June 9, 2006 9:57 AM PDT

Appeals court upholds Net-wiretapping rules

The Bush administration's plans to force Internet providers to comply with extensive wiretapping rules received a boost on Friday, when a federal appeals court upheld the controversial regulations.

A three-judge panel of the U.S. Court of Appeals in Washington, D.C., refused to overturn the Internet surveillance regulations, saying the Federal Communications Commission made a "reasonable policy choice" when approving them last fall.

FCC Chairman Kevin Martin, a Republican, applauded the ruling (click for PDF), saying it "will ensure that law enforcement agencies' ability to conduct lawful court-ordered electronic surveillance will keep pace with new communication technologies."

Wiretaps

Judge Harry Edwards, who had called the FCC's arguments "gobbledygook" and "nonsense" during oral arguments before the appeals court last month, dissented. He said the 1994 Communications Assistance for Law Enforcement Act, or CALEA, does not give the FCC "unlimited authority to regulate every telecommunications service that might conceivably be used to assist law enforcement."

The organizations behind the lawsuit say Congress never intended CALEA to force broadband providers--and networks at corporations and universities--to build in central surveillance hubs for the police. The list of organizations includes Sun Microsystems, Pulver.com, the American Association of Community Colleges, the Association of American Universities and the American Library Association.

Even without the FCC rules that are scheduled to take effect in May 2007, police have the legal authority to conduct Internet wiretaps--that's precisely what the FBI's Carnivore system was designed to do. Still, the FBI has claimed, the need for "standardized broadband intercept capabilities is especially urgent in light of today's heightened threats to homeland security and the ongoing tendency of criminals to use the most clandestine modes of communication."

As first reported by CNET News.com, representatives of the FBI's Electronic Surveillance Technology Section in Chantilly, Va., began quietly lobbying the FCC in mid-2003 to force broadband providers to provide more-efficient, standardized surveillance facilities. The Drug Enforcement Administration and Justice Department eventually signed on too.

The FBI met with a sympathetic ear among federal telecommunications regulators, who voted, in a series of decisions starting with a preliminary 5-0 vote in August 2004, to mandate the wiretapping backdoors. If the FCC had done nothing, Net wiretaps would be possible but could have been more difficult and time-consuming for police to carry out.

Included in the FCC's rulings are voice over Internet Protocol, or VoIP, companies. But the FCC did not grant the police agencies' request to rewrite CALEA to cover instant messaging and VoIP programs that are not "managed"--a reference to peer-to-peer programs like the original version of Skype, and Pulver.com's Free World Dialup, which do not use the public telephone network.

Two of the four FCC commissioners who voted for the regulations last September acknowledged that the federal government was on shaky legal ground. Michael Copps, a Democrat, warned at the time that if a court case were to lead to the rules being struck down, the move might do "more harm than good." The FCC's logic, he said, was "built on very complicated legal ground."

Friday's decision comes as the Bush administration is facing increasing congressional pressure, especially from Sen. Arlen Specter, a Pennsylvania Republican, over its telephone and Internet surveillance program overseen by the National Security Agency. AT&T is being sued in a separate case in San Francisco over allegations that it cooperated in a way that violated federal privacy laws.

A dispute over "information service"
At issue in the legal spat are arcane definitions of "information service" and "telecommunications service" used in CALEA and other chunks of telecommunications law.

Because CALEA does not apply to "information services," the companies and professional associations filing the lawsuit argued that broadband Internet access fell into that legal category and was immune from the law's requirements. They also claimed that the FCC unlawfully extended CALEA to apply to private networks, such as ones operated by a university or corporation.

But two of the three judges on the panel disagreed, saying that analysis is "inconsistent" with their own interpretation--and said that where the law is ambiguous, the FCC should enjoy substantial leeway.

The majority opinion was written by Judge David Sentelle and signed by Judge Janice Rogers Brown.

The plaintiffs in the case could seek a rehearing before the entire D.C. Circuit appeals court or ask the U.S. Supreme Court to review the case.

In his dissent, Edwards said that while the FCC may be correct that eavesdropping would be facilitated by its regulations, "it is not congressionally authorized to implement this view."

"What we see in this case is an agency attempting to squeeze authority from a statute that does not give it," Edwards wrote. "The FCC's interpretation completely nullifies the information services exception and manufactures broad new powers out of thin air."

A House of Representatives committee report prepared in October 1994 emphatically says CALEA's requirements "do not apply to information services such as electronic-mail services; or online services such as CompuServe, Prodigy, America Online or Mead Data (Central); or to Internet service providers."

