IT Security & Network Security News & Reviews: Wiretapping the Internet: Inside Government Web Monitoring Efforts
Wiretapping the Internet: Inside Government Web Monitoring Efforts
by Brian Prince
Going Dark is the FBIs name for law enforcement's inability to lawfully collect and analyze data and conduct electronic surveillance due to the rapid evolution of technology. The EFF (Electronic Frontier Foundation) recently unearthed documents detailing an FBI initiative to address the issue as part of a five-pronged strategy: Modernizing lawful intercept laws, updating lawful intercept authorities, increasing law enforcement coordination, establishing broader industry partnerships and seeking more funding for these efforts.
Legislation as an Answer
In comments Feb. 17, FBI General Counsel Valerie Caproni said the FBI did not have specific requests for legislation yet, noting that the topic is being debated by the Obama Administration. She also said the issue was less about the government having the legal authority to intercept communications and more about the practical challenges of intercepting communications investigators have been authorized to collect.
Wiretapping the Internet: Inside Government Web Monitoring Efforts - Page 4
Internal DebateWhile legislation is being debated, in September reports surfaced that indicated that discussions about addressing the issue were coalescing around three elements: Communications services that encrypt messages must be able to unscramble them; foreign-based providers doing business inside the United States must have a domestic office capable of performing intercepts; and developers of software using peer-to-peer communication must redesign their services to allow interception.
Privacy and Security Concerns
The idea of expanding law enforcement powers has touched off concerns for a variety of reasons, a key one being that building backdoors in programs to allow government surveillance creates a situation that could be exploited by cyber-criminals as well.
Another worry is that mandating that backdoors be inserted by programmers could hurt the competitiveness of many companies operating within the United States.
Get Them to the Greek
In 2005, it was discovered that rogue software abused the legal intercept mechanism in Vodafones digital switches to spy on phones belonging to more than 100 people, including Greek politicians and civil rights figures. When the dust settled, the Communications Privacy Protection Authority fined Vodafone Greece more than $104 million in 2006.
The FBI's case for CALEA
CALEA (Communications Assistance for Law Enforcement Act), passed in 1994, requires telephone companies build their networks so they are capable of intercepting a users communications as soon as the company is given a wiretap order. Though the act has been interpreted to cover VOIP (voice over IP), it does not cover other Internet-based communication methods, such as Webmail or peer-to-peer services, according to Caproni.
The Electronic Communications Privacy Act of 1986 was designed to extend government restrictions on wire taps from telephone calls to include transmissions of electronic data by computer. Last year, privacy advocates and industry heavyweights, including Microsoft and Google, began pushing for an update to the law that balances user privacy with law enforcement needs and addresses discrepancies. For example, e-mails stored for fewer than 180 days receive greater privacy protections than e-mails stored for a longer period.
Wiretapping the Internet: Inside Government Web Monitoring Efforts - Page 10