The Feds' New Plan To Make Web Wiretapping Easier

By Andrew Moseman | September 28, 2010 11:00 am

computers networkThe Obama administration is prepping a new digital security plan, and it is: We need to retrofit the Internet for the FBI.

Long gone are the days when law enforcement could easy tap into land line telephones to monitor nefarious conversations. Those nefarious conversations have moved online, and increasingly to social networks like Facebook, peer-to-peer services like Skype, and elsewhere on the Web. In an effort to catch up, The New York Times reports, the administration will submit new legislation that would require companies to build in back doors for law enforcement.

New rules

The new regulations that would be sent to Congress next year would affect American and foreign companies that provide communications services inside the U.S. It would require service providers to make the plain text of encrypted conversations — over the phone, computer or e-mail — readily available to law enforcement, according to federal officials and analysts. [AP]

The FBI’s argument is that these new rules simply allow them to enforce the legal authority they already possess, not to extend it further. For example, federal law established in 1994 extended law enforcement’s wiretapping power to broadband and digital networks because that was where more phone conversations were headed. In the FBI’s eyes, then, this is the logical next step: If the people they investigate are now doing their talking online, officers should be able to monitor that with roughly the same ease they can tap a phone call.

What’s the problem?

Even now, without these proposed new rules, law enforcement usually can get at your messages if officers get court approval. The issue is time.

Often, investigators can intercept communications at a switch operated by the network company. But sometimes — like when the target uses a service that encrypts messages between his computer and its servers — they must instead serve the order on a service provider to get unscrambled versions. Like phone companies, communication service providers are subject to wiretap orders. But the 1994 law does not apply to them. While some maintain interception capacities, others wait until they are served with orders to try to develop them. [The New York Times]

Thus, the point of the Obama proposal is to require those interception/unscrambling abilities already be in place. Then, when law enforcement serves a service provider with a court order, the text of their target’s message is easy to obtain.

More secure, or less?

The press reports about this rounded up plenty of quotes from free speech and digital freedom organizations calling the plan “a huge privacy invasion” and “outrageous.” You’re a thinking, breathing human being (like all Discover readers), so we leave it to you to make up your mind about where the line between privacy and security should fall here. (We’d be remiss not to point out, however, that the State Department condemned the United Arab Emirates when that country tried to block BlackBerry service because the government couldn’t spy on it.)

The other salient question about security, though, is: By retrofitting Internet communications to old law enforcement rules, are we making the Internet less secure?

Steven M. Bellovin, a Columbia University computer science professor, pointed to an episode in Greece: In 2005, it was discovered that hackers had taken advantage of a legally mandated wiretap function to spy on top officials’ phones, including the prime minister’s. “I think it’s a disaster waiting to happen,” he said. “If they start building in all these back doors, they will be exploited.” [The New York Times]

A startup shutter-down?

The Times says that it cost the FBI nearly $10 million last year to help communications companies comply with a law enforcement demand to intercept messages. However, if Congress passes such a sweeping law requiring online communications companies to have built-in back doors for the FBI, that burden shifts to the developer. Raising the barriers of entry could stifle the robust innovation on the Web, argues Kevin Bankston of the Electronic Frontier Foundation:

“Would Mark Zuckerberg have been able to build Facebook in his dorm room if he’d had to build in surveillance capabilities before launch in order to avoid fines for not being CALEA-compliant? Would Skype have ever happened if it was forced to include an artificial bottleneck for all of your peer-to-peer communications?” [Washington Post]

Related Content:
80beats: United Arab Emirates Bans Surveillance-Unfriendly BlackBerries
80beats: Hey Perp: That Facebook Friend Request May Come From the FBI
80beats: Police Nabbed Serial Killer Suspect by Stumbling on His Son’s DNA
80beats: Is the U.S. Government Losing the Battle Against Hackers

Image: iStockphoto

CATEGORIZED UNDER: Technology
  • Charles Schmidt

    Once more infringement on freedom that can be used on the citizens of the country, the idea of giving up freedom for security will mean that we will lose both.

