Share/E-mail This Story

Email This



If There Needs To Be An Investigation, It Should Be About Why The FBI Was Reading Certain Emails

from the friendly-fire dept

While some have noted the irony of General Petreaus being taken down due to online surveillance methods that he should have been aware of, the case is bringing growing attention to an issue many of us have been discussing for a while: how easy it is for law enforcement to snoop through your email. We raised the question already, but as more info comes out, the whole thing is looking that much more questionable.

Julian Sanchez keeps trying to find out exactly what legal process the FBI used to go through a variety of email accounts based on an apparently non-criminal cyberstalking claim (which was apparently brought to the FBI by a non-cyber-focused agent who had seemed to have a crush on the "victim"of the cyberstalking), and notes that there are big questions about what process was used to go through these emails and how much oversight was involved:
To Julian Sanchez, a research fellow at the Cato Institute, the real scandal over the Petraeus affair is not the extramarital sex, but the invasion of privacy.

"Law enforcement and certainly intelligence agencies have an incredible amount of ability to gather huge volumes of detailed information about people's most intimate online communications, a lot of it without requiring a full-blown warrant, a lot of it without requiring even any kind of judicial approval," Sanchez said.
Meanwhile, Chris Soghoian, working for the ACLU, highlights some of what's been revealed about the snooping. For example, FBI agents tracked down Patricia Broadwell as the email sender, even though she was using throwaway accounts, because webmail providers record the IP address from whence someone logs in -- and Broadwell didn't conceal that info. Apparently, the IP addresses were a series of hotels, and cross-checking with guest lists, it didn't take long to narrow down the only real suspect. Oh, and none of that info required judicial oversight for the FBI to get:
The guest lists from hotels, IP login records, as well as the creative request to email providers for “information about other accounts that have logged in from this IP address” are all forms of data that the government can obtain with a subpoena. There is no independent review, no check against abuse, and further, the target of the subpoena will often never learn that the government obtained data (unless charges are filed, or, as in this particular case, government officials eagerly leak details of the investigation to the press). Unfortunately, our existing surveillance laws really only protect the “what” being communicated; the government’s powers to determine “who” communicated remain largely unchecked.
He also delves into the method by which Petreaus and Broadwell communicated -- by sharing an account and communicating via "drafts" that were saved. For the head of the CIA you'd think he'd use a method that wasn't long known to be just as (if not more) insecure than regular email. Soghoian tears apart this supposedly "secret" method of communicating:

For more than a decade, a persistent myth in Washington DC, fueled by several counterterrorism experts, has been that it is possible to hide a communications trail by sharing an email inbox, and instead saving emails in a “draft” folder. This technique has been used by Khaled Sheikh Mohammed, Richard Reid (the shoe bomber), the 2004 Madrid train bombers, terrorists in Germany, as well as some domestic “eco-terrorists.” This technique has appeared in federal court documents as early as 2003, and was described in a law journal article written by a DOJ official in 2004. It is hardly a state secret.

Apparently, this method was also used by General Petraeus. According to the Associated Press, “[r]ather than transmitting emails to the other's inbox, they composed at least some messages and instead of transmitting them, left them in a draft folder or in an electronic ‘dropbox,’ the official said. Then the other person could log onto the same account and read the draft emails there. This avoids creating an email trail that is easier to trace.”

The problem is, like so many other digital security methods employed by terrorists, it doesn’t work. Emails saved in a draft folder are stored just like emails in any other folder in a cloud service, and further, the providers can be compelled, prospectively, to save copies of everything (so that deleting the messages after reading them won’t actually stop investigators from getting a copy).

Ironically enough, by storing emails in a draft folder, rather than an inbox, individuals may be making it even easier for the government to intercept their communications. This is because the Department of Justice has argued that emails in the “draft” or “sent mail” folder are not in “electronic storage” (as defined by the Stored Communications Act), and thus not deserving of warrant protection. Instead, the government has argued it should be able to get such messages with a mere subpoena.

Got all that? It's even more info that the FBI may have been able to obtain without ever having to get approval from a judge. That's not to say they didn't necessarily go before a judge to get a warrant or similar tool for surveillance, but it does highlight just how much info the FBI can obtain without any real oversight, and how it's entirely possible for it to be abused -- taking a very limited situation (non-criminal online harassment) and turning it into something massive.

In fact, as the EFF's Trevor Timm notes, we should be investigating the FBI over why it was snooping through people's emails and how frequently it does this. He notes, as others have, that nothing about the origination of this case should have resulted in FBI involvement, let alone reading people's emails. Remember, early on, no one knew this had anything to do with General Petreaus or any other high ranking official:

The spark that set events in motion was a handful of allegedly harassing emails sent anonymously to Kelley, a friend of Petraeus's, which she brought to a friend at the FBI. Yet it's unclear why an investigation was ever opened, given that everything publicly known about the emails suggests they weren't illegal.

