Now the FBI is hoping to capture and corral more such digital detritus, from a much wider swath of the populace, in the name of fighting terrorism.
The Senate Judiciary Committee on Thursday will examine proposed Justice Department guidelines that would give federal investigators new license to mine publicly available databases and monitor Web use. The changes, which come after a major FBI shakeup last week, have sparked intense debate over the merits of expanding government surveillance powers as the country faces ongoing threats of terrorist attacks.
Backers paint the reforms as a long overdue end to restrictions that have hobbled investigators and denied them access to research tools that are available to anyone with an Internet connection. Intelligence failures in the FBI and CIA have come under the spotlight amid new questions about who knew what in advance of the Sept. 11 suicide hijackings, which left more than 3,000 people dead.
But civil liberties advocates warn that last week's proposal is the latest step along a worrying path back to the 1950s and '60s--days when investigators compiled dossiers on countless American citizens based on little more than their religious and political practices.
"I hate to be in a position of telling people 'don't go online and speak' or 'watch what you say,' but you have to take from this that on an arbitrary basis, the FBI is going to be tagging people as terrorists based on what they say online," said Jim Dempsey, deputy director of the Center for Democracy and Technology.
Since Sept. 11, Congress has enacted legislation that greatly expands law enforcement's ability to monitor communications through the so-called Patriot Act. America's allies have also sought to bolster laws aimed at aiding investigators, with the European Parliament last week guidelines that would force Internet companies to preserve data about their sites for possible future investigations.
Last week's FBI guidelines from Attorney General John Ashcroft and FBI Director Robert Mueller would allow field agents to gather information outside of criminal investigations, relaxing regulations set in the 1970s. Those rules, named after then-Attorney General Edward Levi, barred the FBI from attending political meetings unless it had a reasonable suspicion that a crime was being planned.
The new rules, by contrast, would authorize field agents to attend public meetings freely and request warrants with less interference from the main office. In addition, the rules would allow the FBI to monitor public Internet sites, libraries and religious institutions.
A new tool or a throwback?
Agency supporters say the lifting of monitoring restrictions opens the gate to investigation tools that have been unaccountably denied to the FBI until now.
In an opinion piece published this week in The Wall Street Journal, L. Gordon Crovitz, Dow Jones' senior vice president of electronic publishing, said his eyes were recently opened to undue restraints on the FBI during the investigation into the death of Daniel Pearl, a Wall Street Journal reporter who was kidnapped and murdered in Pakistan this year. In following the case, employees of the paper found that the FBI was restrained from keeping information as rudimentary as news clips, he wrote.
Privacy vs. safety
Terrorist threat shifts priorities
in online rights debate
Privacy advocates, however, say the Net monitoring rule creates greater possibilities than ever before for abuses because technology makes it easier to whittle down people's habits and divide them into patterns that may or may not point to terrorism. The result, they say, could be a crackdown on political dissidents and people who visit anti-American chat rooms.
For years, some people have worried that marketers would profile them in some worrisome way by tracking their Web use. The FBI's involvement could raise the stakes.
Technology ranging from data mining to surveillance cameras can be tied together to form an easily searchable database of people's religious, political and personal preferences. This enables the FBI, based on a hunch, to investigate--and possibly jail--people.
Law enforcement for the most part has always been able to get information through a third party, such as a database company or an Internet service provider, via methods including subpoenas. However, the new, relaxed guidelines would let the FBI conduct investigations in publicly available nooks of the Web even if they aren't looking at a specific suspect or crime.
"Such an approach to police authority in the United States is directly contrary to the First and Fourth Amendment and the system of checks and balances established by our form of government," a group of organizations including the American Library Association, the American Civil Liberties Union, and the Arab American Institute wrote in a letter this week to Senate Judiciary Chairman Patrick Leahy, D-Vt.
"We are also concerned that the changes authorize unchecked surveillance of lawful religious and political activity, and that such surveillance will be targeted against Arab-Americans, Muslims and immigrants among others," the letter said.
