Wiretaps have been used since the invention of the telegraph and have been a legal
element of the US law enforcement arsenal for more than a quarter century. In keeping
with law enforcement’s efforts to keep laws current with changing technologies,
in 1994 the US Congress passed the Communications Assistance for Law Enforcement
Act (CALEA). The law proved to be controversial because it mandated that digitally
switched telephone networks must be
built wiretap enabled, with the US Department of Justice in charge of determining
the appropriate technology standards.
The law provided a specific exclusion for “information services.” Despite that explicit
exemption, in response to a request from the US Federal Bureau of Investigation
(FBI), in August 2005, the Federal Communications Commission (FCC) ruled that broadband
voice over IP (VoIP) must comply with CALEA. Civilliberties groups and the industry
immediately objected, fearing the ruling’s impact on privacy and innovation. There
is another community that should be very concerned. Applying CALEA to VoIP requires
embedding surveillance technology deeply into the protocol stack. The FCC ruling
undermines network security and, because
the Internet and private networks
using Internet protocols support critical as well as noncritical infrastructure,
national security as well. The FCC ruling is a step backward in securing the Internet,
a national— and international—priority.