Rutgers Computer and Technology Law
Journal
2002
Notes and Comments
CARNIVORE IN CYBERSPACE: EXTENDING
THE ELECTRONIC COMMUNICATIONS
PRIVACY ACT'S FRAMEWORK TO CARNIVORE
SURVEILLANCE
Geoffrey A. North [FNa1]
Copyright © 2002 Rutgers Computer and Technology Law Journal; Geoffrey A.
North
I. Introduction
With each advance of communications technology comes a correlated
advance in the technology of surveillance: if the developments of the Internet
and e-mail constitutes a revolution in the way Americans communicate, these
developments have fomented a similar revolution in the way the United States
government investigates crime. While
some advances in surveillance have been facilitated by the passage of the
Communications Assistance for Law Enforcement Act of 1994 (CALEA) [FN1], perhaps the single most powerful and far-reaching
surveillance tool to monitor Internet communications arose out of the
governmental concern of preventing cyberspace from being overrun with crime.
This tool has been ominously dubbed "Carnivore." [FN2]
If advances in communications and surveillance technology occur in
distinct and evenly matched steps, it should not be surprising that Carnivore's
features mirror the elements of the major telephonic surveillance devices:
wiretaps, pen registers and trap-and-trace devices. Carnivore, however, is believed to impound information
transmitted through cyberspace with unprecedented efficiency.
While privacy advocates have expressed deep concerns about the potential
abuses of Carnivore's capabilities, government officials have argued powerfully
for the need to patrol the electronic frontier for potential crime.
The balancing of the interests of these sometimes polarized groups will
shape the structure of this note. In
Part II of this Note, the known facts surrounding Carnivore will be examined, with
a discussion of Carnivore's similarity to telephonic surveillance devices. Part III will survey the current state of
pertinent Fourth Amendment law, including the Katz doctrine, its progeny, and
cases decided under Title III of the Omnibus Crime Control and Safe Streets Act
[FN3] and the Electronic
Communications Privacy Act of 1996 (ECPA) [FN4]. Finally, this Note will conclude that the
safeguards provided under those two Acts are
readily applicable to Carnivore, and should be used to develop a balance
between the privacy interests of the public at large and the law enforcement
interests of the government.
II. Privacy and Law Enforcement in
Cyberspace
The FBI computer labs in Quantico, Virginia recently developed
"Carnivore," with the express intent of creating a tool capable of
tapping into and monitoring Internet traffic. [FN5] The specter of
Carnivore now looms heavily over cyberspace, for it is feared that the
application will be used by the FBI to "police cyberspace." [FN6] While government
agencies such as the FBI and the Department of Justice have long had the
ability to monitor private telephone conversations with a variety of
technological devices, electronic communication was believed to be secure from
monitoring by the government. Now, however, the advent of Carnivore has
officially extended the reach of the FBI into cyberspace.
It is not merely that the FBI now has the ability to monitor private
electronic communications that has made civil liberties groups apprehensive, it
is the breadth of the government's reach.
Barry Steinhardt, the Associate Director of the American Civil Liberties
Union (ACLU) recognizes the governmental interest in preventing the Internet
from becoming overrun with criminal plotting and actual illegal acts, but
believes some boundaries must be set for
governmental agencies. [FN7] As Steinhardt
notes, "[t]he central issue is how much liberty the government should be
able to destroy in order to 'catch a few perps." ' [FN8]
Due to its vast information-gathering capacity, Carnivore's targets will
not necessarily be limited to specific e-mail transmissions that are suspected
of communicating details of illegal activities. Carnivore is not subject to the concerns of efficiency and time
which force the government to target specific individuals for conventional
telephone wiretaps. Rather, Carnivore
may have the ability to impound all electronic communications, then filter out
those that do not give rise to investigation.
One commentator, James H. Johnston, recalls:
[T]he apocryphal story of the ruthless commander of the Ottoman forces
that sacked Constantinople. When he saw
the defenders and residents of the city take sanctuary in a church, he ordered
his men to set it afire. A lieutenant
pointed out that there were faithful as well as infidels inside, but the
general said, 'Burn it anyway, and let God sort them out.' [FN9]
A great deal of concern has arisen among civil liberties groups such as
the ACLU because so little is known about Carnivore's reach and capabilities.
While an independent review of Carnivore has recently been completed, it
has faced pointed criticisms from advocates of personal privacy. The review team that was chosen from the
Illinois Institute of Technology's Research Institute "include[d] a large number of White House
insiders, including a former Clinton information policy advisor, and a former
Justice Department official." [FN10] This research
group's stated objective was to "determine whether it's technically
possible for Carnivore to snoop on e-mail beyond the scope of a wiretap order,
and whether it poses other privacy risks." [FN11]
The Attorney General for the Clinton Administration, Janet Reno, allowed
for the eventual release of thousands of pages of information regarding
Carnivore. However, an initial block of information released, totaling over
seven hundred pages of material, has encountered reactions of deep
disappointment. [FN12] Much of
the material that has thus far been declassified and released has been stripped
of any value, its meaning obscured by the blocking out of apparently key
portions censored by the government before its release. [FN13] The anticipated
release of an additional two hundred pages was withheld completely. [FN14]
There have also been numerous calls for the FBI to make Carnivore's
source code publicly available. [FN15] Due to the
inadequacies that have riddled the independent review and releases of
information thus far, many critics believe that this step will be the most
effective way to ascertain the potential reach of Carnivore. The FBI, however, has resisted, fearing that
such a release will, in effect, hand over the use of Carnivore's capabilities
to hackers. [FN16]
The lack of available information about
Carnivore, combined with what some believe is a lack of candor on the part of
the government in disclosing only the most general details has fueled the fears
of civil liberties groups that Carnivore really does possess the power to
conduct all-encompassing surveillance of communications carried out in
cyberspace.
Among such groups' greatest worries is that Carnivore has the
far-reaching power to surveil either all correspondence that takes place over
the Internet or through e-mail, or any that the investigating governmental
agency chooses, regardless of whether a warrant to seize such information has
been obtained. [FN17] In addition, opponents of Carnivore fear
that the program gives the FBI the power to read all correspondence it
intercepts and then filter out the innocuous transmissions. Donald Kerr, FBI Assistant Director, has
testified to Congress that Carnivore "does not search through the contents
of every message and collect those that contain key words like 'bomb' and
'drugs." ' [FN18] The ACLU,
however, has claimed that the FBI is engaged in an "'unprecedented' power
grab that threatens the privacy of all Americans." [FN19] Moreover, the FBI
has offered only its word as assurance that Carnivore's power is not being
abused. [FN20]
The federal government has an undeniable interest in protecting the
safety of American citizens. This
governmental interest extends into cyberspace as well. [FN21] Privacy groups argue, however, that this
interest must stop somewhere short of
observing the contents of e-mail messages that pass between private
individuals, tracking the destinations of Internet users, and monitoring an
individual's electronic communications.
Just as some commentators have looked to the "interest that a law
enforcement officer might have in examining the contents of a hard drive . . .
[for] the trove of information there may yield important insights into crimes
that the owner may have committed," there is a similar temptation for law
enforcement officers to observe the communications and correspondence of an
individual through the Internet and through e-mail. [FN22] In fact, because
Carnivore gives the government the ability to sift through all e-mail
correspondence that passes through an Internet Service Provider
("ISP"), the governmental reach may be even more insidious.
A. How does Carnivore work?
The greatest source of apprehension surrounding Carnivore is the lack of
both public and expert understanding of how the application functions, and
then, to what extent Carnivore can and will be implemented to monitor or
intercept e- mail and other electronic correspondence. [FN23] James Dempsey, senior staff counsel for the
Center for Democracy and Technology, explains that "[t]he first problem
with Carnivore is that even [the] ISPs [where Carnivore has been installed] do
not know how it works and how its searches are limited." [FN24]
Installed and configured to properly reflect the specifications detailed
in a warrant, Carnivore does not possess the sinister characteristics that
privacy advocates attribute to it.
Donald Kerr, Assistant Director of the FBI, testified at a Senate
Judiciary Committee Hearing in 2000 that Carnivore "can be configured to
specifically comply with each court order." [FN25] The Carnivore system is made up of several
seemingly harmless components. First, it is a "conventional personal
computer . . . installed on the premises of an Internet Service Provider."
[FN26] This computer is
equipped with a modified version of commercially available software: a
"customized" version of a "Windows 2000 application." [FN27]
However, Carnivore is more than merely the sum of its parts. The modifications to the Windows application
infuse Carnivore with the power to police the traffic flowing through the ISP
in which it has been installed. These modifications allow the FBI to
"intercept and view . . . the E- mail [and] Web browsing activity or other
Internet traffic of a suspect." [FN28] The electronic
transmissions traveling through an ISP in which Carnivore has been installed
"will be routed through Carnivore, which will extract and record whatever
information is specified in a warrant issued by a court." [FN29]
The Carnivore application bears a strong resemblance to programs known
as "packet sniffers." Packet sniffers are so named because of the
way in which e- mail messages are transmitted through cyberspace. Upon transmission, e-mail messages are
disassembled, or "broken up into 'packets,' or uniform chunks of
data." [FN30] The packets then travel to their final
destination. Depending upon certain circumstances, the various packets that
comprise a single e-mail message may travel vastly different routes before
arriving at their ultimate destination.
The packets may arrive out of order and be reassembled in correct
sequence once they reach their final destination. Alternately, the packets may
travel together and reach their destination in a unified form.
Carnivore is, essentially, a sophisticated packet-sniffing device. Under one of its functions, "Carnivore
'sniffs' [the packets that comprise e-mail messages flowing through an ISP] to
read the address information in the header.
