1

The Broader Picture

Laws Governing Hacking and Other Computer Crimes

Consumer Privacy

Employee Workplace Monitoring

Government Surveillance

Cyberwar and Cyberterror

Hardening the Internet Against Attack

2

Figure 12-4: Government Surveillance

U.S. Tradition of Protection from Improper Searches No privacy protection in Constitution

Fourth Amendment: No unreasonable searches and seizures

Can search only with probable cause

Can only search specific things

FBI misuse of data collection during Hoover’s leadership

3

Figure 12-4: Government Surveillance

Telephone Surveillance Wiretapping

Federal Wiretap Act of 1968 for domestic crimes

Foreign Intelligence Surveillance Act of 1978 (FISA) for international terrorists and agents of foreign governments

Need warrant with probable cause and inability to get information by other means

4

Figure 12-4: Government Surveillance

Telephone Surveillance

Pen registers and trap and trace orders

Pen registers: List of outgoing telephone numbers called

Trap and trace: List of incoming telephone numbers

Not as intrusive as wiretap because content of the call is not captured

5

Figure 12-4: Government Surveillance

Telephone Surveillance

Pen registers and trap and trace orders

Electronic Communications Privacy Act of 1986 allows

Must be based on information to be collected being likely to be relevant to ongoing investigation (weak)

Judge cannot turn down warrant

6

Figure 12-4: Government Surveillance Telephone Surveillance

Communications Assistance for Law Enforcement Act of 1994

Requires communication providers to install the technology needed to be able to provide data in response to warrants

Patriot Act of 2001

Extends roving wiretaps to FISA—follow the target across media

Get billing information from telecommunications providers

7

Figure 12-4: Government Surveillance

Internet Surveillance

Extends pen register and trap and trace to Internet traffic

Same weak justification as for telephone traffic

But much more intrusive: e-mail addresses, URLs (which can be visited), etc.

8

Figure 12-4: Government Surveillance

Carnivore

Monitoring computer placed at ISP

FBI installs Carnivore computer, collects information

Can limit filtering to restrictions of warrant

No accountability through audit trails

9

Figure 12-4: Government Surveillance

The Possible Future of Government Surveillance

Intrusive airport security through face scanning

Possible national ID cards

New ability to gather and analyze information from many databases