Feeds

Anti-terror bill may regulate Carnivore use

But other troubling provisions remain

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

Momentum is gathering on Capitol Hill for anti-terror legislation which will give the US government unprecedented freedom to conduct surveillance of suspects, including their comings and goings via the Internet; and yet the FBI's controversial packet sniffer, Carnivore, has been singled out for regulation.

Beyond that, the Senate's bill was essentially passed by the House, which disdained its own measure approved unanimously by the Judiciary Committee.

Confused? Anyone would be -- it's been a very busy couple of days on the Hill.

First, the Senate passed the USA Act with a vote of 96 to one late Thursday night. Senate Majority Leader Tom Daschle (Democrat, South Dakota) and sponsor Patrick Leahy (Democrat, Vermont) managed to shut down the Feingold amendments, which would have addressed several civil-liberties pitfalls, as we described briefly on Wednesday.

Leahy appears less than proud of his own work, and admits giving in to arm-twisting from the White House and DoJ. "Despite my misgivings, I have acquiesced in some of the administration's proposals because it is important to preserve national unity in this time of crisis and to move the legislative process forward," he explained.

The bill neatly bypassed review in the Senate Judiciary Committee and was brought straight to the floor, where it sailed through on angels' wings. Even those who had sought to delay passage in favor of debate voted for it, with a frustrated Russ Feingold (Democrat, Wisconsin) the lone exception.

Meanwhile, the House Judiciary Committee had produced a more balanced measure called the PATRIOT Act, which included a much-needed sunset clause, did not include provisions for secret searches, and refined some language which would have enabled the Feds to apply the label of 'terrorist' to virtually anyone they please for investigation with impunity.

But this worthy item never made it to the floor. House Speaker Dennis Hastert (Republican, Illinois) and other senior Republicans reckoned that differences between the Judiciary-approved House measure and the recently-passed Senate measure would tie the legislation up in conference committee for eternity. So they decided to chuck it, and brought to the floor a Senate-version clone instead.

Secret searches are back in, and the previous two-year sunset clause on surveillance freedom has been watered down to extend for up to five years at the pleasure of the President.

On-line pen register and trap-and-trace orders will be easier for authorities to obtain than the PATRIOT Act had intended, which means that Carnivore is going to get a lot more play in the near future; but a provision was added by US Representative Richard Armey (Republican, Texas) to make the mysterious black-box system more difficult for federal agents to abuse.

The new language requires records of "any officer or officers who installed the device and any officer or officers who accessed the device to obtain information from the network; the date and time the device was installed, the date and time the device was uninstalled, and the date, time, and duration of each time the device is accessed to obtain information; the configuration of the device at the time of its installation and any subsequent modification thereof; and any information which has been collected by the device."

A number of House Members complained that the new PATRIOT substitute was sprung on them at the last minute with no time for digestion and deliberation, but most voted for it nevertheless. It passed 337-79 late Friday, and will now go to conference committee, where it stands a fair chance of being reconciled with the Senate version in short order.

A great deal of behind-the-scenes effort has gone into ensuring that Members in both chambers would end up voting on language which they'd barely had a chance to read, much less digest and discuss. The excuses and cover-stories for this obvious tactical maneuvering inevitably refer to the need for 'national unity' and 'bipartisan cooperation' and 'swift action against evil-doers', but we're not buying that.

And you're not buying it either, are you? ®

Related Stories

Lone Senator thwarts Dubya's anti-terror excesses
Bush admin to make hacking a terrorist offence
Carnivore substitute keeps Feds honest

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.