If the packet is to or from a targeted e-mail address (Carnivore search
warrants might well name an e-mail address rather than a person), Carnivore will,
depending on the court order, record either the address information or the
entire packet on its hard disk." [FN31] After such an
interception, an FBI agent can use software to reassemble the collected packets
and "read the information that Carnivore has taken in." [FN32] The agent must then determine "which
information is relevant and which is not.
The irrelevant information is deleted immediately and no copies are
kept. The relevant information becomes
part of the working papers of the investigation." [FN33]
C. Carnivore's capabilities: Search
functions
Carnivore is capable of carrying out several types of
interceptions. This Note will examine the
functions that are analogous to the searches that can be performed in the
context of telephonic surveillance.
Carnivore can be configured to collect data based on either the content
of, the destination of, or the origin of, (or some combination of these) data
transmitted over the Internet or through e-mail. The ten Carnivore functions identified and tested in the
Independent Technical Review of the Carnivore System are directly analogous to
telephonic surveillance devices, or hybrids of those devices.
These functions fall generally into two categories: those that sort
through and collect data based on its content, and those that target
transmissions based on "non-content" [FN34] elements such as
the address to which a transmission is directed, or the address from which a
transmission is received.
The latter category consists of three configurations. The results of
these configurations resemble, to some degree, the results that are obtained
using telephone pen-register filtering: (1) non-content e-mail collection, by which the non-content (or "From" and
"To" address) fields contained in e-mail transmissions are collected;
[FN35] (2) non-content
web browsing collection, by which the internet protocol ("IP")
addresses for a target's web browsing activities are collected; [FN36] and (3) non-content file transfer activity collection, by
which the source and destination IP addresses, but not the content, of the
target's file downloading activity are collected. [FN37]
The former category includes the configurations that produce results
that more closely resemble those that would be achieved using telephone
wiretaps. These include: (1) full collection on a fixed IP address, (by which
"the contents of communications to and from a target, who has a fixed IP
address - includ[ing] web browsing contents, FTP login session, commands and
data, e-mail contents from the target IP address" are collected); [FN38] (2) e-mail
content collection, by which the contents of e-mail communications that were
sent from and to a target e-mail ID are collected; [FN39] (3) alias e-mail collection, by which outgoing e-mail of a
target who has an alias is collected; (4) filtering of text strings on web
activity, by which the web- browsing contents that contain a specific text
string are collected; [FN40] (5) filtering on
text string for e-mail collection, by which e-mail containing a key word is
collected; [FN41] (6) filtering on text string and e-mail address or e-mail user
ID for e-mail collection, by which both a search can be narrowed by targeting
both an e-mail address user name and a key word; [FN42] and (7)
filtering on text string for FTP collection, by which FTP communication
containing a key word is collected. [FN43]
D. Telephonic surveillance devices
Much of the existing case law surrounding the Fourth Amendment implications
of searches and seizures of electronic communications is derived from the
monitoring of telephonic communications; therefore, it is useful to briefly
examine the three main devices used to carry out such surveillance.
All three of these devices bear some similarity to Carnivore in that
they must be physically linked to the system in which the communication is
being transmitted. However, while
Carnivore is installed at the central location of an Internet Service
Provider's premises, a wiretap is often installed at the premises from which
the monitored individual transmits communications. Therefore, by this feature
(combined with its ability to filter all communications that pass through it),
Carnivore may, in effect, eliminate the need to target a specific location or
individual, and thus remove the variable of efficiency in carrying out a
search.
Once attached to a telephone line, a "pen register" allows the
user to record the date and time a telephone call is placed. Most importantly, a pen register records the
number dialed from the line. [FN44]
Neither pen registers nor Carnivore physically intrude upon a monitored individual's home. Pen registers, unlike wiretap devices, are installed at a remote
location, on telephone company property.
Similarly, Carnivore is installed on an Internet Service Provider's
property, and never physically reaches an individual's home.
Like a pen register, a "trap and trace" telephone monitoring
device is attached to the telephone line of an individual who is being
monitored. Instead of monitoring outgoing call information, however, a
"trap and trace" device records the date, time, and telephone number
of all incoming calls. [FN45]
Finally, a wiretap enables an investigator to monitor content by
allowing him or her to "listen and record the telephone conversation
itself." [FN46]
These devices can be used separately or in conjunction with each other
to establish a comprehensive record of telephone calls made and received at a
particular location, in addition to the content of the calls. [FN47]
Carnivore also combines these features under one application; however,
because Carnivore can monitor both e-mail correspondence and Internet traffic,
it can intercept not only conversations similar to those that could be
monitored by the telephonic devices, but it also can be used to monitor an
individual's movements from destination to destination on the Internet. Based on the content of websites a monitored
individual visits, the FBI has the potential to make damaging inferences about
an individual. This feature of Carnivore may allow the FBI to carry out even
farther-reaching investigations of an individual than those carried out through
the use of telephonic devices.
James Dempsey believes that there is a clear distinction between
Carnivore and "ordinary telephone taps," because the way in which
Carnivore has been implemented has, in effect, "insert[ed] the FBI into
the ISP network." [FN48] Dempsey asserts
that this is a formula for disaster, because it gives the FBI too much
leeway. Instead, he proposes that
"ISPs should control their own networks, isolating and delivering to the
government only what the government is entitled to intercept, thus serving as a
buffer between the government and the communications of innocent
customers." [FN49] Furthermore,
Dempsey believes that "the FBI should make the technology of Carnivore -
including some of the source code and the right to modify it - available to any
ISP that needs it to comply with a surveillance order. This would reinstate the kind of checks and
balances we depend on to preserve our rights." [FN50]
"Carnivore is used not only for wiretaps but also for other forms
of surveillance that are conducted with no judicial oversight, under the weak
standards of the 'pen register' statute, drafted for the telephony world.
Carnivore collects addressing information from the Internet that is much more
revealing than the dialed telephone numbers collected by pen registers. If the government is to collect on the
Internet transactional information more personally
revealing than that collected on telephone lines, then Congress must impose
higher standards for the government to engage in such surveillance." [FN51] The FBI claims that Carnivore meets the
standards of Federal wiretapping standards.
"Carnivore can be configured to intercept only those E- mails being
transmitted either to or from the named subject." This type of technology exists in a
commercially available form. [FN52]
III. The evolution of Fourth
Amendment law in the Twentieth Century's
Technological Boom
The Fourth Amendment of the United States Constitution provides for
"[t]he right of the people to be secure in their persons, houses, papers,
and effects, against unreasonable searches and seizures, shall not be violated,
and no Warrants shall issue, but upon probable cause, supported by Oath or
affirmation, and particularly describing the place to be searched, and the
persons or things to be seized." [FN53]
However, the Fourth Amendment right to privacy does not operate as an
absolute protection against all intrusions by the government. The need for law enforcement agencies to
investigate has been recognized by the courts as well. There is a legitimate
governmental interest underlying the creation and implementation of
Carnivore. The Internet provides, in
essence, an entirely new and sprawling means of communication. As with the telephone system before it, the Internet can be used by criminals to
plan and even carry out illegal activities. [FN54] However, just
because there is potential for harmful uses does not imply that the government
should be unbridled in the monitoring of all that passes across the Internet's
lines of transmission.
A. The Development of Fourth
Amendment Law
Traditionally, the first step in the analysis of Fourth Amendment search
and seizure issues is for a court to determine whether a search has, in fact,
taken place. The standard used to
address this question in the context of various methods of eavesdropping, like
the technology used to carry out the eavesdropping itself, has been in a state
of flux throughout the twentieth century.
The FBI has, in essence, conceded that e-mail is protected by a
reasonable expectation of privacy, by requiring law enforcement officials to
secure a warrant before deploying Carnivore.
Nevertheless, it is instructive to examine the evolution of the standard
in order to provide a historical context for the law's regard for the progress
of surveillance technology.
For several decades, the controlling standard for the legality of
searches and seizures was articulated in Olmstead v. United States. [FN55] Olmstead and several co-conspirators were
convicted of violations of the Prohibition Act on the basis of information
gleaned from telephone wiretaps.
