E-Business
Issue No. 19 - October/November 2004
Who is watching
by David Twiss
Today many businesses routinely use the internet and the mobile phone to communicate with customers, suppliers, business partners and regulators. Communications technology has revolutionised the way we do business.
We use email for a range of purposes from marketing, purchasing, invoicing and payment reminders. Even quite sensitive matters such as contract negotiation and legal advice are routinely distributed by email.
After all, it's not as if email is easy to intercept;
is it?
In some countries, Internet Service Providers (ISPs) are required to provide access to all traffic for surveillance purposes. Finding this in China and Myanmar might be unsurprising, but how about the USA, the UK, New Zealand, and even here in Australia.
It's not surprising that police agencies intercept electronic communications in the course of a criminal investigation. It is relatively new however for untargeted electronic communications to be routinely intercepted and scanned; ostensibly looking for keywords that might indicate malicious, criminal or terrorist intent.
It's not that interception for security reasons is itself a business risk, rather that given how easy it is to conduct the intercept, and that it's being done all the time, it's not that hard for someone other than a security agency to intercept for commercial purposes.
It interesting to look briefly at just how far this routine surveillance has come in recent times. The FBI has several tools they use for electronic investigations. A tool called Carnivore can be physically located at an ISP to conduct targeted electronic intercepts. This is the internet version of taping a suspect's phone. The FBI also have a database called Cyber Night, used for matching various data gathered from email, internet chat rooms, instant messaging and telephone intercepts.
The FBI even have a suite of spyware keyloggers; loaded by stealth onto the PCs of suspects, and u...
