Posted by Kaustuv M. Das

On Tuesday, Oct. 3, 2006, the Electronic Freedom Foundation’s FLAG project filed a Freedom of Information Act (FOIA) action Freedom of Information Act (FOIA) action, in the United States District Court for the District of Columbia, seeking release of information from the FBI on its DCS-3000 and Red Hook tools. DCS-3000 and Red Hook appear to be successors to the FBI’s less politically correctly named Carnivore program, which the agency began in 2000.

According to the DOJ’s Office of Inspector General’s (OIG) report entitled “The Implementation of the Communications Assistance of Law Enforcement Act” (the CALEA report), the FBI has spent nearly $10 million to develop DCS-3000. “The FBI developed the system as an interim solution to intercept personal communications services delivered via emerging digital technologies used by wireless carriers in advance of any CALEA solutions being deployed. Law enforcement continues to utilize this technology as carriers continue to introduce new features and services.” (CALEA report, Appendix VIII.) The CALEA report also discloses that “[t]he FBI has spent over $1.5 million to develop [the Red Hook] system to collect voice and data calls and then process and display the intercepted information in the absence of a CALEA solution.” Id.

The Electronic Freedom Foundation (EFF) filed an FOIA request with the FBI’s Record/Information Dissemination Section on Aug. 11, 2006. According to the complaint filed in the District Court for the District of Columbia, on Aug. 22, the FBI acknowledged receipt of the EFF’s FOIA request. Because the FBI had failed to release any information relating to DCS-3000 and Red Hook as of Oct. 3, the EFF filed this lawsuit, which has been assigned to Judge Colleen Kollar-Kotelly.

In 2000, Neil King Jr. and Ted Bridis reported on the FBI’s Carnivore program in an article entitled “FBI’s Wiretaps to Scan E-mail Spark Concern.” (The Wall Street Journal, July 11, 2000.) Their report sparked a great deal of public hue and cry that eventually led the FBI to scrap the Carnivore project. The agency reincarnated Carnivore as DCS-1000, and eventually shelved that program in favor of commercial solutions.

Now, through the DOJ-OIG audit of the implementation of CALEA, we have learned of the latest incarnations of Carnivore in the form of DCS-3000 and Red Hook. Six other “ad hoc solutions” developed by the FBI to address situations “[w]hen technologies are not covered by CALEA, or when a covered technology is not CALEA-compliant” were redacted from the CALEA report. So although the poorly named Carnivore program no longer exists, it is still with us in spirit.

In 2000, the House Judiciary Committee’s Subcommittee on the Constitution explored the use of the Carnivore surveillance program. At the time, Carnivore was a significant issue because it presented a new technology that had the potential to enable broad surveillance of Internet users, depending on the level of judicial oversight that governed its use under the Electronic Communications Privacy Act. One important aspect of that oversight is the extent to which use of the technology is documented and to which that information is made publicly available. Since 9/11 and passage of the Patriot Act, the government has had more latitude to use such technologies, which makes oversight even more important. While it is still unclear what the implications of Red Hook and DCS-3000 will be for both the telecom industry and private citizens alike, it is clear that this is a trend that telecommunications privacy officers will want to follow closely.