Others say the new surveillance culture is theAmericans have to pay to be safe in a post-Sept. 11 world.
"The first business of government is to protect its citizens from the kind of threats we saw on Sept. 11," said Roger Pilon, vice president for legal affairs at the Cato Institute. "Nothing in these new guidelines in any way is in violation of constitutional protections. There's nothing illegal about compiling a dossier."
Pilon compares the FBI's plan for more patrolling of public Web spaces to a beat cop walking the neighborhood.
"It has been objected that this will allow agents to monitor perfectly legal behavior--that's true," he said. "The cop working the beat observes legal behavior. The reason for walking the beat is to engage in a more proactive effort to prevent crime."
Caught in the middle
Meanwhile, those who compile databases are grappling with the plan, wondering if they're going to be forced into the role of skippers on new FBI fishing expeditions.
Jerry Cerasale, senior vice president of government affairs for the Direct Marketing Association, said his group is still crafting a response to the FBI proposal.
"Our guidelines say marketing data can be used for marketing purposes only," he said. "This is a new twist."
Cerasale said his members have long had to balance law enforcement needs with privacy rights, but until now, the process has involved a subpoena.
"You don't just give out an address to law enforcement officials, although the FBI would like that to happen," he said.
Furthermore, previous attempts to tie databases to crime have often failed, underscoring the risks of relying on technology as a cop.
For example, Cerasale said that despite protests from his group, the IRS eventually got its hands on the list of subscribers to Car and Driver Magazine, hoping to catch tax cheats by scouring groups of people interested in expensive cars. However, the search led to little more than a few teenage car fans who hadn't filed taxes, Cerasale said.
The incident is cited as one more example of the limitations of technology. And the list of failed searches for a silver cyberbullet grows longer by the day. Some airports, for example, have removed face-recognition technology after it failed to identify people more than half the time.
What's more, law enforcement's reliance on technology has actually tripped up some investigations. According to internal FBI documents obtained by the Electronic Privacy Information Council, a privacy watchdog,in the Carnivore --namely, the over-collection of information on innocent individuals--led to the destruction of e-mails from a subject with ties to Osama bin Laden.
Connecting the dots
But all the hand-wringing over information gathering may be for naught if cops can't connect the dots on the data they do collect. A series of revelations in recent weeks has shown that the FBI and CIA had gathered data hinting or warning of the Sept. 11 attacks but failed to coordinate and respond to the information.
In one case, investigators overlooked a memo from a Phoenix field office warning that potential terrorists were enrolling in flight schools. In another case, a Minneapolis agent told FBI Director Mueller that bureaucratic bungles thwarted her investigation into the alleged 20th hijacker, Zacarias Moussaoui.
"I think the lesson of the last month or so--the revelations of the government's handling of the bits of information it had--is that there was not a failure at the information-gathering level," said Lee Tien, an attorney with the Electronic Frontier Foundation (EFF). "There was a failure of information going to the right place."
The problem is so severe that the Senate and House intelligence committees are beginning an in-depth series of meeting into the matter this week.
That's not to say that technology can't play an important part in nabbing suspected terrorists. Police have caught rapists and murderers by retracing digital footprints as mundane as a subway card reader. FBI agents have used the Web to snare child pornographers and drug dealers.
And on Tuesday, FBI Director Mueller gave another nod to the tech world, announcing the appointment of longtime IBM executive Wilson Lowery as his special assistant to oversee the agency's restructuring.
"He combines the precision and insight of a chief financial officer with the vision and leadership of an executive comfortable with change, technology and global issues, " Mueller said in a statement about Lowery.
But the focus on technology still doesn't solve the basic problems, says the EFF's Tien.
"The continual question of 'can't we do more with technology?' I think really misses the point," Tien said. "The weakest link in our intelligence is a lack of understanding of what's going on, on the ground. There is no quick fix."