Cringely bored by illegal NSA taps, doesn't think it really matters

Sat Jan 21 05:02:36 PST 2006

http://www.pbs.org/cringely/pulpit/pulpit20060119.html

January 19, 2006
Hitler on Line One
There's a Long History of Intercepting Foreign Communications, and Some of It
May Have Been Legal

By Robert X. Cringely

Who is listening-in on your phone calls? Probably nobody. Right now, there is
huge interest in phone tapping in the United States because the Bush
Administration (through the National Security Agency) was caught listening in
without appropriate court orders. What I have noticed is that, for all the
talking and writing on this subject, there seems to be very little real
information being presented. So this column is my attempt to share what I've
learned about the topic. It might surprise you.

Intercepting communications for purposes of maintaining national security is
nothing new. From before Pearl Harbor through 1945, EVERY trans-Atlantic phone
call, cable and indeed letter was intercepted in Bermuda by the Coordinator of
Information (COI) in the White House and later by the Office of Strategic
Services (OSS). Sir William Stephenson revealed this in his autobiography, A
Man Called Intrepid. They literally tapped the undersea cables and shipped all
post to Europe through Bermuda, where every single call was monitored, every
cable printed out, and every letter opened. FDR and Churchill needed
intelligence and they took the steps they needed to get it.

The computer monitoring of cell phone conversations pales in both scale and
significance. One fun fact from that monitoring: The CEO of International
Telephone & Telegraph (ITT) reportedly spoke with Adolf Hitler on the phone
from New York City every week of the war. According to the book The Sovereign
State of ITT, the call was placed from New York to South America, and then
used a cable from South America to Berlin. Key companies that maintained the
German telephone network were ITT subsidiaries at that time, and
communications were obviously of strategic importance for Germany; thus Hitler
needed to speak with the CEO every week. ITT never stopped running the German
phones during the war and were evidently allowed to continue doing so to
gather just this sort of intelligence (that's me putting a positive spin on a
disturbingly ambiguous relationship). So information technology's ability to
eliminate borders in warfare is nothing new, even though it seemed to take the
New York Times by surprise!

Following the war, the Bell Operating Companies cooperated in national
security wiretapping for years based only on the delivery of the so-called
"Hoover Letter," under the hand of FBI Director J. Edgar Hoover. As a result
of that cooperation, AT&T was ultimately the defendant in 18 national security
lawsuits, all of which involved wiretaps of U.S. citizens' domestic
communications where there was no prior judicial authorization. The trial
court and the D.C. Circuit Court of Appeals decided that AT&T had not violated
any constitutional right or law. Keep in mind that international calls or
communications were not at issue.

In 1967, the U.S. Supreme Court ruled that telephone surveillance was
technically a "search," and thus prohibited by the Fourth Amendment to the
Constitution unless conducted with a court order. In 1972 the Supreme Court
handed down a unanimous opinion that clarified the scope of the Executive
Branch to engage in wiretapping without prior judicial approval, saying that
the Nixon Administration needed warrants for every domestic phone and wire
tap. Even after this decision, however, the Executive Branch continued to
conduct electronic surveillance of international communications without prior
judicial approval (Republican and Democratic administrations alike), according
to people working in these areas for the phone company at that time. Because
the objects of those searches were presumed not to be U.S. citizens (whether
they actually were or not), the taps were allowed.

Jumping to the present day, in the United States there were two categories of
phone taps and two major laws governing phone taps -- that is until the Bush
Administration invented whole new versions of both. The two laws are the
Community Assistance for Law Enforcement Act (CALEA) and the Foreign
Intelligence Surveillance Act (FISA). CALEA is for domestic wiretaps and FISA
is for international wiretaps. Each requires a report to Congress every year
and for the 2004 year (the most recent reported) each had slightly over 1700
qualifying wiretaps. Each law also requires a court order for every tap,
though under FISA there is some leeway, and in theory such court orders can be
obtained retroactively in any case within 72 hours.

To this point what we have been considering are technically called
"intercepts" -- listening to phone calls and recording the information they
contain. Most phone taps in the U.S. aren't conducted that way at all. On top
of the approximately 3,500 CALEA and FISA intercepts conducted each year,
there are another 75,000 domestic phone taps called "pen/traps" by the
telephone company.

While interceptions capture the voice portion of a telephone call or the data
portion of an electronic communication, such as the content of e-mail,
pen/traps capture just the outgoing digits dialed (the pen register portion of
the technology) and the numbers of the incoming callers (the trap and trace
portion of the technology). In CALEA terms, these are "call-identifying
information."

Court authorizations for interceptions are difficult to obtain for many
reasons. Pen/traps are easy to obtain. While the government has to obtain
court authorization to install a pen/trap, the role of the court in this
review and approval procedure is merely "ministerial" -- primarily a form of
record-keeping. The government has a very low hurdle to meet to obtain
judicial approval for pen/traps, and if that hurdle is met, the court MUST
approve the order. Pen/traps are very useful in a criminal investigation, and
inexpensive compared to a court-approved interception. So, it is not
surprising that there are so many more pen/traps than there are
interceptions.

To get this far, I had to talk to a lot of former and current telco people,
and one thing I learned is that they generally don't like having to do either
type of phone tap. Under both laws, telephone companies that do this kind of
work are supposed to be reimbursed for it, yet many phone companies never send
a bill. Whether that is because of patriotism or fear of liability, I don't
know. Many phone companies also outsource their phone taps to smaller firms
that specialize in that kind of work. These firms handle the legal paperwork,
and generally more than pay for themselves by billing the Feds, too, on behalf
of the telco.

It feels a little creepy to me knowing that our telephone systems can be
accessed at will by "rent-a-tap" outfits, and that the technology has advanced
to the point where such intercepts can apparently be done from a
properly-authorized PC.

Is all of this worth worrying about? What led me on this quest in the first
place was the fact that I simply couldn't understand why the Administration
felt the need to go beyond FISA, given that the court nearly always granted
warrants and warrants could be done retroactively. But does it really matter?
I didn't know whether to be outraged or bored, and I feared that most
Americans were in similar positions.

Given that this is all about National Security, we'll probably never know the
full answer. Even if the proper research is conducted and answers obtained,
they won't be shared with you or me. But here's a hint from a lawyer who used
to be in charge of exactly these compliance issues for one of the largest
RBOCs: "While it is true the FISA court approves nearly all applications
submitted to it, this is due primarily to the close vetting the DOJ attorneys
give to applications before they are submitted to the court. In fact, the FISA
appellate court noted that the DOJ standards had been higher than the statute
required. I am unaware that the court has 'retroactively' approved any
electronic surveillance that was not conducted in an emergency situation.
There are four emergency situations enumerated in the statute. Even in an
emergency, the government has to apply for approval of what they have already
started or in some case finished and these applications have to meet the same
strict standards as any other application."

So the probable answer is that the several hundred NSA communication
intercepts wouldn't have qualified for submission by the DoJ to the FISA
court, and some of those might not have qualified for FISA court orders even
if they had been submitted. It looks like the difference between using a rifle
or a shotgun, with the Bush Administration clearly preferring the shotgun
approach. Only time will tell, though, if what they are doing is legal.

--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]