Dave, Data retention laws. Purpose-built voice and data wiretapping capabilities in communications gear. A sharp salute to the masters of the Black Chamber, with terrorism and child abuse the rhetorical keys to creating the pervasive surveillance society. But there's a piece missing. Crypto controls of course! Despite their fundamental impracticality, laws prohibiting, controlling, or penalizing the use of "untappable" crypto will be increasingly enticing to the powers-that-be. For of what use is all that extremely expensive wiretapping capability if you can't interpret the damned bits? Such control laws would of course trigger a vast escalation in the crypto "arms race" -- with ever more emphasis on steganographic and other message obscuring techniques. Innocents will have their personal and business privacy eviscerated, while the truly evil will plunge deeper from view, with knee-jerk reactions pulling our basic liberties down the rathole as well. After all, even the road to "1984" was paved with good intentions. Indeed, "He loved Big Brother." --Lauren-- Lauren Weinstein lauren@vortex.com or lauren@pfir.org Tel: +1 (818) 225-2800 http://www.pfir.org/lauren Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org Co-Founder, IOIC - International Open Internet Coalition - http://www.ioic.net Moderator, PRIVACY Forum - http://www.vortex.com Member, ACM Committee on Computers and Public Policy Lauren's Blog: http://lauren.vortex.com DayThink: http://daythink.vortex.com - - -
Begin forwarded message:
From: Richard Forno <rforno@infowarrior.org> Date: July 8, 2006 2:22:38 AM EDT To: Blaster <rforno@infowarrior.org> Cc: Dave Farber <dave@farber.net> Subject: FBI plans new Net-tapping push
FBI plans new Net-tapping push
By Declan McCullagh http://news.com.com/FBI+plans+new+Net-tapping+push/ 2100-1028_3-6091942.html
Story last modified Fri Jul 07 18:55:01 PDT 2006
The FBI has drafted sweeping legislation that would require Internet service providers to create wiretapping hubs for police surveillance and force makers of networking gear to build in backdoors for eavesdropping, CNET News.com has learned.
FBI Agent Barry Smith distributed the proposal at a private meeting last Friday with industry representatives and indicated it would be introduced by Sen. Mike DeWine, an Ohio Republican, according to two sources familiar with the meeting.
The draft bill would place the FBI's Net-surveillance push on solid legal footing. At the moment, it's ensnared in a legal challenge from universities and some technology companies that claim the Federal Communications Commission's broadband surveillance directives exceed what Congress has authorized.
The FBI claims that expanding the 1994 Communications Assistance for Law Enforcement Act is necessary to thwart criminals and terrorists who have turned to technologies like voice over Internet Protocol, or VoIP.
"The complexity and variety of communications technologies have dramatically increased in recent years, and the lawful intercept capabilities of the federal, state and local law enforcement community have been under continual stress, and in many cases have decreased or become impossible," according to a summary accompanying the draft bill.
Complicating the political outlook for the legislation is an ongoing debate over allegedly illegal surveillance by the National Security Administration--punctuated by several lawsuits challenging it on constitutional grounds and an unrelated proposal to force Internet service providers to record what Americans are doing online. One source, who asked not to be identified because of the sensitive nature of last Friday's meeting, said the FBI viewed this as a top congressional priority for 2007.
Breaking the legislation down The 27-page proposed CALEA amendments seen by CNET News.com would:
b" Require any manufacturer of "routing" and "addressing" hardware to offer upgrades or other "modifications" that are needed to support Internet wiretapping. Current law does require that of telephone switch manufacturers--but not makers of routers and network address translation hardware like Cisco Systems and 2Wire.
b" Authorize the expansion of wiretapping requirements to "commercial" Internet services including instant messaging if the FCC deems it to be in the "public interest." That would likely sweep in services such as in- game chats offered by Microsoft's Xbox 360 gaming system as well.
b" Force Internet service providers to sift through their customers' communications to identify, for instance, only VoIP calls. (The language requires companies to adhere to "processing or filtering methods or procedures applied by a law enforcement agency.") That means police could simply ask broadband providers like AT&T, Comcast or Verizon for wiretap info--instead of having to figure out what VoIP service was being used.
b" Eliminate the current legal requirement saying the Justice Department must publish a public "notice of the actual number of communications interceptions" every year. That notice currently also must disclose the "maximum capacity" required to accommodate all of the legally authorized taps that government agencies will "conduct and use simultaneously."
Jim Harper, a policy analyst at the free-market Cato Institute and member of a Homeland Security advisory board, said the proposal would "have a negative impact on Internet users' privacy."
"People expect their information to be private unless the government meets certain legal standards," Harper said. "Right now the Department of Justice is pushing the wrong way on all this."
Neither the FBI nor DeWine's office responded to a request for comment Friday afternoon.
DeWine has relatively low approval ratings--47 percent, according to SurveyUSA.com--and is enmeshed in a fierce battle with a Democratic challenger to retain his Senate seat in the November elections. DeWine is a member of a Senate Judiciary subcommittee charged with overseeing electronic privacy and antiterrorism enforcement and is a former prosecutor in Ohio.
A panel of the U.S. Court of Appeals in Washington, D.C., decided 2-1 last month to uphold the FCC's extension of CALEA to broadband providers, and it's not clear what will happen next with the lawsuit. Judge Harry Edwards wrote in his dissent that the majority's logic gave the FCC "unlimited authority to regulate every telecommunications service that might conceivably be used to assist law enforcement."
The organizations behind the lawsuit say Congress never intended CALEA to force broadband providers--and networks at corporations and universities--to build in central surveillance hubs for the police. The list of organizations includes Sun Microsystems, Pulver.com, the American Association of Community Colleges, the Association of American Universities and the American Library Association.
If the FBI's legislation becomes law, it would derail the lawsuit because there would no longer be any question that Congress intended CALEA to apply to the Internet.
------------------------------------- You are subscribed as eugen@leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]