The Spy in Your Phone
Just imagine: One morning, you answer a knock at your door. The person standing there introduces himself as a federal investigator. He assures you that you're not under arrest. You're not even under suspicion. Nonetheless, the agent tells you, he's been appointed to move into your home. His mission: to listen in to all your telephone calls, read all your e-mails, review all your Web browsing, and report all "suspicious activity" to the FBI.
"What's suspicious?" you ask. ”You have no right to know," he replies. "Am I being singled out for some reason?" you ask. "No, every person in the United States is subject to this surveillance."
Of course, there's no way that the U.S. government could appoint a full-time investigator to eavesdrop on everything you say on the telephone, or every activity you conduct on your PC. But, in effect, the National Security Agency, the super-secret intelligence arm of the Department of Defense, is doing something quite similar in its electronic eavesdropping programs.
For instance, to deter narcotics trafficking, the NSA collects and analyzes the phone records of Americans who call people in Latin America. There's no warrant or other due process involved. The NSA simply approaches a phone carrier, asks for the records, and analyzes them.
More recently, the NSA has eliminated the requirement to request the records at all. It simply builds in access to the phone carrier switches—even those that carry domestic calls. Again, no warrant or due process is required.
According to court documents, in February 2001—months before the events of Sept. 11, 2001—the NSA asked AT&T to give it permission to give the agency access to all the global phone and e-mail traffic that ran through a huge network center in New Jersey.
The idea was apparently to give the NSA the ability to listen in without restrictions to communications that it believed had intelligence value and store them for later review. While federal law at the time required the NSA to have court approval to listen in on purely domestic communications, there was apparently no discussion of limiting the monitoring to international communications.
Congress is now debating permanent changes to the Foreign Intelligence Surveillance Act (FISA), which regulates the NSA's data collection practices. The primary controversy within the proposed amendments is whether private parties who assist the NSA in conducting illegal monitoring can do so without legal liability. (More than 40 lawsuits are pending against major telecommunications providers for facilitating NSA eavesdropping alleged to have violated the FISA.)
When Congress adjourned last week, it looked as if the Bush administration had succeeded in building a coalition that would have immunized telecom providers from being sued for violations of FISA. Congress returns in January, and is expected to vote the proposed amendments—including telecom immunity—into law.
There are numerous problems to this approach. Besides the obvious one—abuse of eavesdropping authority to pursue political ends—there's a less obvious problem: security.
Building back doors and surveillance conduits into communication systems means than anyone who can find the back doors, or the surveillance conduits, has unfettered access to the U.S. telecommunications system. And, as I've pointed out in a previous blog entry, there's ample evidence to suggest that this is already occurring on a large scale, both inside and outside the United States. Even the White House telecom system has been compromised, although this vulnerability has supposedly been patched.
What can you do to protect yourself? I've long advocated using pre-paid, anonymous cellular phones to conduct any conversation you wish to keep private. Encrypted e-mails are another way to maintain some semblance of privacy. Another suggestion is to use an encrypted channel for your Web browsing, such as the one provided by www.diclave.net.
For more suggestions on protecting your telephone and Internet privacy, click here.
Copyright © 2007 by Mark Nestmann
Comments