Another interesting day at the Meltdown conference. John Morris of CDT gave an eye-opening talk about online wiretapping and the policy debate over how to apply CALEA to VoIP services.
Let me explain the jargon. CALEA is the Communications Assistance to Law Enforcement Act of 1994, which says that telecommunications providers must design their networks so as to allow (properly authorized) government wiretapping. CALEA applies to “telecommunications” but not to “information services,” so Internet software has thus far been exempt. However, the FCC, which regulates telecom, has some power to expand the application of CALEA.
VoIP is Voice over IP, a term referring to services that transmit voice over the Internet. Some VoIP services can substitute for traditional phone service; others provide similar functions in different form, such as voice-enabled instant messaging; and some provide entirely new functions.
In March, law enforcement agencies asked the FCC, which regulates telecom, to apply CALEA to “IP-enabled services” such as VoIP. Conventional wisdom says that the FCC will issue some kind of regulation in this area. But what exactly?
It seems likely that the FCC will require VoIP providers to be ready to provide information to law enforcement. The key question is whether providers will only have to provide the information that they already gather or whether providers will be required to (re-)design their technology so that it can gather the information that law enforcement wants.
A “design for wiretapping” requirement would seem to rule out certain designs, particularly those that rely on open protocols and the end-to-end principle. Such designs leave too much control in the hands of end users, so that no vendor can be assured of having access to the information that they would be required to gather. On the other side, law enforcement will argue that CALEA is toothless without design requirements, and existing telecom providers would be happy to see open, end-to-end architectures outlawed.
Coincidentally, as I was writing the previous paragraph, sitting in my hotel room with the television on in the background, a commercial came on CNN, urging viewers to ask their legislators to “update our telecom laws.” Then I ran across today’s New York Times article on the telecom regulation battles.
This is definitely an issue to watch.