WASHINGTON The CIA most likely isn't bugging your iPhones and Androids, computers and smart TVs that would be illegal.
But the spy agency also isn't helping you protect those devices from the vulnerabilities that help it snoop on the foreign terrorists and spies it targets.
WikiLeaks' release Tuesday of a trove of documents from the Central Intelligence Agency appeared to show how it can hack into the devices favored by both bad guys and the rest of us.
That led to images of Big Brother in our bedrooms listening to voicemail, monitoring texts, even picking up living room conversations when the smart TV appears to be off.
Experts in the intersection of technology and the law say you're safe from the CIA, because that type of electronic surveillance is illegal but not from others who can expose the same vulnerabilities.
The basic and reassuring point is that the CIA is not allowed to wiretap in the United States, said Peter Swire, an expert on privacy and cybersecurity who teaches at the Georgia Institute of Technology. The prohibition applies to communication that starts, stops or takes place in the U.S.
Swire served on a federal review panel in 2013 that looked into National Security Agency surveillance practices following disclosures by Edward Snowden and WikiLeaks. Part of its report focused on dual-use military and civilian technologies.
The reason the CIA tries to break into standard-issue software and hardware, Swire said, is because "it's the same communications mechanisms used by legitimate targets of U.S. intelligence."
Cindy Cohn, executive director of the Electronic Frontier Foundation, said the documents reveal that the CIA did little or nothing to help Americans protect their own security. "We're all made less safe by the CIA's decision to keep, rather than ensure the patching of, vulnerabilities," Cohn said. "Even spy agencies like the CIA have a responsibility to protect the security and privacy of Americans."
That omission by the CIA "has enormous implications for U.S. users of technology," said Neema Singh Guliani, legislative counsel at the American Civil Liberties Union. "What it essentially means is the U.S. government is aware of vulnerabilities in their technology that could be exploited by a hacker, by a foreign government, by any malicious person, Guliani said.