Chapter 2: Spying Basics – Cyber Spying Tracking Your Family's (Sometimes) Secret Online Lives

Chapter 2

Spying Basics

“Trust, but verify” — President Ronald Reagan


Imagine two separate scenarios. In the first scenario, you order a drink at a coffee shop. The barista politely takes your order and sets your change down next to the “tips” jar. She then heads to the backroom for another bag of espresso beans. There is no one else in the store, and you are all alone. Do you take all of the change or leave some for a tip?

Now imagine that you are waiting in line behind two of your coworkers, both of whom put all of their change into the “tips” jar following their order. They have received their coffees and are now watching you as you collect your change.

Look at Figure 2.1. Would you be more inclined to leave all of your change now that the others are watching you? Would it make a difference if those watching have left their change? Would it make a difference if those watching are colleagues as opposed to strangers? What if it is your boss versus your peer?

Figure 2.1 Public “Tip Jars” Provoke a Social Pressure to Give Money When Others Are Observing You

For some, this is deemed an intimidation tactic. Experiments have shown that when people think they are being observed, their behavior changes based on who is observing them. Michael Lynn, an associate professor of consumer behavior at Cornell University’s School of Hotel Administration, has researched this topic extensively over the past 20 years. He suggests that people tip primarily to avoid social disapproval. His research found that the amount of the tip had very little to do with the quality of the service. In particular, he estimates that quality attributes to roughly only four percent of the variance.

Take a restaurant, for example. Have you ever thought about the pressure to leave a “customary” 15 to 20 percent tip? Whom do you generally leave the tip for? In most cases, it is the waiter or waitress with whom you interacted the most. What about the chef who prepared your meal? You never saw him, so perhaps you did not feel social pressure to leave a tip. Tips are left for people to whom you feel a “connection.” Many experiments show that waiters and waitresses who write simple things such as “have a nice day,” or draw a smiley face on the bill receive larger tips. The server does something nice for the customer, and the customer reciprocates.

What does this have to do with spying on your family? A great deal, when your intent is to modify their behavior by spying, rather than just catch them “in the act.” In particular, this chapter explores the social pressure from a lack of privacy and ties psychological aspects such as this into the activity of spying. In addition, this chapter outlines the goals of spying, explores the use of active surveillance as a deterrent, investigates some of the emotional effects of spying, and touches on the legality of monitoring others. The moral of this story is that spying is a powerful technique that can be used to gather information on those that have done wrong. At the same time, it is a dangerous weapon that should only be used as a last resort. Honesty, trust, and communication are relationship builders; spying is based on deception, cynicism, and secrecy. Take this into account before you pursue any act of surveillance.

Goals of Spying

Historically, the goal of spying has been to collect information from targets without their knowledge. This information is useful in that the target doesn’t think you have it, and doesn’t realize when you do have it. It is the closest you can come to reading someone’s mind. For the purpose of this book, we extend our definition of spying to include all types of monitoring. In addition to information collection, spying can be used as a technique for monitoring and modifying people’s behavior. The primary goal of spying is to improve your position in a situation either by controlling behavior or using the information to give yourself an unexpected advantage.

Information collection plays a part in every multiparty interaction. When two groups come together there are primarily three levels of information exchange: active and inactive (both overt) and covert. Active information is any information that you receive via request from another party. This information is always voluntarily given. Inactive information is the information actively gleaned from nonvoluntary factors such as facial expression, mannerisms, tone of voice, and other relatively apparent clues. Although this information is not voluntarily given, it is not concealed either, and it is apparent for all those who would collect it. Finally, covert information is the information you glean by other methods consisting of those activities traditionally associated with spying. Information collected by covert methods may not be obvious and is definitely not voluntarily given by the monitored party. Covert information plays a critical part in obtaining the big picture of any interaction. Without it, you have only what you observed or inferred from the interaction. Covert information gives you what is unseen and in many cases helps round out the big picture. Voluntary, involuntary, and covert information round out the information puzzle.

Imagine that you are quizzing your spouse about a former love. What your spouse offers to tell you in response to your questions is one part of the information puzzle, the overt and active information. You now have the information that your spouse is willing to disclose on the subject. When talking with your spouse, you also pay attention to facial expressions and tone of voice. This offers another piece of the puzzle. Your spouse’s nonverbal clues—i.e., smiling or frowning or appearing happy or sad—are involuntary factors that round out what you overtly know. If you search your spouse’s diary for entries about the former love, you are covertly collecting information. This action may give you a completely different view of the topic. Now you have access to information that your spouse feels is secret and not being observed. In many cases, this is the most truthful version of the story. The overt and covert information all combine to flesh out the big picture.

Notes from the Underground …

Spy Terminology

 Canary Trap A technique in which artificial or incorrect information is deliberately fed out to help determine the source of an information leak.

 Cipher A type of simple encryption in which letters or numbers are substituted for each other to secretly hide a message.

 Concealment Device A device used to hide objects such as surveillance equipment or secret messages.

 Covert A method of doing something secretly.

 Legend A cover story used to explain a situation if caught.

 Listening Post (LP) The place where covertly collected information is sent. This comes from the world of audio surveillance devices. Most of these bugs send their recorded audio back to a literal listening post. In most of the cases discussed here, the listening post and spying device are the PC.

 Mark The target of an effort (usually the person spied upon).

 Overt A method of doing something openly.

Behavior modification can be another result of the spying process and is usually achieved by revealing a capability to monitor activity. The resulting effect can be a deterrent, such as the case of police cameras in public areas. It can also be used to complicate a subject’s activities. If concerned about being monitored, people being spied on may adapt additional behaviors as the knowledge of being monitored drives them to a new level of caution. The additional complexity of trying to avoid monitoring techniques may drive them away or complicate the process they were originally embarking on. In these cases it is not the actual covert collection of information, but the overt knowledge that someone may have the capability to watch them that can be played upon to modify bad behavior.

When the two end goals of spying are carefully executed, they can be used to place people in a much stronger position than they would be without spying. They now have new information, or have modified the behavior of their target in such a way that a sense of control has been established. Being able to obtain covert information or to modify behavior puts one in a position of enormous advantage.

Can You Believe It?

Social Spotlight Effect

Do you think everyone notices you when you accidentally stumble while walking over a break in a sidewalk? Probably only a few people would notice you; people appreciably overestimate how much they are in the spotlight. A group of psychologists at Cornell University conducted a series of experiments to demonstrate this point and to identify the magnitude of these discrepancies.

In one case, researchers asked skiers to estimate how many people on the ski lifts watched them as they skied. These skiers exaggerated the percentages of those on the lifts who were watching them. Similarly, researchers conducted an experiment with a student sitting alone at a table in a busy college cafeteria. The student felt self-conscious about having many people observing his social isolation, yet few even noticed him.

As Thomas Gilovich, a leading researcher in this field, said, “Nobody has gone broke or lost an election by underestimating that people believe social acts have consequences. Everything we’ve done suggests that fear of social shunning may keep some people, and even some politicians, from taking certain stands that they are afraid will result in people shunning them.”

Researchers also studied how critical observers can be of mistakes. They found that observers were more likely to pass harsh criticism when they couldn’t apply the individual’s perspective to themselves. However, if the observer and the individual made the same mistake, they were less critical.

An interesting example of this occurred in November 1999, when presidential candidate George W. Bush was given a pop quiz on foreign policy during a television interview. He was asked to name the political leaders of Chechnya, India, Pakistan, and Taiwan. Bush answered only one of the four correctly. Numerous political surveys and psychological experiments followed that supported the theory that Bush’s poor performance had little effect on the opinion of viewers who also did not know the answers. Only those who were knowledgeable of the correct answers tended to criticize his mistakes.

Will this knowledge change our behavior? Kenneth Savitsky, one of the leaders in these experiments, remarked, “I’m a researcher in this area, and I’m often afraid to go outside if I feel that my jacket doesn’t look right or that my pants aren’t pressed properly.” He was probably joking, but even if people are aware of their hypersensitivity, it is still difficult for them to adjust their behavior.

