July 18, 2007

FBI Spyware

I stumbled on this Wired article today. It discusses an FBI spyware program that apparently sneaks onto a users machine and reports various statistics to the FBI, and it was used to identify an "anonymous" MySpace user. What struck me about the article was the following remark:

such surveillance...can be conducted without a wiretap warrant, because internet users have no "reasonable expectation of privacy" in the data when using the internet.

It seems to me that the real issue in this case is not so much what data they gather, but where they gather it from. According to a reference to an older article that discusses the recent ruling that came to the above conclusion, the decision seems to be based upon a previous ruling that it was ok to gather call lists through phone companies because the information is essentially public to the phone companies. Thus, the ruling argued that ip addresses are essentially equivalent to phone numbers, and thus it is an equivalent case to a previous ruling. However, it seems to me that the key difference is not what is being gathered, but where it is gather from. In the supposedly equivalent case, the data was gathered external from the person being watched, whereas in the spyware case, the person's property is actually used against him.

Although I general think that law enforcement is held back in this country, this seems like one case in which the courts are actually allowing them to over step their bounds and violate the 4th amendment.

No comments: