Good to see the FBI follows procedures

Eric Rescorla ekr at networkresonance.com
Thu Dec 20 15:30:47 EST 2007 

Ryan Singel reports that despite the rather lax standards required for
wiretaps, some FBI agents seem to have decided that they could skip
procedure:

    The revelation is the second this year showing that FBI employees
    bypassed court order requirements for phone records. In July, the
    FBI and the Justice Department Inspector General revealed the
    existence of a joint investigation into an FBI counter-terrorism
    office, after an audit found that the Communications Analysis Unit
    sent more than 700 fake emergency letters to phone companies
    seeking call records. An Inspector General spokeswoman declined to
    provide the status of that investigation, citing agency policy.

    The June 2006 e-mail (.pdf) was buried in more than 600-pages of
    FBI documents obtained by the Electronic Frontier Foundation, in a
    Freedom of Information Act lawsuit.

    The message was sent to an employee in the FBI's Operational
    Technology Division by a technical surveillance specialist at the
    FBI's Minneapolis field office -- both names were redacted from
    the documents. The e-mail describes widespread attempts to bypass
    court order requirements for cellphone data in the Minneapolis
    office.

    Remarkably, when the technical agent began refusing to cooperate,
    other agents began calling telephone carriers directly, posing as
    the technical agent to get customer cellphone records.

    Federal law prohibits phone companies from revealing customer
    information unless given a court order, or in the case of an
    emergency involving physical danger.

Singel's report is at:
   http://www.wired.com/politics/onlinerights/news/2007/12/fbi_cell

You can read the actual document:
   http://blog.wired.com/27bstroke6/files/minneapolisemail.pdf

It's worth noting that a lot of what's going on here is device
and call tracking, not content capture, so even if you have end-to-end
crypto in your handset, it's only of modest value.

-Ekr

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list