Commentary: Don't click the panic button over Carnivore

By William Spernow, Gartner Analyst

Concern over Carnivore is probably overstated and is at least premature.

Privacy advocates have not hesitated to publicly express their fear that Carnivore will give the FBI unlimited, unrestricted access to everyone's email. Historically, their fears are justified, given the abuses the FBI was responsible for 40 years ago.

Nevertheless, such discussions often overlook a key fact: Others can look through your email, too. Internet service providers have this capability, and by extension, so do the employees of ISPs. Moreover, individuals can obtain software programs today that have greater power and versatility for capturing email than Carnivore has.

	See news story: New documents shed more light on FBI's "Carnivore"

The real question is whom you trust to use this technology properly: individuals or federal law enforcement. Individuals are restrained by few laws. Federal law enforcement operates under numerous restraints, including the need to obtain a court order to use email filtering technologies such as Carnivore, explicit laws governing how it can use the information it collects, and monitoring by public authorities.

The public is likely to insist that the FBI have Carnivore's capabilities because of the need to access email in the fight against crime and terrorism. Right now, email is more secure than the telephone and has become a preferred means of communication for organized crime.

Armed with court orders, the FBI has successfully tapped the private telephone lines of organized crime. However, email sent over the public Internet is akin to a global party line. To review just the email authorized by the court, the FBI needs a technology such as Carnivore to filter out what it should not see.

When law enforcement officers deal with electronic evidence, their biggest fear is seeing email that they should not be viewing commingled with the email they are authorized to examine. This could jeopardize any prosecution that might result from the investigation. Thus, the FBI looks to Carnivore's filtering capability primarily for help in keeping investigations within proper legal limits.

Few people recognize that the FBI has long had the ability to use subpoenas and court-authorized search warrants to gain access to the email backup tapes maintained by ISPs. Given the lack of privacy abuse claims with this unrestricted court-authorized access, unrestricted access via Carnivore--if that capability is authorized by the court--is unlikely to be a problem.

Finally, the news that Carnivore has the ability to capture and store the entire email data stream should surprise no one, especially programmers. Any tool like Carnivore will need the ability to filter the entire data stream within which the targeted email is sent; otherwise, it would miss things and therefore not do its job effectively. Hence, by default, it will have initial access to everything in the email stream being monitored.

(For related commentary on Carnivore and its potential effect on security administrators, see TechRepublic.com--free registration required.)

Entire contents, Copyright © 2000 Gartner Group, Inc. All rights reserved. The information contained herein represents Gartner's initial commentary and analysis and has been obtained from sources believed to be reliable. Positions taken are subject to change as more information becomes available and further analysis is undertaken. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of the information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof.