The suggestion from FBI Director Robert Mueller, which came during a House of Representatives Judiciary Committee hearing, appears to go beyond a current plan to monitor traffic on federal-government networks. Mueller seemed to suggest that the bureau should have a broad “omnibus” authority to conduct monitoring and surveillance of private-sector networks as well.
The surveillance should include all Internet traffic, Mueller said, “whether it be .mil, .gov, .com–whichever network you’re talking about.” (See the transcript of the hearing.)
In response to questions from Rep. Darrell Issa, a California Republican, Mueller said his idea “balances on one hand, the privacy rights of the individual who are receiving the information, but on the other hand, given the technology, the necessity of having some omnibus search capability utilizing filters that would identify the illegal activity as it comes through and give us the ability to preempt that illegal activity where it comes through a choke point.”
In response, Issa said: “Can you have someone on your staff designated to work with members of Congress on trying to craft that legislation?”
If any omnibus Internet-monitoring proposal became law, it could implicate the Fourth Amendment’s guarantee of freedom from unreasonable searches and seizures. In general, courts have ruled that police need search warrants to obtain the content of communication, and the federal Wiretap Act created “super warrant” wiretap orders that require additional steps and judicial oversight.
In addition, it’s unclear whether “illegal activity” would be limited to responding to denial-of-service attacks and botnets, or would also include detecting other illegal activities, such as online gambling, the distribution of “obscene” images of adults engaged in sexual acts, or selling drugs without a license.
To be fair, Wednesday’s discussion of the plan was geared toward cybercrime and the Bush administration’s classified “cyberinitiative,” which includes a shadowy program known as Einstein.
Some politicians have already raised concerns that even Einstein, which is described as dealing only with government networks and not private ones, could infringe upon the privacy rights of American citizens. It’s already in place at 15 federal agencies, but Homeland Security has said it’s still preparing the necessary privacy impact assessments for a proposed $293 million governmentwide Einstein expansion.
Issa, for his part, referred on Wednesday to malicious attacks being undertaken by foreign and domestic hackers who want to “take control of computers” and harvest the national-security secrets and private information of government agencies, private companies, and individual Americans.
“What authorities do you need to monitor, looking for those illegal activities, and then act on those, both defensively and, either yourselves or certainly other agencies, offensively in order to shut down a crime in process?” Issa asked.
In response, Mueller said he would be happy to have his legislative staff work with members of Issa’s committee on creating a bill for a broader-reaching surveillance system.
Issa suggested that perhaps the FBI already has the power to seek voluntary private-sector partners that would like to be “defended” by its agents, provided that they give the FBI their consent. Mueller, however, wasn’t so sure, saying, “that’s going to require some thought.”
[6:00 pm: Updated story with additional quotations from transcript of the hearing.]
CNET News.com’s Declan McCullagh contributed to this report.
April 23, 2008 11:48 AM PDT
Source: CNET News.com