FBI's Carnivore Just the First Step in Cyber Surveillance

The FBI says its controversial Carnivore system is just "the tip of the iceberg" when it comes to Internet surveillance because an even sharper-toothed information chomper is now in development.

Amid all the hubbub over whether the current system violates privacy rights, the agency has been quietly working on both "Carnivore 2.0" and "Carnivore 3.0," according to FBI documents released this month under a Freedom of Information Act claim filed by the Electronic Privacy Information Center. The current Carnivore is version 1.3.4, according to the documents.

An "Enhanced Carnivore" program has been under development since last November — under a $650,000 contract scheduled to end in January 2001. Most of the details on the souped-up snoopers were blacked out in heavy black marker before the papers were released.

The Federal Bureau of Investigation makes no bones about its plans for the system, which sifts an Internet Service Provider’s transmissions to track suspects' online activity.

"As it looks today, it could be completely different a year from now," said FBI spokesman Paul Bresson. "Really, we've only seen the tip of the iceberg in terms of the change in technology."

He said improving Carnivore is vital for keeping pace with criminal elements.

"This is going to continue to be a cat-and-mouse game," he said. "There's always going to be software and other encryption technology that render a system less useful."

He declined to give specific details. But privacy experts say an evolving Carnivore presents a problem for those trying to keep an eye on it.

"It's a moving target," said David Banisar, a senior fellow at EPIC. "It means there needs to be continual oversight, not just onetime oversight. It means that if we get the source code we'll have to get the source code as it changes also, and do a re-analysis as the functions of the software change."

The program's source code, the piece of information most sought after by activists trying to figure out if Carnivore reads the e-mail of more than just those targeted by a court order, was omitted from the 600-plus pages given to EPIC in the first of several planned releases. But the organization has vowed to continue fighting for it.

Despite the incomplete technical blueprint, the newly public papers do shed some light on what sequels to Carnivore might look like.

Three jargon-heavy lines of text that survived the FBI censor reveal that Version 2.0 will be capable of "built-in data analysis that Carnivore doesn’t appear to do now," Banisar said.

That means being able to display captured Internet data as soon as Carnivore intercepts it. The current system merely stores the data and two other programs — "Packeteer" and "Coolminer" — must be used to process and display it.

No information was released from the Version 3.0 section but research mentioned elsewhere in the unclassified papers involves an aspect of the technology dubbed "Dragon Net" that captures telephone conversations held via the Web — a process known as "voice over IP" technology.

Banisar suspects the FBI might also want its future sniffers to have the ability to track multiple targets simultaneously. That wouldn't bode well, he said. "The more capability it has to intercept more than one target, the more likely it is to be abused."

While the current Carnivore is purely monogamous, it casts a wider net than commonly thought, according to an analysis of the FBI documents by anti-computer crime site SecurityFocus.com.

Carnivore can "be programmed to watch for all the Internet activities of a particular person," said Kevin Poulson, editorial director at SecurityFocus and a former hacker. The system can even reconstruct Web pages viewed by a suspect. "All that’s been talked about is its ability to monitor e-mail."

In light of this, said EPIC’s Banisar: "It makes you wonder what else they could possibly want."