By all accounts, privacy will be a top issue when Congress reconvenes. But before eager legislators pass new rules, they need to fix government’s many privacy problems, beginning with Carnivore, the FBI’s Internet wiretapping system.

Carnivore has the ability to intercept and access email and other electronic communications. Through a box that the FBI installs on the Network Operation Centers of Internet Service Providers (ISPs), Carnivore can chew through any message in the ISPs’ network, but the FBI claims to look only at messages sent or received from criminal suspects after obtaining a warrant.

Not surprisingly, past government abuses of data have led activists and politicians to call for an examination of Carnivore’s abilities. Last summer, the Electronic Privacy Information Center (EPIC) filed Freedom of Information Act requests and, after much evasive maneuvering, Attorney General Janet Reno hired researchers at the Illinois Institute of Technology to conduct a review of the system.

The freedom-of-information requests revealed that the government had not only been scanning people’s email, but had been tracing their web browsing habits as well. And a document obtained by EPIC in November proves that contrary to previous FBI assertions, Carnivore can “reliably capture and archive all unfiltered traffic to the internal hard drive.”

Like a bad movie on replay, history demonstrates continual privacy violations by government for political gain. It’s hard to forget the intrusive campaigns of J. Edgar Hoover’s FBI, and how law enforcement abused its authority by wiretapping Rev. Dr. Martin Luther King and Vietnam war protesters. This is why Americans should demand a complete disclosure of the Carnivore program.

If citizens cannot stop the government’s affinity towards unsavory spy behavior, at least they can attempt to protect themselves against it with competing technologies. In this spirit, the Carnivore source code should be made public.

Making matters worse, the FBI appears to have problems protecting its own data. Just hours after the Department of Justice (DOJ) posted details of the Carnivore review process on its website, computer users were able to uncover secret information about the reviewers, including their ranks and security clearances.

In a letter to Reno, House Majority Leader Dick Armey noted that because of government’s security flaws, a newspaper “was able to discover and report that one of the lawyers on the team had donated the maximum amount to the Vice President’s presidential campaign.”

But the FBI and Justice Department are not the only government departments to have less-than-stellar privacy protecting records. The General Accounting Office (GAO) issued a report in September warning that federal agencies like the Social Security Administration and the Department of the Treasury are “fraught with weaknesses,” putting the nation’s assets and operations “at risk.”

All of this shows that even when government does its best to protect our data, it often fails. A government that cannot secure its own data is not in a position to tell businesses how to protect consumer privacy.

In October, the “White House for Kids” web site violated its own privacy policy by collecting data from children without parental consent while numerous federal government web sites continued to track users with cookies—small computer files implanted by the web site—even after the White House ordered them to stop. If the White House can’t enforce policies on its own agencies, it will have a rather difficult time doing it in the private sector, where individuals have multiple privacy protection choices.

To avoid business’s prying eyes, individuals can use technologies like Anonymizer.com or Zero Knowledge’s Freedom Software. These types of protections are far superior to government rules that are useless at best, costly and annoying at worst. But when it comes to avoiding government’s gaze, there is no choice.

If the government wants your data, you must comply and hope that they won’t abuse it or lose it. That makes government security practices the most pressing privacy issue facing Congress. Before legislators consider new laws for private sector privacy, they need to put their own house in order.

Sonia Arrison is director of the Center for Freedom and Technology at the California-based Pacific Research Institute. She can be reached via email at sarrison@pacificresearch.org.