-----BEGIN PGP SIGNED MESSAGE-----
On 12 Jul 2000, Marc Horowitz wrote:
> In the case of monitoring an individual's email, it would be
> sufficient to monitor their spool file on whatever ISP mail server
> stores their mail. The spool file only contains one person's email,
> and only the ISP needs to know. This does not put the privacy of any
> other user's email at risk.
You are quite correct, and this is how everyone has always assumed the FBI
went about monitoring suspects' email communications (Prior to Carnivore.)
However, that would clearly not require a specialized black box system to
be placed at the ISP's facility. I think it is clear that something much
more devious is occuring here.
> There are exceptions. Large companies maintain their own email
> servers, so there is no independent ISP to cooperate with the FBI.
> However, the same problem exists with large company's phone lines. A
> company with 1000 phones does not have an individual phone line
> dedicated to each phone, in fact there is no direct correlation
> between phones and incoming or outgoing lines. Wiretaps must have run
> into this issue, and this would seem to be good precedent for the
> leased lines which carry a large company's email (and web, IM, and
> all other) traffic.
And then the argument presented by Paul D. Robertson would hold up. The
only sure-fire way to obtain a suspect's commications is to monitor it on
the network level. It is easier to isolate a phone conversation than an
email conversation...
> Finally, there are sophisticated individuals which also run their own
> email systems. In these cases, I suspect wiretapping the entire
> connection for that individual would fall within the scope of a
> wiretap, since only a single individual would be targetted. (It might
> take a few overturned cases before they learn to write the warrants
> correctly.)
>
> In general, I can't see why the FBI needs tools like Carnivore to tap
> email. The store-and-forward nature of email means there's a place
> you can go to find the email, and the structure of most email systems
> means there's a place which contains only the email for that user.
They need such a device so they can conduct illegial email monitoring
under the guise of legitimate surveilance. Yes, I am a little
cynical. Yes, I have good reason to be.
- -MW-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (FreeBSD)
Comment: No comment.
iQEVAwUBOW1MmCsFU3q6vVI9AQFsegf7BwT9uC8fEzENKfEyvNbSMAQq5kUfUJvt
rRnlUFJQD6kkswhs+CFCdfofIJBQY/GWdZA926pamxNeDkJpOgFDqUjfMDtFwHXu
VmgxVOOFbw3XWY16IRclDDEiwpHZxAksAYy2itNYengshoVbzhLaczMbFLinoDoE
Vlbo0G01dU7ZhPQnpc9vBNc4kIwUUgbCz7pwzDsnuD2JG2YAZjFl3SCNxkEShmKz
W9Yumdg90jukUOcJOTxlhqdqlU7yxr4f+GrA4y96I/GILAdh+5b4sYfVI7sgyRfX
fbikp/65JLqvMOUOiSpBgD1eEc6x8h281U//SeDSUOOiEsDfyZ1B2w==
=jwqD
-----END PGP SIGNATURE-----
