I asked this question this week of Steven Chabinski (the chief legal advisor for the NIPC and assistant legal counsel for the FBI) at a DC-ISOC meeting on privacy. I don't have perfect recall, so any errors are totally mine. Here's what I heard him say: There are three conditions that allow a person to peer into the content of network traffic. 1) the people who generate the traffic have been notified that the traffic is being monitored, 2) a law enforcement organization has a court order to do a wire tap, 3) a sysadmin is doing so to "protect his system". It doesn't matter whether the traffic is intra-corporate or internet traffic. There is clearly gray-ness in point 3. Additionally, if the inspector sees that the content contains child pornography and the inspector is an ISP, there is an obligation to report this to the FBI. From: Crumrine, Gary L <CrumrineGLat_private> >After wearing out my fingers during a heated conversation with another >colleague over legalities of certain actions, a question came up in my mind >concerning sniffers and their usage. > >If a sniffer was placed on the outside of a given network, and was >configured to sniff packets coming from that network only, does this >constitute an illegal wire tap? And do the same rules apply to data as they >do voice? In some cases it transits the same copper wire... ouch I am >getting a headache.. >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:57:57 PDT