A Briefing On Public Policy Issues Affecting Civil Liberties Online from The Center For Democracy and Technology
A Briefing On Public Policy Issues Affecting Civil Liberties Online
from
The Center For Democracy and Technology
(1) Industry and Public Interest Groups Oppose FBI Attempt to Extend Wiretap Design to the Internet
(2) Illegal, Unwise and Unnecessary to Apply CALEA to the Internet
(3) CALEA Is Fundamentally Broken, and Is Especially Un-suited to the Internet
On April 27, 2004, a diverse group of companies, trade associations and public interest groups from across the political spectrum filed a Joint Statement at the Federal Communications Commission urging rejection of an FBI petition to extend controversial wiretap design mandates to the Internet.
The FBI's petition, filed March 10, 2004, asked the FCC to declare that providers of broadband access and "Voice over IP" (or Voice on the Net) services are covered by the Communications Assistance for Law Enforcement Act (CALEA). The FBI also asked the FCC to create a regulatory process under which new communications protocols, applications, or services must be reviewed and approved by the FBI and FCC before they can be deployed.
In addition to organizing and signing the Joint Statement, CDT filed its own extensive comments on April 12, 2004, and reply comments on April 27, 2004.
FBI Petition to FCC for CALEA Rulemaking, Mar. 10, 2004 http://www.cdt.org/digi_tele/20040310fbipetition.pdf
Joint Statement of Industry and Public Interest, April 27, 2004 http://www.cdt.org/digi_tele/20040427jointcaleareply.pdf
CDT Comments to FCC on CALEA Petition for Rulemaking, April 12, 2004 http://www.cdt.org/digi_tele/20040412CDTCALEAComments.pdf
CDT Reply Comments, April 27, 2004 http://www.cdt.org/digi_tele/20040427cdtcaleareply.pdf
As both CDT's comments and the Joint Statement of Industry and Public Interest explain, the text of CALEA makes clear that it does not apply to the Internet. Congress in 1994 decided that CALEA should cover only telecommunications common carriers offering traditional wireline and wireless phone services. It does not apply to the broad category of "information services," such as Internet access, email and other on-line services.
Imposing CALEA on the Internet, and in particular imposing a prior-review requirement on new communications technologies, would destroy the ability of U.S. companies to innovate on the Internet. The Joint Statement and CDT's comments explain that such a decision would reverse more than a decade of sound policy decisions to allow the Internet to develop and grow without significant interference or constraint. Building surveillance capabilities into broadband access and Internet applications also could adversely affect privacy and open the potential for privacy abuses.
In any event, the FBI has presented no evidence of a broad problem meriting imposition of design mandates. Under existing law, the FBI already can "wiretap the Internet," and service providers regularly work with law enforcement to satisfy lawful wiretap orders quickly and fully. Service providers not subject to CALEA already have committed substantial resources to developing new technical capabilities to facilitate surveillance of advanced technologies.
In its petition and in its Reply Comments, the FBI provided no specifics about situations in which law enforcement is unable to intercept an Internet voice communication or any other Internet communication, but instead has made only vague assertions. There has been no demonstrated need to apply the failed CALEA regime to the Internet.
Further information is available at:
CDT One-Pager on the Internet and Law Enforcement Surveillance, March 19, 2004: http://www.cdt.org/digi_tele/20040315voiponepager.pdf
CDT's CALEA/VoIP Page: http://www.cdt.org/digi_tele/voip.shtml
CALEA was adopted in 1994 in response to law enforcement concerns that wiretaps would be more difficult to implement in digital telephone networks than they had been with the analog phone system. CALEA required telecommunications common carriers to design basic wiretap capabilities into their networks. Congress specifically excluded the Internet from CALEA.
As it was implemented and interpreted by the FCC, CALEA gave the FBI very precise design control over telephone switches. CDT believes this was contrary to the intent of Congress, but over the course of a lengthy legal battle, the FBI was able to convince the FCC to mandate very specific features, including - at substantial cost to carriers and the government - features that gave the government capabilities beyond those that had been available in older phone systems.
There is now almost universal agreement that CALEA is fundamentally broken. A recent report by the Office of the Inspector General (OIG) at the Department of Justice states that ten years and half a billion dollars after enactment, CALEA compliance stands at less than 20% for wireline telephones. This is due in large part to the FBI's insistence on imposing detailed mandates on the telephone industry. After the industry worked hard to issue a standard that accommodated most of the FBI's demands, the FBI challenged the standard anyway and launched years of litigation. As CDT explained in its reply comments to the FCC, it would be an enormous mistake to impose this broken regime on the Internet.
DOJ OIG report, "Implementation of the Communications Assistance for Law Enforcement Act by the Federal Bureau of Investigation," April 19, 2004, available at http://www.usdoj.gov/oig/audit/FBI/0419/final.pdf