Wednesday, August 7, 2013

FBI Pressuring ISPs to Install Surveillance Software

In a fascinating article by Declan McCullagh, CNET is reporting that the U.S. government is “pressuring” telecommunications providers to install eavesdropping software on their internal networks in order to assist in governmental surveillance activities.  Apparently, the FBI has asserted that the software’s interception of metadata is authorized under the Patriot Act. It remains unclear; however, to what extent these “port carriers” have actually been installed by carriers.  According to McCullagh, AT&T, T-Mobile, Verizon, Comcast and Sprint have all declined to comment.  “A government source familiar with the port reader software said it is not used on an industry-wide basis, and only in situations where carriers’ own wiretap compliance technology is insufficient to provide agents with what they are seeking,” writes McCullagh.

Generally speaking, police and other investigative agencies are required to obtain a court order to intercept the content of real-time communications.  In addition to email, this would include information available via social media platforms, such as Facebook and others.  It is important to understand the distinction between information that falls into the pen register category and that which falls into the more substantive, content category.  Pen register type data includes metadata, such as “IP addresses, email addresses, identities of Facebook correspondents, web sites visited, and possibly search terms as well.”  Access to pen register has historically required a lower bar for access by investigators than other forms of investigative practices, such as wiretapping where full blown communications can be monitored.

The concern with the software that would be used by the carriers at the government’s prodding is that the software might collect more information than would necessarily fall under a pen register type of collection.  According to a source cited in the article, “the FBI wants providers to use their existing CALEA [Communications Assistance for Law Enforcement Act] compliance hardware to rout the targeted customer’s communications through the port reader software. The software discards the content data and extracts the metadata, which is then provided to the bureau.”

The CNET article can be found here. http://news.cnet.com/8301-13578_3-57596791-38/fbi-pressures-internet-providers-to-install-surveillance-software/

No comments:

Post a Comment