As the Daily Beast reported, they said things like "Who do you think you are? ... You parade around the base ... You need to take it down a notch." The story noted, "when the FBI friend showed the emails to the cyber squad in the Tampa field office, her fellow agents noted that the absence of any overt threats."

It seems the deciding factor in opening the investigation was not the emails' content, but the fact that the FBI agent was friendly with Kelley. (Even more disturbing, the same FBI agent has now been accused of becoming "obsessed" with the Tampa socialite, sent shirtless pictures to her, and has been removed from the case.)

Basically, it sounds like the FBI had very questionable reasons for digging all that deep into this case at all. Michael Davis, at the Daily Beast, notes that the emails were typical "cat-fight stuff," with no indication of illegal activity:
When the FBI friend showed the emails to the cyber squad in the Tampa field office, her fellow agents noted that the absence of any overt threats.

“No, ‘I’ll kill you’ or ‘I'll burn your house down,’” the source says. “It doesn’t seem really that bad.”

The squad was not even sure the case was worth pursuing, the source says.

“What does this mean? There’s no threat there. This is against the law?” the agents asked themselves by the source’s account.

At most the messages were harassing. The cyber squad had to consult the statute books in its effort to determine whether there was adequate legal cause to open a case.

“It was a close call,” the source says.
So while there's all sorts of talk of investigations into who should have known the details of what was going on at what time, no one seems to be questioning why a simple "cat fight" resulted in the FBI digging in and reading people's emails. Yet, that seems like something we should all be quite worried about.

Indeed, if there's any "benefit" to come out of this, perhaps it's that more and more people are hopefully realizing just how easy it is for the FBI to spy on people electronically.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Nov 15th, 2012 @ 9:40am

    Can't believe he didn't just encrypt the messages. Super simple to do.

     

    reply to this | link to this | view in thread ]

  2.  
    icon
    cjstg (profile), Nov 15th, 2012 @ 9:41am

    irony

    but doesn't anyone find it ironic that the chief of the cia was brought down by another agency snooping into email?

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Shmerl, Nov 15th, 2012 @ 9:43am

    Re:

    That's really strange indeed.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Nov 15th, 2012 @ 9:49am

    Classic Obama

    We all know Obama ordered the FBI to get some dirt on Petreaus so his plan to have the Ambassador to Libya murdered wouldn't be revealed by Petreaus. The ambassador had the evidence that proved Obama was born in Kenya and was about to reveal it. So Obama had Mark Basseley Youssef create the anti-islam film knowing it would cause a protest, then sent his muslim friends attack the compound. The problem was that Petreaus found out. So he sent Patricia Broadwell back in time to have an affair with Petreaus, and then used Kelley to reveal the affair and Eric Cantor to notify the press. It's just that simple.

     

    reply to this | link to this | view in thread ]

  5.  
    icon
    Keii (profile), Nov 15th, 2012 @ 10:00am

    I wonder how long it will take for them to justify the means by the end result.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Nov 15th, 2012 @ 10:00am

    Soghoian is doing yeoman's work reporting on surveillance and evidence-gathering, but his phrasing is awfully sloppy sometimes.
    "Emails saved in a draft folder are stored just like emails in any other folder in a cloud service, and further, the providers can be compelled, prospectively, to save copies of everything (so that deleting the messages after reading them won’t actually stop investigators from getting a copy)."

    This is true, except for the important word "prospectively". Under the statute Chris links to, they can be compelled to save copies of things already in the account at the time the gubmint asks for it to be saved ("retrospectively), but not prospectively, meaning the government can't just demand that a provider save copies of any messages that will be received or sent in the next 24 hours, or next week, or somethign like that. The latter requires a warrant or more.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    That One Guy (profile), Nov 15th, 2012 @ 10:07am

    6/10

    And here I was worried we'd go an entire comment section without the required dose of crazy... still, you didn't cover all the angles, completely forgetting Big Search, the Illuminati, or any mention at all of the moon landing, so I'm afraid that's going to cost you some points.

     

    reply to this | link to this | view in thread ]

  8.  
    icon
    That One Guy (profile), Nov 15th, 2012 @ 10:11am

    Re: 6/10

    Dang, I just realized I just got whooshed hard there, I think reading too many troll posts has done a number on my sarcasm/funny meter, gonna need to get that fixed soon.

    Well done AC, well done indeed.