Olmstead objected to the use as evidence:
The information which led to the discovery of the conspiracy and its
nature [because it] was largely obtained by intercepting messages on the telephones
of the conspirators by four federal prohibition officers. Small wires were inserted along the ordinary
telephone wires from the residences of four of the petitioners and those
leading from the chief office. [FN56] The key distinction that made the surveillance of
Olmstead's telephone communications non-violative of the Fourth Amendment was
that "[t]he insertions were made without trespass upon any property of the
defendants." [FN57] The Olmstead Court reasoned that "[t]he
well known historical purpose of the Fourth Amendment, directed against general
warrants and writs of assistance, was to prevent the use of governmental force to
search a man's house, his person, his papers, and his effects; and to prevent
their seizure against his will." [FN58] The defining characteristic of the
challenged search in Olmstead, was that the "evidence was secured by the
use of the sense of hearing and that only." [FN59] The Court reasoned
that the search did not violate the defendant's Fourth Amendment rights because
"[t]here was no entry of the houses or offices of the defendants." [FN60]
This view of the Fourth Amendment arises from a rigid reading of its
text. [FN61] Critics argue that
the Olmstead Court's interpretation of the Fourth Amendment was flawed as soon
as it was conceived: such strict adherence to the Amendment's text needlessly turned a blind eye
to what were foreseeable technological advances. [FN62]
Consequently, Olmstead is now referred to for Justice Brandeis'
dissenting opinion as often as it is for its holding. Espousing a flexible interpretation of the Fourth Amendment in
the face of technological advances in the field of communication, [FN63] Justice Brandeis
laid the groundwork for the currently prevailing expectation of privacy
standard. Furthermore, Justice Brandeis
presaged current thinking on Fourth Amendment searches and seizures, by
pointing to its language as the source of an inalienable "right to be let
alone." [FN64]
Olmstead's "trespass doctrine" was overruled by Katz v. United
States. [FN65] Katz was charged with illegally
"transmitting wagering information by telephone . . . in violation of a
federal statute." [FN66] In pursuit of Katz, the FBI installed
"an electronic listening and recording device" in the wires of the
public telephone booth Katz had been using. [FN67] The Court determined that:
[T]he Government's activities in electronically listening to and
recording the petitioner's words violated the privacy upon which he justifiable
relied while using the telephone booth and thus constituted a 'search and
seizure' within the meaning of the Fourth Amendment. The fact that the electronic device employed to achieve that end
did not happen to penetrate the wall of the
booth can have no constitutional significance. [FN68] The rule in Katz is often distilled to the
idea that "the Fourth Amendment protects people, not places." [FN69] However, it is
Justice Harlan's concurring opinion that articulates the two-tiered test for
determining whether an individual's expectation of privacy in voice (and now
data) communications is reasonable:
[F]irst, that a person have exhibited an actual (subjective) expectation
of privacy and, second, that the expectation be one that society is prepared to
recognize as 'reasonable.' Thus a man's
home is, for most purposes, a place where he expects privacy, but objects,
activities, or statements that he exposes to the 'plain view' of outsiders are
not 'protected' because no intention to keep them to himself has been
exhibited. On the other hand,
conversations in the open would not be protected against being overheard, for
the expectation of privacy under the circumstances would be unreasonable. [FN70]
The first prong of this test is considered to be the threshold
requirement. If the individual being
monitored cannot meet this requirement, no search has taken place, and therefore,
there can be no violation of the Fourth Amendment. [FN71]
Once the first prong of the test has been satisfied, a court can
consider whether society considers the expectation of privacy reasonable under
the circumstances of the search. Courts have previously considered a variety
of factors in evaluating this second prong: "property interests, the use
ascribed to the area searched, society's longstanding beliefs, current
circumstances, and legislative enactments." [FN72]
B. The Effect of the Omnibus Crime
Control and Safe Streets Act of 1968 and the Electronic Communications Privacy
Act
Title III of the Omnibus Crime Control and Safe Streets Act of 1968 [FN73] codified the
Fourth Amendment principles set forth by the Katz Court. Title III, following Justice Harlan's
concurrence in Katz, contemplates the reasonable expectation of privacy
requirements. [FN74] Title III also preserves the implicit
balancing that constitutes the underpinning of Fourth Amendment analysis, by
proscribing the interception of oral and wire communications, "while
making provision for law enforcement to intercept these communications for use in
criminal investigations." [FN75]
The Electronic Communications Privacy Act of 1986 ("ECPA")
amended Title III when it became clear that Title III was not equipped to deal
with the advance of technology in the field of electronic communication. [FN76] ECPA was intended to align Title III with
innovations such as "cellular telephones, computer-to-computer
transmissions, and electronic mail systems . . . ." [FN77]
Title I of the ECPA prohibits unauthorized
interception of electronic communications. [FN78] In this context,
unauthorized means, among other things, those communications impounded without
the authority of an appropriate court order. [FN79] Title II proscribes the unauthorized access
to stored wire and electronic communications. [FN80] However, despite the ECPA's attempts to
modernize existing legislation, it was unable to resolve the potential
quagmires surrounding the application of the reasonable expectation of privacy
standard. While the privacy standard
still controls, it is increasingly difficult to apply because it is not always
"clear or obvious" whether such a reasonable expectation exists among
users of these new technologies. [FN81]
C. Beginning The Surveillance Process
In developing guidelines for the deployment and use of Carnivore, the
FBI has conceded that an investigating agent must obtain a warrant before
beginning a surveillance. The process
of obtaining a warrant hinges upon the FBI's ability to "demonstrate to the
satisfaction of a judge probable cause that a crime has been committed or is
about to be committed and that the surveillance is necessary to obtain relevant
information." [FN82]
In order for the FBI to obtain authorization to begin using Carnivore's
"pen register" function to conduct surveillance, it is only necessary
for the FBI to "show the relevance of
the information sought." [FN83]
IV. Following the Framework of the
ECPA to Restrict the Scope of Carnivore
Interceptions
The FBI has derived a series of safeguards directly from the ECPA that
must be satisfied before Carnivore can be deployed. [FN84] First, only certain high-ranking officials
in the Department of Justice "can authorize application for a wiretap via
Carnivore or any other mechanism." [FN85] The second restriction provides that
Carnivore can only be used in the investigation of a felony. [FN86] Third, "only
an Article III judge or state court may grant the order." [FN87] The fourth and
fifth requirements are directly related to traditional probable cause and
warrant requirements. The showing of
probable cause, however, must be accompanied by a showing that "normal
investigative procedures have been tried and have not been sufficient, and that
there is probable cause to believe that communications relevant to the
investigation can be captured." [FN88] The fifth requirement describes the
particularity of the wiretap order, and requires that such an order contain:
(1) [T]he identity of the interceptee, if known; (2) the nature and
location of the communications facilities to which the authority to intercept
is granted; (3) a particular description of the type of communication sought to
be intercepted, and a statement of the particular offense to which it relates; (4) the identity of the agency
authorized to intercept the communications, and of the person authorizing the
application; and (5) the period of time during which such interception is
authorized, including a statement as to whether or not the interception shall
be automatically terminated when the described communication is first obtained.
[FN89] The final
requirement places stringent limits upon the duration of the use of the device,
providing that "'the interception of communication' must be
'minimized,"' and must not "continue for 'any period longer than is
necessary to achieve the objective of the authorization, or in any event longer
than thirty days." ' [FN90]
There is a large and well-developed body of case law under the ECPA and
the Omnibus Crime Control and Safe Streets Act of 1968. The federal court system has consistently
held, under a broad spectrum of circumstances, that these requirements must be
satisfied to the letter in order for information obtained by the use of
surveillance devices to be admitted as evidence in the prosecution of a
criminal defendant. The policy of
strict adherence to the provisions of the ECPA and the Omnibus Act favored by
federal courts works as a bulwark against abusive or unauthorized use of such
technology by law enforcement officials.
The ECPA allows for the post-interception remedy of the suppression, at
trial, of evidence improperly captured by wire, oral, or electronic surveillance. [FN91] Therefore, a law
enforcement official's failure to adhere to the details of the ECPA scheme may
have the dire consequence of stripping the prosecution of its ability to use
the information, regardless of its potentially damaging effect. The threat of the suppression of evidence
should operate as a deterrent to such improper use of surveillance tools,
including Carnivore.
Federal courts have been confronted with motions to suppress improperly
collected evidence based on nearly every conceivable ground under the Omnibus
Act and the ECPA. For example, the
failure of law enforcement officials to include basic, requisite details in an
application for an order to commence surveillance, [FN92] as well as more
fundamental attacks on the power of the government to conduct such surveillance
have been raised as reasons for the suppression of evidence. [FN93] In considering
such motions, courts attempt to attain a balance between individual privacy
interests and the needs of law enforcement to effectively pursue criminal
activity.
A. Authorization by the Attorney
General
The formalistic approach federal courts take in the analysis of orders
for surveillance is illustrated by the United States Supreme Court's discussion
in U.S. v. Chavez. [FN94] In Chavez, the
Court examined the consequences of a failure to properly identify the express
authority of the Attorney General in a wiretap
order. [FN95] The Court
considered whether information intercepted in electronic surveillance,
implemented under an order that incorrectly identified the authorizing officer
as an Executive Assistant to the Attorney General, should be suppressed because
of the order's failure to conform exactly to 18
U.S.C. § 2516's requirement that the authorizing officer be the Attorney
General or the Assistant Attorney General. [FN96]
Although the Supreme Court ultimately reversed the Ninth Circuit Court
of Appeals' order to suppress, [FN97] the Chavez Court reiterated that a general policy of
unbending compliance with all of the provisions of Title III should be
advanced. [FN98] While in some rare
cases, a failure to clearly present the Attorney General's approval of an
application for surveillance may be overlooked, in most cases, such a deviation
should spell doom for the government's ability to present wire information
captured under the order at trial. The
government's interest in enforcing the sanctity of all provisions of Title III
should be clear: without the public's support, an Attorney General whose
failures to enforce the ECPA's safeguards capture the public's attention will
be susceptible to political ramifications.
