Just before Christmas I had a chance to catch up with Network Instruments on Dec. 12. Our subject was the GigaStor network analysis family of tools. I’ve been impressed with the quality of Network Instruments tools and network analytics for some time. But today, as I look over my notes, I’m struck by the erosion of privacy in the workplace and at home with every network analytics advance.
Starting with my first test of a VOIP system, I’ve wondered what wiretap rules would apply to these types of telephone calls. From what I’ve seen, e-mail “acceptable use” policies have made it pretty clear that in the United States employees using company networks and computers can have no expectation of privacy in their written, electronic communication. Many of these policies are being applied to VOIP calls. After all, both e-mail and voice communication end up as data packets on the network, no different technically from any other application.
When I first entered the work force and got a phone that could make direct-dialed, long-distance calls (I started in tech support) I saw how phone records were used to enforce acceptable rules. Then, the president’s admin assistant would look over the monthly phone bill and search for long call times or suspicious area codes.
Network sniffers have had for some time now the ability to capture and replay a VOIP call. Network Instruments demonstrated an ability to retain the packet data needed to troubleshoot connectivity or call quality problems without saving the actual call payload. Even so, for the most part, it’s up to the scruples of the network technician to skip listening in on the actual telephone conversations that can be saved and replayed by network analysis tools.
I think it’s time to make it clear that telephone calls are a special form of communication that should be protected from eavesdropping. It should be mandated in law and become part of the generally accepted practice of network engineers to put the content of voice calls strictly off-limits. The settled practice of monitoring call origin, destination and length should be enough to ensure the acceptable use and effective troubleshooting of VOIP calls.