FBI's 'full-pipe' surveillance may be illegal

Former DOJ officials asserts FBI is assembling massive databases of Internet user data and using them to mine for criminal and terrorist activity.
Written by Richard Koman, Contributor
In an initiative that is reminescent of the National Security Agency's widespread Internet monitoring and seems to exceed the much-criticized Carnivore surveillance system, the FBI is compiling huge databases of Internet users' online behavior, two law professors charged Friday at syposium at Stanford Law School.

News.com reports that the approach is utilized when the FBI obtains a subpoena for an individual's records and the ISP can't isolate the individual or IP address.

Instead of recording only what a particular suspect is doing, agents conducting investigations appear to be assembling the activities of thousands of Internet users at a time into massive databases, according to current and former officials. That database can subsequently be queried for names, e-mail addresses or keywords.
Paul Ohm, a former trial attorney at the Justice Department's Computer Crime and Intellectual Property Section (CCIPS), and Richard Downing, a CCIPS assistant deputy chief, discussed the so-called "full-pipe recording" strategy during Stanford Law School's Search and Seizure in the Digital Age symposium and in an interview with News.com later.
In a telephone conversation afterward, Ohm said that full-pipe recording has become federal agents' default method for Internet surveillance. "You collect wherever you can on the (network) segment," he said. "If it happens to be the segment that has a lot of IP addresses, you don't throw away the other IP addresses. You do that after the fact."

"You intercept first and you use whatever filtering, data mining to get at the information about the person you're trying to monitor," he added.

The Justice Department objected to News.com's reporting. In an email response, a spokesman told News.com reporter Declan McCullagh:

Nothing has changed from our long-standing practice in implementing court-authorized law enforcement interception orders. The FBI records and retains only that data which it is authorized under law to record and retain -- namely, the communications associated with court-approved targets.

...[Wh]at law enforcement does is isolate the communications associated with the target facility and record only those communications. After law enforcement collects the targeted communications, as specified in the court order, we "minimize" the captured information by sorting it into relevant and non-relevant material (i.e., depending on whether the contents relate to the criminal activity specified in the court's order).

Such after-the-fact minimization is done with explicit authorization from the court, and no further use may be made of minimized (non-relevant) communications.

On rare occasions involving technical obstacles, we perform real-time filtering on large data connections carrying the traffic of multiple unrelated facilities, but only using automated filters that isolate and retain only the communications associated with the facility identified in the order. All data not relating to the targeted facility is instantly and irreversibly deleted. This data is therefore never read or comprehended by anyone in law enforcement.

The bottom line: Nothing has changed. We believe that Professor Ohm, quoted in the article, either was misquoted or misspoke.

The "minimization" language here refers to a federal law (Title 18) that says:

Every order and extension thereof shall contain a provision that the authorization to intercept shall be executed as soon as practicable, shall be conducted in such a way as to minimize the interception of communications not otherwise subject to interception under this chapter, and must terminate upon attainment of the authorized objective, or in any event in thirty days.

If the FBI is doing what Ohm claims, it would seem to clearly violate the federal law. But the DOJ's Downing emphasized that the law also states that if the communications are in a foreign language or in code, agents may record all communications and sort the relevant from the non-relevant later.

In the event the intercepted communication is in a code or foreign language, and an expert in that foreign language or code is not reasonably available during the interception period, minimization may be accomplished as soon as practicable after such interception.

Downing declared: "Take a look at the legislative history from the mid '90s. It's pretty clear from that that Congress very much intended it to apply to electronic types of wiretapping."

EFF's Kevin Bankston said that the FBI is "collecting and apparently storing indefinitely the communications of thousands--if not hundreds of thousands--of innocent Americans in violation of the Wiretap Act and the 4th Amendment to the Constitution."

While the Justice Dept. and the EFF declare they are sure of the law, Ohm is not so sure:

"The question that's interesting, although I don't know whether it's so clear, is whether this is illegal, whether it's constitutional. Is Congress even aware they're doing this? I don't know the answers."
Editorial standards