established.

The second reason it's hard to tell where Carnivore facts end and fears begin is because the electronic privacy landscape is shifting under our feet. Privacy laws for the physical world, especially those regarding criminal investigations, have been built and refined for years, and most of it deals with private conversations, the mail, and telephone systems. But privacy laws and policies on the Internet are evolving as you read this, and the parties that are controlling the game -- government agencies and private corporations alike -- don't always put the interests of individuals first. If you need convincing of the government's intentions, remember the aborted "Clipper Chip" that would have provided the government with a "back door" to conduct electronic surveillance. Clipper Chip development was halted because of public outrage.

Private companies aren't any better. Amazon.com recently sent e-mails to its 20 million members changing its privacy policy. Among other things, Amazon can now transfer your information if the company is sold -- and Amazon still won't let you remove yourself from its database. This from the company described by its founder as "The  most customer-centric company in the  world."

Sadly, the Carnivore issue may be moot anyway. Richard Fomo, security director for Network Solutions and publisher of the "Art of Information Warfare" Web site (www.infowarrior.org) points out that we already know enough about Carnivore to make it easy to get around. "Carnivore is a joke to anyone who deems themselves [sic] a hacker, cracker, computer-criminal, or power user," he writes. "As such, I don't consider Carnivore much of a threat to me personally, but I do fear for how easy it is to abuse of [sic] the Carnivore system and infringe on personal liberties."

Indeed, Fomo lists five ways to outsmart Carnivore on his site. Several are downright simple. "All Carnivore will do is keep honest folks honest," he writes. "Power users who value their online privacy and cyber-criminals with half a clue already know how to get around it."

Once the dust settles, we may find that Carnivore is toothless.

This article first appeared in California Computer News, November 2000

Copyright © 2000, 2006 Fred Sandsmark / Marble Publishing

Return to Marblepub.com: Home Clips