Proposal Could Expand Government’s Web Wiretapping Efforts

Potential new regulations could make it easier for federal officials to wiretap online communications, raising privacy concerns. Ray Suarez gets two views on the idea.

Read the Full Transcript


    Next: a proposal to expand government's power to monitor Internet communications. Ray Suarez has that story.


    It's story that pits secrecy vs. privacy.The New York Times reported this morning that the Obama administration is drafting legislative proposals that would make more of the Internet open to court-ordered wiretaps.That could include currently encrypted e-mails, possibly social networking Web sites like Facebook, and Web phone conversations on services like Skype.The reported proposals have raised concerns among privacy advocates.

    For more, we turn to Juan Zarate, a deputy national security adviser in the Bush administration — he is now a senior adviser with the Center for Strategic and International Studies — and Kevin Bankston, senior staff attorney for the Electronic Frontier Foundation, a digital civil liberties group.

    And, Juan Zarate, let's start with you.Why would the federal government be looking for new powers to eavesdrop on these communications devices?Aren't these covered under earlier, preexisting law?

    JUAN CARLOS ZARATE, Center for Strategic and International Studies:Well, what the government would say, Ray, is that this would be a modernization of existing law, the law that was passed and signed by President Clinton in 1994, the Communications Assistance to Law Enforcement Act, which requires telecommunications carriers and providers to allow government access and have intercept capabilities for communications.

    The government says now — and I think we know this from experience — that the communications have evolved, evolved on the Internet with peer-to-peer messaging, end-to-end encryption, voice-over I.P. communications, in a way that doesn't allow the government either access in the first instance or speed to be able to wiretap appropriately.

    And so I think the idea here is you have new technologies evolving all the time that are being used more and more by people.And the government wants to avoid these dark alleys that are — that exist in the virtual world, where they can't necessarily monitor the way they could, for example, telephone conversations.


    Kevin Bankston, are there new technologies that make it harder for the government to look in when it wants to?

  • KEVIN BANKSTON, Electronic Frontier Foundation:

    There are a great deal of new technologies that the Internet has enabled to allow us to communicate with each other.

    But the fact is, this proposal would be a drastic and costly anti-privacy, anti-security, and anti-innovation solution to a problem that doesn't exist. The fact is, based on the government's own reporting, law enforcement investigators in the 2,500 wiretaps they did last year encountered encryption only once.

    And that encryption didn't prevent them from getting the communications they were after.So, the idea that we should, based on vague warnings that criminals are going dark, re-architect the entire Internet to make it more easily tappable by the government is simply ludicrous.


    Well, what would software developers, hardware developers be required to do under these new regs? Kevin, go ahead.


    Well, we don't have a proposal.We don't have hard language, but looking to the requirements currently applied to telephone companies and broadband access providers, capabilities that are already quite broad, this would apparently require every provider of any type of communication service on the Internet to build into their systems facilities to ease government wiretapping and access to user data, or face hefty fines.

    And I think part of the issue here is, would Mark Zuckerberg have been able to build Facebook and launch it from his dorm room if he had to first build in surveillance capabilities, or get fined for it? Or would Skype have even been built if they were forced to forego the benefits of peer-to-peer communication and create an artificial bottleneck, so that the government could wiretap your chats?

    I think the answer is no. And it's particularly…


    I'm sorry.


    I'm sorry. Go ahead.


    Go ahead.


    A problem that doesn't even exist.And Mr. Bankston gave an example of one.


    Well, I don't agree.I think, if you look at end-to-end encryption, which is a reality today, government doesn't have access to those communications between users.Peer-to-peer communications, again, government often has difficulty accessing those communications.

    And what happens is — and this goes to the issue of cost as well — the government is often go in and help the technology provider actually build in the post facto intercept capabilities to try to then pull out the information about communications.

    Two other things I would say, though, Ray.One is the fact that this is in some ways a prospective proposal.That is to say, I think government is anticipating that there will continue to be innovation at a speed with which with the government can't keep up.