Psychology of Spying

As the old saying goes, “Monkey see, monkey do.” The change in your decision to leave a tip at a coffee bar may be influenced by the actions and perceived importance of those around you (whether conscious or not). This is an example of how social environments affect behavior. Changes brought about by these conditions are commonly referred to as the chameleon effect. In an article titled “The chameleon effect: The preception-behavior link and social interaction” (Journal of Personality and Social Psychology, 76, 893-910, 1999), researchers T.L. Chartrand and J.A. Bargh define this as:

“nonconscious mimicry of the postures, mannerisms, facial expressions, and other behaviors of one’s interaction partners, such that one’s behavior passively and unintentionally changes to match that of others in one’s current social environment.”

In other words, the person surrounded by a group practicing a behavior is likely to adopt that behavior even if he or she would not normally do so when alone.

Now apply this perception-behavior link to something deemed “forbidden” with assumed consequences. If children are instructed not to smoke, are they more likely to do it in private when no one is around, or in plain site of their parents? Common sense says that they are aware of cause and effect and will choose not to smoke around someone who will object and punish them.

The same is true with an adulterous husband. Rather than taking his illicit lover to the family’s favorite restaurant where he is likely to be observed and recognized, he’ll go to great strides to schedule dinner on the other side of town. Great care will be taken to minimize the risk of being discovered. Like it or not, the social pressure of monitoring (or fear of being caught) plays a principal role in how many individuals behave.

Computers and the Internet complicate the chameleon effect because people have a sense of privacy and anonymity when using them. They provide a new area that falls somewhere between complete privacy and the fully observable behavior of the real world. Figure 2.2 illustrates the trade-off between social pressure and privacy ranging from the freedom to “think” thoughts without social feedback to the slightly less private Internet to the real world, which is largely composed of social observation and very little privacy.

Figure 2.2 Privacy Diagram

Are you Self-Conscious?

Barry Manilow T-shirt Experiment

Researchers at Cornell University conducted an experiment in which 109 students were each asked to wear a Barry Manilow T-shirt into a room full of their peers.

The students felt self-conscious about wearing the T-shirt knowing that he was not the most popular artist on campus, and they estimated that at least half of the observers noticed their choice in clothing.

However, they overestimated; only one-quarter of the observers noticed on average. Follow-up experiments yielded results that show that this exaggeration is commonly up to six times the percentage of the true observers.

As the remainder of this book will demonstrate, unless specific actions are taken to ensure it, privacy on the Internet is based on a false sense of security. In these circumstances, observation is not as publicly advertised, and therefore, it does not play as large of a role in decision making.

Spying Methodology

Spying can be broken down into two basic categories: overt and covert. Overt spying is analogous to surveillance and advertised monitoring. It is the police officer patrolling a neighborhood, the surveillance camera above the bank’s automatic teller machine (ATM), and the phone call you make to ensure that your son is home promptly after school lets out. Whether you are aware of it or not, you participate in overt monitoring every waking minute of your life.

“He looked about his surroundings. They had become so familiar to him that, without realizing it, he was beginning to take on some of the mannerisms of the people who lived there.”

– Georges Simenon, Maigret and the Toy Village

“The briefing had said, ‘Don’t speak’ … but while the crowd acknowledged people’s need to hurry it demanded at the least some slight apology for breaking the etiquette of the rush hour.”

– Gerald Seymour, Harry’s Game

Covert spying is what “spymaster” authors John Le Carré, Gerald Seymour, and Ian Fleming are famous for writing about. However, in real life, mystery and intrigue may not be what you want to experience.

Spying on others, especially family members, can be a stressful and emotional event. Under such circumstances, it is very easy to allow emotions to control decisions, which can then lead to mistakes. As discussed previously, the consequences of mistakes can sometimes be worse than the crime. As we have learned, in stressful and emotional situations it is good to have a well-defined plan and a backup plan. When the stress takes hold, a well-practiced plan becomes instinctual; the true value of a contingency plan is apparent when it is actually used.

To approach the task of spying methodically like a professional, it is a good idea to develop a strategy that can be used to evaluate and plan most spying sessions. A method we developed, called SLEUTH, consists of six steps to help you walk through a mission; evaluate scenarios and risk; and execute and examine your results. The SLEUTH methodology corresponds to:

1. Setting goals

2. Laying out a strategy

3. Evaluating and understanding risk

4. Using best judgment to execute the plan

5. Taking in observations and results

6. Handling the scenario using your results

Setting Goals

The first step in spying is to determine what your objectives will be. Rarely is it useful to run blindly into a spying mission. Although it may occur occasionally, it is good to set a well-defined goal before you begin. For example, a solid goal would be “to prove your wife’s infidelity,” and a not well-defined goal would be, “I know my wife is up to something. I need to find out.” Both would involve the same type of work, but the first gives a clear goal, whereas the second is like a “fishing trip,” where you hope to turn up something. With a solid goal, you can either prove your hypothesis or determine that it is outside your technical skill to discover. Even when there is no solid end result, it is important to have a clear quitting point. It is generally better to concede at a certain point and realize that either nothing is going on or your target is hiding his actions beyond your ability to find out. Failing to have a well-established stopping point can result in an endless quest that may eventually result in an obsession with collecting information.

Goals, as we describe them, are not necessarily conclusive decisions, but ways of measuring progress and accomplishment. For example, if you want to keep an eye on your teenager, you won’t necessarily set a goal such as “prove he smokes marijuana.” Searching only for drug-related material may cause you to bypass other useful clues about other activities you may have an interest in. In this situation, a better goal may be to monitor your teenager’s e-mail and chat, looking for anything that may endanger him or her.

Laying Out a Strategy

Laying out a strategy is a critical step in every spying operation. Even if you skip setting goals (which is not recommended), do not skip this step. Proceeding with any operation without a plan is a bad idea. A well-designed, strategy will give you a path to take and alternative routes to follow toward reaching your objective.

Before laying out a plan of action carefully assess your situation. Study and understand your target and the layout of the environment you will be operating in. In the scope of this book it boils down to understanding spouses’ or children’s personalities, how they use their computers, and in some cases how they have their computer set up. Do they e-mail a lot? Chat? Does their computer have a password? Try to learn as much as possible beforehand so that you can take everything you know into account when designing your strategy. This will minimize unexpected surprises and the amount of “on-the-fly” decisions that have to be made.

As you plan for different scenarios, look for possible failure points. When you reach one of these critical points, try to find all of the possible causes of failure. Think about what you can do to minimize your chances of failure at those times. Whenever possible, make a backup plan. Determine what you will do if your normal plan is diverted. Planning for failures and extraordinary situations is what separates a good strategy from a great strategy. It is not so much the plan, but how you handle things when they don’t go according to plan that matters. The goal of a good strategy is to eliminate last-minute decisions. When you are dealing with emotionally volatile issues, it is important to proceed based on study and research. When things go wrong, emotions can come into play that drive you to follow paths that, if viewed from a logical perspective, may be incorrect. A strategy can ensure that you have a predeveloped plan, hopefully made at a time when the “big picture” was viewed free of situational complications. If done well, a good strategy will help increase the chances of success with most spying operations.

Evaluating and Understanding Risk

Risk plays a central role in any spying operation. It is very important to be aware of the different risks posed and to determine their possible effects. When planning any operation, you must carefully balance the possible risk and consequence versus the potential reward.

From walking across the street to playing with live rattlesnakes, risk is present in almost everything we do. We make quick mental trade-offs between risk and reward and then choose our course of action. In many cases, when the risk is understood, steps can be taken to minimize it. For example, when crossing the street we can decrease our personal risk by crossing at a crosswalk and waiting until there are no cars approaching. In some activities, such as playing with rattlesnakes, not much can be done to reduce the risk to an acceptable level. Those are the activities we will choose to avoid after considering the risk versus reward trade-off. This same trade-off and risk minimization principle should also apply to spying on family members. Take careful consideration of the risk factors involved. Evaluate each risk factor for severity. Is it a big risk? Can you live with the consequences? Can anything be done to minimize risk?

Risk is an extremely important factor to consider when spying on someone. Many complex issues come into play when spying on a family member because there are many levels and types of risk. At a high level there is the risk of being discovered, which would put an end to your current operation and possibly tip off your target. At a deeper level, spying may be placing your relationship with your target in jeopardy. In searching for a possible problem, you may be seriously risking the integrity of the relationship. Think very carefully about all of the issues involved. Only when you understand them and their possible consequences should you proceed to spy.

