A Briefing On Public Policy Issues Affecting Civil Liberties Online
from
The Center For Democracy and Technology
(1) Industry and Public Interest Groups Oppose Wiretap Design Mandates for the Internet
(2) Background on CALEA and FCC's Proposed Extension of CALEA to the Internet
(3) There is No Legal or Factual Basis for Applying CALEA to the Internet
(4) Next Steps in FCC's Rulemaking Process
On November 8, 2004, CDT filed detailed comments on behalf of a diverse group of companies, trade associations and public interest groups from across the political spectrum opposing the plan of the Federal Communications Commission (FCC) to extend controversial wiretap design mandates to the Internet.
In a Notice of Proposed Rulemaking (NPRM) issued in August, the FCC proposed to declare that providers of broadband access and "Voice over IP" (VoIP) services are covered by the Communications Assistance for Law Enforcement Act of 1994 (CALEA). The FCC issued its NPRM in response to a petition filed by the FBI seeking to extend CALEA to broadband Internet access and services and to impose a government approval process before new Internet applications can be deployed.
Joint Comments of Industry and Public Interest, November 8, 2004 http://www.cdt.org/digi_tele/20041108intpubint.pdf
FCC Notice of Proposed Rulemaking, adopted August 4, 2004 (published September 23, 2004) http://www.cdt.org/digi_tele/20040923nprm.pdf
The Communications Assistance for Law Enforcement Act (CALEA) was adopted in 1994 in response to law enforcement concerns that wiretaps would be more difficult in digital telephone networks than they had been in the analog phone system. CALEA required "telecommunications carriers," meaning telephone companies, to design basic wiretap capabilities into their networks. As it was implemented, CALEA gave the FBI very precise design control over telephone switches. The FBI was able to convince the FCC to mandate very specific features, including - at substantial cost to carriers - features that gave the government capabilities going beyond those that had been available in older phone systems. Thus CALEA was used to enhance rather than merely preserve government surveillance capabilities.
The CALEA statute applies only to telecommunications common carriers, and it specifically does not apply to "information services," meaning Internet applications. Congress realized in 1994 that the Internet was fundamentally different from the telephone system, and Congress chose not to apply CALEA to the Internet and "information services" carried over it. E-mail, Instant Messaging, VoIP, and other forms of Internet communications are information services and thus are not supposed to be covered by CALEA. Although ISPs and Internet application providers must (and do) comply with interception orders under the wiretap laws, they have not had to design their networks and services to meet FBI specifications.
In March 2004, the FBI filed a petition with the FCC asking that the agency extend CALEA to the Internet and to VoIP services over the Internet. The FBI also asked the FCC to create a pre-review process under which all new Internet applications and services would be screened by the FBI prior to deployment to ensure that they satisfied FBI criteria.
CDT and many others vigorously opposed the FBI's petition to the FCC. CDT filed comments and reply comments opposing the petition, and also organized a "joint statement" on behalf of a broad cross section of industry and public interest organizations detailing objections to the FBI proposal.
The FCC rejected the concerns of CDT and others and issued a Notice of Proposed Rulemaking announcing its tentative decision to extend CALEA to the broadband Internet and to certain VoIP services. The FCC decided that Internet access was a "substantial replacement" for local telephone service and that the CALEA statute therefore gave the FCC the power to extend CALEA to the Internet. The FCC rejected the FBI's request for a pre-approval process for new Internet services, but the ambiguous manner in which the FCC extended CALEA will have a similar harmful impact on innovation and the deployment of new technology on the Internet.
In the Joint Comments filed November 8, 2004, CDT joined with a diverse group of industry and public interest organizations to argue that an extension of CALEA was not needed, was not supported by the factual record before the FCC, and was illegal under the terms of the CALEA statute itself.
The Joint Comments state that law enforcement access to Internet communications is important. Communications carried over the Internet are not - and should not be - immune from interception, nor should the Internet offer a safe haven for illegal activity. However, CALEA is a flawed statute that would be very harmful if applied to the Internet.
The Joint Comments make clear that, when Congress passed CALEA in 1994, it was a narrowly crafted statute, enacted to address concrete and documented problems carrying out wiretaps of phone conversations as digital switches and other new features were being introduced within the traditional telephone network, or PSTN. At the same time, however, Congress made clear that it was not regulating information services and the Internet. The Joint Comments details numerous ways in which the FCC's NPRM violates or misconstrues provisions of the CALEA statute.
The Joint Comments also argue that there is no factual basis for the intrusive regulatory scheme proposed by the FCC in its NPRM. Of greatest significance, there is no evidence that law enforcement has in fact encountered obstacles in intercepting Internet communications, or that more generally there is any concrete problem that needs to be solved. Under existing law, the FBI already can "wiretap the Internet," and service providers regularly work with law enforcement to satisfy lawful wiretap orders quickly and fully.
In contrast, an extension of CALEA would likely increase costs to consumers and businesses, impede innovation, and harm privacy and security. Imposing CALEA on the Internet in the manner proposed by the FCC would reverse more than a decade of sound policy decisions to allow the Internet to develop and grow without significant interference or constraint.
On November 8, dozens of companies, public interest organizations, and individuals filed comments in the FCC's rulemaking proceeding. CDT will review the filed comments and will file "reply comments" responding to arguments raised by the Department of Justice or other commenters.
Reply comments can be filed with the FCC until midnight on December 7, 2004, and can be filed by anyone whether or not they filed an original comment. Reply comments, including brief individual comments, can be filed at http://www.fcc.gov/cgb/ecfs/ using "04-295" as the "Proceeding."
The Department of Justice's comments supporting the extension of CALEA, as well as a link to all comments filed with the FCC, are available at CDT's CALEA/VoIP Page: http://www.cdt.org/digi_tele/voip.shtml
Detailed information about online civil liberties issues may be found at http://www.cdt.org/.
This document may be redistributed freely in full or linked to http://www.cdt.org/publications/pp_10.20.shtml.
Excerpts may be re-posted with prior permission of ari@cdt.org
Policy Post 10.20 Copyright 2004 Center for Democracy and Technology
