Carnivore Not as Selective as FBI Said

Carnivore, the FBI's e-mail surveillance software, is capable of capturing "all unfiltered traffic," despite assurances from the FBI this summer that the program only captures e-mails going to people on whom the FBI has a warrant.

The Electronic Privacy Information Center (EPIC) in Washington requested all FBI documents on Carnivore through a Freedom of Information Act request, and those documents are being released piecemeal after a judge's order.

An independent review team from the Illinois Institute of Technology Research Institute (IITRI) is due to file a draft "technical report" on the Carnivore system with the U.S. Department of Justice Friday.

"The little information that has become public raises serious questions about the privacy implications of this technology," said David Sobel, general counsel for EPIC. "The American public cannot be expected to accept an Internet snooping system that is veiled in secrecy."

The latest release of documents to EPIC was posted online Thursday.

According to the released document, which summarizes tests done to the Carnivore software in May, "The PC (running Carnivore) could reliably capture all unfiltered traffic to the internal hard drive (HD) (words deleted)."

"I think they just ran a test just to see the capabilities," said a spokesman at the FBI, who confirmed the release of the documents to EPIC. He added that the test may not be how Carnivore is actually deployed.

Previously released documents reveal that Carnivore was originally created in February 1997 under the name Omnivore, and it was originally proposed for a Sun Microsystems Inc. Solaris x86 computer. In June last year, Omnivore was replaced by a system the FBI now calls Carnivore, which runs on a Windows NT-based computer. The data released by the FBI also includes a discussion of interception of voice over IP and reviews of tests for performance and recovery from attacks and crashes for both Omnivore and Carnivore.

The existence of Carnivore was revealed when an attorney for Atlanta-based Internet service provider Earthlink Inc. told a House Judiciary Committee in April that the FBI was requiring the company to install the system on its network to fulfill court-ordered surveillance of criminal suspects. But the company resisted the installation of the secretive system because it caused performance problems on its network. It also couldn't examine the technology to determine if its capturing of e-mail, IP addresses and other traffic violated the privacy of other customers.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Department of JusticeEarthLinkElectronic Privacy Information CenterFBISun MicrosystemsTechnology Research

Show Comments