Using Best Judgment to Execute the Plan

The goals are set, the plan is made, and the risk is understood; now it is time to spy. Using your best judgment, begin to execute the strategy you have prepared and outlined. Even though you have planned every step very carefully, situations will arise where judgment calls must be made. As the plan is executed, keep in mind the end goal, the strategy devised, and the risk involved. Use those three factors to guide any decisions that must be made. If done cautiously and carefully, execution of the strategy will yield the most reward.

Take in Observations and Results

As you spy, information will begin to pour in. It may not always be what you want or expect, but most of it will have some value. Store and analyze all of it. This collected information can usually be broken down into three primary groups: operations intelligence, targeted intelligence, and chaff, or useless information.

It is important to securely collect and store both types of useful information. If the information you obtain is not stored securely, you risk its discovery, which can lead to a compromise of both your capability and your activity. Once you feel that either of those has been compromised, you can no longer trust the value of the intelligence. Targets may operate in a manner specifically designed to thwart your collection efforts.

Operational intelligence increases your ability to continue, maintain, and possibly expand your spying activities. An example of operational information is discovering that your spouse leaves his or her laptop on with an open e-mail program every morning while he or she showers. Now you have a new window of opportunity to look for information that can possibly help lead you deeper into the information jungle in search of your goals. While operational intelligence may be more “dry” and less interesting than your targeted information, do not neglect it. If you do not plan on using it immediately, store it. Once you have executed all of the paths of your strategy, the operation intelligence you’ve gleaned may open up new avenues to explore.

Targeted intelligence is the information you are looking for, the material that will help you realize your goal. Sometimes this information presents itself as a “smoking gun” that gives direct evidence of your suspicions. Usually, however, it is a loosely correlated collection of clues. These clues make sense only when they are collected and viewed as an aggregate.

Because targeted intelligence can be difficult to locate, it is necessary to closely examine and analyze the information you initially discern as chaff, which can hold potential clues. For example, before you discard a series of e-mails consisting of forwards, recipes, or sports scores, reexamine them for a hidden meaning. Do the recipes make sense? Are the forwards changed dramatically from the ones on the Internet? Do the sports scores correspond to real-life events? It is not unusual for a clever adversary to use innocent looking information to disguise a communication channel. This technique, known as steganography, is a mainstay in many secret methods of communication. Spies, terrorists, and a host of other characters, both good and evil, use it as a method of slipping their information “under the radar.”

Handling the Situation Using Your Results

Now that you have some information, it is time to use it to work toward reaching your goal. At this time, we’ll assume that you have material that describes some aspect of your target that they do not wish to make public and that they do not know you have. What you do with this information depends on your goal. It can be useful for confrontation, or as a lead-in into an area where more spying can be done. You might have just enough information to steer your interactions in a new direction. Regardless of the specifics, careful analysis and use of the information is the final stage of the spying process.

Using Overt Monitoring as a Deterrent

Behavioral changes associated with active spying, or monitoring, are psychological phenomena that scientists believe date back to human hunter/gatherer days. Studies have demonstrated that people are hypersensitive to the social spotlight when they believe they are being watched. Imagine your comfort level when you are being interviewed for a job in a closed conference room with no windows versus a conference room with a large one-way glass and a video camera focused on you. In the closed room you are able to judge the importance and reaction of those watching you, but in the surveillance room you cannot, and you fear the opinions of those behind the glass.

This hypersensitivity is believed to have helped early man coexist in small group settings. At this time, isolation even for a matter of days could mean death to those dependent on their groups. It was of utmost importance to peacefully coexist within the group. Today, group coexistence is not necessary, yet we still overestimate what others observe about us and change our behavior because of it.

Overcautiousness leads us to try and adopt what we believe is acceptable by those observing us. There is an innate desire to please that makes us want to please the observer. For example, it is unlikely that someone would pursue an affair using e-mail if he or she thought that each message were being monitored by a spouse. However, there are some cases (imagine an ornery teenager) where the observed people might choose behavior they feel will deliberately upset their observer.

Surveillance as a Deterrent First and Observer Second

Rather than using monitoring to “catch” someone in the act, overt monitoring can be used as a deterrent. A classic example of this is the use of police cameras, which are typically mounted high on poles and aimed at suspicious street corners. Supporters of this system claim it has a dramatic effect on street crime. However, it should be noted that there are mixed statistics on their effectiveness; they provide observation evidence, but it is difficult to estimate how many crimes they actually prevent.

In September 2002, Madelyne Toogood and her 4-year-old daughter finished shopping at Kohl’s department store in Mishawaka, Indiana. Toogood placed her daughter in the back of her SUV, appeared to scan the parking lot for observers, and then repeatedly hit the young girl. This act was caught on a parking lot surveillance camera similar to the one pictured in Figure 2.3.

Figure 2.3 Surveillance Camera

If you look at the video footage, it appears as if Toogood looked for people who might see her, but she never looked up for cameras. The question is: if she had seen the camera would she have still done it? If so, would she have done it in the parking lot, or would she have waited until she was out of sight? Also, how many people have ever intended to commit a crime like this, but then realized they were being observed prior to doing it? This is a difficult (if not impossible) statistic to measure. The knowledge that they might be being watched influences the decisions that people make.

When it comes to computers, there is little public knowledge of the ease of monitoring. Police cameras have been granted widespread media attention, but little has been said about the collection and monitoring conducted by Internet service providers, Web-based e-mail services, and Web site tracking. All of these are entities that perform some type of monitoring. If people were as aware of this as they were of police cameras, would they be as willing to participate in some of the more unsavory behavior that occurs online?

Can You Believe It?

Who Uses Police Cameras, and Do They Deter Crime?

You may be monitored more than you expect. The following list is not all inclusive; according to industry estimates there are approximately 2 million video surveillance systems in the U.S. Police cameras are used throughout most cities to actively monitor in an attempt to deter crime and catch criminals. The verdict is still out on their success.

 Baltimore Sixteen cameras are used to scan the downtown streets and sidewalks 24 hours a day.

 Chicago Thirty cameras that are mounted on poles have been used to scan for crime since 2002.

 Memphis Twelve cameras have been used in the business district since 1996.

 NYC In 1998, numerous police cameras were installed throughout the city starting with public housing developments, Grand Central Station, and Washington Square Park.

 Tacoma, WA In 1993, Tacoma was the first city to use surveillance to publicly deter crime by mounting cameras on top of light poles in high crime areas.

Very few people are aware of the fact that in July 2004, a 2-to-1 decision by a panel of the U.S. Court of Appeals for the 1st Circuit in Massachusetts proclaimed that any company providing e-mail service has the right to copy and read any message bound for its customers. This means that e-mail is not afforded the same expectation of privacy as a telephone call or in-person conversation. For a law enforcement officer to gain access to e-mail, only a search warrant is required. This compares with a wiretap order needed to record a telephone line, which is far more difficult to acquire. Some see this as a loss of privacy, and other see it as a means of deterring illegal behavior on the Internet.

When it comes to your family, children who have been instructed not to participate in illicit activities will likely not do so if they feel their parents are monitoring their behavior. For example, many Internet protection groups urge parents to place computers accessible by children in the “family” room versus behind the closed doors of their bedroom. This reinforces the notion that the child is subject to monitoring and that his or her behavior may be observed by an objecting parent.

While this monitoring may seem excessive to privacy advocates, it also represents one method of parental involvement. One of the big criticisms of the Columbine tragedy was that the parents of Eric Harris and Dylan Klebold allegedly had little involvement in their sons’ personal lives. For example, it was reported that the boys openly communicated their deadly interests on their Web site, yet the parents remained unaware. Complaints about the Web site were made to local police more than one year prior to the school incident by concerned parents whose children were listed as targets of violence on this page. No one at the time could have predicted the extent of this tragedy. One may wonder, what could have been done to deter this event? Would things have been different if the parents were more aware of what their children were doing in the secrecy of their rooms? Would things have been different if Harris’s parents were aware of this Web site, and aware that in his room he had a gun? Although the parents slept the evening before the attack, the two boys made a video and in it Harris imagined that his parents would say, “If only we had checked his room. If only we had asked more questions.”

