Is Carnivore getting to the meat of the problem or gorging itself on information?

An editorial in eWeek covered the congressional hearings regarding a new tool developed by the FBI called the “Carnivore surveillance system.”  The Carnivore system was developed to fight cyber crimes such as terrorism, fraud, and child pornography by obtaining the e-mail messages of suspects.  The system, when attached to a segment of an Internet Service Provider (ISP), will proceed to filter through every message passing through that segment to find messages addressed to or sent from the suspect.  Thousands of private e-mail messages will be examined by the system to find the messages authored or received by the suspect.  The system then stores the suspect’s messages on an internal hard drive for later retrieval.  According to the FBI, the Carnivore system only collects information from people suspected of illegal activity; therefore the Carnivore system does not interfere with the privacy of the general public.  As such, the system is a necessary tool in the fight against cybercrime.

Civil libertarians and others have raised concerns that the Carnivore system is an invasion of privacy.  These include three main criticisms regarding the use of the system.  First, if Carnivore was misused, messages from people other than the suspect could be viewed.  Second, having a device with the potential to collect such a vast amount of information is dangerous because of the concern that unauthorized persons could gain access to it.  Third, the ISP is unable to witness the FBI gathering and screening process to verify that it is taken from the proper source.

The first concern is that the FBI could use the Carnivore system to view not only the suspect’s e-mails but also every subscriber connected to that segment.  Donald Kerr, the Assistant Director of the Federal Bureau of Investigation, explained that for the FBI to use the Carnivore system, it must have a court order, that is, a search warrant as required by the Fourth Amendment to the U.S. Constitution.  Furthermore, it is claimed that the potential of FBI personnel misusing the system is minimal because the penalties for using the system without proper authorization are severe.  In the unlikely event that evidence was gathered without proper authorization, it would be dismissed in court (3).  According to published sources, the Carnivore system has been used at least twenty-five times already, each time with a court order, and in none of these cases has the system been abused.  The FBI has a record of using devices such as phone taps and satellite monitoring in a prudent manner.  With the requirement of a court order and the history of responsible use of FBI technologies, sufficient safeguards are in place to assure that the Carnivore system will not be misused.

The second concern is that a device which has the power to collect such a vast amount of information is inherently dangerous.  The fear underlying this criticism is that if the information is out there, someone might be able to obtain access to the Carnivore system and therefore thousands of private messages will be within the interlopers’ improper grasp.  This concern is based on an incorrect understanding of how the system works.  The system will look at many messages, but it will discard all irrelevant information through a built-in filtering process.  Only when the filtering process is complete will the FBI agents see the e-mail information of their suspect.  The other messages reviewed and discarded by the Carnivore system are never stored on the system, so it is impossible for them to be accessed through the system.  The few messages stored on the system are also protected from outside, i.e., non-FBI intrusion.  Donald Kerr clarified this when he said, “during all the filtering … no FBI personnel are seeing any information” since the proprietary software completes this task (5).  It is apparent that there is not a large amount of information being accumulated in the system but the privacy of every individual is still a concern.  There is a risk that unauthorized personnel could retrieve the information residing on the FBI system.  To answer this concern, one must understand how information is retrieved from the Carnivore system.  The system is contained in a box, which is a separate device from the network system and it can only receive information, not transmit.  FBI personnel must personally make trips to the site to manually download messages from the system by unlocking the box and plugging specific devices into access ports.  This prevents hackers from retrieving any information from the system through the media such as the Internet or by hacking the ISP’s network.