Furthermore, the Court's holding in Chavez does no damage to the
additional authorization requirements contained in 18
U.S.C. § 2516. Again, these
authorization requirements envision the fixing of responsibility of ensuring
the propriety of surveillance orders upon a single figure, the Attorney General, who must answer to the authority of
the public at large. [FN99]
B. The Reporting Provisions of the
ECPA
A protection directly related to the Attorney General's accountability
in the context of the political process is that contained in the reporting
provisions of 18
U.S.C. § § 2518(1)(a), 2518(4)(d) and 2519. These provisions
require that statistics reflecting surveillance orders and their results be
reported to the Administrative Office of the United States Courts. [FN100] This office would then make these reports publicly
available. [FN101] In arriving at its
decision in Chavez, the Court concluded that these reports operate as a
concrete means by which the public can ascertain the effectiveness and
propriety of surveillance orders authorized by the Attorney General. "The purpose of these reports is 'to
form the basis for a public evaluation' of the operation of Title III and to
'assure the community that the system of court- ordered electronic surveillance
. . . is properly administered." ' [FN102]
C. The Deployment of the Device must
be in an Investigation of Felony
Federal courts have upheld the statutory structure that limits the
implementation of electronic surveillance equipment to the investigation of
enumerated felonies listed in 18
U.S.C. § 2516 that either have been or are about to be committed. [FN103] The courts
frequently considered the effectiveness of
electronic surveillance in combating the breed of criminal activity at
issue. For example, electronic
surveillance has long been considered to be among the most effective
investigative means by which the full extent of a broad network of conspirators
in an organized crime operation can be ascertained. [FN104] Similarly, certain
types of criminal activity have become associated with the Internet. [FN105]
In United States v. United States District Court for the Eastern
District of Michigan, [FN106] the United States Supreme Court contemplated the possible
effects of allowing the President to order surveillances in matters of domestic
safety without first securing a warrant.
The Court rejected such searches as an impermissible failure to meet the
standard of reasonableness that is met when probable cause is shown. [FN107]
In a concurring opinion, Justice Douglas further warned of the dangers
of warrantless searches carried out without an underlying crime:
[H]ere, federal agents wish to rummage for months on end through every
conversation, no matter how intimate or personal, carried over selected
telephone lines, simply to seize those few utterances which may add to their
sense of the pulse of a domestic underground . . . . We are told that one national security wiretap lasted for 14
months and monitored over 900 conversations. [FN108]
The Court similarly recognized the danger of possible abuses of
warrantless searches authorized only by the
President: if such surveillance were to be allowed, the President "'on his
motion, could declare"' any group or individual who poses a political
threat, or is generally unpopular, "'to be a clear and present danger to
the structure of the Government."' [FN109] If granted, this
type of unchecked power would undermine not only the balance between individual
privacy and law enforcement efforts, but would disrupt the "open public
discourse [that] is essential to our free society." [FN110]
D. Normal investigative procedures
must have been attempted or exhausted
"Due to the clandestine nature of electronic eavesdropping, the
need is acute for placing on the Government the heavy burden to show that the
'exigencies of the situation make its course imperative." ' [FN111] This showing requires "[t]he FBI [to]
explain why traditional enforcement methods are insufficient to obtain the
information desired." [FN112] While this requirement should operate as a
safeguard against the indiscriminate use of Carnivore, [FN113] courts have traditionally been reluctant to construct an
overly burdensome standard against the applicant for a surveillance order. [FN114] An inflexible
standard would hinder law enforcement's ability to pursue criminal activity
efficiently. Therefore, in order to
ensure that law enforcement efforts can keep pace with criminal activity,
courts have generally viewed "the statutory requirement 'that normal
investigative procedures' be first exhausted
. . . in a 'practical and common sense fashion." ' [FN115]
To engage in this kind of "common sense" analysis requires a
judge to consider "whether or not normal investigative procedures have
been tried and have failed or why they are unlikely to succeed if tried, or to
be too dangerous" against the backdrop of "all the facts and
circumstances." [FN116] This kind of
"common sense" analysis results in allowing the government to obtain
authorization for wire or electronic surveillance, even though it may not have
proven that "every other imaginable method of investigation has been
unsuccessfully attempted." [FN117]
E. Minimization: A Final Check on the
Reasonableness of the Scope of the Surveillance
Searches carried out using the Carnivore system are subject to at least
two stages of "minimization." [FN118] The first of these
stages occurs when the Carnivore system is configured to capture only the
information specified in the court order. [FN119] The second stage occurs when the FBI agent
involved with the case "determines which information [that Carnivore
captures] is relevant and which is not.
The irrelevant information is deleted immediately and no copies are
kept. The relevant information becomes
part of the working papers of the investigation." [FN120]
At trial, the target of a surveillance that has been conducted can challenge
the scope of the wiretap under 18
U.S.C. § 2518(5). [FN121] This section requires that the interceptions
made in the surveillance must be "minimized." Section
2518(5) provides that the interception "may
not be longer than necessary" to achieve the objective of the
authorization. [FN122] Section
2518(5) does not set forth a definition of
minimization, nor does it offer guidelines on how to achieve proper
minimization beyond its provision that without authorized extensions, at its
longest, a surveillance must cease after thirty days has lapsed. [FN123] Section
2518(6) allows for a judge to monitor the
progress of a surveillance that has been authorized. [FN124]
Courts have consistently held that the minimization requirement is to be
applied on a case-by-case basis. The
factors courts have considered in whether acceptable minimization has been
carried out include the percentage of communications intercepted out of all
communications, [FN125] the
length of time conversations are monitored before they are determined to be
relevant or irrelevant, [FN126] the percentage
of intercepted conversations that were not pertinent to the investigation, [FN127] and whether the surveillance continued beyond the
determined end date. [FN128] Although a court may take statistics
reflecting these factors into consideration, "blind reliance on the
percentage of nonpertinent calls intercepted [for example] is not a sure guide
to the correct answer." [FN129] The correct approach for a court considering
minimization questions is to suppress:
[E]vidence derived from an electronic surveillance order unless, after
reviewing the monitoring log and hearing the testimony of the monitoring
agents, it is left with the conviction that on the whole the agents have shown
a high regard for the right of privacy and have done all they reasonably could
to avoid unnecessary intrusion. [FN130]
This approach demands that courts examine the overriding circumstances
of a surveillance scheme. For example,
the United States Supreme Court has held that in some cases, even a wide-range
monitoring of "virtually all conversations" need not violate the
principle of minimization. [FN131]
It is "also important to consider the circumstances of the
wiretap. For example, when the
investigation is focusing on what is thought to be a widespread conspiracy more
extensive surveillance may be justified in an attempt to determine the precise
scope of the enterprise." [FN132] Courts have even permitted evidence collected in
unauthorized extensions beyond the wiretap order to be used at trial. [FN133]
This method of analysis is particularly necessary in the face of
examining the surveillance of complex schemes of criminal activity. For example, in United States v. Cox, the
court noted that in enacting 18
U.S.C. § 2518(5):
[A]s a part of Title III of the Omnibus Crime Control and Safe Streets
Act of 1968 . . . Congress was considering problems of great complexity and was
seeking to treat them in a reasonable manner.
An overly restrictive interpretation
of the minimization requirement could make it impossible to use this device in
connection with the investigation of organized criminal conspiracies. [FN134]
F. Pen registers
The Katz rationale has been roundly criticized since the case was
decided. [FN135] One such criticism is that the Court's
determination of the range of conduct that falls under the protection of the
objective standard is marred by disparities with current perspectives. [FN136] Such disparity is
borne out in Smith v. Maryland, [FN137] in which the
Court first articulated its position on the Fourth Amendment implications of
the use of pen registers to intercept the numbers dialed on a monitored phone. [FN138]
The Smith Court based its reasoning upon the assumption of risk analysis
propounded in United States v. Miller. [FN139] The Miller Court
held that a bank depositor has no "legitimate 'expectation of
privacy" ' in financial information "voluntarily conveyed to . . .
banks and exposed to their employees in the ordinary course of business." [FN140] Likewise, the
Smith Court held that an individual targeted in pen register monitoring cannot maintain
a reasonable expectation of privacy in the telephone numbers he dialed from his
home telephone. [FN141] Any telephone user, the Court reasoned, must
know that in dialing, he "convey[s] numerical information to the phone
company . . . and that the phone company . .
. record[s] this information for a variety of legitimate business
purposes." [FN142] A telephone user could not sustain a claim
of a reasonable expectation of privacy - he would fail to meet the second prong
of the Katz analysis. [FN143] Therefore, the Court held that the
installation and use of a pen register "was not a 'search,' and no warrant
was required." [FN144]
The Smith Court was deeply divided, with two dissenting opinions, both
of which relied upon the Katz rationale to conclude that dialed telephone
numbers should fall under the protection of the Fourth Amendment. [FN145] Justice
Stewart argued that because "[t]he numbers dialed from a private telephone
. . . are not without 'content," ' they should be considered to be framed
by a reasonable expectation of privacy. [FN146] Consequently, the dialed numbers should be
afforded the "constitutional protection recognized in Katz." [FN147]
A separate dissenting opinion by Justice Marshall also relies upon the
principle that the Fourth Amendment contemplates an individual's right to
privacy. [FN148] Justice Marshall was willing to concede that
an individual may understand that the telephone company records dialed
telephone numbers; however, he rejected the idea that such an understanding can
give rise to the expectation that:
[T]his information [will] be made available to the public in general, or
the government in particular. Privacy is not a discrete commodity,
possessed absolutely or not at all. Those who disclose certain facts to a bank
or phone company for a limited business purpose need not assume that this
information will be released to other persons for other purposes. [FN149]
Justice Marshall's dissent foreshadows the current concern among privacy
groups about the potential ramifications of Carnivore's ability to impound vast
amounts of information transmitted electronically through an Internet Service
Provider. [FN150] Justice Marshall wrote:
Privacy in placing calls is of value not only to those engaged in
criminal activity. The prospect of unregulated
governmental monitoring will undoubtedly prove disturbing even to those with
nothing illicit to hide. Many
individuals, including members of unpopular political organizations or
journalists with confidential sources, may legitimately wish to avoid
disclosure of their personal contacts.
