Future Tense

FBI Says the Sketchy Software It Uses in Investigations Isn’t Malware

When the FBI has a warrant, is its investigative software really malware?

Chip Somodevilla/Getty Images

The Federal Bureau of Investigation has been sneaking surreptitious code onto computers for years as part of its inquiries. This software is often referred to as “malware,” a portmanteau of “malicious” and “software,” because targets don’t know that they’ve downloaded the programs or that some part of their digital lives is being monitored. It seems like a pretty accurate descriptor, but in testimony last week the FBI objected to the characterization.

As Motherboard spotted, FBI Special Agent Daniel Alfin said Thursday that software used to identify thousands of anonymous users on the child porn site Playpen shouldn’t be labeled as malware. The comment came during court testimony for a case against one of the identified Playpen users. Alfin said that the “Network Investigative Technique” (NIT) used on Playpen “was court-authorized and made no changes to the security settings of the target computers to which it was deployed. As such, I do not believe it is appropriate to describe its operation as ‘malicious.’ “

Malware is a concept, not a codified industry standard, so there’s no official definition. The networking company Cisco describes malware as “code or software that is specifically designed to damage, disrupt, steal, or in general inflict some other ‘bad’ or illegitimate action on data, hosts, or networks.” Massachusetts Institute of Technology’s Information Systems and Technology Department describes it as “Any software that gets installed on your machine and performs unwanted tasks, often for some third party’s benefit.”

A clandestine FBI surveillance tool seems to squarely fit these definitions, though Alfin made it clear that the NIT didn’t cause damage or harm to anyone’s computers. The FBI may be getting sensitive about defending its digital investigation practices as situations like the Apple/FBI dispute call the agency’s methods into question. The bureau will have to work hard to soften the image of secret spy software, especially in the wake of Edward Snowden’s revelations about the National Security Administration. Whether or not it’s a fair comparison, Americans are bound to feel like they’ve seen where these things can go.