THE AGE http://www.theage.com.au/news/20000820/A13431-2000Aug18.html Nowhere to hide By DUNCAN CAMPBELL Sunday 20 August 2000 Governments all over the world have suddenly become embroiled in controversy about electronic surveillance of the Internet. In the United States, a political storm has arisen over a new FBI Internet tapping system codenamed Carnivore. In Britain, the Regulation of Investigatory Powers Act has just extended telephone-tapping powers to cover Internet service providers, and allows the government to arrange indiscriminate tapping or e-mail interception for foreign police forces and security agencies. In the Netherlands, the Dutch security service BVD admitted two weeks ago that it had been collecting e-mails sent abroad by companies. In the Hague, laws are being prepared to allow the Justice Ministry to tap into e-mail and subscriber records, scan messages and mobile phone calls, and track users' movements. (In Australia, law enforcement agencies are not required to obtain a court order to demand disclosure of information provided it is in the course of a criminal investigation or is part of an ASIO operation against a threat to national security. The Commonwealth's Telecommunications (Interception) Legislation Amendment Bill 2000 amends the Telecommunications (Interception) Act 1979 and the Australian Security Intelligence Organisation Act. Within the amendments, interception warrants against a named person are enabled, as are warrants covering foreign communications.) These developments are no coincidence, but the direct result of secret planning over seven years by an international coordinating group set up by the FBI, after Congress twice refused to extend its telephone tapping powers for digital networks. Under the innocuous title of the International Law Enforcement Telecommunications Seminar, the group has met annually to plan for and lobby to make telecommunications systems "interception-friendly". The seminar excluded lawyers and industry specialists who might have advised on the arrangements to protect privacy and human rights, or on the feasibility and cost of the intelligence officers' wish list of interception requirements. As a result, the laws based on their recommendations have repeatedly caused controversy. The work of the group came to light in late 1997, when British researcher Tony Bunyan revealed collaboration between EU staff and the FBI for many years. Details of plans to compel Internet service providers worldwide to install secret interception "black boxes" in their premises appeared in Online in The Guardian last year. (www.guardianunlimited.co.uk/Archive/Article/0,4273,3859496,00.html). A month ago, the European Parliament appointed 36 parliamentarians to lead a year-long investigation into Echelon - the codename for a mainly US system for monitoring traffic on commercial communications satellites. Echelon has become common parlance for the worldwide electronic eavesdropping or signals intelligence network run by Britain's Government Communications Headquarters together with the US National Security Agency. The inquiry will ask if the rights of European citizens are adequately protected and ascertain whether European industry is put at risk by the global interception of communications. French politicians and lawyers have taken the lead in accusing the US and Britain of using their electronic intelligence networks to win business from foreign rivals. US politicians have riposted that France runs a worldwide electronic intelligence system of its own - Frenchelon, based at Domme, near Sarlat in the Dordogne, and includes an eavesdropping station in New Caledonia in the Pacific (see www.zdnet.co.uk/news/2000/25/ns-16207.html). Electronic eavesdropping has become a battleground between the US and Russia. The Russian-American Trust and Cooperation Act of 2000, passed on July 19, prohibits the US President from rescheduling or writing off billions of dollars of Russian debts unless a Russian spy base in Cuba is "permanently closed". This base at Lourdes, located on leased land near Havana, was the former Soviet Union's most important intelligence facility. It uses Echelon-type systems to collect data from telephone calls and satellite links covering the US. Lourdes allegedly provides "between 60 per cent and 70 per cent of all Russian intelligence data about the US". A defector has said that spying from Lourdes had grown dramatically following an order by Boris Yeltsin to step up economic and technological espionage against the West. The White House wants to stop the campaign to close Lourdes because other countries might then ask the US to close down similar bases. Documents suggest the US would particularly fear the Lourdes effect spreading to Britain, Germany and Australia, where the National Security Agency operates large sites. The US is not alone in this spying. By the end of the year, the Government Technical Assistance Centre will have begun operations from inside MI5's headquarters at Thames House, Millbank. Its primary purpose will be to break codes used for private e-mail or to protect files on personal computers. It will also receive and hold private keys to codes which British computer users may be compelled under law to give to the government. The development of the Government Technical Assistance Centre has been pioneered by the Home Office's Encryption Coordination Unit, which says that the centre will "provide the capability to produce plain text/images/audio