In case you didn't notice, May 14 was the deadline for U.S.-based Internet Service Providers to be in full compliance with an obscure law called the Communications Assistance for Law Enforcement Act (CALEA).
The original version of this 1994 law required all telephone networks to be made "wiretap-friendly" so that the FBI and other federal law enforcement agencies can activate a wiretap at the flip of a switch, without intervention by the network. Essentially, this is done by building secret "back doors" into all telephone equipment and networks to facilitate government surveillance.
Now, the CALEA requirements have been extended to the Internet. They apply to universities, public libraries, Internet cafés, and other institutions that operate networks connected to the Internet.
Law enforcement agencies are supposed to obtain a warrant before they activate a wiretap, whether it's for someone's telephone communications or Internet communications. However, it's also clear that they don't always do so, especially under the terms of President Bush's secret domestic spying initiative, which came to light in December 2005.
In this program, the super-secret National Security Agency has for at least five years listened in on an unknown number of conversations believed to be terrorist-related, without a warrant. And while the Bush administration promised in January of this year to submit all requests under this program to a secret court created to review applications for "national security" related wiretaps, on May 1, senior Bush administration officials told Congress that they could not pledge that this would actually be done.
There's every prospect that Internet wiretaps will be handled in the same cavalier manner, despite the clear provisions of a 1978 law called the Foreign Intelligence Surveillance Act, which mandates that all national security related wiretap requests be reviewed by the secret court. This "Foreign Intelligence Surveillance Court" rarely rejects a wiretap request, but even a rubber stamp is apparently too much due process for the Bush administration to deal with.
If that wasn't bad enough, there's another, even scarier, aspect of this program to consider.
The problem with "back doors" is that they can be used by anyone with the technological savvy to find them. There's increasing evidence that organized crime and foreign intelligence agencies are doing just that to telecommunications networks in the U.S. and other countries that have been made "wiretap friendly" courtesy of laws like CALEA.
In a 1997 drug trafficking case in Los Angeles, a narcotics cartel targeted by the Drug Enforcement Administration was able to "completely compromise the communications of the FBI, the Secret Service, the DEA and the LAPD," according to a secret government report leaked to the media. A few years later, revelations emerged, but were quickly hushed up, that the White House telephone system had been completely compromised by an unnamed foreign intelligence service. Similar concerns emerged in the Netherlands in 2002, when lawyers for a terror suspect claimed that Dutch wiretap transcripts ended up in the hands of the Turkish intelligence service, and again in 2005, when revelations emerged that back doors designed into telephone networks in Greece had been exploited to wiretap Greek government ministers.
And now, your e-mail, your Web browsing and everything else you do on the Internet will be subject to surveillance by anyone smart enough to find the back doors. What's more, because most Internet communications, unlike telephone communications, are not tied to a fixed location or phone number, the wiretapping infrastructure must be global, involving all the world's Internet routing structure. Perhaps that's why a few weeks ago, the U.S. Department of Homeland Security asked a company called Verisign to turn over to it what amounts to the "master keys" for the Internet. With these keys, U.S. spooks will be able to spy on any Internet user, anywhere in the world.
With the prospect of massive Internet surveillance now a reality, it's more important than ever to take precautions to protect yourself such as encrypting your e-mails using a program like PGP (http://www.pgp.com) and using Internet anonymizing services such as Armorware (http://armorware.directtrack.com/z/81/CD125).
For more suggestions on protecting your privacy on and off the Internet, click here.
Copyright © 2007 by Mark Nestmann
Comments