The third concern raised by Civil libertarians is that under current technology, the ISP is unable to verify that the FBI is gathering information from the proper source.  With phone tapping, the phone company can keep tabs on the FBI to make sure that they are gathering information purely from their authorized source.  With phone taps, the telephone company is equipped with the necessary equipment for conducting a phone tap, so the FBI works through them.  This, of course, provides a type of “checks and balances” system in addition to the search warrant and FBI protocol protections.  In most Internet cases, the information is retrieved in much the same way without any need for the Carnivore system.  The FBI presents a court order to the ISP, and the ISP provides them with the messages to and from the suspect.  The Carnivore system is only used in the rare case where the ISP is unable to provide this information.  The system itself is currently a better surveillance tool than any commercial software program.  If required, the Carnivore system can obtain any specific part of an e-mail message.  When other programs were used, the FBI had to edit out unwanted information, which becomes a privacy issue itself.  As an improvement and departure from traditional information gathering programs, the Carnivore system retrieves only the information requested, because this program was designed specifically for FBI surveillance.  Commercial filtering programs are used for a multitude of applications so they cannot be as specialized as the Carnivore system.  The Illinois Institute of Technology’s Research Institute examined the system and concluded that compared to commercial programs, the Carnivore system is “more effective in protecting privacy and enabling lawful surveillance” (Wolf 1).  This is not the only way in which the Carnivore system is superior.  If evidence were gathered from an ISP, all the people who handled the evidence would be in the chain of custody for the evidence and could be questioned to determine whether the evidence was legitimate or altered.  The Carnivore system stamps each message with a header containing what the system was programmed to search for when it retrieved the message.  This proves that the evidence was gathered in accordance with the specifications of the court order and should eliminate the possibility of human tampering.

It has been suggested that to establish guidelines for Carnivore’s use, the current telephone monitoring laws should be applied to the system.  There is a problem with this solution because phone and Internet monitoring systems function very differently.  It is helpful to look at the distinction between these technologies, which was described graphically by David Wilson, a write for Mercury News.  Wilson explained that a telephone conversation operates on a single circuit.  When authorities want to tap a line, they simply listen to that circuit.  The Internet, however, has many transmissions flowing through a single circuit (2).  If the authorities were allowed to trap all messages flowing through that circuit, they would receive not only the suspect’s messages but also any other messages traveling through that circuit, potentially thousands.  Also, ISPs may send messages from the same person via a different route because of the dynamic web-like structure of the Internet.  Depending on the location of the circuit tap, some messages from the suspect may be missed entirely.  Thus, the laws and procedures for telephone monitoring are not specific enough to apply to Internet communications, which function as a web versus straight-line communication.

Opposing arguments are filled with references to “Big Brother,” the omniscient government described in the book “1984”.  However, the Carnivore system, despite its name, was designed with our privacy as its main concern.  It is a creatively designed and implemented system to protect our privacy and Constitutional rights while giving law enforcement the tools it needs to fight crime.  As the Internet consumes a larger percentage of our lives, cybercrime will increase.  Law enforcement must have the tools and the authority to fight this type of crime.  Their tool, the Carnivore system, has been designed to protect the privacy of the general public while providing surveillance services to reduce cybercrime.  This highly advanced system can find specific information outlined in a court order and display it to the FBI without ever storing any messages not subject to the search warrant.  The system is self-contained and protected from all non-local access.  Local access is restricted only to authorized personnel.  The system was designed not to exclude ISPs from retrieving the messages themselves and is only needed and required in cases where the ISP is unable to acquire this information.  The Carnivore system will be used less in the future as ISPs upgrade their networks and hire more experienced personnel.  By using the Carnivore system, the FBI can get to the “meat” of the problem.

For more information:

“Curbing the Carnivore.” EWeek 7 Aug. 2000: 50

United States. Cong. Senate. Committee on the Judiciary.  Electronic Surveillance. Washington: GPO, 2000.

Wilson, David L.  “E-mail Privacy Guard Backed.” Mercury News 18 July 2000: n.p.

Wolf, Jim. Senate panel presses FBI on Carnivore. 27 Nov. 2000 <,4586,2657976,00.html>


About The Author

Eric Vanderburg

Eric Vanderburg is an author, thought leader, and consultant. He serves as the Vice President of Cybersecurity at TCDI and Vice Chairman of the board at TechMin. He is best known for his insight on cybersecurity, privacy, data protection, and storage. Eric is a continual learner who has earned over 40 technology and security certifications. He has a strong desire to share technology insights with the community. Eric is the author of several books and he frequently writes articles for magazines, journals, and other publications.

Leave a Reply