Documents recently obtained through a Freedom of Information Act (FOIA) request reveal detailed information about the FBI’s electronic surveillance capabilities. The Electronic Frontier Foundation (EFF) filed the FOIA request in 2007 after it was reported that the agency was using “secret spyware.”
The documents show that software called the Computer and Internet Protocol Address Verifier (CIPAV) was used by the FBI since at least 2001. The software allows the FBI to collect a variety of information from a computer every time it connects to the Internet, including the IP address, Media Access Control (MAC) address, open communication ports, list of the programs running, URLs visited, and more.
It is unclear how the FBI installs the software on a computer, but it is suspected that the spyware exploits a vulnerability in the user’s browser, like other common Internet viruses.
The documents also suggest the FBI frequently uses the software during investigations, including domestic criminal cases and Foreign Intelligence Surveillance Act (FISA) cases.
The the U.S. Air Force, Naval Criminal Investigative Service and Joint Task Force-Global Network Operations, as well as foreign governments, have expressed interest in obtaining the software for their own use.
In February, the FBI urged members of the House Judiciary Subcommittee on Crime, Terrorism and Homeland Security to update the Communications Assistance to Law Enforcement Act (CALEA) and make it easier for authorities to eavesdrop on Internet.
The act was passed in 1994 and requires telecommunication companies to design their equipment and services to ensure that law enforcement and national security officials can monitor telephone and other communications whenever necessary.
The proposal to expand CALEA would require companies involved in online communications to re-engineer their software so that law enforcement could easily access it.
“These documents show the FBI already has numerous tools available to surveil suspects directly, rather than through each of their communications service providers,” Jennifer Lynch of the EFF said.
“A device that remains ‘persistent’ on a ‘compromised computer’ is certainly concerning,” she added. “However, if the FBI obtains a probable cause-based court order before installing tools like CIPAV, complies with the minimization requirements in federal wiretapping law by limiting the time and scope of surveillance, and removes the device once surveillance concludes, the use of these types of targeted tools for Internet surveillance would be a much more narrowly tailored solution to the FBI’s purported problems than the proposal to undermine every Internet user’s privacy and security by expanding CALEA.”