Legal Challenge to FBI's Keystroke Sniffing

Factomatic writes: The "Associated Press is reporting that lawyers for" an alleged "Mafia boss who used PGP will argue on Mon. Jul. 30 that keystroke logging is an illegal wiretap after the FBI bugged his computer to get his password to decrypt his files. The case has major implications for privacy rights and other electronic surveillance techniques like Carnivore. The Electronic Privacy Information Center (EPIC) has put the case documents online." Meanwhile, a spending bill proposes a $7 million increase in the FBI's budget for defeating encryption (and stego).

Re:they DIDN'T have a judge's approval!

So before people start flapping their mouths bout how this mafia probably got what he deserved, the agents didn't have a court order to do this.

They had a search warrant. The distinctin is a technical one, as they indicate that the "bug" did not transmit anything. It doesn't heed to usual wiretapping SOP, as it was placed on the PC in one warranted search, and the data was picked up at another. As such, the agents did not have the ability to choose not to intercept unrelated data, as they would in a standard wiretap (they have to cease listening after 1 minute if there is nothing relevant to the case said, and wait 1 hour before resuming listening, or something like that). Maybe it's easier to think about it like this: what if the FBI got a warrant, broke in while he wasn't there, stole the key to his safety deposit box, made a copy of it, and replaced it without him knowing. It's just different in that they had to come back later to pick up the copy of the key. They aren't relying on any communications intercepted by the key-capture to make their case, only his password, like his safety-deposit box key.

Re:they DIDN'T have a judge's approval!

[ethereal]

But searching someone's safety deposit box would also require a warrant, which would be separate from the warrant to search someone's home. I don't think your analogy is correct.

There is a distinction between hard copy communications which are physical objects that may be searched with a search warrant, and immaterial communications (electronic or just voice) which are by definition transitory and don't hang around to be searched. IMHO, if he had anything written down they could have taken it when they searched, but leaving a device which effectively converts a transitory communication (password keystrokes) into a permanent piece of evidence (keystrokes stored in a bug) is effectively a wiretap, rather than a search of physical property that the mafioso already had. The agents had to do something to convert his communications into physical form so they could take it with a search, and in doing so they stepped over the line into wiretap land.

Your argument has ludicrous consequences, because you could use it to do essentially any wiretap with just a search warrant - just place miniature voice recorders in all the phones, wait a week, come back again and harvest the tapes, and see what you got. I don't think that's consistent with the spirit of the law, which expects law enforcement to get a separate wiretap warrant for intercepting communications.

Remember: it's a "Microsoft virus", not an "email virus",

Re:Good and bad aspects

[Steve+B]

One thing which stands out about this is that the FBI guys didn't get a wiretap order. This is obviously not a good thing. IIRC, they got a search warrant, and assummed (wrongly IMHO) that the warrant included the right to search his computer

There's a reasonable case that a search warrant for documents includes a search of the current contents of the target's computer. However, the keystroke sniffer, placed for the purpose of making it possible to monitor future communications, clearly falls into the "wiretap" category rather than the "search" category.

(The reason the two are different, and the latter requires a higher standard, is that a search can be executed in the presence of the suspect. This serves as a deterrent against illegal expansion of the search into a fishing expedition. Wiretaps, obviously, cannot be known to the suspect until after the fact, which makes them more open to abuse.)
/.

The FBI will use this to fight encryption

[alteridem]

This guy will probably have his case thrown out of court because agents, without a wiretap order, recorded a suspect's computer keystrokes which the FBI will then spin to make their point that common citizens should not have strong encryption. They will then push for one legal encryption scheme that they have a backdoor password to (deja-vu anyone?)

This falls perfectly into the government's propoganda that only criminals use encryption. Why is it that more of us don't use PGP for all of our emails? I would happily use it if any of my friends actually had public keys. We can't fight these fights unless we all pull together.

they DIDN'T have a judge's approval!

[Coolfish]

From the article: agents, without a wiretap order, recorded a suspect's computer keystrokes.

So before people start flapping their mouths bout how this mafia probably got what he deserved, the agents didn't have a court order to do this. Think about it. If FBI agents have enough "probably cause" and figure they should tap your computer cause you're under suspicision of doing something illegal, and they don't even have to go see a judge to approve it, then your privacy and civil rights have gone right out the window.

Sad day

[daniel_isaacs]

It's a sad day when the Gov't throws you in jail for breaking the encryption that "protects" a copyrighted work, but openly funds and encourages the development of technolgies that violate the privacy of it's Citizens.