07/24/00 Committee on the Judiciary - Sachs Statement

Statement of Peter William Sachs

before the

Subcommittee on the Constitution of the

Committee on the Judiciary

United States House of Representatives

July 24, 2000

Mr. Chairman, Mr. Ranking Member, members of the Subcommittee, I am Peter Sachs, President of ICONN, LLC, a New Haven, Connecticut based Internet Service Provider ("ISP"). I am also a licensed attorney in the State of Connecticut. I wish to thank you for the opportunity to appear before you today to address this important Fourth Amendment issue as it relates to communications made via the Internet.

My knowledge of the Internet is based upon my five years experience as an owner and operator of a small ISP. We provide Internet services to both business and residential customers throughout the state of Connecticut.

One of the services that we provide is the ability to send and receive electronic mail, or "email." To better understand some of the issues at hand, it will be helpful to briefly explain how email works. When an email message leaves a sender's computer, it is broken up into unintelligible pieces of data called "packets."

Each packet knows where it came from and how to get where it's going because each packet contains the addresses of the sender and the recipient, just like an envelope. An Internet address is known as an "IP Address" and every computer connected to the Internet has a unique IP Address.

By using the Internet's version of a "road map," called Domain Name Service, the packets navigate the Net and ultimately arrive safely at the recipient's ISP. Upon arrival, the packets are reassembled by mail server software into a useful form and stored in the recipient's mailbox until the recipient retrieves it. Once retrieved, it is stored, if at all, on the recipient's computer.

The Internet has become nearly as common a communication tool as the telephone. It has been estimated that this year alone, over 6 trillion email messages will pass through mail servers in the United States.

The senders of those messages expect that their words, sounds and images will remain unread, unheard and unseen, until they are delivered to the intended recipient. In other words, they have an "expectation of privacy. "

One way to measure the legitimacy of an expectation of privacy is to determine whether a person has taken normal precautions to maintain that privacy. The fact that all Internet users need a password to retrieve their messages is evidence of even greater than normal precautions having been taken. Thus, Internet users truly expect and believe that their email is both private and secure.

In reality, email messages are no more and no less secure than U.S. Postal Mail. Electronic mail can be opened and read by an ISP in the same way that U.S. Postal Mail can be opened and read by a Postal Carrier. Of course, both professional ethics and Federal law prohibit these types of intrusions unless a valid court order permits it.

When such a court order is issued, law enforcement authorities may intercept a specific person's communications. The interception of private communications in the course of an investigation is proper only when there is sufficient probable cause and only if such interceptions are limited with respect to the specific person, place and evidence sought. Anything intercepted that is outside of the scope of the court order amounts to an illegal invasion of privacy.

The FBI's new eavesdropping tool, aptly named "Carnivore," is taking a large bite out of the privacy rights of each and every law-abiding citizen who communicates via the Internet. At this very moment, a government controlled computer, installed under court order at some ISP somewhere in this country is busy reviewing all communications passing through that ISP, including messages from and to you, the Members of Congress.

Nearly all of those communications are outside of the scope of whatever court order was issued. Nonetheless, those communications are being reviewed, if for no other reason, than to segregate them from the messages that are within the scope of the order.

The FBI claims that Carnivore has the "surgical" ability to intercept only those messages that are the subject of a lawful order while ignoring the rest. This is possible only if Carnivore can detect and then monitor only the IP Address assigned to the target during a particular online session.

To do this, Carnivore would have to continually monitor all logins to find the one login it is looking for. Intercepting all logins is the functional equivalent of intercepting the telephone number of every call initiated by every customer of a particular telephone carrier. I do not believe any court would permit such an extensive search with respect to a telephone carrier, nor should it be permitted with respect to an ISP.

To avoid operating outside the constraints of a court order, Carnivore may instead be connected to the only other point where all data passes, the exit point of the ISP. If this is the case, the only method Carnivore could possibly use to distinguish the target messages from all others is to check each message. In other words, the only way that Carnivore can "ignore" messages it is not permitted to view is to actually view those messages.

Of course, the secretive nature of the Carnivore system prevents me from explaining its deficiencies in precise terms. Exactly what Carnivore does remains a mystery. Therefore, many of my conclusions are based upon my knowledge of ISP operations and the FBI's claims as to what Carnivore can accomplish.

First and foremost, I believe Carnivore violates the privacy rights of every person using the services of an ISP to which it is attached. Since Carnivore intercepts all communications coming from or going to an ISP, including communications outside the scope of the court order, it amounts to an unwarranted intrusion upon privacy rights of non-targeted persons.

