Re: Legal question

["Larry Fitzpatrick" <lef () acm org>]

I asked this question this week of Steven Chabinski (the chief legal advisor for the NIPC and assistant legal counsel 
for the FBI)
at a DC-ISOC meeting on privacy. I don't have perfect recall, so any errors are totally mine.  Here's what I heard him 
say:

There are three conditions that allow a person to peer into the content of network traffic. 1) the people who generate 
the traffic
have been notified that the traffic is being monitored, 2) a law enforcement organization has a court order to do a 
wire tap, 3) a
sysadmin is doing so to "protect his system".  It doesn't matter whether the traffic is intra-corporate or internet 
traffic. There
is clearly gray-ness in point 3.  Additionally, if the inspector sees that the content contains child pornography and 
the inspector
is an ISP, there is an obligation to report this to the FBI.

From: Crumrine, Gary L <CrumrineGL () state gov>

> After wearing out my fingers during a heated conversation with another
> colleague over legalities of certain actions, a question came up in my mind
> concerning sniffers and their usage.
>
> If a sniffer was placed on the outside of a given network, and was
> configured to sniff packets coming from that network only, does this
> constitute an illegal wire tap?  And do the same rules apply to data as they
> do voice?  In some cases it transits the same copper wire... ouch I am
> getting a headache..