Sunday, November 18, 2012 by: J. D. Heyes
Now, the mainstream media has proven us correct.
“The U.S. government — and likely your own government, for that matter — is either watching your online activity every minute of the day through automated methods and non-human eavesdropping techniques, or has the ability to dip in as and when it deems necessary — sometimes with a warrant, sometimes without,” ZDNet reported earlier this month. “That tin-foil hat really isn’t going to help. Take it off, you look silly.”
The Petraeus case
Where’s the proof that the government has this capability?
You might recall a fellow by the name of (retired) Gen. David Petraeus. He’s been in the news lately.
This four-star general-turned-CIA chief just resigned his post after news broke that he had engaged in an extra-marital affair with is biographer, herself a West Point graduate and former Army officer.
What led to this shocking discovery was Petraeus’ use, of all things, Google’s online email service, Gmail.
According to federal law, mind you, authorities are not legally permitted to electronically snoop around in your email box.
“The government can’t just wander through your emails just because they’d like to know what you’re thinking or doing,” Stewart Baker, a former assistant secretary at the Homeland Security Department who’s now in private law practice, told The Associated Press. “But if the government is investigating a crime, it has a lot of authority to review people’s emails.”
Or, in the case of the CIA, if the agency wants to track a suspect ostensibly for “national security” purposes. Ditto the NSA.
The wrangling of Petraeus’ email account has certainly landed him in a world of trouble, but his story has also, once again, ignited a new the debate over when, how and why governments and law enforcement agencies alike are able to access the email accounts of ordinary citizens – even if they head up the most powerful spy agency in the world.
Granted, experts say “the little people” needn’t worry much about having their online presence tracked. Agencies like the CIA generally tend to have bigger fish to fry, so to speak. But nevertheless, the technology to pilfer email accounts at will obviously exists.
“Forget ECHELON, or signals intelligence, or the interception of communications by black boxes installed covertly in data centers,” writes Zack Whittaker for ZDNet. “Intelligence agencies and law enforcement bodies can access – thanks to the shift towards Web-based email services in the cloud – but it’s not as exciting or as Jack Bauer-esque as one may think or hope for.”
(Editor’s Note: ECHELON, for those who are unfamiliar with it, is the name of “a global Communications Interception (COMINT) system created by the United States, the United Kingdom, Canada, Australia and New Zealand to routinely and indiscriminately monitor and record all forms of electronic communications worldwide (both military and civilian) and overseen by the National Security Agency,” according to one published description of the program.)
How the top CIA official got busted
When he set up his private Gmail account, Petraeus used a pseudonym and composed email messages but never sent them. They were instead saved as drafts. His lover, Paula Broadwell, would then log in under the same account, read the drafts then reply to them in the same manner – as a draft, without actually sending the message.
The exchanges would not be sent across the networks through Google’s data centers, which would make it nearly impossible for the NSA or any other ELINT (electronic intelligence) agency (like Britain’s GCHQ or the Israeli Mossad) to “read” the messages while they are in transit between accounts.
Other sinister operators – terrorists, pedophiles and the like – have been known to use the same trick to avoid detection, ZDNet reported.
“But surely IP addresses are logged and noted? When emails are sent and received, yes. But the emails were saved in draft and therefore were not sent. However, Google may still have a record of the IP addresses of those who logged into the account,” the report said.
In the end, the FBI used a little-know law called the Stored Communications Act, which is part of the Electronic Communications Privacy Act, as the basis for getting a warrant to view Petraeus’ private Gmail account. And that’s how agents found the stored messages that were never actually sent.
“Once it knew Ms. Broadwell was the sender of the threatening messages, the FBI got a warrant that gave it covert access to the anonymous email account,” the BBC’s Mark Ward reported.