Permitting governmental access to telephone records on less than
probable cause may thus impede certain forms of political affiliation and
journalistic endeavor that are the hallmark of a truly free society. [FN151]
If Justice Marshall's and Justice Stewart's assertions that telephone
numbers dialed from an individual's home should be protected by the Fourth
Amendment because of their content hold true, then the truth of these
assertions must redouble in the context of web-site addresses. [FN152] Web-site addresses are far more revealing than telephone numbers;
in fact, web-site addresses are frequently chosen for their descriptive or
suggestive capacities. Law enforcement
officials need look no further than the face of an intercepted web- site
address to make inferences regarding the content of an individual's Internet
destinations. The stream of an
individual's Internet traffic, even observed solely through these addresses, if
pieced together could, as Justice Stewart noted regarding telephone numbers in
Smith, "easily . . . reveal the most intimate details of a person's
life." [FN153]
Because web-site addresses may reveal significantly more substantive
content of an individual's communications than telephone numbers, the pen
register function of Carnivore again raises the issue of what constitutes a
search under the Fourth Amendment. [FN154] Following Smith,
federal courts have held that the installation of a telephone pen register is
not a separate search and consequently, "a separate order is not necessary
when a pen register is used along with an authorized wiretap." [FN155]
Such reasoning, however, if applied to the pen register function of
Carnivore, would allow the government to intrude further into private communications
than the majority opinion in Smith contemplates. The technological advances represented by the Carnivore pen
register function therefore threaten to alter the balance of individual privacy
and law enforcement activity that was established in Smith. Justices Stewart's and Marshall's dissenting opinions may point the
way to the adaptation that is necessary.
Given the far greater substantive content that may be derived from the
Carnivore pen register function, surveillance conducted with this function may
be considered searches, and therefore require further authorization.
V. Conclusion
The existing statutory scheme for the interception of wire and
electronic communications contained in the Electronic Communications Privacy
Act (ECPA) provides a proven framework of checks and balances between the
competing interests of individual privacy protection as developed in Fourth
Amendment jurisprudence and the ability of law enforcement to effectively
investigate and pursue criminal activity.
The terms of the ECPA are readily applicable to Carnivore. Although there are technical differences
between Carnivore and telephonic surveillance devices, Carnivore represents the
Internet equivalent to telephone surveillance devices. Both are equipped to intercept content and
non-content elements of communications.
Therefore, the overarching rationale federal courts have relied upon in
considering telephonicsurveillance should translate, for the most part, to
Carnivore surveillance. A reasonable
expectation of privacy should veil the content of e-mail transmissions in the
same way the content of telephone conversations has been protected. Warrantless interceptions of content-based Internet communications should be
impermissible, just as they are with regard to telephone conversations.
However, an adjustment for the Carnivore pen register function will be
necessary in order to maintain the balance the ECPA struck between individual
privacy and law enforcement activities.
Web-site addresses may reveal far greater substantive content than
telephone numbers; therefore, the Smith Court's conclusion that dialed
telephone numbers are not protected by the Fourth Amendment cannot be applied
to Carnivore pen register searches without modification.
Procedurally, the ECPA adequately restricts the interests of federal law
enforcement by imposing stringent limits upon the scope and the logistics of a
surveillance effort. The strict
interpretation courts have applied to both warrant orders and surveillance
provides an additional layer of protection. The government must demonstrate
substantial exigent circumstances before the safeguards against intrusions from
over-reaching surveillances will be relaxed.
The Internet and e-mail have become inextricably linked to many elements
of life in the United States.
Therefore, it is essential to prevent cyberspace from slipping toward
the brink of lawlessness, where even the cautious and experienced may fall prey
to crime. At the same time, the
government's enhanced ability to conduct surveillance of private communication
will require that courts heed Justice Brandeis' prescient dissent in Olmstead
and apply the Fourth Amendment to new
technology so that the balance of individual privacy and law enforcement is
maintained.
[FNa1]. J.D. Candidate
2002, Rutgers Law School - Newark. The
author would like to thank the staff of the Rutgers Computer & Technology
Law Journal for their editorial assistance.
[FN1]. H.R. Rep. No.
103-827, at 9 (1994), reprinted in 1994 U.S.C.C.A.N. 3489, quoted in Michelle
Skatoff-Gee, Changing
Techologies and the Expectation of Privacy: A Modern Dilemma, 28 Loy. U. Chi.
L.J. 189, 204 (1996). The Communications Assistance for Law Enforcement Act of 1994 was
passed with the intention of "preserv[ing] the government's ability... to
intercept communications involving advanced technologies... while protecting
the privacy of communications and without impeding the introduction of new
technologies, features, and services."
Id.
[FN2]. Janet Kornblum,
Carnivore Changes Name, Not Mission, USA Today, Jan. 15, 2001, at 3D. See also, John Schwartz, Armey to Press
Opposition to Net Wiretaps, N.Y. Times, June 14, 2001, at C10. The FBI has attempted to defuse the uproar
caused by the mere name "Carnivore."
Citing the "harsh" connotations inspired by the name, the FBI
has officially changed the name, "but
not the mission" of an upgraded version of the device. "Regardless of the name, Carnivore's
aim remains the same - to locate and read e-mail of people targeted by
court-ordered investigations." Id.
[FN3]. 18
U.S.C. § § 2510- 2520
(1968).
[FN4]. Pub.
L. No. 99-508, 100 Stat. 1848 (1986) (codified as
amended at 18 U.S.C. §
§ 2510- 2520
(1968)).
[FN5]. Qaisar Alam,
Carnivore Cornered, Computers Today, Oct. 31, 2000, at 48.
[FN6]. Id.
[FN7]. ACLU, In Unique
Tactic, ACLU Seeks FBI Computer Code On 'Carnivore' and Other Cybersnoop
Programs, at www.aclu.org/news/2000/n071400a.html (Jul. 14, 2001).
[FN8]. Staff editorial,
Thought Police Online, Daily Texan, Aug. 28, 2000, at 1.
[FN9]. James H. Johnston, Sniffing Out Criminals Through E-Mail,
N.J. L. J., Nov. 13, 2000, at 37.
[FN10]. Epic Gets First
Set of FBI's "Carnivore" Documents, Online Newsletter, Nov. 1,
2000. [hereinafter Online
Newsletter]. Again, the ACLU harshly
criticized the federal government's selections as evasive, "saying that
many [of the reviewers] have ties to federal enforcement agencies and the White
House." Id. Furthermore, James
Dempsey asserts that "[t]he 'independent review' commissioned by the
Department of Justice is so circumscribed and controlled by the Justice
Department and the FBI that it holds little promise of giving Congress,
industry or the public reliable answers."
James Dempsey, Does Carnivore Go Too Far? Privacy-invading 'Black Box' or Necessary Law Enforcement
Tool? Both Sides Have Their Say, Network
World, Oct. 30, 2000, at 73.
[FN11]. Online
Newsletter, supra note 10 .
[FN12]. See Online
Newsletter, supra note 10. See also Electronic
Privacy Information Center website, Carnivore page at
http://www.epic.org/privacy/foia_ documents.html. (containing declassified FBI
documents) (last visited Feb. 15, 2001).
[FN13]. Online
Newsletter, supra note 10 .
[FN14]. Id.
[FN15]. See Electronic
Privacy Information Center website, Carnivore page at http://www.epic.org/privacy/foia_documents.html.
(containing declassified FBI documents) (last visited Feb. 15, 2001).
[FN16]. Alam, supra
note 5.
[FN17]. James H.
Johnston also expresses concern that Carnivore has such a pervasive reach, that
a "rogue FBI agent" may inflict vast harm by "persuad [ing] a
judge to issue an overly broad Carnivore warrant" or by "go[ing]
beyond the limits" of an honestly obtained warrant. Johnston, supra note 9, at 37, 41.
[FN18]. Donna Howell,
Security and Privacy Studies Set to Flesh Out FBI's "Carnivore,"
Investor's Bus. Daily, Aug. 28, 2000, at A8.
[FN19]. Id.
[FN20]. The FBI also
has attempted to clear the air concerning the nomenclature
"Carnivore." While many
commentators have remarked that Carnivore's name alone is ominous, particularly
in the light of its function (and perhaps even to the point of being
inappropriate), the FBI asserts that the application was so named to mean
"that Carnivore would gather only the 'meat of the matter." '
Kornblum, supra note 2 (quoting Larry Parkinson, chief counsel to the FBI).
[FN21]. "The FBI
and Department of Justice... have stated their belief that Carnivore is
necessary to combat terrorism, espionage, information warfare, child
pornography, serious fraud, and other felonies." IIT Research Institute, Independent Review of the Carnivore
System, Final Report, 1-1 (2000), available at
http://www.usdoj.gov/jmd/publications/carniv_final.pdf. [hereinafter Independent Review].
[FN22]. See Michael
Adler, Cyberspace,
General Searches, and Digital Contraband: The Fourth Amendment and the Net-Wide
Search, 105 Yale L.J. 1093, 1097-98 (1996). Adler envisions hypothetical dragnet
searches by governmental investigative agencies of material stored on hard
drives in which:
[H]ard drives [would be] searched without [individual's] permission and without any particularized cause to believe
them guilty, and the search scans through a vast amount of very personal
information located within people's offices and homes. At the same time, however, the search has a
minimal impact on property, produces no false positives, need not be
noticeable, and reveals nothing to officials beyond the identity of some
individuals who possess this particular piece of digital contraband. Id.
at 1100.
Adler's commentary is strikingly
prescient: while Carnivore is not believed to be able to tap into a private
computers' hard drives, it can conduct searches of a magnitude similar to that
which Adler describes among data transmitted over the Internet.
[FN23]. James H.
