GOVERNMENTAL SURVEILLANCE AND PRIVACY CONCERNS
WARRANTLESS GOVERNMENTAL SURVEILLANCE THROUGH THE USE OF EMERGING TECHNOLOGY HAS BECOME A MAINSTAY OF GOVERNMENTAL INVESTIGATION
ByVania M. Chaker, Esq.
The United States government enjoys awesome technological capabilities.[1] It can facilely monitor electronic communications and surreptitiously retrieve stored information on private computer systems. Technology that was once the stuff of science fiction is now routinely used in real life to monitor the activities of citizens, corporations, even foreign nationals in foreign nations.[2] Telephone conversations, text messages, electronic transmissions, and even corporate network traffic have been subject to surreptitious warrantless government surveillance by executive order under the mandate of heightened national security concerns in the “Post-9/11 Era.”[3] Moreover, in addition to the fully-stocked arsenal of highly-advanced equipment and sophisticated technology the government enjoys, it can also rely upon lofty justifications such as “national security” and “the public good” to persuade or issue seemingly-reasonable directives to large private companies, such as the behemoth firms of AT&T, Verizon, and Bell South, to assist the government with warrantless investigations of private citizens and entities.[4]
The Federal Bureau of Investigation (“FBI”) routinely uses computer programs such as Magic Lantern,[5]a secretly-installed key logger software, to spy on every keystroke made on a target’s computer – even if the communications occur inside the sanctity of one’s home.[6] Another highly intrusive FBI software program, the Computer and Internet Protocol Address Verifier (“CIPAV”),[7]is a data gathering software program that can track every email sent, every internet site visited, every software application installed by an individual or private company. It can also track the location of a computer through its IP address. Other government programs about which the public has extremely limited information include ESCHELON, “Cyber Knight,” and Carnivore,[8],[9] and other FBI-developed software programs used to monitor electronic communications.
The government uses dditional surreptitious data collection techniques and devices to warrantlessly investigate targets. The government may also, for example, remotely install a “Trojan Horse” virus, “rootkit” virus, or other sorts of spyware onto a target’s computer system. Doing so could allow an outsider to control an individual’s computer system remotely, monitor computer usage and transmissions, and remotely control a computer camera to spy on private activities.[10] Other United States agencies, such as the National Security Agency,[11] continue to develop additional tools with which to monitor citizens and private companies,[12] such as cookies,[13]web bugs,[14] surreptitiously-installed spyware,[15] and Radio Frequency Identification (“RFID”) tags.[16]
Unfortunately, such powerful governmental capabilities have not been tempered by the countervailing protective judicial or legislative safeguards necessary to offset the greatly increased potential for improper government intrusiveness.
By Vania M. Chaker, Esq.
Vania Chaker at Columbia SoCal
https://casetext.com/users/vania-chaker
Vania Chaker (@VMChaker) | Twitter
www.vaniachakerblog.wordpress.com
https://www.linkedin.com/in/vaniachaker/
https://Twitter.com/vania_chaker
Footnotes:
[1] For example, the “Warrantless Surveillance Controversy” by the U.S. National Security Agency (“NSA”) involved the surveillance of individuals on domestic soil and only incident to Post-9/11 foreign intelligence investigations by the NSA. This directive, termed the “Terrorist Surveillance Program” by the George W. Bush administration, was a component of the broader “President's Surveillance Program” which the NSA is authorized by executive order to monitor the communications of private citizens and companies without a warrant. Phone calls, e-mails, internet activity, text messaging, and other communications involving one party that the NSA may believe to be outside the United States were subject to warrantless government surveillance even if the other party was located on domestic soil. Widespread claims, however, indicate that such warrantless surveillance was conducted with respect to purely domestic communications. Due to the highly sensitive nature of the program, its exact scope is not known, but it is reported that the NSA had broad, unsupervised access to all fiber-optic communications of many of the major telecommunication companies’ communications and telephony traffic.
[2] The National Security Agency (“NSA”) is charged with spying on and investigating foreign communications as part of its governmental directive.
[3] It has also been reported that such programs operated without the judicial oversight that was mandated by Foreign Intelligence Surveillance Act (“FISA”).
