[iwar] [fc:Analysis.of.FBI's.new.surveillance.powers,.from.CDT]

From: Fred Cohen (fc@all.net)
Date: 2002-06-02 21:25:15


Return-Path: <sentto-279987-4748-1023078152-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Sun, 02 Jun 2002 21:27:12 -0700 (PDT)
Received: (qmail 27488 invoked by uid 510); 3 Jun 2002 04:22:06 -0000
Received: from n25.grp.scd.yahoo.com (66.218.66.81) by all.net with SMTP; 3 Jun 2002 04:22:06 -0000
X-eGroups-Return: sentto-279987-4748-1023078152-fc=all.net@returns.groups.yahoo.com
Received: from [66.218.67.198] by n25.grp.scd.yahoo.com with NNFMP; 03 Jun 2002 04:22:32 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_0_3_2); 3 Jun 2002 04:22:32 -0000
Received: (qmail 72806 invoked from network); 3 Jun 2002 04:22:32 -0000
Received: from unknown (66.218.66.216) by m5.grp.scd.yahoo.com with QMQP; 3 Jun 2002 04:22:32 -0000
Received: from unknown (HELO red.all.net) (12.232.72.152) by mta1.grp.scd.yahoo.com with SMTP; 3 Jun 2002 04:22:31 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g534PGN29713 for iwar@onelist.com; Sun, 2 Jun 2002 21:25:16 -0700
Message-Id: <200206030425.g534PGN29713@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Sun, 2 Jun 2002 21:25:15 -0700 (PDT)
Subject: [iwar] [fc:Analysis.of.FBI's.new.surveillance.powers,.from.CDT]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, hits=-0.2 required=5.0 tests=PORN_10,MAILTO_WITH_SUBJ,MAILTO_LINK,DIFFERENT_REPLY_TO version=2.20
X-Spam-Level: 

The FBI has begun releasing information about its guidelines
changes. Here is what we know so far:

*  The FBI is using the terrorism crisis as a cover for a range of
changes, some of which have nothing to do with terrorism.

*  The online surfing provisions, for example, relate not only to
terrorism cases, but to all other investigation - drugs, white collar
crime, public corruption, and copyright infringement.

*  Other changes affect how the FBI conducts investigations under
RICO, the racketeering and organized crime law, allowing the FBI to
use the heavy weaponry of RICO (forfeiture, enhanced penalties)
against crimes that are not committed for monetary gain.

*  The changes mean that the FBI, which has failed to manage the
ocean of information it already collects, will be gathering yet more
information in situations completely unconnected to any suspicion of
criminal conduct, and will be continuing for longer periods of time
investigations that are producing nothing.

*  The expanded surveillance and use of data mining could be written
off as just a waste of money, but for two paramount problems: the
changes are likely to make the FBI less efficient in preventing
terrorism, by diverting resources down rat-holes of fruitless
investigations; and the DOJ has proven its determination since
September 11 to arrest people based on innocent coincidences and
hold them in jail even after concluding that they were unrelated to any
terrorism and in some cases (the material witnesses) had
committed no legal violation at all.

* The FBI was never prohibited from surfing the Internet or using
commercial data mining services - the FBI has long been a major
customer of many private information systems.  But in the past, the
search had to be related to some investigation.  The threshold was
very low - under the old guidelines, the FBI could maintain a
preliminary inquiry for 90 days using data mining, undercover
operations, photo surveillance, informants, etc, whenever it had
"information or an allegation whose responsible handling required
some further scrutiny."  In fact, the FBI could open preliminary
inquiries solely for the purpose of data mining.  But it had to be
looking for some criminal conduct.  The new changes allow the data
mining technique - who has changed apartments three times in the
past 2 years? who has been making a lot  of international phone
calls? - as the basis for generating the suspicion of criminal conduct
in the first place.

Specific Changes

1.  Topical Research.   According to the explanatory memo, FBI
agents could not conduct online searches under the term "anthrax,"
even after the initial appearance of the anthrax letters That is absurd -
there was an ongoing investigation.  Anyhow, no privacy rights or civil
liberties are implicated in searches - before or after the appearance
of the anthrax letter - for words like "anthrax."  This has little to do
with
searching for words like "anthrax."  The question is whether general
topical research includes searches for "Palestinian rights" or other
terms with a political, ethnic or religious significance.  If it does, then
it seems a prelude to questioning people and even detaining them
on the basis of their exercise  of political freedoms.

2.  Online Surfing.  This change is intended to allow FBI to search the
Internet before they have any indication of criminal conduct.  In other
words, it authorizes fishing expeditions, plain and simple - FBI
agents spending their days searching the Web to see what turns up -
or more likely, FBI agents setting robots to search the web looking for
certain terms.  But the guidelines do not seem to limit the type of
searches.  It is one thing to surf for information about bomb making
or child porn, but it is another thing to search for information about
Palestinian rights.  This change is not limited to terrorist cases.