Johnston summarizes some the common concerns surrounding Carnivore:
First, what exactly does the software do? Does it read only the headers of e-mails or does it read the
entire message? What prevents it from
searching the content of all e-mails for keywords like 'overthrow the
government,' and reporting the authors to the FBI? Does Carnivore scan not only e-mail but also everything a suspect
does online, including the Web sites he visits?
Johnston, supra note 6, at 41.
[FN24]. Dempsey, supra
note 109.
[FN25]. See Digital Privacy
and the FBI's Carnivore Internet Surveillance Program: Hearing of the S.
Judiciary Comm., 106th Cong. (2000) [hereinafter Hearing] (statement of Donald
Kerr, Assistant Director, FBI). More
specifically, Kerr explained that Carnivore uses filters to sift through
"addressing information." The
first filtering stage "look[s] for the Internet addresses that are covered
in the court order. And it picks off the
packets that meet that test."
After the investigating agency has determined that the address satisfies
the court order, a packet would "go[] through [a] subsequent filtering
stage. If full content is allowed, it
of course captures all of the packets relating to that message and records them
in their digital form." Id. Kerr
goes on to explain that a message captured in digital form is restored to text
"only... when the content is authorized after recovering the recorded byte
and bringing it back to our laboratory to recover the actual content of the
message." Id.
[FN26]. Johnston, supra
note 6. See also, Hearing, supra note
21 (statement of Senator Patrick Leahy).
Carnivore's critics also object to its use of so- called "sealed
boxes" installed in the operations centers of Internet services providers,
which monitor network traffic. 7
Days-Carnivore May Eat into Web Confidence, Computing, Aug. 31, 2000, at
12. The service providers themselves "have no control over the box, and thus no
way of ensuring the privacy of their customers." Id. United States Assistant
Attorney General Kevin DiGregory asserts that Carnivore's reach is limited:
Carnivore is, in essence, a special filtering tool that can gather the
information authorized by court order, and only that information.... It permits law enforcement, for example, to
gather only the email addresses of those persons with whom the drug dealer is
communicating, without allowing any human being, either from law enforcement or
the service provider, to view private information outside of the court's order.
Id.
There is definitive evidence that technology able to perform the types
of searches Carnivore is believed to be capable of has been developed and
implemented by at least one network management software company. Id. Proponents of Carnivore's use note that
while Carnivore, itself, is an innovation, the practice of searching electronic
communications to and from certain e-mail addresses is not a novel idea. In fact, before Carnivore's advent,
"the FBI obtained warrants that ordered the ISP itself to perform the
function." See Johnston, supra
note 9, at 37.
[FN27]. H.R. Rep. No.
103-827, at 9 (1994), reprinted in 1994 U.S.C.C.A.N. 3489. See also, Hearing, supra note 25 (statements
of Senator Patrick Leahy and Donald M. Kerr, Assistant Director, FBI).
[FN28]. Alam, supra
note 5, at 48.
[FN29]. See Online
Newsletter, supra note 10; see also, supra note 3. ACLU Associate Director Barry Steinhardt asserts that his
greatest fear is the ability of Carnivore to "give[] the FBI access to all
traffic over the [Internet Service Provider's] network, not just the
communications to or from a particular target." This feature distinguishes Carnivore from telephonic monitoring
devices. See supra note 8 and
accompanying text.
[FN30]. Alam, supra
note 5, at 48.
[FN31]. See Online
Newsletter, supra note 10. Carnivore,
is the Internet equivalent of telephone traces and wiretaps. "However, there is no law that prevents
information from working its way into FBI files once the Carnivore warrant has
picked it up." Id.
[FN32]. Id.
[FN33]. Independent
Review, supra note 21, at 3-5.
Carnivore, by itself, does not have the ability to decrypt encrypted
messages. However, an agent may use additional software to decrypt such
information. See id. Carnivore, therefore, depends heavily upon
human judgment in order for the required "minimization" of the
surveillance results to be carried out.
A similar process of minimization occurs in wiretap collections as
well. In telephonic surveillance,
however, the monitoring law enforcement official determines whether to allow
the tap to continue recording a conversation by listening to it in real
time. See, e.g., Katz
v. United States, 389 U.S. 347, 354 (1967). With Carnivore, conversely, the collection
has already taken place. An agent must decide whether to discard or retain the
information. See infra notes 113-128
and accompanying text for additional discussion of law regarding minimization.
[FN34]. Infra notes
132-142 and accompanying text for a discussion of the flaws of this nomenclature.
[FN35]. Independent
Review, supra note 21, at 3-24.
[FN36]. Id. at 3-24 to
3-25.
[FN37]. Id. at 3-25.
[FN38]. Id.
[FN39]. Id.
[FN40]. Id. at 3-26.
[FN41]. Id. at 3-27.
[FN42]. Id. at 3-28.
[FN43]. Id.
[FN44]. See Johnston,
supra note 9. See also 18
U.S.C. § 3127(3).
[FN45]. See Johnston,
supra note 9. See also 18
U.S.C. § 3127(4).
[FN46]. See also 18
U.S.C. § 3127(4).
[FN47]. See generally,
Independent Review, supra note 21, at part 3.
[FN48]. Dempsey, supra note
10.
[FN49]. Dempsey, supra
note 10. Although Dempsey expresses
several legitimate concerns, it is not clear that the government has any less
leeway in ordinary telephone taps. The
Communications Assistance for Law Enforcement Act of 1994 ("CALEA")
requires:
[T]hat wireline, cellular, and Personal Communications Services (PCS)...
are to be capable of: (1) quickly obtaining, for government use, specific
communications pursuant to a court order; (2) quickly allowing the government
access to 'call-identifying information that is reasonably available;' (3)
delivering the intercepted communications and call-identifying information to
the government; and (4) providing the previous functions without interference to
telecommunication services and preventing unauthorized interceptions.
See Michael A. Rosow, Note, Is 'Big
Brother' Listening? A Critical Analysis of New Rules Permitting Law Enforcement
Agencies to Use Dialed Digit Extraction, 84 Minn. L. Rev. 1051, 1061 (2000) (quoting 47
U.S.C. 1002(a)(1)-(4)).
[FN50]. Dempsey, supra
note 10.
[FN51]. Id.
[FN52]. See Alam, supra note 5, at 48. EtherPeek is a packet sniffer program that was developed and is
now sold by A.G. Group, Inc. The
technology used in EtherPeek produces results similar to those Carnivore is
believed to be capable of producing.
EtherPeek is used to monitor errors, and to help network analysts
"troubleshoot[] and debug[]."
Id. "By monitoring,
filtering, decoding, and displaying packet data, EtherPeek can pinpoint protocol
errors and detect network problems such as unauthorised [sic] nodes,
misconfigured routes, excess error rates, and unreachable devices." Id.
However, it is another application, known as "EtherHelp,"
which works in conjunction with EtherPeek, that most closely resembles
Carnivore's ability to search the content of Internet transmissions. See id.
EtherHelp "works, as per A.G. Group, 'by capturing all network
traffic, or a specified portion of that traffic, in the form of packets."
' EtherHelp also uses devices called
filters and triggers. Both devices were
named to describe their function: a filter can be used to "limit the
packets captured to those that meet specific criteria," while a trigger
activates the capture application only when a "specific type of packet is
present." Id.
[FN54]. See Hearing,
supra note 25, at 15-16 (comments of Kevin DiGregory). DiGregory notes that "[m]any of the crimes
that we confront every day in the physical world are beginning to appear in the
online world. Crimes like death
threats, extortion, fraud, identity theft and child pornography are migrating
to the Internet." DiGregory,
however, is cognizant of the need for an acceptable balance between law
enforcement and privacy interests:
If law enforcement fails properly to respect individual privacy in its
investigative techniques, the public's confidence in government will be eroded,
evidence will be suppressed, and criminals will elude successful prosecution.
If law enforcement is too timid in responding to cybercrime, however, we
will, in effect, render cyberspace a safe haven for criminals and terrorists to
communicate and carry out crime, without fear of authorized government
surveillance. If we fail to make the
Internet safe, people's confidence in using the Internet and in e-commerce will
decline, endangering those very benefits brought about by the information age.
Id. at 16.
[FN60]. In its
reasoning, the Olmstead Court followed the strict construction of the Fourth
Amendment it had developed in Carroll v. United States. See id.
at 464-65 (construing Carroll v. United States,
277 U.S. 132, 149 (1925)).
[FN61]. See Richard S.
Julie, Note, High
Tech Surveillance Tools and the Fourth Amendment: Reasonable Expectations of
Privacy in the Technological Age, 37 Am. Crim. L. Rev. 127, 129 (2000) (discussing the use of the theory of "property-based
literalism" to interpret the Fourth Amendment).
[FN63]. See Olmstead,
277 U.S. at 473 (Brandeis, J., dissenting). "In the application of a constitution,
therefore, our contemplation cannot be only of what has been but of what may
be. Under any other rule a constitution
would indeed be as easy of application as it
would be deficient in efficacy of power."
Id.
Furthermore, and with even more foresight, Justice Brandeis writes:
The progress of science in furnishing the Government with means of
espionage is not likely to stop with wire-tapping. Ways may some day be developed by which the Government, without
removing papers from secret drawers, can reproduce them in court, and by which
it will be enabled to expose to a jury the most intimate occurrences of the
home.
Id. at 474.
[FN64]. Id. at 478.
They [the makers of our Constitution] conferred, as against the
Government, the right to be let alone - the most comprehensive of rights and
the right most valued by civilized men.
To protect that right, every unjustifiable intrusion by the Government
upon the privacy of the individual, whatever the means employed, must be deemed
a violation of the Fourth Amendment.