[4] The case of Hepting v. AT&T (06-CV-01791-VRW) (2006) uncovered the widespread assistance of several large telecommunications companies (in addition to AT&T) which were illegally collaborating with the National Security Agency to unlawfully spy on private citizens and companies. These companies were unlawfully monitoring the communications of the United States, including AT&T customers, businesses and third parties whose communications were routed through AT&T's network, as well as Voice over IP telephone calls routed via the internet. Unfortunately, much of the details could not be learned since the government resisted efforts to learn about the scope of the operation and since discovery could not be completed because District Court Judge Vaughn Walker dismissed the case in 2006 after the government provided retroactive immunity for any telecommunications companies illegally assisting the government thereby rendering the lawsuit moot.
[5] Magic Lantern, a keylogger software program developed by the Federal Bureau of Investigation, was first reported to be in existence on November 21, 2001.
[6] The FBI's use of key logging software is discussed in the case of United States v. Scarfo, 180 F.Supp.2d 572 (D.N.J. 2001). See infra.
[7] “Computer spy programs such as “CIPAV,” a software data gathering tool that the Federal Bureau of Investigationuses to track and gather location data on suspects who are under electronic surveillance. CIPAV captures location-related information of a computer, such as its IP address, MAC address, the programs which have been downloaded onto the computer, programs which are running on the program, the type of operating system, the installed application registration and version information, the default web browser, the URL of the last visited website. CIPAV silently monitors all outbound communication, logs every IP address to which the computer connects, and time stamps each internet encounter from that computer.” Wikipedia CIPAV page – http://en.wikipedia.org/wiki/Magic_Lantern_(software).
[8] See http://en.wikipedia.org/wiki/Carnivore_(FBI).
[9] http://email.about.com/od/staysecureandprivate/a/carnivore.htm
[10]See, e.g., Selena Larson, 2017 Year in Review: The Hacks that Left Us Exposed in 2017, CNN Tech (December 20, 2017: 9:11 AM ET), http://money.cnn.com/2017/12/18/technology/biggest-cyberattacks-of-the-year/index.html.
[11] For example, the National Security Agency routinely eavesdrops on all conversations, which was the tactic used to locate Osama Bin Laden. A NOVA documentary examined the high-tech eavesdropping carried out by the NSA. See “The Spy Factory – Examine the. Aired February 3, 2009 on PBS.” http://www.pbs.org/wgbh/nova/military/spy-factory.html.
[12] Other programs also existed such as “COINTELPRO” (an acronym for Counter Intelligence Program) which was reported to have been a series of covert measusures instituted by the FBI focused at investigating citizens and organizations within the United States during the Nixon administration.
[13] A cookie has been defined as: “cookie (also tracking cookie, browser cookie, and HTTP cookie) is a small piece of text stored on a user's computer by a web browser. A cookie consists of one or more name-value pairs containing bits of information such as user preferences, shopping cart contents, the identifier for a server-based session, or other data used by websites.” http://en.wikipedia.org/wiki/HTTP_cookie. See also “magic cookie.”
[14] Web bug has been defined as “an object that is embedded in a web page or e-mail and is usually invisible to the user but allows checking that a user has viewed the page or e-mail. One common use is in e-mail tracking. Alternative names are Web beacon, tracking bug, tracking pixel, pixel tag, 1×1 gif, and clear gif.” http://en.wikipedia.org/wiki/Web_bug
[15] Spyware has been defined and discussed as follows: “as a type of malware that is installed on computers and collects information about users without their knowledge. The presence of spyware is typically hidden from the user. Typically, spyware is secretly installed on the user's personal computer. Sometimes, however, spywares such as keyloggers are installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other users. While the term spyware suggests software that secretly monitors the user's computing, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity.” http://en.wikipedia.org/wiki/Spyware
[16] Radio-frequency identification (RFID) has been defined as “the use of an object (typically referred to as an RFID tag) applied to or incorporated into a product, animal, or person for the purpose of identification and tracking using radio waves. Some tags can be read from several meters away and beyond the line of sight of the reader.”