While it's been widely reported for a few years now that the FBI has some spyware
, called the "computer and internet protocol address verifier," or CIPAV, for tracking down certain computer users. However, some new Freedom of Information Act-released documents provide some more details
, including that other government agencies have requested to use the tool, and that there's been some serious disagreement among the feds about how it can and should be used legally (and if it's always used in legal ways).
[EFF] officials have raised concerns about documents showing that FBI agents at times employed inconsistent methods for gaining authorization to install the tracer. Their email messages talk about using a "trespasser exception" to avoid obtaining a warrant. One message recommends citing the "All Writs Act, 28 U.S.C. § 1651(a)." The group noted that one September 2007 message indicates some agents felt spyware searches do not require any legal process.
"There seems like there was a lot of back-and-forth," Lynch said.
The 2007 email stated, "I still think that use of [redacted] is consensual monitoring without need for process; In my mind, no different than sitting in a chat room and tracking participants; on/off times or for that matter sitting on P2P networks and find out who is offering KP" -- in a likely reference to law enforcement's practice of searching through file-sharing networks for sex offenders exchanging child pornography.
The thing is, it seems like this kind of thing would likely easily get a warrant approval in most cases where it was really necessary. Why is it that our federal government so often seems to hate having to go through such basic oversight efforts? After all, the news just came out that the FISA court approved all 1,506 requests
from the government to electronically monitor suspects. It's not as if FISA is a difficult process to go through...