http://www.wired.com/news/politics/0,1283,45851,00.html By Declan McCullagh 2:00 a.m. Aug. 7, 2001 PDT The U.S. government has invoked national security to argue that details of a new electronic surveillance technique must remain secret. Justice Department attorneys told a federal judge overseeing the prosecution of an alleged mobster that public disclosure of a classified keystroke logger would imperil ongoing investigations of "foreign intelligence agents" and endanger the lives of U.S. agents. In court documents (PDF) filed Friday, the Justice Department claims that such stringent secrecy is necessary to prevent "hostile intelligence officers" from employing "counter-surveillance tactics to thwart law enforcement." U.S. District Judge Nicholas Politan heard arguments last Monday in the prosecution of Nicodemo S. Scarfo, the alleged mastermind of a loan shark operation in New Jersey. Politan asked both sides to submit additional briefs before he decided whether or not to order the feds to disclose details about their keystroke logging device, which captured Scarfo's PGP passphrase. Politan has barred attorneys in the case from talking to reporters. Donald Kerr, the director of the FBI's lab, said in an affidavit filed Friday that "there are only a limited number of effective techniques available to the FBI to cope with encrypted data, one of which is the 'key logger system.'" He said that if criminals find out how the logger works, they can readily circumvent it. The feds believe so strongly in keeping this information secret that they've said they may invoke the Classified Information Procedures Act if necessary. The 1980 law says that the government may say that evidence requires "protection against unauthorized disclosure for reasons of national security." If that happens, not only are observers barred from the courtroom, but the trial could move to a classified location. Federal regulations say that if a courtroom is not sufficiently secure, "the court shall designate the facilities of another United States Government agency" as the location for the trial. But the FBI's Kerr said that CIPA's extreme procedures aren't good enough. Says Kerr: "Even disclosure under the protection of the court ... cannot guarantee that the technique will not be compromised.... To assume otherwise may well lead to the compromise of criminal and national security investigations, and, in some cases, threaten the lives of FBI or other government agency personnel." Scarfo allegedly used PGP to encode his confidential and incriminating business data. With a judge's approval, FBI agents repeatedly sneaked into Scarfo's business to plant a keystroke sniffer -- it could be either software or hardware -- and monitor its output. During last Monday's hearing, Judge Politan wondered aloud how the law should treat the keyboard tap. Was it akin, Politan wondered, to a telephone wiretap, regulated by the federal law known as Title III? Perhaps it was a general search of the sort loathed by the colonists at the time of the American Revolution and thereafter outlawed by the Fourth Amendment? Or was it, as the government argued, just like cops rummaging around someone's home or office with a search warrant in hand? The difference is crucial: If Politan rules that the FBI's keystroke monitor is a wiretap, the evidence may have to be discarded and Scarfo would be more likely to walk free. That's because wiretaps must follow strict rules -- such as minimizing information that's recorded -- that the FBI's technique didn't. "If no court has yet assessed the legality of this technique, it seems clear that Scarfo should be entitled to make that inquiry," says David Sobel, general counsel of the Electronic Privacy Information Center. "Whether or not this was the equivalent of a wiretap is a central question -- how can that be answered without knowing how this worked and what it was capable of capturing?" For its part, the defense argues (PDF) that without public disclosure, judges will be giving their "approval to secret entries which do nothing less than spy on the citizen so targeted." Another thing that's suspicious, says the defense, is that the log from the program ended as soon as it shows Scarfo's PGP passphrase: "The odds of someone subject to a 60-day period of observation via keystroke recording providing what was sought on the very last typed entries are alarmingly high." - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Aug 08 2001 - 05:06:03 PDT