There is a benefit to being aware of what your children are involved in, especially if you fear they are in trouble and more traditional methods of communication have failed in the past. For young children, this is easy because they communicate openly with their parents. For teenagers who become reclusive and withdrawn, this becomes more difficult. There are many options and techniques to try to become more involved.

One such option is to tell your children directly that you are aware of what they are doing at home and on the Internet. This is accomplished through open monitoring or “advertised” surveillance. This is analogous to posting a sign in front of your home that says it is protected by a security device. Maintaining a home surveillance system helps protect you against burglars, but advertising the fact that you have one may prevent the need for the system altogether. Figure 2.4 shows an example security sign that might make some believe that a location is actually protected by a real security system. Some people post the signs in their yard without actually having the alarm system installed.

Figure 2.4 Advertising Surveillance Sometimes Is Just as Effective as Implementing It

The same is hoped to be true with monitoring on the Internet (especially when it comes to children). Overtly conducting surveillance may help protect you from hurtful events, but depending on the circumstances, merely advertising the threat of monitoring may be just as effective. A quick search on for the phrase “my parents don’t know” brings attention to this. The search alone brings up thousands of hits. On one Web site uncovered during this search ( the question is asked:

“How many of your parents know that you post here?”

Overwhelmingly, the response was that (1) they do not know and (2) the children feel that if they did know there would be repercussions. Some of the responses to the question are listed here:

“Naw, my parents don’t know. If they did my computer would be gone, I’d be banned from the Internet for … well, as long as they have power over me, lol. I’d get a long rant about how I’m completely without morals and wondering where they went wrong. I just delete the history and cookie files on my computer before I go to bed so they can’t track it.”

“They don’t know. If they did my mom or dad would freak. They don’t like the idea that I can open up on the Internet but not to them.”

“I know every so often when my dad comes in to talk to me he reads whatever it is that I’ve written or am reading or something like that, but I never told him I write stuff about my life online. He has no knowledge whatsoever about his computer or computers in general, and wouldn’t know something like this even existed.”

This is just a sample of many instances in which children indicate that their parents are not aware of what they do, and that they feel comfortable doing this because there is no indication that they will be caught.


The Web site greets visitors with this threat:

Warning! Use of this site is restricted!

This computer system is for the use of the United States Government. Unauthorized access, or access which exceeds authorized access is punishable under 18 USC 1030.

Users have to click on the Agree button to continue. This threat is a powerful deterrent that is used to attempt to prevent misuse rather than merely recording and prosecuting against it.

Explore More …

Mini Case Study: Deterrents

The following story demonstrates some of the psychology involved in spying and its deterrent effects, and is a universal scenario that most people can identify with.

When I was a kid, I like most kids, would do things that made my parents mad. I’d stay out too late, sneak out of the house, skip class to smoke cigarettes, and run around town without their permission. Like most amateur wrongdoers, I was occasionally caught, and when I was, I fell victim to several of my parent’s clever methods at dealing with the situation.

Being caught hammered in the fact that they were always one step ahead of me. First, they would never confront me immediately after I did something. They would wait a day or two before bringing it up. After this had occurred a couple of times, I could never be sure once I’d done something wrong if I had actually gotten away with it. I might have, or I could just be in my parents waiting period where they lulled me into a false sense of security. Sometimes they would wait weeks before dropping the dime and revealing their hand.

A second method of theirs was slightly less insidious, but just as painful. When they did catch me doing something wrong, they would never tell me how. I was always left wondering how they found out. Did I slip up, did my friends or their parents sell me out, or did my parents have some secret monitoring capability I didn’t know of? These tricks definitely had a powerful deterrent effect, and they usually made me think twice before I’d consider doing something they wouldn’t approve of. They allowed my parents to keep the edge in information superiority longer than they would have otherwise.

Explore More …

The Polygraph as a Deterrent

Many employees of the Central Intelligence Agency (CIA) have a common response when asked to partake in questionable activities: “No, I can’t. I have my poly coming up soon!” It is not that the desire to commit crime is rampant among employees, but rather it is a testament to the deterrent power of the polygraph test. Polygraph tests instill fear in most people who are subjected to them as a requirement for continued employment. This fear extends from decisions they make in their daily lives down to the actual event in which they confess everything from taking a pen home to cutting in line in the company cafeteria.

It is often speculated that polygraph tests keep innocent people innocent. We can speak only from the experience of behaviors that we have observed personally.

The polygraph works by measuring the physiological changes in a person when they are confronted with questions related to a topic. The assumption is that when the subject attempts to deceive the administrator of the test, the natural interaction between the mind and body will cause physiological stresses to be visible. These stresses include changes in respiration, increases in skin response, and changes in blood pressure.

An employee’s fear is an example of overt monitoring advertisement to deter “forbidden” behavior. In this case, the monitoring actually occurs after the fact, but it demonstrates the same common purpose: to notify individuals that their actions will become known by others and that consequences will be applied if they step out of bounds.

Most reliability studies estimate that the polygraph is at least 90 percent or more accurate in detecting deception. From what we have observed, the remaining 10 percent probably instills more fear than the 90 percent accuracy rate. Those subjected to the polygraph know that it is not perfect, and often fear that thoughts versus actions of “forbidden” activities may be misconstrued in that fuzzy area of inaccuracy. Perhaps this adds to the fear of the polygraph and, as a lucky side effect, actually increases its ability to deter behavior around the line and not just actions that cross it.

Problems with Overt Spying

While overt spying has the potential of helping to avoid problems down the road, it is naïve to think that it is without problems. Three of the biggest issues are:

 Overt spying advertises where, when, and what you are monitoring.

 Monitoring explicitly indicates your lack of trust in someone.

 You have to deal with the “rules-are-made-to-be-broken” attitude.

Each of these concerns is addressed in detail in the following sections.

Smile for the Camera

There is a reason why most inspections are called “surprise” inspections, and why crime tends to decrease in areas that introduce visible police surveillance cameras. People change when they think someone is observing them. Would you spend the extra 20 minutes at the coffee machine talking about last night’s football game or your fantasy “Survivor” picks if your boss was watching you? Probably not, but chances are high that you would do it once your boss left the area.

When you overtly spy, you are indicating exactly where, when, and what you intend to monitor. Unless the people involved explicitly want to upset you, they are not going to partake in the “forbidden” behavior while you are monitoring them. Maybe this convinces people to think twice about what they were about to do, or maybe it simply makes them temporarily suppress their desire. Be forewarned that overt spying may cause the person wanting to commit the act to evolve and adopt more covert techniques and conduct the behavior out of your sight.

A classic example of this in the intelligence world is observed through the eyes of overhead surveillance cameras. Nearly everyone has seen the overhead photos of the missiles from the Cuban missile crisis (see Figure 2.5). This photograph, along with many others, is from the Dino A. Brugioni collection at the National Security Archive. Brugioni was a CIA officer responsible for “all source” intelligence during the time of this crisis. Brugioni has also written a book titled Photo Fakery where he discusses how actions can be taken to mislead the viewers of the photographs when those being watched are aware of their surveillance. During the Cold War, for example, the Soviets were known to build “fake” tanks and ships to try and misrepresent their locations, capabilities, and intent. In addition, items that were deemed to be sensitive or “forbidden” were covered with reflective materials such as chicken wire to hide what was secretly placed underneath.

Figure 2.5 Overhead Surveillance from November 1962 Capturing the Image of Soviet Missiles Being Loaded at Mariel Port

The same tactics are applied to the Internet world when people identify that they are under surveillance. Take the acronym POS as an example. In the world of instant messages and chat, it means, “parent over shoulder” and is used to indicate that the subject should be changed immediately because someone is monitoring the conversation that is likely to object.

A husband who knows his wife is spying on the home e-mail accounts may sign up for secret Web mail accounts, which are far more difficult to monitor. In reality, if the objective of the wife is to collect evidence for court proceedings, it would be better not to give away the fact that she is monitoring the home e-mail. In this case, covert spying is far more appropriate. As Sun Tzu once said:

“When capable, feign incapacity, when active, inactivity. When near, make it appear that you are far away, when far away, that you are near.”

