As Cardozo law professor Susan Crawford recently noted, there are a lot of "acrimonious acronyms" in the battle over the future of the Internet. One of the most dangerous: the Communications Assistance to Law Enforcement Act, better known as CALEA.
Back in the Clinton era, the FBI asked for a law to force all telecommunications companies to build backdoors into their networks for easy government spying. As part of the desperate Capitol Hill horse-trading before CALEA was passed, privacy advocates won a concession: the new law would not apply to providers of information services such as email and Internet access. But as of Friday, that's no longer the case. The Federal Communications Commission (FCC) has issued an advisory stating that it has granted the FBI's request to expand the scope of CALEA to include Internet broadband providers and certain Voice-over-IP (VoIP) providers.
So what does this mean in practical terms? It means the government will be asking broadband providers -- as well as companies that manufacture devices used for broadband communications -- to build insecure backdoors into their networks, imperiling the privacy and security of citizens on the Internet. It also means that technological innovation will be hobbled as companies involved in broadband are forced to redesign their products to meet government specs.
This is bad news on multiple levels. "Expanding CALEA to the Internet is contrary to the statute and is a fundamentally flawed public policy," says Kurt Opsahl in EFF's press release. "This misguided tech mandate endangers the privacy of innocent people, stifles innovation, and risks the functionality of the Internet as a forum for free and open expression."
And the government isn't stopping there. The Department of Justice (DOJ) is asking airlines to build similar backdoors into the phone and data networks on airplanes. EFF and the Center for Democracy and Technology (CDT) last week submitted joint comments [PDF] with the FCC to oppose this unprecedented, sweeping new technology design mandate and anticipatory wiretapping system.
As the press release points out, the proposal to expand CALEA to airline broadband illustrates the fallacy of law enforcement's rationale for its CALEA request. To avoid the statute's carefully crafted compromise -- the total exclusion of information services from the CALEA's reach -- the DOJ argues that CALEA covers broadband services because they have "substantially replaced" the local telephone exchange. But airplane communications have hardly "substantially replaced" local telephone services. This request is about opening the door for CALEA to cover just about anything.
EFF's CALEA FAQ gives it to you short and not-so-sweet:
Q: "Is the FBI trying to dictate how the Internet should be engineered to permit whatever level of surveillance the FBI deems necessary?"
A: "Yes. What the FBI is really asking for is a massive overhaul of how the Internet works to make it easier for federal agents to listen in on people's digital conversations. EFF believes that law enforcement should not be allowed to have veto power over proposed innovations to the Internet in order to make spying easier. In addition, federal agencies should not force the broadband industry -- and by extension, its consumers -- to bear the considerable costs of purchasing and implementing surveillance-ready network technologies simply because it suits the government's needs."
In other words, the government not only wants service providers to make your private communications easily open to government surveillance, it also wants the providers -- and therefore you, the customer -- to pay for it.
For more on the FCC and CALEA, check out FCC Schizo on DSL, Wiretapping, Justice Department Effort to Eavesdrop on Airline Passengers Challenged, and Professor Crawford's No Reason for Optimism.
(Cross-posted @ Deep Links.)
1. Crosbie Fitch on August 9, 2005 8:37 AM writes...
Which is perverse, because as fast as people reluctantly pay for their own surveillance, many will pay for it to be thwarted,...
and we escalate forever and a day.
I suspect they'll need to be more cunning.
How about this scheme:
You are taxed in proportion to the number of undisclosed IP addresses/protocols you are communication with/using.
What constitutes disclosure? Every computer must support a special protocol that lists all the IP addresses/protocols communicated with/used in the last 24 hours (7 days?).
If the FBI (or whoever) finds a discrepancy, they can tax you based on the number of missing/incorrect IP addresses/protocols.
Users will soon migrate toward software that properly discloses all IP addresses/protocols.
Once that's been ticking over for a few years, then they can add a requirement to supply backdoors for encrypted protocols.
Probably best to build this into IPv6 (tax IPv4, make IPv6 taxed on discrepancies only).
Permalink to Comment2. Branko Collin on August 9, 2005 11:21 AM writes...
I, the customer (what's wrong with the word "civilian"?) would pay for it anyway, so what's the difference?
Permalink to Comment3. Michael Munro on August 10, 2005 6:04 AM writes...
All of which is just giving up more of our freedoms for absolutely no additional security. All criminals have to do is layer encryption ON TOP of the broadband connection and all the FBI will hear is noise.
http://www.downloadsquad.com/2005/07/28/pgps-zimmermann/
Sigh.
Permalink to Comment4. Alexander Wehr on August 10, 2005 11:04 AM writes...
What is so hyppocritical about this is they just reclassified broadband as an "information service", yet they STILL want calea to apply to it.
Note to fcc: you can't have your cake and eat it too.
I'll willingly donate to anyone willing to mount a meaningful legal campagn against this open scoffing of congressional authority.
Permalink to Comment