Skip to Content

Five Things the Petraeus Affair Teaches Us About Online Surveillance

The FBI methods used to reveal the CIA director’s affair are relevant to all Web users.
November 13, 2012

When the FBI started investigating harassing emails sent to a resident of Tampa Bay that organized parties for a local Air Force base, it soon became a much broader investigation that led to the uncovering of an affair between CIA director David Petraeus and his biographer Paula Broadwell. Now reports of how the FBI uncovered a series of online email accounts and figured out who was using them have revealed things about digital surveillance that will surprise many Web users, and even tidbits that have impressed experts. Here are five things we’ve learned so far:

  • No judge-issued warrant is needed for authorities to ask a company for your emails or other electronic communication records that are six months old or more. That’s thanks to the 1986 Electronic Communications Privacy Act, which says that a federal prosecutor’s subpoena is enough. Privacy activists have long campaigned for this to change. Leading civil liberties lawyer Kevin Bankston today suggested the Petraeus affair could help those efforts by raising awareness of the current law.
  • Communicating by saving draft emails in an online account for someone else to log in and see – as Petraeus and Broadwell did – doesn’t help escape surveillance. This tactic long-used by activists and terrorists, including “shoe bomber” Richard Reid in 2001, prevents emails lodging in personal accounts and other places. But the FBI or law enforcement can easily ask a provider to reveal the IP addresses people used to log into an account. Those IP addresses can be matched to physical locations, and to people’s known addresses and movements.
  • IP addresses can be used to pinpoint people very precisely, providing a crucial match between online and offline life. The WSJ reports that the FBI figured out it was Broadwell operating pseudonymous email accounts by matching IP addresses from emails they sent to particular hotels. Those matched with particular hotels and the dates she stayed in them on a book tour.
  • Yahoo Mail and Microsoft’s Outlook make it extra easy for investigators to find out the IP address an email originated from – and hence where an email was sent from. When emails are sent extra data goes along with them known as “headers” containing technical data. In the case of Yahoo Mail and Outlook that includes the IP address of the connection used to send an email, so investigators don’t need to subpoena a mail provider to trace its origin. It’s not known if Broadwell used Yahoo accounts in the events surrounding the Petraeus affair, but she’s known to have used the service before thanks to leaks by nebulous activist group Anonymous of account information from defense contractor Stratfor.
  • Email and other services hosted online make life relatively easy for investigators. Google and other online providers have legitimate reasons to log which IP addresses log into accounts and when, for example to detect hacking attempts and keep their software running smoothly. But that data hangs around, and investigators aren’t shy about asking for it. Google today published new figures on government requests for its data that show U.S. authorities tapped the company 26 percent more in the first half of 2012 than they did in the second half of 2011, a total of 7969 requests of which 90 percent were complied with.
  • <

Deep Dive


Our best illustrations of 2022

Our artists’ thought-provoking, playful creations bring our stories to life, often saying more with an image than words ever could.

How CRISPR is making farmed animals bigger, stronger, and healthier

These gene-edited fish, pigs, and other animals could soon be on the menu.

The Download: the Saudi sci-fi megacity, and sleeping babies’ brains

This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology. These exclusive satellite images show Saudi Arabia’s sci-fi megacity is well underway In early 2021, Crown Prince Mohammed bin Salman of Saudi Arabia announced The Line: a “civilizational revolution” that would house up…

10 Breakthrough Technologies 2023

Every year, we pick the 10 technologies that matter the most right now. We look for advances that will have a big impact on our lives and break down why they matter.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.