Id.
Not only does Brandeis elevate the "right to be let alone" to
the echelon of rights to be guarded most zealously, he asserts that it would be
[B]etter that a few criminals escape than that the privacies of life of
all the people be exposed to the agents of the government, who will act at
their own discretion, the honest and the dishonest, unauthorized and
unrestrained by the courts.
Id. at 479 n.12.
[FN67]. Id.
[FN68]. Id. at
353. As an intermediate step between
Olmstead and Katz, the Court referred to its reasoning in United
States v. Silverman, 365 U.S. 505 (1961), and
concluded that "the Fourth Amendment governs not only the seizure of
tangible items, but extends as well to the recording of oral statements,
overheard without any 'technical trespass... under local property law."
' Id. (quoting Silverman,
365 U.S. at 511).
[FN69]. Id. at
351. Writing for the Court, Justice
Stewart began to delineate the reasonable expectation of privacy standard,
expanded upon in Justice Harlan's concurring opinion: "What a person
knowingly exposes to the public, even in his own home or office, is not a
subject of Fourth Amendment protection....
But what he seeks to preserve as private, even in an area accessible to the public may be
constitutionally protected." Id.
at 351-52 (citation omitted).
[FN70]. 389
U.S. 347, 361 (1967), (Harlan, J., concurring).
[FN71]. See, e.g., Smith
v. Maryland, 442 U.S. 735, 745-46
(1979) (holding that an individual could
not reasonably expect to maintain the privacy of information gathered with
"trap and trace" and "pen register" devices installed upon
his telephone).
[FN72]. See
Skatoff-Gee, supra note 1, at 196 (citations omitted). Louis Seidman also believes that an
important consideration in current Fourth Amendment law "focuses on what
might be called the 'collateral damage' imposed by searches. Collateral damage includes the involuntary
disclosure of personal information not relevant to the investigation, as well
as the 'violence, disruption, and humiliation' implicit in any
search." Michael Adler, Note, Cyberspace,
General Searches, and Digital Contraband: The Fourth Amendment and the Net-Wide
Search, 105 Yale L.J. 1093, 1103 (1996) (quoting
Louis Michael Seidman, The Problem
with Privacy's Problem, 93 Mich. L. Rev. 1079, 1086-87 (1995)). There is a great
potential for serious harm to be inflicted by such searches including
"interfer[ence] with legitimate activity, disrupt[ion of] personal belongings, and discover[y] of
personal details that they have no right to learn." Id. at 1105 .
[FN73]. 18
U.S.C. § § 2510-2520
(1968).
[FN74]. See 18
U.S.C. § 2510. "An
individual pursuing a claim for illegally intercepting an oral conversation
must show that: (1) under the subjective prong they did not suspect their
conversation to be subject to interception; and (2) under the objective prong,
that expectation was justified by the circumstances." Skatoff-Gee, supra note 1, at 200-01.
[FN75]. Skatoff-Gee,
supra note 1, at 199 (citing 18
U.S.C. § 2516 (Supp. IV 1968) (amended 1986)).
[FN76]. Electronic
Communications Privacy Act of 1986,
Pub. L. No. 99- 508, 100 Stat. 1848 (1986)
(codified as amended at 18
U.S.C. § § 2510- 2520
(1986)).
[FN77]. Skatoff-Gee,
supra note 1, at 201.
[FN78]. 18
U.S.C. § § 2701-2711
(1994). 18
U.S.C. § 2701(a) provides in pertinent
part:
[W]hoever (1) intentionally accesses without authorization a facility
through which an electronic communication service is provided; or (2)
intentionally exceeds an authorization to access that facility; and thereby
obtains, alters, or prevents authorized access to a wire or electronic
communication while it is in electronic storage in such system shall be
punished as provided....
[FN79]. See 18
U.S.C. § 2701(a)(1).
[FN80]. See 18
U.S.C. § § 2510-2521.
[FN81]. Skatoff-Gee,
supra note 1, at n.89; S. Rep. No. 99-541 (1986).
[FN82]. Independent
Review, supra note 21, at 3-3.
[FN83]. Id. See also, infra notes 130-144, and
accompanying text for a more complete discussion of pen register law as it
relates to Carnivore.
[FN84]. Supra note 82,
at 3-3 and 3-4.
[FN85]. Id. at 3-1. S ee
also 18
U.S.C. § 2516(1) (1968). The officials who
may act in this capacity specified in the Independent Review include the
Attorney General, Deputy Attorney General, Associate Attorney General,
"and certain others designated by the Attorney General." The rationale underlying this policy is to
"ensure[] a measure of internal review and deliberation prior to any
wiretap." Independent Review, supra note 21, at 3-1.
[FN86]. Independent
Review, supra note 21, at 3-1; see also 18
U.S.C. § 2516(3) (1968). This restriction
is tempered even further by a clause that Carnivore is to be put to use only in
"those felonies serious enough to warrant the resources." Independent
Review, supra note 21, at 3-1.
[FN87]. Independent
Review, supra note 21, at 3-1; s ee
also 18
U.S.C. § 2518(1) (1968).
[FN88]. Independent
Review, supra note 21, at 3-1; see also 18
U.S.C. § 2518(3) (1968).
[FN89]. Independent
Review, supra note 21, at 3-1; see also 18
U.S.C. § 2518(1) (1968). This requirement
imposes heavy limitations upon Carnivore. While
Carnivore is allegedly technically capable of conducting searches throughout
electronic transmissions for key words, the degree of specificity required in
the order should effectively eliminate this concern.
[FN90]. Independent
Review, supra note 21, at 3-1 (quoting 18
U.S.C. § 2518(5) (1968); see also 18
U.S.C. § 2518(5) (1968). It should be
noted that 18
U.S.C. § 2518(7) allows for the "circumvention" of any of these
requirements in certain situations.
"If a law enforcement official designated by the Attorney General
determines that an emergency situation exists in which the national security is
compromised or there is an 'immediate danger of death or serious physical injury,'
the interception can proceed with notice to the court within the next 48
hours." Independent Review, supra
note 21, at 3-2 (citing 18
U.S.C. § 2518(7) (1968)).
[FN91]. 18
U.S.C. § 2518(10)(a) which allows the suppression of such evidence at trial on
the grounds that:
(i) the communication was
unlawfully intercepted;
(ii) the order of authorization
or approval under which it was intercepted is insufficient on its face; or
(iii) the interception was not made in conformity with the order of
authorization or approval.
[FN92]. See infra notes
94-102 and accompanying text.
[FN93]. See infra notes
106-109 and accompanying text.
[FN95]. Id.
[FN96]. Id. See also, e.g., United
States v. Giordano, 416 U.S. 505 (1974).
[FN97]. Chavez,
416 U.S. at 579.
The Court found that a
"misidentification, by itself, will not render interceptions
conducted under the order 'unlawful' within the meaning of § 2518(10)(a)(i)." However, it concluded that the
misidentification had been cured by "substantial compliance with Title III
requirements," in that the Attorney General had, in fact, authorized the
order. Id.
at 569 n.2.
[FN98]. Id.
at 580.
"[W]e also deem it appropriate to suggest that strict adherence by
the Government to the provisions of Title III would nonetheless be more in keeping with the
responsibilities Congress has imposed upon it when authority to engage in
wiretapping or electronic surveillance is sought." Id.
[FN99]. "'This
provision centralizes in a publicly responsible official subject to the
political process the formulation of law enforcement policy on the use of
electronic surveillance techniques.
Centralization will avoid the possibility that divergent practices might
develop. Should abuses occur, the lines
of responsibility lead to an identifiable person. This provision in itself should go a long way toward guaranteeing
that no abuses will happen."' Chavez, 416 U.S. at 590 (Douglas, J.,
dissenting) (quoting S. Rep. No. 1097, 90th Cong., 2d Sess., 97 (1968)).
[FN100]. 18
U.S.C. § 2519 (1994).
[FN101]. 18
U.S.C. § 2519 requires periodic reporting by judges who have issued or
denied orders for interceptions, and also by the Attorney General, or
assistants to the Attorney General to the Administrative Office of the United
States Courts on a number of statistics relating to the issuance of order and
the results thereof, including trials, motions to suppress, and convictions
arising out of interceptions.
Subsection (3) provides that the Director of the Administrative Office of the United States
Courts then "transmit to the Congress a full and complete report" on
the numbers and results of the applications for interceptions during the
preceding year. Id.
[FN102]. Chavez,
416 U.S. at 577 (quoting S. Rep. No. 1097, 90th
Cong., 2d Sess., 107).
[FN103]. See 18
U.S.C. § 2516(1)(a)-(o). See also 18
U.S.C. § 2518(1)(b)(i) which requires that each application include "a full
and complete statement of the facts and circumstances relied upon by the
applicant, to justify his belief that an order should be issued, including (i)
details as to the particular offense that has been, is being, or is about to be
committed." Id.
[FN104]. See United
States v. D'Aquila, 719 F. Supp. 98, 105 (D. Conn. 1989) (in which the District Court recognized that "the
virtual certainty that [the defendants'] criminal business depended upon
routine use of the telephone made eavesdropping a 'particularly appropriate'
method for the investigation").
See also, e.g., United
States v. United States Dist. Court for the E. Dist. of Mich., 407 U.S. 297,
310 n.9 (1972).