     

    reply to this | link to this | view in thread ]

  9. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Nov 15th, 2012 @ 10:13am

    No, the story is POWER, and exposes WEIRD war-whores:

    Talk about arrogant wackos (emphasis added):
    "In the phone call to authorities, Jill Kelley, a party hostess and unofficial social liaison for leaders of the U.S. military's Central Command in Tampa, cited her status as an honorary consul general while complaining about news vans that had descended on her two-story brick home overlooking Tampa Bay.

    "You know, I don't know if by any chance, because I'm an honorary consul general, so I have inviolability, so they should not be able to cross my property. I don't know if you want to get diplomatic protection involved as well," she told the 911 dispatcher Monday."


    And war-whore Broadwell didn't even WRITE the hagiography of the murderous thug! That's how The Rich live, take credit for the work of others:
    http://www.washingtonpost.com/lifestyle/style/petraeus-ghostwriter-clueless-to-affair/2012/ 11/12/c1271634-2ce4-11e2-89d4-040c9330702a_story.html


    Why he's a murderous thug? -- You don't get to top of CIA without killing people:
    http://www.buzzfeed.com/mhastings/the-sins-of-general-david-petraeus


    By the way, it's interesting what HASN'T been reported: outrage of Broadwell's husband. No doubt knew and approved as his own connection to power.


    It's a sick society. And over-arching all, was never a reason for going into Iraq or Afghanistan in the first place, totally fabricated excuses for empire adventures.

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Zos (profile), Nov 15th, 2012 @ 10:16am

    LMAO. that whole saving draft copies so as to avoid transmitting them anywhere.... they learned it from Tom Clancy. At least i'm 99% certain that's where i first heard the technique.
    It was either Clancy or another spy novel, and i'm certain i'd seen it before 2003.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Nov 15th, 2012 @ 10:35am

    Re: Re: 6/10

    Thanks. I knew if I didn't put something completely implausible people would think I was serious because there are actually people that crazy out there.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Nov 15th, 2012 @ 10:36am

    Re:

    "The Teeth of the Tiger" by Tom Clancy. Released in 2003. I am a huge Tom Clancy fan and I remember that was exactly how the terrorists in the novel communicated with each other.

    Did someone else use a similar plot device in an earlier novel? Possibly, but I'm into that whole genre and the only one that came to my mind as I read the article and your comment was Clancy's use of it.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    thegalen, Nov 15th, 2012 @ 10:42am

    "Cyber Bullying"

    Julian Sanchez and others keep painting the anonymous emails Kelley was receiving as "cat fight stuff" based on a single Daily Beast article that, once out the gate, every other story drew upon over the next 48 hours. This was lazy, motivated reasoning on their part. It's one thing to ask "What's in the emails that triggered FBI involvement?" and quite another to loudly and proudly that nothing in the emails constituted a crime or gave the FBI PC to investigate because Sanchez et al haven't been personally briefed on the contents.

    We've known from almost the start that the emails included references to non-public movements of the Director of the CIA, and now this:
    "It started in May with a spiteful email to the top U.S. commander in Afghanistan. An anonymous writer warned Gen. John Allen that a friend with whom he was meeting in Washington the following week was trouble and he should stay away from her.

    Allen thought the email was a joke because he didn't know how anybody else would know about his personal plans with his friend, Florida socialite Jill Kelley, a person close to Kelley said.

    ...

    In midsummer, Kelley shared these emails with an FBI agent, Frederick W. Humphries, whom she met at an FBI community program in 2011.

    Concerned that someone was tracking the movements of Allen and Petraeus, the FBI agent set the investigation in motion when he handed the information to the FBI's cyber squad in Tampa."

    So, yeah. Sanchez and everyone else can pretend that this was run of the mill cyber bullying, but that's doing their cause and everyone else who is concerned about electronic privacy, a disservice. There's no lead to exaggerate or lie or pretend. Stick to the facts!

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Glen, Nov 15th, 2012 @ 10:43am

    Re: Re: 6/10

    I'm gonna go with 10/10 for the shear awesome factor.

     

    reply to this | link to this | view in thread ]

  15.  
    icon
    weneedhelp (profile), Nov 15th, 2012 @ 10:45am

    Re: No, the story is POWER, and exposes WEIRD war-whores:

    Did OOTB actually make a comment without insulting Mike and the community?

    [Golf clap]

    There is hope for you yet?

    Day after day we all come here because we like this community. Admit it OOTB, you do too.

    ;)

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    sgt_doom (profile), Nov 15th, 2012 @ 10:51am

    The Night of the Generals

    While I think Glenn Greenwald's take is among the best, and also this article at the link below:

    http://www.privacysos.org/node/875

    I would humbly like to add my own take on the matter.

