1993-09-27 - Wiretap Article (1 of 2)

Header Data

From: ssteele@eff.org (Shari Steele)
To: mnemonic@eff.org (Michael Godwin)
Message Hash: af7548d3d7cdc23ff074e045dfe8b73cf470341398c688e2865c4df734d3c731
Message ID: <199309271634.AA01886@eff.org>
Reply To: N/A
UTC Datetime: 1993-09-27 16:36:15 UTC
Raw Date: Mon, 27 Sep 93 09:36:15 PDT

Raw message

From: ssteele@eff.org (Shari Steele)
Date: Mon, 27 Sep 93 09:36:15 PDT
To: mnemonic@eff.org (Michael Godwin)
Subject: Wiretap Article (1 of 2)
Message-ID: <199309271634.AA01886@eff.org>
MIME-Version: 1.0
Content-Type: text/plain


Here it is.

>Date: Fri, 24 Sep 1993 16:31:55 -0400 (EDT)
>From: denning@cs.georgetown.edu (Dorothy Denning)
>Subject: Wiretap Article
>To: ssteele@eff.org
>Cc: denning@guvax.acc.georgetown.edu
>Errors-To: Postmaster@cs.georgetown.edu
>Content-Transfer-Encoding: 7BIT
>
>Shari,
>
>The following article on wiretap laws and procedures was written in
>response to the many questions and misunderstandings that have arisen
>in the context of escrowed encryption as well as Digital Telephony.  I
>would appreciate it if you would send it out through the eff-news
>mailing list and archive it in your database of papers.
>
>Thanks,
>Dorothy
>-------
>
>                        WIRETAP LAWS AND PROCEDURES
>             WHAT HAPPENS WHEN THE U.S. GOVERNMENT TAPS A LINE
>
>
>                   Donald P. Delaney, Senior Investigator
>                           New York State Police
>
>                  Dorothy E. Denning, Professor and Chair
>             Computer Science Department, Georgetown University
>
>                      John Kaye, County Prosecutor
>                      Monmouth County, New Jersey
>
>        Alan R. McDonald, Special Assistant to the Assistant Director
>        Technical Services Division, Federal Bureau of Investigation 
>
>
>                           September 23, 1993
>                                     
>
>
>1.  Introduction
>
>Although wiretaps are generally illegal in the United States, the
>federal government and the governments of thirty seven states have been
>authorized through federal and state legislation to intercept wire and
>electronic communications under certain stringent rules which include
>obtaining a court order.  These rules have been designed to ensure the
>protection of individual privacy and Fourth Amendment rights, while
>permitting the use of wiretaps for investigations of serious criminal
>activity and for foreign intelligence.
>
>This article describes the legal requirements for government
>interceptions of wire and electronic communications and some of the
>additional procedures and practices followed by federal and state
>agencies.  The legal requirements are rooted in two pieces of federal
>legislation: the Omnibus Crime Control and Safe Streets Act (Title III
>of the Act (hereafter "Title III")), passed in 1968, and the Foreign
>Intelligence Surveillance Act (FISA), passed in 1978.  Title III
>established the basic law for federal and state law enforcement
>interceptions performed for the purpose of criminal investigations,
>while FISA established the law for federal-level interceptions
>performed for intelligence and counterintelligence operations.  We will
>first describe Title III interceptions and then describe FISA
>interceptions.
>
>
>2.  Title III Interceptions
>
>Title III, as amended (particularly by the Electronic Communications
>Privacy Act of 1986), is codified at Title 18 USC, Sections 2510-2521.
>These statutes provide privacy protection for and govern the
>interception of oral, wire, and electronic communications.  Title III
>covers all telephone communications regardless of the medium, except
>that it does not cover the radio portion of a cordless telephone
>communication that is transmitted between the handset and base unit.
>The law authorizes the interception of oral, wire, and electronic
>communications by investigative and law enforcement officers conducting
>criminal investigations pertaining to serious criminal offenses, i.e.,
>felonies, following the issuance of a court order by a judge.  The
>Title III law authorizes the interception of particular criminal
>communications related to particular criminal offenses.  In short, it
>authorizes the acquisition of evidence of crime.  It does not authorize
>noncriminal intelligence gathering, nor does it authorize interceptions
>related to social or political views.
>
>Thirty seven states have statutes permitting interceptions by state and
>local law enforcement officers for certain types of criminal
>investigations.  All of the state statutes are based upon Title III
>from which they are derivative.  These statutes must be at least as
>restrictive as Title III, and in fact most are more restrictive in
>their requirements.  In describing the legal requirements, we will
>focus on those of Title III since they define the baseline for all
>wiretaps performed by federal, state, and local law enforcement
>agencies.
>
>In recent years, state statutes have been modified to keep pace with
>rapid technological advances in telecommunications.  For example, New
>Jersey amended its electronic surveillance statute in 1993 to include
>cellular telephones, cordless telephones, digital display beepers, fax
>transmissions, computer-to-computer communications, and traces obtained
>through "caller-ID".
>
>Wiretaps are limited to the crimes specified in Title III and state
>statutes.  In New Jersey, the list includes murder, kidnapping,
>gambling, robbery, bribery, aggravated assault, wrongful credit
>practices, terrorist threats, arson, burglary, felony thefts, escape,
>forgery, narcotics trafficking, firearms trafficking, racketeering, and
>organized crime.
>
>Most wiretaps are large undertakings, requiring a substantial use of
>resources.  In 1992, the average cost of installing intercept devices
>and monitoring communications was $46,492.  Despite budget constraints
>and personnel shortages, law enforcement conducts wiretaps as
>necessary, but obviously, because of staffing and costs, judiciously.
>  
>2.1  Application for a Court Order
>
>All government wiretaps require a court order based upon a detailed
>showing of probable cause.  To obtain a court order, a three-step
>process is involved.  First, the law enforcement officer responsible
>for the investigation must draw up a detailed affidavit showing that
>there is probable cause to believe that the target telephone is being
>used to facilitate a specific, serious, indictable crime.
>
>Second, an attorney for the federal, state, or local government must
>work with the law enforcement officer to prepare an application for a
>court order, based upon the officer's affidavit.  At the federal level,
>the application must be approved by the Attorney General, Deputy
>Attorney General, Associate Attorney General, any Assistant Attorney
>General, any acting Assistant Attorney General, or any Deputy Assistant
>Attorney General in the Criminal Division designated by the Attorney
>General.  At the state and local level, the application must be made
>and approved by the principal prosecuting attorney of the state (State
>Attorney General) or political subdivision thereof (District Attorney
>or County Prosecutor).  The attorney must be authorized by a statute of
>that state to make such applications.
>
>Third, the attorney must present the approved application ex parte
>(without an adversary hearing) to a federal or state judge who is
>authorized to issue a court order for electronic surveillance.  A state
>or local police officer or federal law enforcement agent cannot make an
>application for a court order directly to a judge.
>
>Typically, a court order is requested after a lengthy investigation and
>the use of a "Dialed Number Recorder" (DNR).  The DNR is used to track
>the outgoing calls from the suspect's phone in order to demonstrate
>that the suspect is communicating with known criminals.
>
>Title III requires that an application for a court order specify:
>
>   (a) the investigative or law enforcement officer making the
>       application and the high-level government attorney authorizing
>       the application;
>
>   (b) the facts and circumstances of the case justifying the
>       application, including details of the particular offense under
>       investigation, the identity of the person committing it, the
>       type of communications sought, and the nature and location of
>       the communication facilities;
>
>   (c) whether or not other investigative procedures have been tried
>       and failed or why they would likely fail or be too dangerous;
>   
>   (d) the period of time for the interception (at most 30 days -
>       extensions may be permitted upon reapplication);
>
>   (e) the facts concerning all previous applications involving any of
>       the same persons or facilities;
>
>   (f) where the application is for the extension of an order, the
>       results thus far obtained from the interception.
>
>The process of making an application for a court order is further
>restricted by internal procedures adopted by law enforcement agencies
>to ensure that wiretaps conform to the laws and are used only when
>justified.  The following describes the process for the FBI and the New
>York State Police.
>
>2.1.1  FBI Applications
>
>In order for an FBI agent to conduct an interception, the agent must
>follow procedures that go well beyond the legal requirements imposed by
>Title III and which involve extensive internal review.  In preparing
>the affidavit, the FBI agent in the field works with the field office
>principal legal advisor and also with an attorney in the local U.S.
>Attorney's Office, revising the documentation to take into account
>their comments and suggestions.  After the documents are approved by
>field office management, they are submitted to the Department of
>Justice's Office of Enforcement Operations (OEO) in the Criminal
>Division and to the FBI Headquarters (HQ).  At FBI HQ, the documents go
>to the Legal Counsel Division (LCD) and the Criminal Investigative
>Division (CID).  Within the CID, they are sent to the program manager
>of the criminal program unit relating to the type of violation under
>investigation, e.g., organized crime.  The program manager determines
>whether the subjects of the proposed interception are worthy targets of
>investigation and whether the interception is worth doing.  Attorneys
>in the FBI's LCD and the DOJ's OEO further refine the documents.
>
>After the documents are approved by the DOJ's OEO and by FBI HQ, they
>are referred to the Deputy Assistant Attorney General (or above), who
>reviews the documents and signs off on them.  At this point, the DOJ
>authorizes the local U.S. Attorney's Office to file the final version
>of the documents (application, affidavit, court order, and service
>provider order) in court.  The U.S. Attorney's Office then submits the
>documents and the DOJ authorization to a federal judge.  The entire
>process can take as long as a month.
>
>The following summarizes the people and organizations involved in the
>preparation or approval of the application and the issuance of a court
>order:
>
>   1.  FBI agent
>   2.  FBI field office attorney (principal legal advisor)
>   3.  FBI field office management
>   4.  Attorney in local U.S. Attorney's office
>   5.  DOJ Office of Enforcement Operations (OEO)
>   6.  FBI HQ Legal Counsel Division (LCD)
>   7.  FBI HQ Criminal Investigative Division (CID)
>   8.  DOJ Deputy Assistant Attorney General (or higher)
>   9.  Federal District Court judge
>
>
>2.1.2  New York State Police Applications
>
>Within the New York State Police, electronic surveillance is conducted
>by Senior Investigators in the Bureau of Criminal Investigation (BCI).  
>In preparing an affidavit, the investigator works with the District
>Attorney's Office (or, in the case of a federal investigation, the U.S.
>Attorney's office) and with the BCI Captain of the investigator's
>troop.  (Wiretap applications can be made and approved by the State
>Attorney General, but this is unusual.)  The Captain assesses whether
>review by Division Headquarters is necessary and confers with the
>Assistant Deputy Superintendent (ADS) or Headquarters Captain for final
>determination.  If Headquarters review is deemed necessary, then all
>documentation is sent to the ADS along with a memorandum, endorsed by
>the Troop Unit Supervisor and the Troop or Detail Commander, requesting
>approval.  If Headquarters review is deemed unnecessary, then the memo
>is sent without the documentation.  Once the ADS and District Attorney
>(DA) approve the application, the DA submits the application to a judge
>who grants or denies the court order.
>
>2.2  Issuance of a Court Order
>
>Not all judges have the authority to grant court orders for wiretaps.
>In New Jersey, for example, only eight judges are designated as
>"wiretap judges" for the entire state.  These judges are given special
>training to be sensitive to personal rights of privacy and to recognize
>the importance of telephone intercepts for law enforcement.
>
>Before a judge can approve an application for electronic surveillance
>and issue a court order, the judge must determine that:
>
>   (a) there is probable cause for belief that an individual is
>       committing, has committed, or is about to commit an offense
>       covered by the law;
>
>   (b) there is probable cause for belief that particular
>       communications concerning that offense will be obtained through
>       such interception;
>
>   (c) normal investigative procedures have been tried and have failed
>       or reasonably appear unlikely to succeed or to be too dangerous;
>
>   (d) there is probable cause for belief that the facilities from
>       which, or the place where the communications are to be
>       intercepted are being used, or are about to be used, in
>       connection with the commission of such offense, or are leased
>       to, listed in the name of, or commonly used by such person.
>
>In addition to showing probable cause, one of the main criterion for
>determining whether a court order should be issued is whether normal
>investigative techniques have been or are likely to be unsuccessful
>(criterion (c) above).  Electronic surveillance is a tool of last
>resort and cannot be used if other methods of investigation could
>reasonably be used instead.  Such normal investigative methods usually
>include visual surveillance, interviewing subjects, the use of
>informers, telephone record analysis, and DNRs.  However, these
>techniques often have limited impact on an investigation.  Continuous
>surveillance by police can create suspicion and therefore be hazardous;
>further, it cannot disclose the contents of telephone conversations.
>Questioning identified suspects or executing search warrants at their
>residence can substantially jeopardize an investigation before the full
>scope of the operation is revealed, and information can be lost through
>interpretation.  Informants are useful and sought out by police, but
>the information they provide does not always reveal all of the players
>or the extent of an operation, and great care must be taken to ensure
>that the informants are protected.  Moreover, because informants are
>often criminals themselves, they may not be believed in court.
>Telephone record analysis and DNRs are helpful, but do not reveal the
>contents of conversations or the identities of parties.  Other methods
>of investigation that may be tried include undercover operations and
>stings.  But while effective in some cases, undercover operations are
>difficult and dangerous, and stings do not always work. 
>
>If the judge approves the application, then a court order is issued
>specifying the relevant information given in the application, namely,
>the identity of the person (if known) whose communications are to be
>intercepted, the nature and location of the communication facilities,
>the type of communication to be intercepted and the offense to which it
>relates, the agency authorized to perform the interception and the
>person authorizing the application, and the period of time during which
>such interception is authorized.  A court order may also require that
>interim status reports be made to the issuing judge while the wiretap
>is in progress.
>
>2.3  Emergencies
>
>In an emergency situation where there is immediate danger of death or
>serious physical injury to any person, or conspiratorial activities
>threatening national security or characteristic of organized crime,
>Title III permits any investigative or law enforcement officer
>specially designated by the Attorney General, the Deputy Attorney
>General, or the Associate Attorney General, or by the principal
>prosecuting attorney of any state or subdivision thereof, to intercept
>communications provided an application for a court order is made within
>48 hours.  In the event a court order is not issued, the contents of
>any intercepted communication is treated as having been obtained in
>violation of Title III.
>
>In New York State, even an emergency situation requires a court order
>from a judge.  However, the judge may grant a temporary court order
>based on an oral application from the District Attorney.  The oral
>communication must be recorded and transcribed, and must be followed by
>a written application within 24 hours.  The duration of a temporary
>warrant cannot exceed 24 hours and cannot be renewed except through a
>written application.
>
>2.4  Execution of a Court Order 
>
>2.4.1  Installation of a Wiretap
>
>To execute a court order for a wiretap, the investigative or law
>enforcement officer takes the court order or emergency provision to the
>communications service provider.  Normally, the service provider is the
>local exchange carrier.  When served with a court order, the service
>provider (or landlord, custodian, or other person named) is mandated
>under Title III to assist in the execution of the interception by
>providing all necessary information, facilities, and technical
>assistance.  The service provider is compensated for reasonable
>expenses incurred.  In light of rapid technological developments
>including cellular telephones and integrated computer networks, the New
>Jersey statute also requires the service provider to give technical
>assistance and equipment to fulfill the court order.  This requirement
>has not yet been tested in court.
>
>Normally, the government leases a line from the service provider and
>the intercepted communications are transmitted to a remote government
>monitoring facility over that line.  In many cases, the bridging
>connection is made within the service provider's central office
>facility.  Alternatively, a law enforcement agency may request the
>service provider to give the "pairs and appearances" (a place to
>connect to the suspect's line) in the "local loop" for the suspect's
>phone.  A law enforcement technician then makes the connection.
>
>When a suspect's telephone is subject to change (e.g., because the
>person is attempting to evade or thwart interception), then a "roving"
>wiretap, which suspends the specification of the telephone, may be
>used.  In this case, prior to intercepting communications, the officer
>must use some other method of surveillance in order to determine the
>exact location and/or telephone number of the facility being used.