Otherwise, you are revealing your true capability (as the Russians did in 1962). By doing this, the spouse who intends to cheat regardless of the fear of monitoring may be driven to adopt sneakier techniques to prevent being caught.

There are a number of defensive tactics that can prevent someone else from monitoring you. Providing someone intent on doing something with the knowledge of how they will be monitored can drive them to use advanced techniques that you cannot detect. When this occurs, the overt monitoring method has had the opposite effect than was intended.

Explore More …

Mini Case Study: Secrecy

The following story shows that sometimes it is better not to broadcast your capability because it may drive your opponent to develop even better techniques to beat it.

I grew up in a fairly rough part of town. Crime was pretty much an everyday occurrence that everyone lived with and accepted. One year, my parents bought a brand-new Suburban and decided to protect their highly desirable vehicle from thieves by installing a car alarm in it. After the alarm was installed, I went with my mom to the shop to pick up the car. Along with the remotes, the shop worker handed us two stickers proclaiming the alarm brand. “Shouldn’t we put those on the car?” my mom asked. “I wouldn’t if I were you” was the response. Not willing to let it go, my mom brought up the point, “But they’re a deterrent, aren’t they? That’s what I’d always heard.”

“Look lady, in most places they would be, but here the thieves are a little better than that, heck most of them probably work in alarm shops just like mine. If you show them exactly what alarm you have, they have all the time in the world to look into their bag of tricks to see what they can do to beat it. It’s better to let them find out the hard way that there’s an alarm there. It’s a lot harder to figure out what you’re up against when the pressure’s on.”

Much in the way the sticker advertising the alarm gave the thieves a good idea of what they were up against, overt spying can give your targets a clear picture of exactly what they need to overcome. Wily targets of overt spying can soon build up a clever routine to accomplish whatever they want all the while appearing to be perfectly innocent toward the surveillance system. Depending on the skill of your mark, it may sometimes be better to hide your hand and never reveal your full capability.

Detriment of Distrust and Avoidance

A second side effect of overt monitoring is that the mere act of doing so displays a lack of trust and an invasion of privacy toward an individual. At times, this can be more destructive than the behavior they were first suspected of committing. The previous chapter addressed the ethics of spying in general, and its impact on a relationship. Rather than revisiting that, we now want to address the social impact of being “watched.” Privacy is sacred, and when it is taken away there is bound to be resentment, whether it is within your family, your neighborhood, or across an entire country.

Outrage from constant monitoring can be seen everywhere from users furious about TiVo reporting that people rewatched the exposure of Janet Jackson’s breast during the half-time performance of the 2004 Super Bowl three times more than any other section of the broadcast, to grocery shoppers upset with purchase-tracking “discount cards,” or protestors such as the Surveillance Camera Players ( upset with the broad use of closed circuit video surveillance cameras.

In another parody by the Surveillance Camera Players, posters were purposely displayed in front of cameras to act out scenes from George Orwell’s novel, 1984.

Apply this to computers. Imagine how you would feel if your wife said that she wanted to install monitoring software to observe which Web sites you visit and whom you chat with because she fears that you are having an affair. This would probably be a death sentence for your marriage. This is partially because a marriage is a partnership; both parties are assumed to be operating in the best interest of the collective marriage. In the case of overt surveillance, one party demonstrates blatant distrust for the other, and attempts to forcibly dominate in an authoritative manner by setting limits on what can and cannot be done by the spouse. For a marriage to succeed, trust and partnership are critical.

This is in contrast with the relationship between a child and a parent. As children grow, they test the limits of parental boundaries. An attempt to participate in an activity that is not endorsed by a parent is part of growing up. Over time, children change from dependent toddlers that are “put to bed” at 8 P.M. every evening to independent decision makers who choose when to wake and sleep. Marriages that are marked with constant attempts to participate in “forbidden” behavior are not operating in an effective manner.

Romeo and Juliet Meet the Fonz

Some personalities thrive on the satisfaction of doing something against the will of others. Instead of adhering to the limits set forth by others, they may instead purposefully conduct the “forbidden” behavior as a form of protest. We know this sounds silly, but think about your dog for a moment. Every dog that we have had in our lives does the same thing: if you push them while they are standing up in one direction, they push back in the opposite direction! The same can be seen in people too (especially teenagers). With their newfound independence comes the desire to be their own leaders. This means that they may not agree with the rules that mom and dad have set. In addition, some children go through phases in which they are constantly questioning authority and attempting to break the rules. In some cases, this is because they are seeking more attention (even if it is negative), and in others it is simply their way of “growing up.”

Doing something “taboo” can also be fun for adults. We are all curious, and a certain amount of excitement comes with the thought of breaking the rules (and getting away with it). For example, take the classic love story, Romeo and Juliet. They were forbidden to be together, which fueled their love even more.

Why Not?

We once knew a married man who was having an affair. When asked what prompted his decision, his response was, “Why not?” Because he worked for the government, he was always traveling. He explained that for the past five years his wife had accused him of cheating during every business trip even though the thought had never crossed his mind.

These constant unfounded accusations wore on him, and at some point he began cheating. “I was already being punished for it, so why not actually do it?” he said. It is hard to say if he would have started without the continual display of distrust, but it is obvious that it did not help his situation. First, it planted the idea in his head, and second, it lowered the expectations of his relationship.

Using Covert Spying to Observe Behavior

Covert spying is the secretive collection of information, which is frequently used by private detectives to gather evidence on everything from suspected adultery to insurance fraud and child custody battles. Unlike active spying where the goal is to deter and manage behavior, covert spying is used to collect information that catches the target in the act. Covert spying is done without the person’s knowledge, and steps are taken to conceal the spying from that person. This is usually how Hollywood portrays spying.

A person should have absolutely no indication that they are being covertly spied on. It is expected that they will be less inhibited and will not take extreme measures to hide their behavior as they would if they were being actively monitored. One advantage to active spying is that you know that the other person is aware of your activities. If you are silently spying on someone, it is difficult to know if they are even aware of you. You can never be sure if something or someone has tipped them off. Someone who suspects they are being spied on can create a canary trap by appearing to perform a behavior that would cause the observer to reveal himself. People who discover that they are being passively monitored can cause a lot of frustration by never revealing that they’ve discovered the game, which may send their pursuers on countless wild goose chases. The people spied upon may also be much angrier than usual if they were caught by someone using active spying techniques.

Be prepared for what you may find out. Imagine that your wonderful husband is also a terrific father. He takes care of you and your family, and is supportive of your job. You are still as in love with him today as the day you married each other. Nonetheless, you have the feeling that he is up to something. He is acting more perfect than normal, giving you more attention, dressing nicer, and spending extra time in the gym. You fear that he may have met someone. Do you really want to know the truth? Is he just flirting, or is he doing more? Is it worth ending your seemingly perfect relationship?

Problems with Covert Spying

Covert spying presents several problems. The biggest issues involved with covert spying are:

 It is a more involved procedure.

 You will never know if your target has discovered you.

 Presenting evidence obtained through covert spying reveals your capability.

Each of these issues is discussed in depth in the following sections.

Involvement of Procedure

Unlike overt spying, which involves a monitoring capability only, covert spying requires the capability to monitor and to disguise monitoring, and the opportunity to install your capabilities. This is a much more involved procedure than presented by most overt spying methodologies. For example, if it is your corporate policy to monitor employees’ keystrokes, you only need to locate the appropriate keystroke logging software. Its presence is made known, and all employees must have it installed on their computers. However, if you want to covertly monitor an employee’s machine, the operation becomes more complex. You must find an appropriate keystroke logger, one that has enough capability to be installed in such a manner that it avoids most reasonable efforts at detection. Finally, you must find the opportunity to install this keystroke-monitoring capability on your target’s machine without his knowledge.

While these obstacles can be difficult, they are not insurmountable. In fact, the very challenges of covertness and installation are the excitement that many real-life spies crave. The careful development of capability and careful planning for opportunity can make the procedures much more achievable.

