Civil Liberties

ACLU Wants the Feds To Fess Up About Email Snooping

|

Internet
Rock1997

The American Civil Liberties Union wants the Federal Bureau of Investigation to answer a few questions about how it scoops up that oh-so-don't worry-about-it metadata the feds keeps saying is perfectly legitimate to collect. For instane, is it true the FBI uses "port readers" to mass-copy whole emails, including content, and then erases the messages and just keeps the metadata? This is important not just in bureau activities, but because we've learned that the NSA's domestic spying programs take place under the authority of the FBI.

From the ACLU:

Yesterday, we filed a Freedom of Information Act request with the FBI asking for details about a surveillance tool we know too little about, called a port reader. According to news reports, port readers copy entire emails and instant messages as they move through networks, in real time. They then delete the contents of the messages, leaving only the "metadata" — the sender, recipient, and time of a message, and maybe even the location from which it was sent — behind for the government. According to the same reports, the FBI is taking steps to install port readers on the networks of major U.S. phone and Internet companies, going so far as to make threats of contempt of court to providers that don't cooperate.

The use of port readers isn't a new revelation, as news travels these days. CNet reported last August about the feds putting the squeeze on Internet service providers to build the technology into their systems so agents could drink from the stream at will. But the formal ACLU FOIA filing is new, and could tell us just deeply burrowed into our communications the government has been all this time, and just how much "trust us" they expect the American public to swallow.

Among the questions the ACLU wants answered are those below:

  1. Policies, procedures, practices, and legal memos relating to the installation and use of port reader processes, devices, hardware, software, or firmware;
  2. Technical specifications for the installation and use of port reader processes, devices, hardware, software, or firmware (including any relevant API, ABI, or network protocol specification);
  3. What kinds ofintemet traffic (i.e., what protocols) are captured by port reader processes, devices, hardware, software, or firmware;
  4. What categories of metadata port reader processes, devices, hardware, software, or firmware are capable of capturing, and which categories are in fact collected;
  5. Whether and to what extent port readers copy or retain communications content, including any content of emails, any content of instant messages, and any addresses of web pages visited;
  6. How many communications have had their content or metadata copied or retained using port reader processes, devices, hardware, software, or firmware;
  7. How many individuals have had their communications metadata or content copied or retained using port reader processes, devices, hardware, software, or firmware;
  8. Whether telecommunications carriers and Internet service providers have installed port reader processes, devices, hardware, software, or firmware;
  9. The case name, docket number, and court of any legal proceeding in which any private entity has challenged or resisted the installation and use of port reader processes, devices, hardware, software, or firmware;
  10. Pursuant to which legal authorities the FBI bases its claim that it may lawfully request or compel the installation and/or use of port reader processes, devices, hardware, software or firmware.
  11. The name of the tool identified by CNET and Foreign Policy as a port reader.

The answers should be fascinating, but don't hold your breath while you wait for the FBI to cooperate.