>Once determined, the location or telephone number is given to the
>service provider for coordination and prompt assistance.  The officer
>may not intercept communications randomly in order to track a person
>(random or mass surveillance is not permitted under any
>circumstances).
>
>2.4.2  Minimization
>
>Once any electronic surveillance begins, the law enforcement officer
>must "minimize" -- that is, attempt to limit the interception of
>communications to the specified offenses in the court order.  Prior to
>the surveillance, a federal or state attorney holds a "minimization
>meeting" with the investigators who will be participating in the case
>to ensure that the rules are followed.
>
>Minimization is normally accomplished by turning off the intercept and
>then performing a spot check every few minutes to determine if the
>conversation has turned to the subject of the court order.  This avoids
>picking up family gossip.  Special problems may arise where criminals
>communicate in codes that are designed to conceal criminal activity in
>what sounds like mundane household discussion.  If an intercepted
>communication is in a code or foreign language, and if someone is not
>reasonably available to interpret the code or foreign language, then
>the conversation can be recorded and minimization deferred until an
>expert in that code or language is available to interpret the
>communication.  Should a wiretap fail to meet the minimization
>parameters, all of the evidence obtained from the wiretap could be
>inadmissible.
>
>2.4.3  Recording
>
>All intercepted communications are to be recorded when possible.  As a
>practical mater, law enforcement officers make working copies of the
>original tapes.  In many instances at the state and local level, the
>originals are delivered to the prosecutor's office and maintained in
>the prosecutor's custody.  The copies are screened by the case officer
>for pertinent conversations (e.g., "I'll deliver the dope at 8:00
>pm.").  A compilation of the relevant conversations, together with the
>corroboratory surveillances often provides the probable cause for
>search warrants and/or arrest warrants.
>
>2.4.4  Termination of Electronic Surveillance
>
>Electronic surveillance must terminate upon attainment of the
>objectives, or in any event within 30 days. To continue an interception
>beyond 30 days, the officer, through a government attorney, must apply
>for and be granted an extension based upon a new application and court
>order.
>
>When the period of a court order, or extension thereof, expires, the
>original tapes must be made available to the issuing judge and sealed
>under court supervision.  The tapes must be maintained in such fashion
>for 10 years.
>
>2.5  Notification and Use of Intercepted Communications as Evidence
>
>Upon termination of an interception, the judge who issued the court
>order must notify the persons named in the order that the interception
>took place.  Normally, this must be done within 90 days, but it may be
>postponed upon showing of good cause.  If the judge determines that it
>would be in the interest of justice to make portions of the intercepted
>communications available to the subjects, the judge may do so.
>
>The contents of the communications may not be used as evidence in any
>trial or hearing unless each party has received a copy of the
>application and court order at least 10 days in advance of the trial,
>and has been given the opportunity to move to suppress the evidence.  A
>motion to suppress the evidence may be made on the grounds that it was
>not obtained in complete conformance with the laws.
>
>2.6  Reports
>
>Within 30 days after the expiration or denial of a court order, Title
>III requires that the judge provide information about the order to the
>Administrative Office of the United States Courts (AO). Each year the
>Attorney General (or a designated Assistant Attorney General) must
>report, on behalf of the federal government, to the AO a summary of all
>orders and interceptions for the year; reports for state and local
>jurisdictions are made by the principal prosecuting attorney of the
>jurisdiction.  The AO then integrates these summaries into an annual
>report: "Report on Applications for Orders Authorizing or Approving the
>Interception of Wire, Oral, or Electronic Communications (Wiretap
>Report)" covering all federal and state electronic surveillance,
>including wiretaps.  The 1992 report is about 200 pages and includes
>information about each interception authorized in 1992, update
>information for interceptions authorized in 1982-1991, and summary
>statistics.  The summary statistics include the following data (numbers
>in parenthesis are the 1992 figures):
>
>   (1) number of interceptions authorized (919), denied (0), and
>       installed (846)
>
>   (2) average duration (in days) of original authorization (28) and
>       extensions (30)
>
>   (3) the place/facility where authorized (303 single family dwelling,
>       135 apartment, 3 multi-dwelling, 119 business, 4 roving, 66
>
>






Thread