Target’s Awareness of Your Capability

When you spy overtly, you may never know everything your target knows, but you have a good starting point. You can immediately assume that they are fully aware of all of the capabilities that you have disclosed to them. Now that a covert aspect is in play, your target will ideally be completely unaware of your capability.

While it is hopeful to expect, it is also very naïve. Dumb luck also plays a big part. An electrician replacing wiring may discover a listening device that was planted behind a wall. Even the best-laid plans can be upset by random chance. This factor increases the risk on all operations.

Discovery is possible at any time; therefore, it is impossible to know if the target has discovered your capability. Adversaries who discover they are being spied on may react in many different ways. Changing or concealing their behavior is one possibility. Or, the targets may adjust their behavior to mislead those monitoring them, in which case, most of the information the spy obtained is no longer valid, and the results they developed using this information is flawed.

Presentation of Evidence Reveals Capability

A new danger arises when all of the evidence is collected and the spy wants to use it as evidence of the target’s wrongdoings. Possession of the different types of evidence could lead to a revelation of the spy’s capabilities. Once targets have been presented with documentation of their activities, they begin to figure out how they were spied on. Using the information they are presented with, they can evaluate the collection capability deployed against them. In cases where the spy wishes to maintain his capabilities in the future, this may not be desired.

The U.S. is often faced with this challenge. When presenting satellite information to the United Nations, the press, and other organizations, it often has to obscure the image as to not reveal the full extent of its capabilities. At other times, the U.S. has had to withhold evidence of other countries’ wrongdoings to protect its sources.


You must be careful that your covert spying is not realized and changed into overt spying against your intentions. Such was the case with FBI spy Robert Hanssen. Luckily, by the time he observed the surveillance, it was too late and enough evidence had already been gathered against him. His resignation letter demonstrates how the “threat” of spying is capable of altering someone’s behavior.

Explore More …

Robert Hanssen Spy Case

The Robert Hanssen spy case demonstrates the effects of both covert and overt (or known) spying on illicit behavior. For as long as 20 years, Hanssen had been selling secrets to the Russians. Once the FBI suspected his involvement, it began covertly monitoring his telephone and other communications. From that it was on to him. As his letter indicates, he believed that he was being watched. As a result, Hanssen decided to cease his illegal activity. Little did he know that at this point it was too late; he had already been caught.

Hanssen’s resignation letter to his Russian “handlers”:

Dear Friends:

I thank you for your assistance these many years. It seems, however, that my greatest utility to you has come to an end, and it is time to seclude myself from active service.

I have been promoted to a higher do-nothing Senior Executive job outside of regular access to informaiton (sic) within the counterintelligence program. I am being isolated. Further, I believe I detected repeated bursting radio signal emanations from my vehicle. The knowledge of their existence is sufficient. Amusing the games children play.

Something has aroused the sleeping tiger. Perhaps you know better than I.

Life is full of its ups and downs.

I will be in contact next year, same time, same place. Perhaps the correlation of forces and circumstance then will have improved.

Your friend,

Ramon Garcia

Robert Hanssen was arrested and on July 6, 2001. He pled guilty to 15 counts of espionage and conspiracy charges in exchange for federal prosecutors not to seek the death penalty. He was sentenced to life in prison without parole on May 10, 2002.

Spy versus Spy

How do you decide whether you should overtly or covertly spy on someone? For the most part it comes down to two factors:

 What is your end objective?

 Who are you spying on?

When you want to deter a behavior, overt spying is more effective. If your prime objective is to collect evidence, then covert spying will be the most successful. Overt spying tends to work well with children, while covert spying works better with adults. Table 2.1 helps distinguish additional differences between the two.

Table 2.1

Table for Determining When Different Types of Spying Are Most Appropriate

Revealing Your Hand

Now that you understand the benefits and weaknesses of overt and covert spying, we address how to deal with the realization that someone in your family is secretly doing something that he or she knows you would object to. The question is: What do you do now?

Events that are time critical like child abuse, underage sex, or drug abuse should obviously be dealt with immediately. Waiting could cause further incidents and irreparable damage. However, sometimes the situation is less critical, and more of an “awakening” to you. In cases such as this, your capability to monitor may be more important than the actual deed, or what you have evidence of to date. You may be better served not to react immediately, but to instead monitor so that you are aware of the big picture and the extent of the problem.

We realize that this is difficult. You catch your wife exchanging sexually explicit e-mails with someone and you are suddenly overtaken with rage. You want to let her know immediately that you are aware of what she is doing. You are furious. You want her to stop. But, maybe there is more to it? That “someone” is a coworker, her boss. Maybe this goes beyond e-mails and to an affair. The finances are not what they seem; she was given a raise one year ago and her full paychecks are not going into the family account like you thought they were. Her business trips have been weekend visits to the beach with her lover. They are building a house there, together. Slowly she has been hiding money from you and diverting it to this. She is planning on leaving you, but she first wants to collect all that she can from you. You need to know the entire breadth and depth of the problem before you come up with a solution. If you had approached her at the start, you may not have realized the true challenge that you were about to face. In fact, approaching her from the beginning would place you at more of a disadvantage, as she would be better prepared to end the relationship.

Learning all of this gives you the ability to make a much more solid and well thought-out decision. This is the exact same reason why intelligence organizations slowly and methodically collect information. Their job is not just to “catch” other countries in the act of committing atrocious crimes; it is also to arm policymakers with all of the necessary information to make well-founded decisions.

A perfect real-life example of when to reveal your hand can be seen when you examine how the police operate when investigating organized crime figures. Often, these figures are very closely monitored and watched. In many cases, evidence of crimes ranging from misdemeanors to felonies is observed. The police will often not arrest or prosecute their target until they feel that enough evidence has been gathered for them to develop an iron-clad case. Once they make their move, their capability is revealed. This also alerts the mark that they have been the target of an investigation. If the bust is made too early the police lose both the element of surprise and the possible covertness of their spying methodology. Use this example when considering the possibility of revealing your hand.

Of course, there may never be a situation where you must reveal your hand, such as when you feel that the information collected is enough to point you to obvious clues that you can pass off as your capability. Sometimes a guilty feeling target will confess and not even inquire about how you found out. Other times you may not feel the need to ever confront your target. Since revealing can be an emotional and potentially dangerous situation, think carefully and do it cautiously.

The Benefit of Patience Taught by the Enigma

In the late 1920s, the German military adopted a new cryptographic machine called the Wehrmacht Enigma, as shown in Figure 2.6. Communications encrypted by it were thought to be unreadable by the Allies. In its early stages they were, but over time they could be monitored. Polish mathematicians Marian Rejewski, Jerzy Rozycki, and Henryk Zygalski made initial breaks to the code with help from Hans-Thilo Schmidt, an employee of the German cryptographic agency. On July 25, 1939, the fear of a German invasion led the Poles to share their breakthroughs with the British and French forces. This energized a surge to break more of the encryption by the Brits.

Figure 2.6 German Enigma Machine

Mathematicians Alan Turning and Gordon Welchman from Cambridge University conceived the design for a machine capable of reading the encrypted traffic. This design was taken to Harold “Doc” Keen, who was an engineer at British Tabulating Machines. Doc was hired to turn their design into a reality. Refinement and construction of this machine took many months. In 1940, it became operational and was dubbed the “Bombe.”

The Bombe, as shown in Figure 2.7, was successful against German Air Force and Army Enigma traffic, but it lacked the ability to consistently break German Navy traffic. The Navy operators adhered to strict security procedures, and their machines contained three additional rotors.

Figure 2.7 The Bombe Encryption Breaking Machine

This lack of monitoring capability allowed the German U-boats (submarines) to rule the waters. Admiral Doenitz, the commander of the U-boat fleet, was very strategic in his operations. Once one submarine spotted a ship that belonged to the Allies, it alerted all of the other nearby submarines with messages encrypted by the Enigma. This coordinated attack was virtually unstoppable by the lone ship.

In May 1941, the tables turned. British forces captured the German submarine U-110. The crew of the captured U-boat was so terrified by what they felt was impending death that they abandoned the ship and jumped overboard. The result was that their encryption equipment was left completely intact with the proper daily settings in place. In addition, secrets such as codebooks and instruction manuals were left behind.

