We've all read about the process that revealed former CIA director David Petraeus' affair with Paula Broadwell: The FBI began looking at Jill Kelley's emails after she complained about receiving anonymous electronic threats (and possibly info about generals at U.S. Central Command headquarters). Investigators traced the threatening emails to Broadwell's IP address. Agents realized both Broadwell and Kelley had ties to the nation's top spy and got Broadwell to confess to being his lover. At that point, they searched her computer and email where they actually found Petraeus' messages in a Gmail account he shared with Broadwell, as well as classified documents.
But what exactly allows the FBI to look at all of a private U.S. citizen's electronic communications?
Basically, if a field agent believes that a crime -- harassment, for example-- might have been committed over email he or she will start by looking at the threatening messages and possibly more in the victim's email account. If it appears that there's more evidence to suggest a crime or the possibility of a crime in progress, the agent will seek a subpoena from a local judge allowing him to monitor the emails of the person sending the electronic threats.
"If they can say with some confidence that it's a potential crime, they can probably do some preliminary work on their own without too much difficulty," Stewart Baker, an attorney who specializes in telecommunications law at Steptoe and Johnson, told Killer Apps.
"In order to get access to the account information, what I would do if I were investigating this is, I would start by saying, I don't need to read this person's emails, I just need to know who's logging onto this account, what IP address they have, look for other information about that IP address and what other email addresses is this IP address logging onto -- so that you can start to see a pattern. They can do that without reading any of Paula Broadwell's emails," said Baker, who also served as assistant secretary of homeland security for policy.
Once agents figure out who their suspect is -- Broadwell in the Petraeus affair -- they will want to actually read the emails being sent by the suspect; for that they would likely need a search warrant. That warrant to search through the contents of the emails could be issued by a magistrate or, possibly by a Foreign Intelligence Surveillance Act court, according to Baker.
"To read the most recent emails, they would [potentially] need to get a search warrant; which means there should be a search warrant justification somewhere, signed by a judge, saying there's probably cause to believe there's evidence of a crime -- presumably the same crime as before, harassment and threats," said Baker. "It's not hard to get probable cause if you can show that the IP address that was logging on to the account that sent the harassing emails is the same IP address that used the other account [between say Petraeus and Broadwell] so you ought to be able to access the other account so you can read the mail and you're there."
The risk that someone could have used Petraeus' affair with Broadwell to try to blackmail him into giving up secrets provides further justification for digging around in Broadwell's email -- as does the fact that investigators found classified information on her computer (that did not come from Petraeus) and they had to find out where those documents came from.
John Reed reports on the frontiers of cyber war and the latest in military technology for Killer Apps.