Earthlink named Les Seagraves, a lawyer by training, its first chief privacy officer in December, charging him with overseeing all privacy matters in the company and responding to its customers privacy concerns. Last year the FBI served Earthlink?the nation\u2019s number-two ISP?with a court order to install the e-mail surveillance tool Carnivore on its network. Earthlink sued?and lost?but the case sparked a public outcry from privacy advocates. The Internet wiretap technology is designed to sit on an ISP\u2019s e-mail server and filter incoming and outgoing mail in search of addresses that are the target of an investigation. Earthlink eventually came to an agreement with the FBI in which the ISP can avoid using Carnivore, but the debate rages on. \n\n \n\n\n\n\nCIO: What were Earthlink\u2019s original concerns with Carnivore?\n \n\nSeagraves: Our first concern was that we didn\u2019t know exactly what Carnivore did. We were approached to put this on our system, but we couldn\u2019t look at it beforehand. We had no idea about the risks involved. The second concern was from a legal standpoint. We felt that the trap-and-trace order it came under was old and applied to regular telephone conversations but maybe not to e-mail. The main thing was that we control our network, and this wasn\u2019t under our control. \n\n \n\n\n\n\nWhat happened when you tried to install Carnivore at Earthlink?\n \n\nIn order to test the system, we put it on a mail server, which brought it to a halt. We began to challenge Carnivore legally. Now if we get a similar court order for information, we have an agreement with the FBI that they will give us the target addresses and we will figure out a way to get only those messages. In that way, we have total control over it, and we can get what the law requires and still protect our other customers\u2019 privacy as much as possible. \n\n \n\n\n\n\nAre companies trying to gather information without infringing on people\u2019s rights?\n \n\nI\u2019m sure that most companies with the technical resources are doing so. My concern is that smaller companies and ISPs that may not have either the time or the capability to do it would be pressured to install Carnivore without knowing what it is or how it works. No one really knows how it works. The FBI hasn\u2019t let anyone really look at it.\n\n \n\n\n\n\nWhy haven\u2019t CIOs been more vocal?\n \n\nThey have to balance customer privacy and legal compliance with criminal investigations. Many companies are dealing with it, but it\u2019s not something they want to make a lot of noise about. Companies are waiting to see how the Bush administration will deal with this question.