    And so the idea here is to, as in 1994, put the onus on the private sector to build in the capabilities to actually intercept in a way that maps what was done in 1994, but doesn't infringe on technological innovation or on privacy.

    There are serious issues here, though. No doubt there are good questions that need to be asked. Some of these technologies were not built with this in mind. Certainly, people engaged in Skype communications, for example, assume that they are not being monitored.

    But the other thing I would say is, from what I understand from the proposals, there is no idea here that this would be a circumvention of the current wiretap laws. This would still have to be judicially authorized. It would still have to be the normal rules of minimization and the other things the government has to do on any wiretap that is currently done.

    And so, in some ways, this is — this is a little bit of a tempest in a teapot before we have actually seen the proposal.


    But so much of the emphasis in recent years has been on making these systems more secure for commerce, for instance, making these systems harder to break into.And Kevin Bankston is suggesting that the designers up front would have to design a way to get into them, and give it to somebody, in this case, the federal government.


    Or have access to it.And that is exactly what happened in 1994, when we were looking at the wireless networks that were developing as well.

    The same arguments were made about crushing innovation at that point.And I think we — it's fair to say that that didn't happen.But it's a fair point.It's a good question as to how this is going to be implemented.The costs that would be imposed on the private sector, that is a real issue.

    But I think, from the government's perspective, it's the inability to access some of these communications, the growing use and volume of these communications, and the speed with which they're able to then monitor, all of which is hindered under current law.


    Kevin Bankston?


    There simply is no record as of yet to support the conclusion that these technologies are posing an insurmountable problem for law enforcement.

    What there is a record of, however, is how these so-called lawful intercept programs have actually posed a threat to security.The most powerful example is in Greece in 2005.Lawful intercept systems for cell phones were hacked into by outside parties and used to spy on the Greek government itself, including its prime minister.

    More recently, reports are that the Chinese intrusion into Google's systems exploited the lawful intercept systems that Google has.And so when you build these backdoors into our communications facilities, not only do we face the risk of overzealous investigators abusing them; we also open up the risk of hackers, criminals and foreign governments abusing them.


    But what about Mr. Zarate's concern that technology has been advancing rapidly, and the government has been forced to play catchup, that there are places that conspirators can go where, even if there's a really good idea of where they are, they simply can't be heard, and the proper channels have been gone through, and a court has issued a warrant and so on?


    Conspirators have always been able to go dark, as it were, by talking face-to-face.

    And even though the government, with a court order, has the authority to secretly search your home or install an eavesdropping device, we would never consider requiring home and office-builders to build in a government-spying peephole or pre-install eavesdropping microphones into our homes and offices.

    We wouldn't allow that in the online — in the offline world, and we shouldn't allow it in the online world.


    But the thing I would say is that precisely the baseline that President Clinton signed into law in 1994 that was — the essence was that the telecom industry had to provide assistance to law enforcement, that law enforcement into itself didn't have the capabilities to intercept communications in a way as the technology was evolving.

    And so the question here is, should the Internet services that have evolved now without these requirements be required to provide that kind of access?And I would say the mere fact that hackers are going to be out there, criminals are going to be out there trying to exploit weaknesses, that is going to happen anyway.

    That to me doesn't strike me as a good argument as to why you wouldn't allow government, with judicially approved warrants, access to communications, especially on a real-time basis, if there is something urgent happening.

    And we know the way the terrorist networks work, international organized crime works, they rely on the Internet, the networking, the capabilities of communicating transnationally, not meeting in person, in the 21st century to expand their capabilities and to cause threats to the United States.It's just a reality of the 21st century.


    What about that restraint — and quickly, Mr. Bankston?Can a compromise be worked out that leaves both parties able to get what they need?


    Frankly, I think forcing companies to architect our networks to be open to government surveillance is fundamentally opposed to the values of an open and free society, which the administration itself recognized when it recently criticized the United Arab Emirates for proposing just this sort of thing and threatening to block BlackBerry encrypted e-mails.


    Kevin Bankston…


    We strongly opposed — sorry.


    Sorry — and Juan Zarate, gentlemen, thank you both.


    Thank you, Ray.


    Thank you.