October 6, 2004 | By Annalee Newitz

A Government-Mandated Backdoor for Every Network

That's what the Federal Communications Commission (FCC) promises if the FBI gets its way.

The Communications Assistance for Law Enforcement Act (CALEA) was passed in 1994 to make it easier for the feds to listen in to everyone's phone calls. The law forced phone companies to design their digital networks with special backdoors for government surveillance. There was a single saving grace - CALEA did not apply to the Internet.

But now, all of that could change. Under pressure from the Department of Justice (DoJ) and federal law enforcement, the FCC is gathering comments on a proposal to expand CALEA to cover broadband Internet access providers and Voice over IP (VoIP) telephony companies.

If the FCC adopts the proposal, Internet Service Providers (ISPs) and nearly all VoIP companies will have to design their systems to be tappable. This isn't nearly as tidy as it sounds. The law distinguishes between two kinds of information that can be gleaned via telephone surveillance: "call identifying information" or CII (numbers dialed and when), and "content" (actual conversations taking place). Telephone network technology allows a law enforcement agent to gather these two kinds of information separately, in isolation from one another. There is no danger that an agent seeking CII will accidentally get to listen to the content of his target's conversations. Or that he will accidentally hear the conversations of everybody on the same block as his target.

With the new proposal, all of these things are possible. Surveillance on the Internet is a messy business - CII "trap and trace" information is contained in the same data packets as the actual content of the communication. Moreover, all current methods of snooping on somebody's communications at an ISP also mean sifting through the private communications of other people using the same ISP. Law enforcement officers with a trap and trace order would have the opportunity - if they chose - to capture the content of a target's communications, and that of any number of innocent people who share the same ISP. Similar issues will plague VoIP providers, who will have to examine the data packets of every user in order to find those associated with law enforcement's target.

Having these kinds of backdoors in data networks will make communicating over the Internet less secure for everyone - especially when criminals with technical know-how figure out how to use the built-in backdoors for their own purposes.

And here's the kicker: you're going to have to pay for all this. The FCC wants to force broadband Internet access and VoIP providers and their customers to bear the considerable costs of purchasing and implementing surveillance-ready network technologies. So you'll be paying extra to make it easier for the FBI and net-savvy criminals to spy on you.

In two months, the FCC will review the public's comments on this proposal and make a final decision on whether the future of the Internet is one of pervasive surveillance or relative privacy.

Now is the time to tell your ISP that you don't want to pay for the government to tap everybody's data stream. Urge your service provider to get more information about CALEA and tell the FCC why it's a bad idea.


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

How China is strong-arming coders to abandon their open source projects: https://eff.org/r.wso1

Aug 28 @ 4:20pm

Introducing a powerful new tool to help stop the California virtual currency license: https://eff.org/r.5qg6

Aug 28 @ 2:14pm

HTTPS encryption may have gotten the better of Russian censors trying to block a Wikipedia article: https://eff.org/r.vk6f

Aug 28 @ 1:55pm
JavaScript license information