The Court discusses the "congressional recognition of the
importance of [electronic] surveillance in
combating various types of crime." For example, organized crime was considered to be among the areas
of criminal activity most effectively targeted by electronic surveillance
methods. President Lyndon Johnson's
"Crime Commission" "maintain[ed] these techniques are
indispensable to develop adequate strategic intelligence concerning organized
crime, to set up specific investigations, to develop witnesses, to corroborate
their testimony, and to serve as substitutes for them ...." Id.
The nature of the planning of the criminal activity made electronic
surveillance a particularly useful tool to combat this type of crime.
[FN105]. See
Skatoff-Gee, supra note 1, at 189-90.
[FN107]. See id.
at 322-23.
The Court "recognize[d] that domestic security surveillance may
involve different policy and practical considerations from the surveillance of
'ordinary crime," ' but quoted the Court in Camara
v. Municipal Court, 387 U.S. 523, 534-535 (1967),
to assert that "'[i]n cases in which the Fourth Amendment requires that a
warrant to search be obtained, 'probable cause' is the standard by which a
particular decision to search is tested against the constitutional mandate of
reasonableness."'
[FN108]. See id. at
325 (Douglas, J., concurring).
Continuing in a tone that foreshadows the concerns of privacy advocates
in the face of Carnivore, Justice Douglas refers to Senator Edward Kennedy of
Massachusetts, who argued that:
[T]he Government's revelations [on the broad swath of surveillance]
posed 'the frightening possibility that
the conversations of untold thousands of citizens of this country are being
monitored on secret devices which no judge has authorized and which may remain
in operation for months and perhaps years at a time.' Even the most innocent and random caller who uses or telephones
into a tapped line can become a flagged number in the Government's data bank.
Id. at 325-26 .
[FN109]. Id.. at 314
(quoting comments of Senator Hart in the floor debate of 18
U.S.C. § 2511(3), 114 Cong. Rec. 14750).
[FN110]. Id. at 314.
[FN111]. United
States Dist. Court for the E. Dist. of Mich., 407 U.S. at 324-325 (Douglas, J., concurring) (quoting Coolidge
v. New Hampshire, 403 U.S. 443, 455 (1971)).
[FN112]. Independent
Review, supra note 21, at 3-3.
[FN113]. See, e.g., United
States v. D'Aquila, 719 F. Supp. 98 (D. Conn. 1998). The "'full and complete statement' why
normal investigative procedures were not sufficient" is deemed to be
necessary "'to assure that wiretapping is not resorted to in situation[s]
where traditional investigative techniques would suffice to expose the
crime."' I d. at 103 (quoting 18
U.S.C. § 2518(1)(c)) (also quoting United
States v. Kahn, 415 U.S. 143, 153 n.12 (1974)).
[FN114]. See United
States v. Armocida, 515 F.2d 29, 38 (3d Cir. 1975) (explaining that the government does not
have to show to a certainty that traditional investigative techniques will
fail).
[FN115]. Armocida,
515 F.2d at 37.
See also 18
U.S.C. § 2518(3)(c) (1994); D'Aquila,
719 F. Supp. at 104 (quoting S. Rep. No. 90-
1097, at 101 (1968)).
[FN116]. Armocida,
515 F.2d at 37 (quoting Giancana
v. United States, 352 F.2d 921 construing 18
U.S.C. § 2518(1)(c)).
[FN117]. D'Aquila,
719 F. Supp. at 103-104 (quoting United
States v. Fury, 554 F.2d 522, 530 (2d Cir. 1977)).
[FN118]. See
Independent Review, supra note 21, at 3-4.
[FN119]. See id.
[FN120]. See id. at
3-5.
[FN121]. 18
U.S.C. § 2518(5) (1994).
[FN122]. Id.
[FN123]. Id.
[FN124]. 18
U.S.C. § 2518(6) (1994).
[FN125]. See Scott
v. United States, 436 U.S. 128 (1978), reh'g
den., 438
U.S. 908 (1978).
[FN126]. See id.; cf. Armocida,
515 F.2d 29 (3d Cir. 1975); United
States v. Falcone, 505 F.2d 478 (3d Cir. 1974).
[FN127]. See, e.g., United
States v. Sisca, 361 F.Supp. 735 (S.D.N.Y. 1973),
aff'd. 503
F.2d 1337 (N.Y.2d), cert. denied, 419
U.S. 878, and cert. denied, 419
U.S. 1008. (in which the Court for the Southern
District of New York found that the minimization was not satisfied when all
calls were intercepted, wiretaps were never shut off, and calls that were intercepted
included a substantial number of non-pertinent conversations). Compare Scott,
436 U.S. at 141, in which the Supreme Court noted
that under some circumstances, "it may not be unreasonable to intercept
almost every short conversation because the determination of relevancy cannot
be made before the call is completed."
The Scott Court found it "important to consider the circumstances
of the wiretap. For example, when the
investigation is focusing on what is thought to be a widespread conspiracy,
more extensive surveillance may be justified in an attempt to determine the
precise scope of the enterprise." Id.
at 140.
[FN128]. See, e.g., United
States v. Denisio, 360 F.Supp. 715, 718 (D. Md. 1973).
[FN129]. Scott,
436 U.S. at 140.
[FN130]. United
States v. Tortorello, 480 F.2d 764, 784 (2d Cir. 1973) (emphasis added).
[FN131]. Scott,
436 U.S. at 128.
[FN133]. See e.g., Denisio,
360 F. Supp. 715 (finding no implication of an
abuse of discretion in admitting evidence collected in a wiretap that continued
twenty-three days beyond the date the surveillance was supposed to end).
[FN134]. United
States v. Cox, 567 F.2d 930, 933 (10th Cir. 1977). See also U.S.
Dist. Ct. for the E. Dist. of Mich., 407 U.S. at 310 n.9. Complex criminal
activity is given greater leeway when the limitations on the scope of the
surveillance are established. The Court
notes that President Lyndon Johnson's "Crime Commission" asserted
that "'the great majority of law enforcement officials believe that the
evidence necessary to bring criminal sanctions to bear consistently on the
higher echelons of organized crime will not
be obtained without the aid of electronic surveillance techniques." '
(quoting Report by the President's Commission on Law Enforcement and
Administration of Justice, The Challenge of Crime in a Free Society 201
(1967)). Because of the complex and
layered webs frequently present in certain categories of criminal activity such
as organized crime, law enforcement officials have advocated far less
restrictive measures in surveillance orders.
[FN135]. See, e.g., Katz
v. United States, 389 U.S. 347, 364
(1967) (Black, J., dissenting). Justice Black expresses a twofold objection:
(1) I do not believe that the words of the Amendment will bear the meaning
given them by today's decision, and (2) I do not believe that it is the proper
role of this Court to rewrite the Amendment in order 'to bring it into harmony
with the times' and thus reach a result that many people believe to be
desirable." Id. See also, e.g., Christopher Slobogin &
Joseph E. Schumacher, Reasonable
Expectations of Privacy and Autonomy in Fourth Amendment Cases: An Empirical
Look at "Understandings Recognized and Permitted by Society," 42 Duke
L.J. 727 (1993) (evaluating the Supreme Court's
conclusions about expectations of privacy in light of prevailing public
sentiment regarding such expectations).
[FN136]. See Katz
v. United States, 389 U.S. 347, 365-66 (1967)
(Black, J., dissenting).
[FN138]. Id.
[FN139]. 425
U.S. 435, 442-44 (1976).
[FN141]. Smith,
442 U.S. at 742-43.
[FN145]. While the Katz
Court asserted that the Fourth Amendment does not contain a "general
constitutional 'right to privacy," ' its holding "requires that
certain privacy interests of the individual not be invaded by the government except under certain
conditions." Katz,
389 U.S. at 350.
See also C. Ryan Reetz, Note, Warrant
Requirement For Searches of Computerized Information, 67 B.U. L. Rev. 179,
181-83 (1987).
[FN146]. Smith,
442 U.S. at 748.
[FN147]. Smith
v. Maryland, 442 U.S. 735, 747-48 (1979)
(Stewart, J., dissenting).
[FN148]. Id.
at 748-52 (Marshall, J., dissenting).
[FN149]. Id.
at 749 (Marshall, J., dissenting).
[FN150]. Id.
at 751 (Marshall, J., dissenting).
[FN151]. Id.
at 751 (Marshall, J., dissenting).
[FN152]. Id.
at 746-48 (Stewart, J., dissenting).
[FN153]. Id.
at 748, (Stewart, J., dissenting). Justice Stewart notes that:
[He] doubt[s] there are any [private telephone subscribers] who would be
happy to have broadcast to the world a list of the local or long distance
numbers they have called. This is not
because such a list might in some sense be incriminating, but because it easily
could reveal the identities of the persons and the places called.
Id.
[FN154]. Compare
Independent Review, supra note 21, and United
States v. Falcone, 505 F.2d 478, 482-83 (3d Cir. 1974). A cursory
examination of the pen register function of Carnivore and a telephone pen
register seems toindicate the dissimilarity in the way they actually
operate. Yet thefunction and purpose of
these devices are fundamentally the same.
Theonly substantial difference is that the pen register function
ofCarnivore is merely another of several possible configurations of
theCarnivore system, while a telephone pen register is a device with asingle,
limited function.
[FN155]. United
States v. Cox, 567 F.2d 930, 933 (10th Cir. 1977) (citing United
States v. Falcone, 505 F.2d 478 (3d Cir. 1974)
and United
States v. Iannelli, 430 F.Supp. 151 (W.D. Pa. 1977)). "When used in conjunction with a
wiretap, we conclude that an order permitting interception under Title III for
a wiretap provides sufficient authorization for the use of a pen register, and no separate order for the
latter is necessary." Falcone, at 482.
END OF DOCUMENT