At this point, the British had an important decision to make. Do they break news of the capture and ability to read traffic, or did they wait to reveal their hand at a later date? As history tells us, they chose wisely to wait. They went through great strides to make it appear as if the submarine had sunk to the bottom of the ocean before it could have been boarded by anyone. Finally, the British could read the Navy traffic. They were able to quickly take measures that enabled their ships to travel the seas without being attacked by the U-boats. Because they did not want the Germans to fear that their encryption had been broken, they purposefully sent aerial reconnaissance to suspected areas to help misdirect concerns over the failed attacks. This disguise campaign was known as Ultra, and it was backed by deceptive excuses for any action based on intelligence gathered from the Enigma. If nothing could be done to misdirect attention to the investigative source of an action, then it was not acted upon.

The benefit of this intelligence is often claimed to have shortened the war by at least one year. Intelligence aided the Allies in the Battle of the Atlantic. It contributed to the Italian defeat at Capa Matapan, assisted the British in El Alamein in Western Egypt, helped in the hunt for the battleship Bismarck, and provided intelligence from messages between Adolf Hitler and General Günther von Kluge during the campaign in France. In this case, patience paid off far more for the Allies than revealing their capability and knowledge of the first “offense” would have.

Faults and Consequences

The following story of a wrongly accused victim demonstrates how facts can be misrepresented and how undeserved distrust can be devastating. At the start of the “Russian mole” investigation that ultimately led to the arrest and prosecution of Robert Hanssen, a 28-year-old CIA employee was escorted into an unexpected meeting where she was told:

“Please sit down, we have some bad news for you … your father is a spy. He’s working for the Russians.”

At the same time, her father, who had been an agency veteran for nearly 20 years, was being accused of espionage. These accusations led to the CIA officer being suspended for 21 months and to unrecoverable embarrassment. The FBI agents interrogated the accused officer’s children, sisters, coworkers, and friends. The agent warned one of the sisters that if she did not cooperate, the FBI would go to the nursing home and question her 84-year-old mother. The allegations of spying against this officer were prompted by a suspect jogging map, and the unfortunate coincidence that he had access to the same information and lived on the same street as the real spy, Robert Hanssen.

John Moustakes, the lawyer for the wrongly accused CIA officer, wrote the following in a letter to the then FBI director Louis Freeh, requesting a formal apology:

“The corrosive effects of the FBI’s wrongful and indiscriminate accusations are incalculable and pervasive … The investigation has been emotionally devastating to both him and his family … To cause my client to live one more day than necessary as the suspect in the nation’s most damaging espionage case was reprehensible. But to delay longer still the exoneration to which he is manifestly entitled is unforgivable. This experience left indelible personal scars that will never fully heal and a cloud that will continue to mar his impressive career unless it is explicitly dispelled. Under the circumstances, our request is at the very low end of what fairness and decency require.”

Frustrated by their lack of willingness to publicly apologize, the accused officer spoke out in a telephone interview with the Courant

“They had gotten it so wrong, for so long. They drove at me to the exclusion of all others. Some of the people there got medals for this investigation, for God’s sake.”

This is a real-life example of how information can be easily misinterpreted and false accusations can be made that hurt otherwise innocent and uninvolved people.

Are the consequences of being caught spying worse than the activities you are trying to catch your spouse or child doing? In some cases they are. Take a perfectly healthy relationship as an example. Pressure and stress at work can cause many of the same characteristics that “how to tell if your spouse is cheating on you” Web sites claim are sure-fire signals. Acting on these accidental signals with spying can cause more harm than good.

Imagine that a husband is putting in some extra hours at work because he has heard that holiday layoffs are right around the corner. He does not want to draw attention to the situation because his wife is pregnant and has recently quit her job. He is suddenly under tremendous stress trying to (1) ensure that he does not lose his job, (2) develop a suitable plan in case he does, and (3) cope with the sudden increased pressure of being the sole provider for an entire family.

Due to these circumstances, his behavior may closely resemble an affair: working late nights, being withdrawn, dressing “nicer” (job interviews), and participating in secret phone conversations about his situation to friends and potential employers. His pregnant wife is likely to be self-conscious because of her physical condition and the lack of “closeness” with her husband due to his recent stress. Because of this, she may be more apt to jump to conclusions and assume that he is cheating on her because she is pregnant. Furthermore, she may choose to back up this gut feeling by using monitoring software. If she does and her husband finds out, it could mean the end of their relationship before their first child is even born.

In the wife’s eyes she was the victim, and many companies that sell monitoring software push sales with comments such as, “He started the affair and broke all trust. Monitoring will only prove his guilt!” However, the husband was innocent. Instead, he was the victim of his wife breaking the trust within the relationship. Spying has consequences and breaking trust in relationships is just one of them.

Spying on your children can also have unintended consequences and can provide a mixture of results. Once the decision to spy has occurred, there are only a couple of possible outcomes: the spying produced results that confirm the suspicions, or the suspicions were found to be untrue. Both parties can either continue the relationship, or intervention may be required.

There is another outcome that provides much more in the way of long-term consequences. If a parent is caught spying on their child, their relationship may change for the worse. The child, who expects some monitoring of their actions by their parents, will feel that their privacy has been violated. Many will feel that if their parents are going to treat them like a criminal, they might as well be one. Getting caught spying may cause the child to withdraw further from the parents.

The consequences of spying cannot be determined before the actions are begun. The possible consequences should be thought of and then a determination made as to whether the worst consequence is better than not spying at all. Different people will take being spied on in different ways; however, every relationship will change forever once spying occurs. Whether it changes for the positive or the negative will depend on the existing relationship and the results of the spying. In order to successfully spy on a person, you must be willing to sacrifice the existing relationship.


We are not lawyers and the legal aspect of spying is not a black and white subject. What is legal for video capture is not legal for audio capture. While keystroke capturing may be legal against your children, in many instances it is not legal against your spouse. Files and e-mails located on the hard drive of your computer may be read, but the privacy of those stored remotely elsewhere may be protected. Before you do anything, you should familiarize yourself with all state and federal laws associated with the surveillance and monitoring of others. If in doubt, consult a lawyer for expert advice.

On the topic of legal allowance and liability, three different situations must be addressed: the monitoring of keystrokes, the capturing and viewing of files and/or email, and the capturing and monitoring of voice and video.

First, a Word About Companies

Federal law is aimed more at protecting employers while state law protects employees. The Electronic Communications Privacy Act (ECPA) allows a company to monitor an employee’s e-mail if one of the following requirements is met:

 One of the parties has given consent.

 There is a legitimate business reason.

 The company needs to protect itself.

To better protect employees, legislators proposed the Notice of Electronic Monitoring Act in July 2000. This act was intended to require employers to notify all new employees that e-mail was subject to monitoring, and enforce an annual notification of the same declaration. This act has not been passed, but written policies established by companies that provide this type of notice can help prevent litigation related to privacy claims.

Monitoring of Keystrokes

On the surface, the legality of installing a keylogger and collecting keystrokes seems cut and dry. Most law clearly indicates that it is legal if the computer is owned by you, or if the owner provides consent to being monitored. So, what exactly does “owned by you” mean?

It means that if you run a company, and an employee is using a computer that was purchased by the company, you can create a policy that allows you to monitor their activities on it. Likewise, as a parent, you are assumed to “own” the computer that your child uses and you can therefore legally install monitoring software. Where it gets touchy is when you want to monitor your spouse. If you are the owner of the computer, it may be legal, but if your spouse is the owner, their privacy may be protected.

Capturing and Viewing Files and/or E-mail

Similar to keystroke capturing, the prime factor in the legality of file and e-mail monitoring is the ownership of the computer. As briefly discussed previously in this chapter, there is a difference between e-mail that is in transmission versus e-mail that is stored. Federal wiretapping law states that e-mail being actively transmitted (i.e., across a wire) is protected against the wiretapping law. However, when e-mail passes across computers it is temporarily (or permanently if it is the end user) stored. A number of court cases have ruled that this temporarily stored copy of the e-mail may be monitored. For example, in the United States v. Mark L. Simmons, the court ruled that the monitoring of personal e-mail at work did not violate any federal wiretapping laws. This ruling was because the e-mail was viewed from a storage device and not as it was being transmitted.

