U.S. Seeks Power to Wiretap Web Services, Including Google, Facebook

U.S. law enforcement and defense agencies are looking for ways to gain expanded access to Internet service providers' networks.

Frustrated by the inability of U.S. Internet service providers to deliver needed intelligence and court-ordered wiretap capabilities, military and law-enforcement officials are reportedly seeking to expand their surveillance powers.

A task force plans to propose legislation that would fine Internet firms who cannot provide court-mandated surveillance, according to an April 28 article in The Washington Post.

Because some service providers, such as Google and Facebook, provide end-to-end encryption, attempting to tap communications through intervening service providers has proved impossible.

In addition, the Obama administration has secretly authorized the interception of communications by Internet service providers to protect critical infrastructure, according to documents provided to the Electronic Privacy Information Center (EPIC) in response to a Freedom of Information Act (FOIA) request.

While the effort appears to be part of an information-sharing and attack-monitoring initiative, formerly known as the Joint Cybersecurity Services Pilot, the network monitoring would likely violate current U.S. laws regarding surveillance, experts told CNET News.com.

"The documents concern a collaboration between the Defense Department, the Department of Homeland Security, and private companies to allow government monitoring of private Internet networks," EPIC stated in a summary of the documents. "Though the program initially only applied to defense contractors, an executive order issued by the Obama administration earlier this year expanded it to include other 'critical infrastructure' industries."

The two initiatives highlight U.S. government efforts to improve its wiretapping capabilities in the face of dual-use technologies, such as encryption and anonymization services, that can help secure citizens' communications but also aid criminals and terrorists.

Law enforcement officials call the issue the "Going Dark" problem. Investigations on criminal and terrorist cases have been stymied by providers' inability to provide law enforcement officials the surveillance capabilities they want, Valerie Caproni, the FBI's general counsel told the House Judiciary Committee, Subcommittee on Crime, Terrorism, and Homeland Security in February 2011.

"We confront, with increasing frequency, service providers who do not fully comply with court orders in a timely and efficient manner," she said in prepared remarks. "Some providers cannot comply with court orders right away, but are able to do so after considerable effort and expense by the provider and the government. Other providers are never able to comply with the orders fully."

Legislation proposed by the task force would compel Internet service providers to build the technological capability to comply with wiretap orders or face significant fines. Smaller providers—such as online games that provide communications capabilities—would be exempt from fines but would also be legally required to comply.

The Pentagon's attack-monitoring service, now known as the Enhanced Cybersecurity Services, could also gain exemption from wiretap laws, if the Cyber Intelligence Sharing and Protection Act (CISPA) is passed by Congress. President Obama, however, has threatened to veto the legislation, which so far, has been held up by the U.S. Senate.

Robert Lemos

Robert Lemos

Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's...