  • Jeremy

    Did anyone really think this day wouldn’t come? We have never had genuine freedom of anything; that would require a democracy to be in place. Instead, we have been little more than an arrogant republic that is now becoming more and more like a Despotism.

    And before anyone gets fired up, this has nothing to do with one president or another, but has, instead, everything to do with our government as a whole and our (the citizens) apathy towards constant and negative changes.

  • Pat Anderson

    If providers and others would do enough policing to keep the Child porno groups etc off the internet and those plotting bombings etc. it would not be needed. If we do not care enough about the safety of others, someone has to do it to keep us safe.

  • Gil

    @3

    How does building in backdoors keep us safe? Once the script kiddies figure out how to spoof the government secret software handshake, they’ll be able to gain access to all compliant software.

  • http://www.gnutelephony.org David Alexander Sugar

    “Privacy is ultimately about liberty while surveillance is always about control”

    Speaking on behalf of the GNU Telephony project, we do intend to openly defy such a law should it actually come to pass, so I want to be very clear on this statement. It is not simply that we will choose to publicly defy the imposition of such an illegitimate law, but that we will explicitly continue to publicly develop and distribute free software (that is software that offers the freedom to use, inspect, and modify) enabling secure peer-to-peer communication privacy through encryption that is made available directly to anyone worldwide. Clearly such software is especially needed in those places, such as in the United States, where basic human freedoms and dignity seem most threatened.

    In the United States the 4th amendment did not come about simply because it was impractical to directly spy on everyone on such a large scale. Nor does it end simply because it may now be technically feasible to do so. Communication privacy furthermore is essential to the normal functioning of free societies, whether speaking of whistle-blowers, journalists who have to protect their sources, human rights and peace activists engaging in legitimate political dissent, workers engaged in union organizing, or lawyers who must protect the confidentiality of their privileged communications with clients.

    However, to fully appreciate the effect of such surveillance on human societies, imagine being among several hundred million people who wake up each day having to prove they are not a “terrorist” by whatever arbitrary means the government has decided to both define the terms of such a crime and whatever arbitrary methods unknown to you that they might choose to define you as such, and where even your prosecution is carried out under the immunity of “state secrets” that all police states use to abuse of their own citizens. Such a society is one who’s very foundation is built on the premise of everyone being guilty until proven innocent and where due process does not exist. It is the imposition of such a illegitimate society that we do choose to openly oppose, and to do so in this manner.

    David Alexander Sugar
    Chief Facilitator
    GNU Telephony

  • Brian Too

    In the past I’d have been basically OK with what is proposed by the gov’t. here. However times are different now.

    The abuse of warrantless wiretaps makes me far less trusting that these surveillance systems will themselves have any judicial oversight. Without oversight we have to trust that the request itself, and the people behind it, are acting responsibly.

    The last 10 years have made a shambles of reliable societal controls. Who will watch the watchers? At times, it seems, no one at all. That’s too much power for anyone.

  • Aleksandar Kuktin

    Funny, I just read one of the related stories, namely:
    http://blogs.discovermagazine.com/80beats/2008/12/09/us-government-is-losing-the-battle-against-hackers-report-says/

    and have seen this at the end:

    > In one controversial proposal, the report suggests revising wiretap laws to make
    > it easier for law enforcement to obtain the data warrants that allow online
    > information to be monitored and collected; the report says that traditional search
    > warrants are “increasingly impractical in the online environment”.

  • Sugar Smaks

    Great reply David Alexander Sugar. I think many will be with you in keeping the US free. Thanks for contributing to all our safety.

NEW ON DISCOVER
OPEN
CITIZEN SCIENCE
ADVERTISEMENT

Discover's Newsletter

Sign up to get the latest science news delivered weekly right to your inbox!

80beats

80beats is DISCOVER's news aggregator, weaving together the choicest tidbits from the best articles covering the day's most compelling topics.
ADVERTISEMENT

See More

ADVERTISEMENT
Collapse bottom bar
+

Login to your Account

X
E-mail address:
Password:
Remember me
Forgot your password?
No problem. Click here to have it e-mailed to you.

Not Registered Yet?

Register now for FREE. Registration only takes a few minutes to complete. Register now »