image

Bugs and Other Eavesdropping Devices

bar

Overview of the Threat

A bug is a device placed in an office, home, hotel room, or other area to monitor conversations (or other communications) and transmit them out of that area to a listening post. Other listening devices work from a distance to monitor communications within a room without actually having a microphone or transmitter in the room.

Thanks to an explosion of miniaturized technology, the tools for bugging and other forms of eavesdropping have never been cheaper, smaller, more powerful, or easier to come by. By one account, $888 million worth of eavesdropping devices are sold in the United States each year.1 A leading technical security countermeasures expert has said, "I can’t drive more than four blocks in any direction in midtown Manhattan without picking up an eavesdropping device."2

Spy paraphernalia now ranges from supersensitive microphones hidden in pens to video cameras that will fit behind a tie and take pictures through the tieclip. Bugging devices can be made to look like, and actually function as, fountain pens, clock radios, desk calculators, telephone jacks, and even teddy bears.3

The widespread availability of tools for covert surveillance represents a threat to national security information, law enforcement and other government operations, the confidentiality of business transactions, and to personal privacy.

The different types of eavesdropping paraphernalia and how they are used are discussed in Eavesdropping Methods. This does not discuss the various devices in detail – just enough to provide a realistic understanding of your vulnerabilities. The goal is to encourage you and help you to protect information by:

  • Being more careful to protect the physical security of your office and home to prevent others from gaining access to install eavesdropping devices.
  • Being more careful where you talk. Conversations can be bugged even in public areas such as airplanes, restaurants, hotel lobbies, and public parks.
  • Being more alert to evidence that your conversations may have been overheard. One company gradually lost its competitive advantage to the point that it went bankrupt. When the furniture was being moved out of the office, an active microphone was found behind a large credenza in the conference room. The company suspects the microphone may be at least partially responsible for its bankruptcy.

Recognizing this threat, Congress passed the Electronic Communication Privacy Act of 1986. This law makes it illegal for private citizens to own, manufacture, import, sell or advertise any eavesdropping device while "knowing or having reason to know that the design of such device renders it primarily useful for the purpose of the surreptitious interception of wire, oral, or electronic communications, and that such device or any component therefor has been or will be sent through the mail or transported in interstate or foreign commerce." The penalty for violation is a fine of up to $10,000 and/or prison for up to five years. According to the act, only law enforcement authorities are allowed to use these "bugs," and then only after obtaining a court order. In 1993, Federal agents raided "spy shops" in 24 cities to shut down the widespread illegal marketing of surveillance devices.

Despite the legal sanctions, sales of surveillance devices that may violate the law are open and widespread in the United States. Technical surveillance is a common espionage tool and a common source of competitive information in industry.

It is noteworthy that legal restrictions against technical surveillance have not been adopted by other countries with which we have close trading ties, so American companies engaged in international commerce are particularly vulnerable. Although industrial espionage is unlawful, the rewards for procuring intelligence regarding the strategic plans, resources, products, pricing, customers, personnel, or legal affairs of a competitor often prove substantially more persuasive than concern over the risk of being caught acquiring such information.

Related Topic: Who's Doing What to Whom?, and You Are the Target in the Risks During Foreign Travel module.

References
1. Granite Island Group web site, www.tscm.com/whatistscm.html, citing a report by the Department of State, Bureau of Intelligence and Research, March 1997.
2. Great Southern Security web site, www.greatsouthernsecurity.com.
3. Steve Casimiro, "The Spying Game Moves into the U.S. Workplace," Fortune, March 30, 1998, p. 152. Lynn Fischer, "Technical Security: What is It? And Why Do We Need to Know about It," Security Awareness Bulletin, No. 2-96. Department of Defense Security Institute, August 1996.

 

Next -->
SECURITY BRIEFING TABLE OF CONTENTS