VOIP Firms, Privacy Pros Spar with FCC Over Wiretaps

The FCC has extended federal wiretapping rules to VOIP, while vendors and legal privacy advocates take the offensive. Between national security and privacy, where will the legal fight be won?

With a deadline looming in November for emergency 911 services for VOIP service providers, an alliance of civil liberties groups and technology companies recently filed a petition seeking a court ruling that the Federal Communications Commission "exceeded its statutory authority" when it adopted rules to ensure that law enforcement can tap Internet phone calls.

The petition for review was filed with the U.S. Court of Appeals for the District of Columbia Circuit, and firms like Sun Microsystems, Pulver.com, and groups like the Electronic Frontier Foundation, the Center for Democracy and Technology, and the American Library Association, are the plaintiffs.

The petition asks the court to review the FCCs "First Report and Order" on the Communications Assistance for Law Enforcement Act and Broadband Access and Services, which was published in the Federal Register on October 13, 2005, as 70 Fed. Reg. 59664.

"Petitioners seek relief from the order on the grounds that it exceeds the commissions statutory authority and is arbitrary, capricious, unsupported by substantial evidence, and contrary to law," according to a copy of the lawsuit, obtained by Ziff-Davis Internet.

/zimages/3/28571.gifIs world domination the FCCs master plan? Click here to read more.

The petitioners indicate that the FCC is extending federal wiretapping rules to technologies that Congress did not intend it to cover, and also imposes a burdensome mandate on innovators.

Whats more, the petitioners said the rules threaten the "privacy" of users of the Internet.

"Were deeply concerned that extending a law written specifically for the public telephone network to these emerging technologies will stifle the sort of innovation that has been the hallmark of the Internet revolution," said John Morris, staff attorney for the Center for Democracy and Technology, based in Washington D.C., one of the petitioners in the lawsuit.

"Its always troubling when the government seeks to limit how technologists design new products. In this case, its particularly problematic, since the government has offered no evidence that it has any trouble intercepting Internet communications."

The petitioners allege that ISPs will be forced, if the rule remains, and is not vacated by the court, to rebuild their networks to suit the FBI and other police authorities. The requirements would be in place by early 2007.

What kind of technology enhancements would be required?

An attorney, Kurt Opsahl, from the Electronic Frontier Foundation, one of the litigants in the suit against the FCC, wrote in his blog recently that the FCCs rules will require Internet broadband providers and VOIP providers to build "backdoors" into their networks to make it easier for law enforcement to "listen in on" private communications.

But some legal and security experts indicate that the government — as long as it obtains a proper search warrant or authorization — has the right to monitor communications, no matter what technology is involved in its transmission, be it VOIP or regular telephone or wireless telephone.

"No governmental eavesdropping should be permitted except upon reasonable grounds and a judicial warrant," Joseph A. Morris, an attorney in private practice in Chicago, and a former White House lawyer and assistant attorney general of the United States during the Reagan Administration, told Ziff-Davis Internet.

"The rules should be the same, regardless of the technology of communication involved."

Morris, the former Reagan administration official, said that it is proper, and not all sinister, to require that technology "be capable of accommodating the needs of law enforcement, provided that law enforcement agencies are never, ever permitted to overstep their constitutional bounds."

Another expert, Steven R. Gordon, a professor of information technology management at Babson College, in Babson Park, Mass., said that the issue is not really technology at all here, but purely a legal question.

"The Communications Assistance for Law Enforcement Act of 1994, or CALEA, which authorizes wiretapping in certain circumstances, clearly exempts information services and applies only to communication carriers," said Gordon, adding that the case likely "hinges on the interpretation" of the law that the court has.

ISPs, Gordon added, would like the law to be interpreted to not apply to them, "as it would exempt them from the need to purchase, install and operate the equipment needed for wiretapping."

Another source, a lawyer who worked on the Department of Justices grant evaluating the Carnivore surveillance technology, agreed.

"This is one variant of whether new technology can be shoehorned into an old statutory framework, somewhat like the Patriot Acts effort to use analogy of pen registers to capture the header information on e-mail," Harold J. Krent, dean and professor of law at Kent College of Law, at the Illinois Institute of Technology, said.

/zimages/3/28571.gifTo read more about the E911 order, click here.

According to Robert Siciliano, anti-terrorism security consultant and author of the book "The Safety Minute," if Internet telephony is not covered by wiretapping rules, terrorists will be more likely to utilize VOIP networks.

"Communication systems are a fundamental terrorist tool that requires monitoring. If VOIP is not monitored then it becomes the path of least resistance for terrorists," said Siciliano, who is based in Boston.

"Electronic snooping technologies run by the National Security Agency have averted over 100 terrorist attacks Since 9-11," added Siciliano.

Furthermore as many as 3,000 terrorists, according to an article in "Newsweek," have been apprehended due to chatter extracted from telephone and e-mail communications."

Still, there are some who see the government acting in a draconian fashion against technology companies.

"Requiring products to be designed for surveillance is un-American," said Jim Harper, director of information policy studies at the Cato Institute.

/zimages/3/28571.gif Check out eWEEK.coms for the latest news, views and analysis on voice over IP and telephony.