Looking back, you can see that it all started sort of innocuously. "They" needed to update their techniques to adapt to the way that information was being processed. It used to be that telephones and mail was the way that people communicated. And if you needed to track criminal activity, then looking at the mail and listening to telephone conversations was a great tool.
But the Net changed all that. Information now passed through the Net as data packets. Some of it was encrypted, especially during the later years. But you could get a lot of information from email messages, before encryption got popular.
There were a lot of government agencies that were interested in Net traffic. It started out as a disorganized process. Some agencies were more advanced than others; some agencies were stumbling around trying to figure out things. But some agencies started sharing their techniques, and that group eventually banded together to help each other out.
The Net doesn't really have any boundaries, so criminal activity in one area could be easily spread into other areas of the country, and of the world. The Net made it easy to do that.
The law enforcement agencies needed to track that information across the Net. And there was one agency that had a few forward-thinking employees. They knew that there was information flowing around the Net that would be useful to track.
So they got this idea to hack into the Net, looking for specific data packets from specific people. It was not much different than tapping phone lines, or looking at the mail. And information from the Net would help out a lot in many of their investigations.
So, they created some programs that would copy data packets from specific locations to their own servers. It wasn't hard. You just need to monitor packets for specific IP addresses. If you found an interesting one, you copy it, sending the original on it's way. There wasn't much of a delay to the process. If your packet got copied, it just got delayed a fraction of a second. The CIA used to do the same thing with voice phone calls. Powerful computers used to eavesdrop, listening for key words, and record conversations that contain those words.
The data eavesdropping program was easy to write. It worked in the labs just fine. But they needed to get it to some central sites in order to intercept messages.
So they started out small. They hacked into some small, local Internet Service Providers (ISP). The installed their packet sniffing software, and set it up to monitor the activity of some local, small-time 'entrepreneurs'. These guys were using email to coordinate their activities. Using email was sort of smart; not encrypting their messages was sort of dumb.
And they also got it into systems in a more legal way, through a court order allowing them to monitor email packets. Their computer would be placed in the system so that it monitored all email messages, incoming and outgoing. At least, it was supposed to monitor only email, when in fact it monitored all data communications. The system was 'sealed', nobody really knew what the program actually monitored.
In any event, their packet sniffer program worked as planned. Every message (or, more properly, every single packet of data) sent through the ISP was watched, and when a match of IP addresses was found, the message was copied to a special account. The agents got lots of messages, and some were very interesting. Some messages pointed to some activities that related to on-going investigations. Other messages alerted them to things they didn't know about.
Of course, the information they got wasn't strictly legal. A legal wiretap was never received from a judge. So they really couldn't use the information they copied, it would never hold up in court. But the experiment was successful, because it showed the value of 'wiretapping' information off the Net. The agents' process worked.
The agent's supervisors looked at the success of the test operation. And they decided that by enhancing the process, and getting some legal wiretaps, they could really use the packet copying routine to significantly enhance their investigations.
So the agents (are you getting a hint of who was behind this?) got the go-ahead to fine-tune their operation. They spent three intense months enhancing their hacking skills. The information to do that was out there on the Net, and it was easy to find. ISP's weren't really securing their operations then, so it was fairly easy to hack into their systems. A quick look at the customer list to find the target, and then they could monitor all activities while their target was on the Net.
Most of this you already know, so I don't need to go into much detail. But the agents were able to easily monitor the activities of their targets. They set up their software so one screen would exactly mirror the target's activity. And any mail that the target sent was quickly copied. And it was all done legally, with a wiretap court order.
And the FBI (did you guess?) had jurisdiction. Criminal information was being sent across state lines, which made it a federal offense. Which was good, since the FBI agents were the ones that built the packet copying system.
And since they had a court order, they could easily install their system at the ISP premises. And the ISP couldn't say anything, since it was an ongoing investigation, so they had to keep quiet. Besides, the ISP didn't want anyone to know that they were letting the FBI monitor their customers.
The problem was that the FBI was the only monitor of the FBI packet copying system. All the ISP knew was that all their packets were being inspected by the FBI's sniffer box. They assumed that the FBI was only looking at the specific customer that was being investigated. But they couldn't look at the software, since it was a closed and secure box.
They were right, as we now know. The software was looking at all packets, and copying more than was authorized by the court order.
And then the FBI agents got the idea about delaying and copying packets.