Feds Want A Wiretap Backdoor In All Net Hardware and Software

January 30, 2006
Networking Pipeline

Posted by Preston Gralla at 11:14 AM

Thinks the federal government is too intrusive? You ain't seen nothing yet. An FCC mandate will require that all hardware and software have a wiretap backdoor that allows the government to tap into all your communications.

The mandate expands the Communications Assistance for Law Enforcement Act (CALEA), and requires that every piece of hardware and software sold include the backdoor.

The rule isn't yet final, but once it is, all vendors will have 18 months to comply. And in fact, says Brad Templeton, chairman of the Electronic Frontier Foundation (EFF), some router makers already include such a backdoor. So your hardware may be vulnerable.

There are several problems with this rule. First is the obvious massive intrusion into all of our privacy. Second, says Templeton, is the way that the rule will stifle innovation. According to the Washington Post, he claims that the rule will "require that people get permission to innovate" would create "regulatory barriers to entry." He adds "The FBI gets veto on new companies."

The final problem is that if all hardware and software has a backdoor, it's an open invitation to hackers. So we may be faced with a double-whammy: The feds and hackers working their way into our systems.

The EFF, the Electronic Privacy Information Center (EPIC), the COMPTEL association of communications service providers, and the American Civil Liberties Union filed a brief last week with the U.S. Court of Appeals for the District of Columbia Circuit to try and stop the FCC. Here's hoping they win.

Could Your VoIP Phone Be Tapped?

Civil-liberties groups say the FCC's plans may pose a threat to your privacy and security.

Dennis O'Reilly, PC World
PC World
Saturday, January 28, 2006; 12:10 AM

BURLINGAME, CALIFORNIA -- Several privacy and civil-liberties organizations are mounting a legal challenge to prevent VoIP and other Internet-based communications from being subject to taps from law-enforcement agencies.

The group, which includes the Electronic Privacy Information Center (EPIC), the COMPTEL association of communications service providers, the American Civil Liberties Union, and the Electronic Frontier Foundation , says it will fight the FCC's plan to expand the Communications Assistance for Law Enforcement Act (CALEA) of 1994. It filed a brief this week with the U.S. Court of Appeals for the District of Columbia Circuit.

The FCC's final rule, issued on August 5, 2005, would extend CALEA to all Internet-based communications, according to EFF Chairman Brad Templeton, who spoke at this week's Emerging Telephony Conference here, sponsored by O'Reilly Media. Once the FCC issues a final rule, vendors have 18 months to comply with it.

Templeton claims that the CALEA expansion proposed by the FCC would "require that people get permission to innovate" and would also create "regulatory barriers to entry." "The FBI gets veto on new companies," according to Templeton. Another, more threatening aspect of the regulation is its mandate that a "back door" be built into all Internet-communications hardware and software to provide access for law enforcement agencies. This same back door could be exploited by hackers to listen in and record these Internet communications, according to Templeton.

In March 2004 the Department of Justice, the FBI, and the Drug Enforcement Agency petitioned the FCC to expand CALEA to cover Internet-based communications. The original statute applied only to calls made using the public switched telephone network.

The FCC's proposal would require that all VoIP hardware vendors comply with the wiretap mandate within 18 months of the order's effective date, but Templeton claims that many router vendors have already added the wiretap capability to their shipping products, despite the fact that the FCC hasn't yet issued any instructions for doing so. Templeton adds that the cost of implementing this proposal will be passed onto the businesses and consumers who use the products.

Among the politicians opposing the FCC's Internet wiretap plan is Democratic Senator Patrick Leahy of Vermont, the chief sponsor of the original CALEA legislation. Leahy says the Internet was explicitly excluded from the law's surveillance rules, with the understanding that the exclusion could be revisited. However, he claims that extending CALEA to the Internet of today is counter to the intention of Congress.

In a notice posted to the FBI's CALEA Web site yesterday, the FCC promises to release another order that will address such issues as "compliance extensions and exemptions, cost recovery, identification of future services and entities subject to CALEA, and enforcement."