The US Federal Bureau of Investigation (FBI) has been watching suspects undetected "for years" through custom-built malware designed to hack into webcams, a court has heard.
The FBI first started using what it refers to as "network investigative techniques" when it began to track a suspect known as "Mo". A series of anonymous bomb threats had been made across the US by Mo, though no location data could be identified.
The software the FBI team developed to find Mo was capable of entering his computer when he signed into his email account, a technique known as spear-phishing.
Using such techniques, the FBI has been able to take control of a user's webcam without activating the light that indicates it is in use. Marcus Thomas, former assistant director of the FBI's Operational Technology Division in Quantico, told the Washington Post that the FBI has been using this technique for several years in terrorism cases and serious criminal investigations.
As users move away from traditional computers, Thomas warns that these surveillance techniques will become increasingly popular with intelligence agencies.
"Because of encryption and because targets are increasingly using mobile devices, law enforcement is realizing that more and more they're going to have to be on the device — or in the cloud," Thomas said. "There's the realization out there that they're going to have to use these types of tools more and more."
Concerns have already been raised since this information became public, with one commentator arguing that intelligence agencies could use it to seize data from innocent individuals.
"You can't just go on a fishing expedition," Georgetown University law professor Laura K. Donohue – who reviewed court rulings on FBI surveillance. "There needs to be a nexus between the crime being alleged and the material to be seized. What they are doing here, though, is collecting everything."