The FBI has effectively abandoned its custom-built Internet surveillance technology, once known as Carnivore, and has switched to using unspecified commercial software to eavesdrop on computer traffic.
WASHINGTON (AP) _ The FBI has effectively abandoned its custom-built Internet surveillance technology, once known as Carnivore, designed to read e-mails and other online communications among suspected criminals, terrorists and spies, according to bureau oversight reports submitted to Congress.
Instead, the FBI said it has switched to unspecified commercial software to eavesdrop on computer traffic during such investigations and has increasingly asked Internet providers to conduct wiretaps on targeted customers on the government's behalf, reimbursing companies for their costs.
The FBI performed only eight Internet wiretaps in fiscal 2003 and five in fiscal 2002; none used the software initially called Carnivore and later renamed the DCS-1000, according to FBI documents submitted to Senate and House oversight committees.
The FBI, which once said Carnivore was ``far better'' than commercial products, said previously it had used the technology about 25 times between 1998 and 2000.
The FBI said it could not disclose how much it spent to produce the surveillance software it no longer uses, saying part of its budget was classified. Outside experts said the government probably spent between $6 million and $15 million.
The congressional oversight reports were obtained last week under the U.S. Freedom of Information Act by the Washington-based Electronic Privacy Information Center, a civil liberties group that criticized the surveillance software after it was first disclosed in 2000.
FBI spokesman Paul Bresson said the bureau moved to popular commercial wiretap software because it was less expensive and had improved in its ability to copy e-mails and other communications of a targeted Internet account without affecting other subscribers.
``We see the value in the commercially available software; we're using it more now and we're asking the Internet service providers that have the capabilities to collect data in compliance with court orders,'' Bresson said.
The FBI said last week it was sending back to the drawing board its $170 million computer overhaul, which was intended to give agents and analysts an instantaneous and paperless way to manage criminal and terrorism cases.
Experts said the life span of roughly four years for the bureau's homegrown surveillance technology was similar to the shelf life of cutting-edge products in private industry.``It's hard to criticize the FBI trying to keep pace with technology,'' said James Dempsey of the Washington-based Center for Democracy and Technology. ``There is just a huge amount of innovation and development going on in the private sector.''
Henry H. Perritt Jr., who led an oversight study of Carnivore in 2000 for the Justice Department, said the FBI originally built its own surveillance system because commercial tools were inadequate. Perritt, a professor at the Chicago-Kent College of Law, said he was unaware of any commercial wiretap software that includes audit features robust enough to convince a federal judge that e-mails from innocent Internet users weren't captured by mistake.
``You'd like to have a package that supervisors within a field office and in Washington could do an audit and make sure they're using the tools compliant with the court order,'' Perritt said.
The FBI laboratory division, which produced Carnivore, was headed by Donald M. Kerr, who left the FBI in August 2001 to become the CIA's chief gadget-maker as head of its science and technology directorate. Kerr told lawmakers in 2000 that Carnivore was ``far better than any commercially-available sniffer.''
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.