    The Night of the Generals: General Petraeus, General Allen and General Electric

    The latest super-corporate welfare scam: more tax breaks for those top corporations --- most of which don’t pay federal taxes in the first place --- which translates to government monies to them for absolutely nothing, or rather they are robbing the national tax base once again!

    http://www.ips-dc.org/articles/the_trojan_horse_in_the_debt_debate

    The corporation which will benefit the most? General Electric, of course. (The “Jobs Czar” is GE’s CEO, Jeffrey Immelt, who appears to be hellbent in making more Americans unemployed and impoverished --- WTF is he doing as the Jobs Czar?????)

    From the report by Sarah Anderson, Scott Klinger and Brent Soloway: The biggest potential winners are General Electric, which could reap a tax windfall of as much as $35.7 billion on its overseas earnings stash of $102 billion, and Microsoft, which could garner a savings of $19.4 billion on its $60.8 billion in accumulated foreign earnings.

    The top 63 corporations claim this will lower the national debt, but then they usually do claim the exact opposite of what their perfidy will accomplish!

    Regarding the “downfall” of CIA director, General Petraeus --- it’s interesting to note that the ostensible “instigator,” Paula Broadwell, is a reservist in military intelligence.

    One might construe how often, historically speaking, reservists in military intelligence have made the perfect sacrificial lamb.

    It was only a few years back when a senator, working on the creation of national legislation for collective bargaining rights for all Americans, was killed, along with members of his family, in a suspicious aircraft accident.

    Just prior to takeoff, a last-minute copilot replacement, Michael Guess (a reservist in military intelligence), boarded their plane with a piece of luggage.

    Michael Guess had also been a friend of Moussaoui, the so-called “20th hijacker of 9/11” (Guess even gave Moussaoui his very own copy of Microsoft’s Flight Simulator).

    The death of Senator Paul Wellstone (and some of the members of his family) and the downfall of Gen. Patreaus may deserve much closer scrutiny?

    [Special Note: At the School of the Americas they used to teach a procedure for bringing down an aircraft. Give the unwitting saboteur a recording device (or so they would tell them) which was in actuality a container of either knockout gas or an incendiary device, armed with a pre-set timer. When the unwitting saboteur pressed what he or she believed to start the recording device, the timer would begin. Hence, the objective was accomplished and all possible witnesses were disposed of.]

    From the current Corporate Crime File:

    Bank of New York Mellon’s subsidiary was recently fined in the many millions of dollars for colluding with Bernie Madoff. (Not this item, this was back last April:

    On Monday, the Federal Reserve reportedly fined Bank of New York Mellon $6 million for allegedly putting up ineligible collateral when it borrowed money under one of the central bank's emergency loan programs in 2008.

    This item: The New York State Attorney General’s office has announced a $210 million settlement deal with Ivy Asset Management. The New York Mellon bank subsidiary had advised its clients to invest with Bernie Madoff.

    House Republicans found Jon Corzine guilty of misappropriation of funds (as in stealing over $1 billion, etc.) while House Dems refused to vote him guilty as charged? Evidently, the Goldman Sachs Dems are actually different from the Goldman Sachs Repubs --- they each support different Goldman Sachs guys!

    http://www.ips-dc.org/reports/ceo-campaign-to-fix-the-debt

    (the report link below)

    http://www.ips-dc.org/files/5507/IPS-CEO-Campaign-to-Fix-the-Debt-report.pdf

    (the bad guys’ link)

    http://www.fixthedebt.org/

    (And from the Dave Files)

    http://cryptome.org/2012-info/petraeus-kelley/pict1.jpg

    http://www.counterpunch.org/201 2/11/14/epitaph-for-a-four-star/

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    None Ya, Nov 15th, 2012 @ 10:59am

    Permissions

    Note that when you take a job with the CIA, FBI, NSA and all of the other 3 letter agencies. You sign off on documents that give investigators access to whatever is deemed necessary. The general should have known this but was likely to proud to think he would be looked at.

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    Trails (profile), Nov 15th, 2012 @ 11:10am

    Re: No, the story is POWER, and exposes WEIRD war-whores:

    Can't tell if crazy or just trolling.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Nov 15th, 2012 @ 11:59am

    Re: Permissions

    how is that relevant in any way?

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Hal Bredbenner, Nov 15th, 2012 @ 12:00pm

    Re: Re:

    Omega Warrior (http://www.omegawarrior.com), a recent Clancy-genre novel, has terrorists using blog and comment sites to communicate using the position of avatars. There are a ton of ways to secretly communicate if you arrange the language between the sender and receiver in advance.

