The FBI appears to have adopted an invasive Internet surveillance technique that collects far more data on innocent Americans than previously has been disclosed. CNET News reports that instead of recording only what a particular suspect is doing, agents conducting investigations appear to be assembling data on thousands of Internet users at a time into massive databases. [includes rush transcript]
AMY GOODMAN: The FBI appears to have adopted an invasive Internet surveillance technique that collects far more data on innocent Americans than previously has been disclosed. CNET News reports that instead of recording only what a particular suspect is doing, agents conducting investigations appear to be assembling data on thousands of Internet users at a time into massive databases. Those databases can then be mined for names, email addresses or keywords.
Declan McCullagh is with us now, chief political correspondent for CNET News, joining us on the phone from San Francisco. Welcome to Democracy Now!
DECLAN McCULLAGH: Hi there. Good morning.
AMY GOODMAN: Tell us what you know.
DECLAN McCULLAGH: Sure. The technique we’re talking about surfaced a discussion at the Stanford Law School, where a former Department of Justice computer crime attorney and now at the University of Colorado at Boulder Law School and a current Department of Justice computer crime attorney, the assistant deputy chief, discussed the Fourth Amendment implications of this. And details are still fuzzy, but it seems as though when the FBI gets a court order, gives it to an Internet service provider and says, “We want all the information that’s flowing through a certain person’s network or is related to a certain person,” and the ISP is incapable of really narrowing it down, the ISP may in some cases say, “We can’t technically narrow it down, so here’s everything from maybe an entire neighborhood or small town. Here it is on some sort of fixed media, like a DVD or magnetic tape.” And then, the FBI subsequently can do queries against that database. And so, that’s what we know so far. Unfortunately, the Department of Justice isn’t answering questions about that. They sent us a statement saying that sometimes they perform real-time filtering on large data connections carrying the traffic of multiple unrelated facilities, but they have refused so far to answer questions or to put someone on the phone.
AMY GOODMAN: How does this relate to Carnivore? And explain what this is. We only have a few minutes.
DECLAN McCULLAGH: Sure. Carnivore was a box that the FBI would put, hopefully with a court order, on an ISP’s network, and then that box would capture only what a specific person was doing. This technique, if this is as we understand it to be, instead is capturing information on maybe hundreds or thousands of people and then is subsequently narrowed and searched against by the FBI. And so, instead of doing it in real time, as we understand a wiretap, they’re sort of doing it later, perhaps even over a period of months.
AMY GOODMAN: And how can people protect themselves?
DECLAN McCULLAGH: You protect yourself by using encryption. You protect yourself by using a service like anonymizer.com or Tor, which is something that the Electronic Frontier Foundation out here in San Francisco has worked on. So you basically use technology to encrypt your communications, instead of relying on the law to do it for you.
AMY GOODMAN: I want to thank you, Declan McCullagh. Finally, CNET, what are you doing about this?
DECLAN McCULLAGH: What are we doing at CNET? Well, we’re following it, but we also maintain sort of good internet hygiene and try to encrypt our communications whenever we can and also use encryption on our laptops.
AMY GOODMAN: Declan, thanks for being with us. And we haven’t spoken to you since James Kim died in the wilderness, and we send our condolences to the whole CNET family.
DECLAN McCULLAGH: Thank you.
AMY GOODMAN: Thank you very much, Declan McCullagh of CNET News.