Reviewing all data to find some data is neither the most efficient nor the least intrusive method of electronic surveillance. This is especially true when all ISPs, including small ISPs like ICONN, can easily supply the FBI with all of the information it needs in a timely, accurate and efficient manner and, most importantly, without imposing upon the privacy rights of those who are not the subject of an investigation.

According to the FBI, Carnivore was designed and developed because ISPs are unable to discriminate between a particular person's messages and all others. In fact, any ISP can intercept any subscriber's incoming and outgoing email messages, to the exclusion of all others.

This can be done with as little as two lines of programming code. It requires no specialized computer system and it requires no special programming skills. It is truly a trivial task.

To confirm this statement, I asked my system engineer to create a program to intercept all of my communications. In less than an hour, all of the words I sent or received via email appeared on his computer in plain, legible text.

Moreover, an ISP can easily exclude all communications that are outside of the scope of the court order without ever looking at them because an ISP can and does detect each login as part of its internal operation. Using this method, only the messages of the target are intercepted and unwarranted intrusions are avoided altogether.

Carnivore also creates security "holes" in an ISP's network. It takes only six keystrokes to completely and permanently destroy a UNIX-based server. Thus, one of the most important capabilities of an ISP is its ability to prevent unauthorized access to its network.

ISPs employ a variety of hardware and software based security devices to prevent unauthorized access. Permitting a third-party's computer to be attached to an ISP's network, especially one that operates in total secrecy and is accessible from a remote location is simply unheard of.

Every computer operating system contains certain exploits or "holes" in its security features. A computer installed by the FBI is no less "hackable" than any other computer. Attaching Carnivore to an ISP's network provides hackers with a new potential point of entry, and one that that the ISP cannot lock.

Since the ISP has no access to Carnivore, it must rely upon the FBI's assurances that their computers are indeed secure. Unfortunately, such assurances are of little comfort when one considers the frequency of successful hacks into government computers. Hackers even successfully defaced the White House web site last May. If they can get into the White House, they can get into an ISP thru Carnivore.

Carnivore also negatively affects an ISP's performance. Carnivore operates by intercepting all of the data traversing an ISP's network. All of that data is examined and most is sent back out as non-target data. However, the examination process creates a "bottleneck" at the point of interception thereby degrading network performance. This is especially true with larger ISPs.

Any bottleneck, no matter how large, slows things down. As all of you know, the Net is often frustratingly slow as it is. Slowing it down even further for all of the ISP's customers does nothing to help in customer retention.

Of course, the law forbids the ISP from explaining the reason for the slowdown. If subscribers cancel their accounts due to poor network performance is the government prepared to reimburse the ISP for the loss?

Carnivore's use may also expose an ISP to liability under the Electronic Communications Privacy Act. The ECPA forbids an ISP from revealing certain information to the government in the absence of a valid court order. However, even when presented with a valid court order, an ISP may still be found liable if it believed the government's actions exceeded its authority and it did nothing to prevent it.

It is certainly arguable that the interception of all data on an ISP's network is excessive, and that the ISP should not have permitted it. An ISP should not be exposed to potential liability due to the secretive actions of the FBI.

Lastly, the use of Carnivore may have a "chilling effect" on constitutionally protected speech on the Internet. An Internet user may be less likely to send a particular message due to either its content or simply its destination. The perceived need to self-censor one's communications raises First Amendment questions.

The use of electronic surveillance is a proper and necessary tool for law enforcement. However, it should not be used in such a way as to intrude upon the privacy rights of the many, in order to catch the few. Electronic surveillance should only be used in a manner that avoids the detection of non-target communications. Carnivore does exactly the opposite.

If the ISP gathers the data in accordance with a court order, the FBI cannot view anything more than the ISP provides to it. If the FBI gathers the data, it is able to view everything. The former method protects privacy, while the latter invites abuse.

Since ISPs can provide the FBI with all of the information it needs and in a manner that preserves privacy rights, one must ask the question, why Carnivore? Why use the most intrusive means when the least intrusive means are readily available?

Members of the Subcommittee, I respectfully urge you consider the serious threat Carnivore poses to ISPs, Internet users and to the rights guaranteed by the Fourth Amendment to Constitution of the United States of America.

Once again I thank you for considering my views. I will be happy to answer any questions that you may have.

Peter William Sachs

President

ICONN, LLC

129 Church Street, Suite 508

New Haven, CT 06510

(203) 821-2575 ext. 11

psachs@iconn.net

In accordance with House Rule XI, clause 2(g)(4), I hereby certify that I have received no Government grants, contracts or subcontracts in this or in the two preceding fiscal years.