If you plan to spy on someone’s electronic activity, it helps to know with whom you’re dealing. Does the person use encryption or other kinds of digital security? Is he or she savvy enough to detect outside surveillance? What sorts of defenses would need to be penetrated?
The FBI has a special tool available for assessing these kinds of variables. A program called Blind Faith enables the bureau to understand the relative level of technological sophistication of a person of interest, and so to plan the surveillance approach likeliest to succeed without detection.
According to this section of the manual, Blind Faith is “an analytical program which provides a technical countermeasures profile for targets of investigative interest to the FBI.” The program allows the FBI to determine how likely it is that the target will “detect” or otherwise thwart “technical attacks.”
The FBI has been “hacking” into targets’ computers for many years. It recently did so in order to collect information about computers visiting a child porn website called Playpen. But the FBI almost never openly describes the methods involved, let alone discusses them in congressional hearings or other policy sessions. On December 1, thanks to a ruling by the Supreme Court, the FBI won the right to apply for warrants to hack computers that may lie outside the issuing judge’s district, as in cases where targets are hidden by anonymizing software like Tor. Several senators tried, unsuccessfully, to bring this change up for discussion and a vote.
The operations guide offers little detail on what exactly Blind Faith is — whether it’s an automated platform or involves human research into the target’s social network, online presence, or work history.
“Essentially the FBI knows that every time it deploys a sophisticated surveillance technique, there’s a chance it’ll get caught,” says Chris Soghoian, chief technologist at the American Civil Liberties Union. Some of the FBI’s investigative tools and technology cost hundreds of millions of dollars. Therefore, the bureau’s best interest lies in conducting a little research beforehand to make sure the tool will actually work.
Soghoian surmises that Blind Faith is “probably more like a flow chart rather than some sort of automated program: Is the target using encryption? Is the target a computer hacker? Is this organized crime?”