5.  Use of Commercial Data Mining Services.  The FBI will now be
using the services of the people who  decide what catalogues to
send you or what spam e-mail you will be interested in.  The problem
is, the direct marketers can only call you during dinner time or mail
you (or not mail you) another credit card offer based on that
information - the FBI can arrest you.  And since September 11 the FBI
has in fact arrested and held people based on innocent activity.

6.  Preliminary Inquiries.  I don't understand this point, about
preliminary inquiries not serving as the basis for broader intelligence
investigations.  The old Guidelines clearly stated, "If, on the basis of
information discovered in the course of a preliminary inquiry, an
investigation is warranted, it may be conducted as a general crimes
investigation, or a criminal intelligence investigation, or both." See
<a href="http://www.usdoj.gov/ag/readingroom/generalcrimea.htm#general">http://www.usdoj.gov/ag/readingroom/generalcrimea.htm#general>

7.  Criminal Intelligence Investigations.  These changes include the
change allowing investigations under RICO where there is no profit
motive.  Otherwise these changes reduce headquarters oversight,
running the risk that worthless or improper investigations will be
allowed to go on too long.

8. Enhancing Preliminary Inquiries.  Preliminary inquiries (PIs) allow
the FBI to conduct investigations even when there is no reasonable
indication of criminal activity.  Under the old Guidelines for PIs, the
FBI could use all techniques except three: mail covers, mail openings
and wiretaps.  This meant that the FBI could use informants, Internet
searches, undercover operations, physical and photographic
surveillance, data mining.  Under the old guidelines, if 90 days of
investigation turned up no indication of criminal activity, the
investigation could be continued only with HQ approval. Under the
changes, PIs can continue 1 year without HQ approval.  This means
that the FBI can conduct an investigation, using highly intrusive
techniques for one year (and longer with HQ approval) even if the
investigation is turning up no reasonable indication of criminal
activity.

9. Information Systems. One of the biggest changes is the last one
on the DOJ list.  It is called "Enhancing Information Analysis at FBI
Headquarters," but it says that the FBI is authorized to "participate in ..
information systems ... [that] draw on and retain pertinent information
from any source ... including ... publicly available information, whether
obtained directly or through services or resources (whether nonprofit
or commercial) that compile or analyze such information .... ."  This
means that the FBI can subscribe to any commercial profiling and
data mining service, such as the one described on today's
Washington Post business page.  Some data mining services
routinely profile people by race and religion.  Another clause in the
same new section permits acceptance and retention of information
"voluntarily provided by private entities," which harkens back to the
days of private intelligence gathering by right wing groups.

Background

One fact suggesting that there is more here than meets the eye is
this:  All of the changes relate to the FBI's domestic guidelines, not
the international terrorism guidelines under which Osama bin Laden
and Al Qaeda are investigated.

The FBI is subject to two sets of guidelines, a classified set of
guidelines for foreign intelligence and international terrorism
investigations, and an unclassified set of guidelines on general
crimes, racketeering and domestic terrorism. The old domestic
guidelines are at
<a href="http://www.usdoj.gov/ag/readingroom/generalcrimea.htm">http://www.usdoj.gov/ag/readingroom/generalcrimea.htm> 
 A heavily
redacted copy of the international guidelines can be downloaded in
PDF from http://www.usdoj.gov/ag/readingroom/terrorismintel2.pdf

The distinction between foreign and domestic has nothing to do with
where the investigation is conducted - both sets of guidelines relate
to investigations in the United States.  Rather the difference between
the two sets of guidelines has to do with the nature of the
organization being investigated.  The foreign guidelines govern
investigations inside the United States of foreign powers and
international terrorism organizations (such as al Qaeda or Hamas),
groups that originate abroad but carry out activities in the US.  The
domestic guidelines govern investigations of organized crime and of
terrorist groups that operate in the US and originate in the US - white
supremacists, animal rights activists, what remains of the Weather
Underground.

In some ways, the foreign intelligence and international terrorism
guidelines have always given the FBI more latitude than the domestic
guidelines.  In particular, they allow investigations to be conducted
where there is absolutely no suspicion of criminal activity -
investigations can be opened merely on the basis of suspicion that a
person is affiliated with an international terrorist group, even if there
is no evidence that the person is doing anything illegal.  The irony is
that the FBI's failed investigations of the Osama bin Laden group and
of Islamic fundamentalists in general were conducted under those
looser guidelines, indicating that the problem was not the limits
imposed by the guidelines.

For more information, contact Jim Dempsey , CDT Deputy Director,
<a href="mailto:jdempsey@cdt.org?Subject=Re:%20(ai)%20Analysis%20of%20FBI's%20new%20surveillance%20powers,%20from%20CDT%2526In-Reply-To=%2526lt;B91FED26.32388%25rforno@infowarrior.org">jdempsey@cdt.org</a>, 
(202) 637-9800 x 112.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Tied to your PC? Cut Loose and
Stay connected with Yahoo! Mobile
http://us.click.yahoo.com/QBCcSD/o1CEAA/sXBHAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:32 PDT