     

    reply to this | link to this | view in thread ]

  21.  
    icon
    btr1701 (profile), Nov 15th, 2012 @ 12:09pm

    Re: Permissions

    > Note that when you take a job with the
    > CIA, FBI, NSA and all of the other 3
    > letter agencies. You sign off on documents
    > that give investigators access to whatever
    > is deemed necessary.

    Not true. At least not for the FBI. As an agent, you don't sign away blanket permission for the government to root through your private non-work accounts and communications.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Nov 15th, 2012 @ 12:10pm

    Re:

    How does the end result justify anything? We still have no evidence of actual leaked, classified information. All we have is a garden-variety sex scandal. Those are a dime a dozen in Washington. It's just the timing that's poor.

    Frankly, we don't even have that on Allen. It'll be eyeroll-worthy if it comes out that there never was an affair there, and the FBI was just fishing based on what they thought were flirtatious emails. Last I heard, 'tone' arguments didn't fly well with actual courts as the equivalent of 'probable cause'. Wish that was also true of the court of public opinion....

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Anonymous Coward, Nov 15th, 2012 @ 12:14pm

    The irony in all this is that the director of the CIA was taken down by the very breeches of the 4th amendment that the average american can't even sue about because we don't have standing.
    I just wish Berry and Joe would be taken down too.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Anonymous Coward, Nov 15th, 2012 @ 12:44pm

    Re: Permissions

    So basically, you have no rights

    Fbi
    Cia
    Military

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Mr. Applegate, Nov 15th, 2012 @ 1:33pm

    Re: Classic Obama

    Someone really should post an email about this to a certain news corporation or two and see how quickly it rises to the top.

     

    reply to this | link to this | view in thread ]

  26.  
    icon
    Thomas (profile), Nov 15th, 2012 @ 6:11pm

    Why is anyone surprised?

    The DOJ routinely spies on anyone they feel like it and in any way they choose to. The Constitution and federal laws mean nothing to the DOJ. No judge would dare to call them to account; the judge would disappear quickly.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Mark in CA, Nov 16th, 2012 @ 2:40am

    I'm still having trouble understanding the FBI's jurisdiction in getting involved in the first place. Cyberstalking laws are primarily at the state level. The only time the feds get involved is if it involves interstate or foreign commerce or children. So what right did the FBI have to investigate the initial complaint at all?

     

    reply to this | link to this | view in thread ]

  28.  
    icon
    Zos (profile), Nov 16th, 2012 @ 7:42am

    Re: Re:

    thanks mate, i knew i'd seen it in a clancy novel. betcha a dollar that's where they got it from.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Ignora NT, Nov 16th, 2012 @ 8:06am

    When is copying not copying?

    Fta:
    The problem is, like so many other digital security methods employed by terrorists, it doesn’t work. Emails saved in a draft folder are stored just like emails in any other folder in a cloud service, and further, the providers can be compelled, prospectively, to save copies of everything (so that deleting the messages after reading them won’t actually stop investigators from getting a copy).

    Cloud services violating any copyright laws here???

     

    reply to this | link to this | view in thread ]

  30.  
    icon
    Jeff Okkonen (profile), Nov 16th, 2012 @ 9:33am

    Silencing General Petraeus

    Here is an interesting interpretation of events by Andrew Napolitano...

    http://www.lewrockwell.com/napolitano/napolitano77.1.html

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    Anonymous Coward, Nov 16th, 2012 @ 9:35am

    Re: When is copying not copying?

    No, it's not a violation of copyright to provide a copy to the FBI. Especially if they had a subpoena. No court would ever rule otherwise. Kinda like if I find some cocaine on the street and turn it in to my local police department, they aren't going to charge me with posession even though I did for a time posess it.

    The ridiculous part here is that, according to this article, a warrant is not needed for the draft folder. That's not only ridiculous in general... but in this case in particular, the draft folder WAS stored communications and the FBI knew this. And yet they kept reading.

    So, did they have a warrant? If they did, why did the judge issue one on such flimsy grounds? I hope the FOIA requests go through quickly.

    Oh, and also, since the White House has been so eagar to prosecute whistleblowers, do you think they will launch a full investigation as to who leaked information about the CIA DIRECTOR to the media? Yeah, I didn't think so. It was "leaked" on purpose. We have an administration that purposely tells the world about the affairs of someone they don't like. Classy.

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    Anonymous Coward, Nov 18th, 2012 @ 10:50am

    Re: Classic Obama

    Is it really so difficult to put a little "/sarcasm" at the end of your wacky tin-hat rants? For everybody's peace of mind?

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This