from lawfully intercepted communications and lawfully seized computer media which are encrypted". The Home Office has not confirmed reports that the centre will also be the collecting point for intercepted internet communications relayed from the "sniffer" boxes to be installed inside British Internet service providers. The cost of building the centre, said to be $38 million, is likely to include the price of ultra-fast super-computers, of the type previously used only to break Soviet codes and attack other special military targets. Code-breakers from the Government Communications Headquarters will be seconded to work at the centre. The communications headquarters has used sophisticated computers for many years to examine foreign or "external" messages and phone calls, as part of the worldwide intelligence network operated with other English-speaking countries. The key part of this system uses computers called Dictionaries, which hold lists of thousands of target names, addresses and key words. They are used to select messages of interest, while discarding most communications. The headquarters was not normally permitted to encroach on domestic communications. Now, the Regulation of Investigatory Powers Act says that as many domestic Internet communications travel on the same "trunks" as external communications, it will be allowed to trawl through these messages without restriction. Another limitation, which had prevented the direct targeting of people in Britain by the headquarters without specific authorisation has also been dropped. The Home Secretary can sign an "overriding" warrant every three months, which will allow general surveillance without the need for individual warrants. This will apply to "serious crime", which can include organising demonstrations that may affect public order. The Act will also allow any agency nominated by the Home Secretary to tap into the addresses of e-mails sent and received (though not their content) without a warrant. Caspar Bowden, whose lobbying organisation, the Foundation for Information Policy Research, helped to bring some important changes to the new law, believes that letting Dictionary-type computers carry out broad-ranging surveillance on much internal UK traffic will break the new Human Rights Act (see www.fipr.org). The FBI has just been granted $85 million for an electronic surveillance program called Digital Storm. This foresees the quadrupling of telephone tapping in the US over the next decade. The FBI hopes to build in automated transcription and translation systems. According to its budget application for the next US fiscal year, a related program called Casa de Web will include central computer archives for intercepted audio and data reports. The existence of Carnivore was revealed three months ago as the result of a lawsuit between an Internet service provider and federal marshals, who demanded that the provider wire a Carnivore box into its network. The FBI initially wanted to install its own version of a commercial "sniffer" program called Etherpeek. Then it turned up with Carnivore and a court order to install it. The FBI claims there are only 20 Carnivores, and that they have been used only 25 times in the past 18 months (www.fbi.gov/programs/carnivore/carnivore.htm). But the system is so controversial that the US Congress held special hearings two weeks ago. A judge has ordered the FBI to answer requests for details made under the Freedom of Information Act. Carnivore consists of a laptop computer and communications interface cards. It runs a packet sniffer program to select the data it wants from inside the Internet service provider local network. According to Marcus Thomas, head of the FBI's Cyber Technology Section, they are PCs using proprietary software and acting as a "specialised sniffer". The bureau claims that although Carnivore's hardware sees all the traffic passing through the provider where it is installed, its software looks only at the origin and the destination of each Internet packet. If the addresses correspond with those specifically authorised in a court order, then the information and/or the contents are extracted and forwarded to the FBI. The agency claims no other data is recorded or examined. But US computer experts do not believe this is possible. For example, many providers allocate Internet addresses to their customers. This means that every time you dial in to your provider, you will use a different Internet address. Unless Carnivore is also intercepting this type of data, it cannot work. The FBI has been asked to reveal Carnivore's source code, but has refused. US Attorney-General Janet Reno has publicly regretted the selection of the codename Carnivore. It will be changed to a less threatening name. - GUARDIAN ************************************************************************* This posting is provided to the individual members of this group without permission from the copyright owner for purposes of criticism, comment, scholarship and research under the "fair use" provisions of the Federal copyright laws and it may not be distributed further without permission of the copyright owner, except for "fair use." -- Leftlink - Australia's Broad Left Mailing List mailto:[EMAIL PROTECTED] http://www.alexia.net.au/~www/mhutton/index.html Sponsored by Melbourne's New International Bookshop Subscribe: mailto:[EMAIL PROTECTED]?Body=subscribe%20leftlink Unsubscribe: mailto:[EMAIL PROTECTED]?Body=unsubscribe%20leftlink