Transmitted e-mail is a different case. Most cases have permitted it if there is a proper policy in place. For example, in Bourke v. Nissan, the court ruled in favor of Nissan who fired two employees for sending sexually explicit e-mails back and forth. In Smyth v. Pillsbury Company, an employee was fired for sending threatening email that included comments such as “kill the backstabbing bastards” and references to the holiday party as the “Jim Jones Kool-Aid affair.” This employee sued on the grounds that his personal privacy was violated, but lost. In the city of Scottsdale, a police department learned the hard way that even though monitoring was allowed, actions they took based on the monitoring were excessive. An officer that had just been promoted sent an e-mail to a female co-worker asking if she would sleep with him now that he had been promoted. The recipient was a good friend and took the e-mail as a joke, but the department removed his name from the promotion list and eventually fired him over the event. The officer sued and was awarded $300,000.00 in damages. The award was based on the action of removing him from the promotion list and eventual firing and had nothing to do with the actual monitoring of the e-mail. However, it serves as a lesson to be cautions of actions taken based on potentially misinterpreted information that is collected through monitoring.

When applied to your spouse, if e-mail is stored locally on a hard drive that is accessible to the family, then you can access it. If your spouse instead uses a Web-based e-mail account that is password protected, you may have legal issues with accessing it (even if you know the user name and password).

Voice and Video Capturing

It is legal in all 50 states to record video with a hidden camera in your home. Audio, however, is a different story. It is against the law to record speech without consent from both parties in California, Connecticut, Delaware, Florida, Hawaii, Illinois, Louisiana, Maryland, Massachusetts, Montana, Nevada, New Hampshire, Oregon, Pennsylvania, and Washington. This means that if you live in these states, cameras are okay as long as you disable the microphone on them.

To prevent against litigation, many experts recommend that in cases such as “nanny-cams” you obtain written permission from the nanny prior to recording. Note that this changes the monitoring from covert to active, which means that it is intended to be more of a deterrent than an evidence “catcher.” In the case of potential child abuse, however, active is what you want. Merely capturing the act afterward assists the parents in pressing charges against the nanny, but it does not stop the child from being abused.

Case Study: Dangers of Misinterpretation and Distrust

Interpreting a situation wrongly can be as dangerous (if not more) than leaving the event to its natural course. One of the biggest risks is that you reveal your hand and toss unscrupulous accusations against an innocent family member. By doing this, you damage their trust in you, their feelings of personal privacy, and their self-image because you demonstrate that you “expect” them to do that type of behavior. When such behavior is against a spouse it is hurtful, but when it is against an impressionable young child it may be irreversible, as demonstrated in the following case study.


Jeremy was a quiet and independent 15-year-old who lived with his parents and younger sister, Emily, on the outskirts of New York City. His family was always close and loving. This past fall, Jeremy’s sister enrolled in kindergarten and his mother returned to the work force. Trained originally as a nurse, she accepted a job with the local hospital. Because she just recently started, she was only offered a position working evening hours. She hesitantly accepted because the family needed the money; college was right around the corner for Jeremy.

Working evening hours took a toll on everyone. The family was used to the mother being around and taking care of the daily problems. Likewise, the mother felt less involved with everyone’s lives. There were no more “family” dinners around the table, and the children were responsible for ensuring that their homework was completed and baths were taken every night on their own.

Jeremy’s father helped as needed, but in the past most of this was done by his wife so it was a difficult role for him to jump right into. Thankfully they found an energetic babysitter in the neighborhood named Amy to help fill in the gaps. Both Jeremy and Emily adored Amy, and she helped them with homework and listened to their daily problems.

Although Jeremy’s father honored the relationship with his wife, the mother could not help but feel a little jealousy between herself and Amy. She felt as if her lines of communication between her children and her husband were limited to a few brief moments in the afternoon before she headed off to work. She kept promising herself that soon she would be promoted and transferred to a daytime position.

Six months went by and before she knew it, it was winter already. In this short period of time she had really started to lose touch with her family, mainly Jeremy who was in the height of his “teenage” years. One Saturday afternoon, she was gathering Jeremy’s laundry and came across a small bag of pills in his room. Immediately her head began spinning. Being a nurse and a mother, she knew the dangers of drugs and feared seeing Jeremy arrive in the Emergency Room from an overdose.

Suddenly, all of the events over the past several months began making sense. Jeremy had been more withdrawn and quiet than usual, he had not been hanging around his old friends as much, and his grades in school had been dropping. She brought the bag to her husband, who was equally surprised and concerned. Never having been faced with this type of challenge before, they had a difficult time deciding how to handle it. They knew as quiet as Jeremy was, confronting him directly would be painful.

They were correct. As soon as Jeremy returned home from spending the day with one of his new friends, they asked him how involved he was with drugs, and who got him involved. He became upset and insisted that his parents were wrongly accusing him. They had anticipated this type of reaction and stood firm in insisting that he talk with them. Jeremy became frustrated, refused, and retreated to his room. Suddenly, all lines of communication between Jeremy and his parents were cut. He would not talk to them, and they were so angry that all they could do was yell and insist that he admit his guilt. This went on for a week, and his parents decided to take action to find out what was going on. Like many teenagers, Jeremy spent a good deal of his time at home on the computer chatting with friends on AOL’s Instant Messenger (IM). Jeremy’s father was a software developer and was very knowledgeable about computers. He decided to install some monitoring software on Jeremy’s computer. In addition, because most of Jeremy’s time was spent in his room with the door closed, they decided to install a camera in there to record what he was doing. They openly told Jeremy that he was being monitored. This angered Jeremy more and caused him to push away from his family even further, and spend more time away.

After one week, the monitoring recorded something noteworthy. The babysitter, Amy, who was unaware of the camera, entered Jeremy’s room in the evening while the father was gone and Emily was having dinner. Both parents watched as they observed her removing drugs from her purse and taking them. Suddenly, they felt terrible. They realized that Jeremy was indeed telling the truth when he proclaimed his innocence and that the drugs never did belong to him. Instead of solving a problem with the confrontation and monitoring, they had created one. They managed to drive Jeremy away from them and surround him with feelings that his own family distrusted him.


The combination of the mother’s insecurity of not being home, and the misinterpretation of what was found led the parents to jump to conclusions. They assumed the worst and visibly displayed their distrust of Jeremy. Furthermore, rather than giving him the benefit of the doubt in their minds, they had already decided that he was guilty based on what they observed. This caused them to further demonstrate their distrust for him by installing active monitoring capabilities. This humiliated and alienated Jeremy. In his case, he was an innocent victim that never committed any “forbidden” behavior, yet he was treated as if he had. The damage to his relationship with his parents was just as bad as if the drugs had indeed belonged to him.

You expect your family to be your strongest supporters. Monitoring suggests distrust, and without a valid cause can cause more problems than solve them.


This chapter explored the purpose and use of different types of spying, addressed the consequences of each, and touched on legal aspects associated with monitoring. The following are ten key points that we want you to walk away with after reading this:

 There are two types of spying: active monitoring in which you declare your intentions and covert spying in which you secretly watch someone.

 Active monitoring can be a useful deterrent for children and in the work environment, but it is not recommended in husband/wife relationships, which should operate more like a partnership.

 Active monitoring can cause feelings of distrust and resentment against the observer by those being watched.

 Those being actively monitored that are determined to commit the action will likely evolve to adopt sneakier methods outside of the view of the observer.

 Covert spying is similar to the tactics used by intelligence organizations and is used to “catch” someone in the act of an undesirable behavior rather than prevent it from occurring.

 Covert spying can be helpful to “prove” or gather evidence against problems such as drug use, underage sex, and adultery when they are already highly suspected to exist.

 Both covert and overt spying can lead to misinterpretations of evidence and wrongly accused victims.

 Ill-founded accusations and feelings of mistrust can be more damaging to a relationship than the act that the spying was intended to expose.

 Parents can use monitoring software to help protect their children from online abuse.

 An employer can install spy software on computers they own as long as they have the necessary policies in place that declare this loss of privacy.