The Federal Communications Commission (FCC) announced earlier this month that it intends to expand a mid-1990s ruling that allows law enforcement officers to wiretap conventional phone lines.
Now it wants to apply the ruling to certain broadband and voice-over-Internet (VOIP) providers as well.
The FCC announcement has outraged not only civil libertarians, but also a coalition of broadband providers and Internet associations, who are worried that the government’s move could actually threaten national security, as well as dampen industry innovation.
Enacted in 1994, the Communications Assistance for Law Enforcement Act (CALEA) empowered the FBI to dictate technical standards for phone companies’ built-in wiretapping capabilities. The current proposed expansion comes on the heels of requests from the FBI, Department of Justice, and Drug Enforcement Administration to include broadband.
The proposal’s critics argue that, given the enormous amount of data and critical infrastructure now carried on the Internet — including information on gas and oil pipelines and electrical grids — building snoop-friendly “back doors” jeopardizes security measures a decade in the making.
Until now, civil liberties groups have succeeded in exempting the Internet from the original legislation. And they’re not giving in. A raft of technology companies and industry associations have lined up against the rule change — and are prepared to challenge it in federal court.
They’re also quick to point out that their argument against expanding CALEA doesn’t stem from an ideological opposition to wiretapping.
“We’re not suggesting that law enforcement shouldn’t have access to Internet communications,” says John Morris, staff counsel for the Center for Democracy and Technology (CDT), which has filed a lengthy legal brief opposing the FCC’s action. “Our focus is arguing that CALEA is a bad way of going about getting that access.”
Sun Microsystems engineer and security specialist Susan Landau lays out the national security argument: “What applying CALEA to VOIP means is not that law enforcement can do wiretaps under legal authorization, but that government officials have the right to design the standards for wiretapping…That means they’re in the Internet protocols. It doesn’t matter whether you use the publicly switched Internet or private networks that use the Internet protocols — you’ve introduced a vulnerability.”
Landau believes this vulnerability endangers national security because the same wiretapping capabilities provided for government law enforcement officials could be used by others — including criminals or terrorists.
To make the point, Landau cites recent attacks on Taiwan’s Internet infrastructure, originating from China and Korea. Although they weren’t linked to government surveillance, Landau says they underline the challenge of keeping networks secure.
“What you will get is [attacks from] organized crime and well-funded organizations like Al-Qaeda that come on infrastructure,” Landau says.