FC: ACLU's Barry Steinhardt on CALEA, IETF, and wiretapping

[Declan McCullagh <declan () well com>]

*********

Date: Thu, 14 Oct 1999 12:29:44 -0400
To: declan () well com
From: Barry Steinhardt <Barrys () aclu org>
Subject: Re: FC: John Gilmore: CALEA wiretap law DOES NOT cover the Net
:
:
:
:

Declan,

John Gilmore is quite right that CALEA was not intended to and does not 
cover what it calls "information services", the most prominent of which is 
"electronic messaging" -- email, instant messaging etc. There is no reason 
for the IETF to build surveillance capabilities into architecture of the 
Net. CALEA doesn't require that and  there is strong resistance in the 
Congress to any expansion of the law along those lines.

There is, however, one subtle but important issue involving IP that is 
still being fought out.

The FBI  wants the full content of customer communications 
from  traditional telecommunications carriers who use packet switching 
technology, even when the government is only authorized to intercept 
addressing or signaling data through a pen register or trap and trace 
device order. In other words, they want access to packets containing both 
call- identifying and call content information, when only the former was 
authorized.  The standards for getting a pen register order are much less 
stringent, than even the weak standards for an order allowing tapping of 
content.

The FBI contends that the government would sift through the data and pay 
attention to only what it has authority to intercept. Not only does this 
violate the "minimization" requirement of the Fourth Amendment and  the 
basic wiretapping law Title III, but it explicitly violates Section 
103(a)(4) of CALEA, which requires the carriers to protect communications 
not authorized to be intercepted. It is based on an unrealistic and naive 
assumption that law enforcement would impose severe self-restraint in 
processing the information.

The FCC split the baby, although not exactly in half. They recognized the 
problem, but still required that packet-mode communications be delivered to 
law enforcement under the new CALEA standard no later than September 30, 
2001. That date is 15 months after the June 30, 2000  compliance deadline 
for most other aspects of the standard. They required the telephone 
industry association (The TIA) to make a report to the it by September 
30,2000 detailing how they intended to address the inherent problem of 
packets which contain both content and identifying information.

Naturally, this will be an important issue in the appeal of the FCC order, 
by the ACLU and a number of other the parties. The problem will grow in 
importance as packet switching becomes more and more common among 
"traditional telecommunications" providers.

Barry Steinhardt
ACLU


--------------------------------------------------------------
Barry Steinhardt
Associate Director
American Civil Liberties Union
125 Broad St. New York,NY 10004
212 549 -2508 (v) 212 549-2656 (f)
Barrys () aclu org


Are You a Card-Carrying Member of the ACLU?
Join us at: https://www.newmedium.com/aclulink/forms/join.shtml


--------------------------------------------------------------------------
POLITECH -- the moderated mailing list of politics and technology
To subscribe: send a message to majordomo () vorlon mit edu with this text:
subscribe politech
More information is at http://www.well.com/~declan/politech/
--------------------------------------------------------------------------