Statement of
The Electronic Frontier Foundation

The Fourth Amendment and Carnivore

July 28, 2000

The Electronic Frontier Foundation (EFF) would like to submit comments to be included for the record regarding the Fourth Amendment and the issues raised by the FBI's Carnivore system.

EFF is a leading global nonprofit organization linking technical architectures with legal frameworks to support the rights of individuals in an open society. Founded in 1990, EFF actively encourages and challenges industry and government to support free expression, privacy, and openness in the information society. EFF is a member-supported organization and maintains one of the most-linked-to Web sites in the world.

We wish to focus our comments on two specific issues. First, the use of pen registers as applied to traditional land-line telephone systems are not analogous to packet analyzers, such as Carnivore, that are used on the Internet. Second, we will touch on some of the harmful societal effects that will most certainly be wrought should the Carnivore system be implemented in the manner that the FBI wishes.

The use of packet analyzers on the Internet captures much more information from an individual than does the use of pen registers and trap and trace devices used on traditional land-line telephone systems.

Pen registers are devices used to record telephone numbers that are dialed from a telephone, whereas trap and trace devices are used to determine where a telephone call originated. Information gathered in this manner is strictly limited to only those phone numbers that are made either to or from the target's telephone number. No other personal information is harvested from the target of the investigation. The contents of the message and the routing or addressing information are independent of each other. Law enforcement cannot rely on pen registers or trap and trace warrants to get at the content of the calls.

In reality, pen registers or trap and trace devices do not exist where the Internet is concerned, because the contents of the messages and the sender/receiver information are not kept separate. Because of this, the potential for law enforcement to over-collect information exists, and it is almost a certainty that law enforcement will receive more information from individuals than is authorized by a traditional pen register or trap and trace warrant. There are several ways that this can happen.

When a person makes a telephone call on a traditional telephone system, a discrete and continuous segment of the telephone system is dedicated to that call, which is handled sequentially. The system first accepts the call routing information (dialed number, number and accounting information of the phone used to make the call, etc.), secondly establishes a connection, and only then opens the line to the content side of the call. The routing information remains wholly separate and severable from the call content, allowing law enforcement easy access to the one but not to the other. The Internet, however is a packet-switched network, meaning that when information is sent over the Net, it is broken into small packets, routed piecemeal over the Net and then reassembled at its final destination. Routing information, as well as content, are both contained in each individual packet, potentially giving law enforcement access to content as well as location routing information.

The Carnivore system appears to exacerbate the over collection of personal information by collecting more information than it is legally entitled to collect under traditional pen register and trap and trace laws.

The Carnivore system has received a lot of press recently, but the FBI has not been forthcoming about how the Carnivore system actually works. Civil liberties groups have often been quoted as noting that Carnivore is a "black box" leaving us to guess at its inner workings.

We have been able to discover that Carnivore is a packet-sniffer, able to gather pen register and trap and trace information by sniffing each packet as it is routed along. It then filters out unwanted email and other communications information from those of the target. This process is problematic for two very important reasons.

First, traditional wiretaps, pen registers and trap and trace devices, are attached to specific telephone lines; law enforcement will only obtain the telephone numbers associated with the target's phone. With Carnivore in place, law enforcement has the potential ability to sift through all of the traffic going through a particular Internet Service Provider's (ISP) network. This far exceeds the scope of any wiretap laws we currently have in place.

Second, analogizing pen register information from a traditional land-line phone system to the Internet is incorrect. The Carnivore system likely can capture content as well as numbers. Email addresses for example are personal to an individual rather than to a particular household. We don't know for sure, but it is possible that Carnivore has access to the subject line information of email messages. Subject lines are content. For example, "leaving work at 5pm today - meet me at the bus stop", contains a lot of information about travel plans of a target on a particular day. Carnivore can also track other content information such as the URLs of web sites visited. Seeing the URLs not only give routing information but content as well. For example, someone visiting www.eff.org could presumably be interested in civil liberties issues online.

Systems like Carnivore have the potential to turn into mass surveillance systems that will harm our free and open society.

Currently, there is little if any public oversight over the FBI's use of its Carnivore system. The FBI has not allowed the ISP to inspect the device, nor have any of the advocacy groups been allowed to examine it. In fact, the ACLU has had to resort to filing a FOIA request to try to get at the source code. Allowing the FBI to install and use a device such as this unchecked by any public oversight, threatens the openness we enjoy and expect in our society. Robert Corn-Revere, in his testimony, noted that his case is sealed. We can't even look to that for guidance.

Surveilling the Internet in this way leaves law enforcement with the potential to lower an individual's expectation of privacy as they use the Internet, particularly if we use the majority rule in Smith v. Maryland, that an individual has no legitimate expectation of privacy in the numbers that they dial on their telephones. This is so because law enforcement has so far successfully argued that pen registers on the Internet are analogous to those used on land-line telephone systems. Since routing information on the Net contains content, an expectation of privacy could end up being lowered for an individual's reading habits on the Net. Once individuals realize that they have a lowered expectation of privacy on the Net, they may not visit particular web sites that they may otherwise have visited.

The Court in Smith v. Maryland noted law enforcement's penchant for trying to lower the bar on what is a legitimate expectation of privacy. The majority noted that:

"situations can be imagined, of course, in which Katz' two-pronged inquiry would provide an inadequate index of Fourth Amendment protection. For example, if the Government were suddenly to announce on nationwide television that all homes henceforth would be subject to warrantless entry, individuals thereafter might not in fact entertain any actual expectation of privacy regarding their homes, papers, and effects. ...In such circumstances, where an individual's subjective expectations had been "conditioned" by influences alien to well-recognized Fourth Amendment freedoms, those subjective expectations obviously could play no meaningful role in ascertaining what the scope of Fourth Amendment protection was. In determining whether a "legitimate expectation of privacy" existed in such cases, a normative inquiry would be proper."

In other words, law enforcement cannot "dumb down" society's subjective notions of what constitutes a legitimate expectation of privacy.


The use of pen registers as applied to traditional land-line telephone systems is fundamentally different than information that is collected using pen registers on the Internet. Allowing a system such as Carnivore to be used unchecked by law enforcement exacerbates the problem of over collection of data and has the potential to harm our open society.


Deborah S. Pierce
Staff Attorney
Electronic Frontier Foundation


*** LYNX USERS CLICK HERE FOR QUICK NAVIGATION MAP FOR THIS PAGE *** ____________________________________________________________________ Main content of this page Special feature (if any) Sidebar (if any) Whole-Site Navigation Bar Search/Browse Subscribe to mailing list (Back to top of page) ____________________________________________________________________

Please send any questions or comments to webmaster@eff.org.