Ties taint Carnivore review

[Patrick Oonk <patrick () pine nl>]

http://www.usatoday.com/usatonline/20001004/2717405s.htm


Ties taint Carnivore review

So much for the hope that an independent review would settle privacy worries
about the FBI's new system for snooping on e-mail.

Two months after grudgingly agreeing to let outside authorities decide
whether the Internet eavesdropping program named Carnivore endangers civil
liberties, Attorney General Janet Reno last week gave the job to the Illinois
Institute of Technology Research Institute (IITRI). Among the reasons: its
ability to conduct the most independent review.

But the Department of Justice's selection raises serious questions about its
definition of ''independent.''

* IITRI accepted limitations on its research required by the Justice
Department, including the power to censor its final report.

* The high-tech branch of the research institute, which will perform the
analysis, receives 80% of its funding from the federal government, mostly the
Department of Defense and the Internal Revenue Service, giving it an incentive
to provide a review the government -- its largest client -- will like.

* The Department of Justice hasn't told IITRI the name of the government
contractor that created Carnivore. Without the information, IITRI researchers,
who work for and consult with dozens of high-tech firms, can't guarantee their
independence.

Yet those problems pale when compared to the conflicts posed by the
individual IITRI staff members and the Illinois Institute of Technology law
professors named to work on the review. While all are highly qualified, most
members of the team have personal connections to federal-government
agencies, the Clinton administration or even the Department of Justice itself.
It does not take much imagination to question the objectivity of former
government employees and Clinton-administration political allies.

The two lawyers who are part of the IITRI team have direct conflicts of
interest. One was an adviser to the Clinton transition team in 1992 and 1993
and has since made the maximum legal donation to Al Gore's presidential
campaign. The other is a former Department of Justice lawyer.

Of the seven scientists and computer technicians slated to work on the
review, three are longtime defense contractors, and one was an employee of
the National Security Agency until last year. Most have high-level government
clearances. Yet Carnivore has been used to tap the Internet more often in
national security cases than in crime investigations, according to the FBI.
Men and women who have made their careers working in national security are
not likely to rock the boat.

On top of that, the Justice Department has dedicated only $175,000 to
perform this quickie six-week review. The American Civil Liberties Union calls
that a ''minuscule'' amount of time and money. That's right, if Reno intends
anything more than a whitewash.

The independent review was supposed to settle public fears about a
two-year-old computer system that has been used secretly to tap into e-mail
dozens of times. Instead, the Justice Department's decision to hire political
insiders combined with its taste for secrecy has only increased concerns that
the Clinton administration is not interested in an independent review.

FBI Assistant Director Donald Kerr told a Senate committee that ''trust in the
FBI's use of Carnivore should rest upon the FBI's openness and willingness to
discuss this device.''

Based on that standard, the public should have no trust at all.Today's debate:
FBI's e-mail spying program Justice Dept.'s pick compromises effort to detect
privacy violations.

--
 Patrick Oonk -  PO1-6BONE -  patrick () pine nl -  www.pine.nl/~patrick
 Pine Internet     -      PAT31337-RIPE       -      XOIP+31208723350
 Tel: +31-70-3111010  -   Fax: +31-70-3111011   -  http://security.nl
 PGPID 155C3934 fp DD29 1787 8F49 51B8 4FDF  2F64 A65C 42AE 155C 3934
 Excuse of the day: Stubborn processes

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".