[Infowarrior] - F.B.I. Received Unauthorized E-Mail Access

[Richard Forno]

February 17, 2008
F.B.I. Received Unauthorized E-Mail Access
By ERIC LICHTBLAU
http://www.nytimes.com/2008/02/17/washington/17fisa.html

WASHINGTON ‹ A technical glitch gave the F.B.I. access to the e-mail
messages from an entire computer network ‹ perhaps hundreds of accounts or
more ‹ instead of simply the lone e-mail address that was approved by a
secret intelligence court as part of a national security investigation,
according to an internal report of the 2006 episode.

F.B.I. officials blamed an ³apparent miscommunication² with the unnamed
Internet provider, which mistakenly turned over all the e-mail from a small
e-mail domain for which it served as host. The records were ultimately
destroyed, officials said.

Bureau officials noticed a ³surge² in the e-mail activity they were
monitoring and realized that the provider had mistakenly set its filtering
equipment to trap far more data than a judge had actually authorized.

The episode is an unusual example of what has become a regular if
little-noticed occurrence, as American officials have expanded their
technological tools: government officials, or the private companies they
rely on for surveillance operations, sometimes foul up their instructions
about what they can and cannot collect.

The problem has received no discussion as part of the fierce debate in
Congress about whether to expand the government¹s wiretapping authorities
and give legal immunity to private telecommunications companies that have
helped in those operations.

But an intelligence official, who spoke on condition of anonymity because
surveillance operations are classified, said: ³It¹s inevitable that these
things will happen. It¹s not weekly, but it¹s common.²

A report in 2006 by the Justice Department inspector general found more than
100 violations of federal wiretap law in the two prior years by the Federal
Bureau of Investigation, many of them considered technical and inadvertent.

Bureau officials said they did not have updated public figures but were
preparing them as part of a wider-ranging review by the inspector general
into misuses of the bureau¹s authority to use so-called national security
letters in gathering phone records and financial documents in intelligence
investigations.

In the warrantless wiretapping program approved by President Bush after the
Sept. 11 terrorist attacks, technical errors led officials at the National
Security Agency on some occasions to monitor communications entirely within
the United States ‹ in apparent violation of the program¹s protocols ‹
because communications problems made it difficult to tell initially whether
the targets were in the country or not.

Past violations by the government have also included continuing a wiretap
for days or weeks beyond what was authorized by a court, or seeking records
beyond what were authorized. The 2006 case appears to be a particularly
egregious example of what intelligence officials refer to as
³overproduction² ‹ in which a telecommunications provider gives the
government more data than it was ordered to provide.

The problem of overproduction is particularly common, F.B.I. officials said.
In testimony before Congress in March 2007 regarding abuses of national
security letters, Valerie E. Caproni, the bureau¹s general counsel, said
that in one small sample, 10 out of 20 violations were a result of
³third-party error,² in which a private company ³provided the F.B.I.
information we did not seek.²

The 2006 episode was disclosed as part of a new batch of internal documents
that the F.B.I. turned over to the Electronic Frontier Foundation, a
nonprofit group in San Francisco that advocates for greater digital privacy
protections, as part of a Freedom of Information Act lawsuit the group has
brought. The group provided the documents on the 2006 episode to The New
York Times.

Marcia Hofmann, a lawyer for the privacy foundation, said the episode raised
troubling questions about the technical and policy controls that the F.B.I.
had in place to guard against civil liberties abuses.

³How do we know what the F.B.I. does with all these documents when a problem
like this comes up?² Ms. Hofmann asked.

In the cyber era, the incident is the equivalent of law enforcement
officials getting a subpoena to search a single apartment, but instead
having the landlord give them the keys to every apartment in the building.
In February 2006, an F.B.I. technical unit noticed ³a surge in data being
collected² as part of a national security investigation, according to an
internal bureau report. An Internet provider was supposed to be providing
access to the e-mail of a single target of that investigation, but the
F.B.I. soon realized that the filtering controls used by the company ³were
improperly set and appeared to be collecting data on the entire e-mail
domain² used by the individual, according to the report.

The bureau had first gotten authorization from the Foreign Intelligence
Surveillance Court to monitor the e-mail of the individual target 10 months
earlier, in April 2005, according to the internal F.B.I. document. But
Michael Kortan, an F.B.I. spokesman, said in an interview that the problem
with the unfiltered e-mail went on for just a few days before it was
discovered and fixed. ³It was unintentional on their part,² he said.

Mr. Kortan would not disclose the name of the Internet provider or the
network domain because the national security investigation, which is
classified, is continuing. The improperly collected e-mail was first
segregated from the court-authorized data and later was destroyed through
unspecified means. The individuals whose e-mail was collected apparently
were never informed of the problem. Mr. Kortan said he could not say how
much e-mail was mistakenly collected as a result of the error, but he said
the volume ³was enough to get our attention.² Peter Eckersley, a staff
technologist for the Electronic Frontier Foundation who reviewed the
documents, said it would most likely have taken hundreds or perhaps
thousands of extra messages to produce the type of ³surge² described in the
F.B.I.¹s internal reports.

Mr. Kortan said that once the problem was detected the foreign intelligence
court was notified, along with the Intelligence Oversight Board, which
receives reports of possible wiretapping violations.

³This was a technical glitch in an area of evolving tools and technology and
fast-paced investigations,² Mr. Kortan said. ³We moved quickly to resolve it
and stop it. The system worked exactly the way it¹s designed.²