When Congress was debating CALEA, then-FBI Director Louis Freeh reassured nervous senators that the law would be limited to telephone calls. "So what we are looking for is strictly telephone--what is said over a telephone?" Sen. Larry Pressler, R-S.D., asked during one hearing.

Freeh replied: "That is the way I understand it. Yes, sir."

See more CNET content tagged:
CALEA, Pulver.com, appeals court, Bush Administration, telecommunications

15 comments

Join the conversation!
Add your comment
Useless
Anyone who wants to can communicate by use of Freenet and PGP in total anonymity, and with no chance of anyone other than the intended recipient reading the messages.

All this lets the government do is read honest peoples mail.
Posted by ralfthedog (1589 comments )
Reply Link Flag
Useless!
Anyone who wants to can communicate by use of Freenet and PGP in total anonymity, and with no chance of anyone other than the intended recipient reading the messages.

All this lets the government do is read honest peoples mail.
Posted by ralfthedog (1589 comments )
Reply Link Flag
Skype calls are encrypted
And it's NOT run on servers inside the US.
Posted by kamwmail-cnet1 (292 comments )
Reply Link Flag
RE
Skype has said they will comply with requests by law enforcement for wiretaps (how? I don't know). CALEA doesn't apply to Skype calls conducted completely over the net since they aren't "not managed". The encryption Skype uses is proprietary so it's security hasn't been verified.
Posted by unknown unknown (1951 comments )
Link Flag
BAH...!!!
This is just a thing to cause a loss in privacy so that big brother knows what you are up-to.
Skype inst run on servers that are inside the US. Skype encrypts everything that it transmits. Anyone who is planning something will most likely use strong encrytion. So just what is the point of all this.
Posted by vamega (17 comments )
Reply Link Flag
So I Guess AT&T Will Be Happy
This sucks, i guess AT&#38;T will be happy for this i am sure will play well for them... Check out there documents here: <a class="jive-link-external" href="http://zxo.blogspot.com/2006/05/wired-publishes-att-nsa-documents.html" target="_newWindow">http://zxo.blogspot.com/2006/05/wired-publishes-att-nsa-documents.html</a>
Posted by zxocuteboy (45 comments )
Reply Link Flag
Good & Bad
Good in the fact that if they wiretip enough they will find out how P.O. the people are about haveing their privacy taked away.
Bad in the fact that they have tryed to rewrite the Constitution for years,but now they can bend it to satify.
We are now building the type of country that (true) American have fought agaist for years.
Posted by Earl (60 comments )
Reply Link Flag
net wiretapping
The things we must do are:
1) Vote 'em out of office asap.
2) Start sending digits from pi or e divided into 5 digit groups, prefferably to e-mail addresses in SW Asia. Headers should read something like "The Council must study this message carefully and decide if this is truly a random number."
Posted by fhowden (8 comments )
Reply Link Flag
question
The big question is who,(or for that matter can)determine what a person means when their taking to another person?
Posted by Earl (60 comments )
Reply Link Flag
if you dont, the terrorists will win!! not to mention those damn commies!!
"standardized broadband intercept capabilities is especially urgent in light of today's heightened threats to homeland security and the ongoing tendency of criminals to use the most clandestine modes of communication."
criminals use bathrooms too, but so do the rest of us. you could use a bathroom in an illicit way (place to sell weapons to "freedom fighters", hold people indefinitely without reason, maybe even as a torture chamber, all of which are definitely illegal (unless, of course, youre the governement)) but i can probably say that most of us dont want the governement videotaping us taking dumps. just a thought
Posted by forceflow307 (1 comment )
Reply Link Flag
Questions for Declan McCullagh...
Now, I'm seeing conflicting news stories about what this all means and what the FCC is after here,is this just about VoIP and the parts of broadband that connect with VoIP and other internet telephony, ofr is this a wide vast unfettered net put on the whiole internet, including any aspect of broadband? And how does this work, what are they looking for when they do this taps, and what are these taps capable of doing, including what do they have the ability to do outside the scope they are going to supposedly be used for? Is this not even WORSE of an intrusion on our privacy and our rights than Gonzles's wranglings for data retention. Just what will they have the power to do with these taps, will they be able to monitor what people do online, where they suf, and such, in real time?

I thank you in advance if you see this and reply.
Posted by MisterFlibble (207 comments )
Reply Link Flag
Education perspective of CALEA
One of the things we have been told at the University level, is that we would have to provide the ability to access the real-time data stream of an end-user. That is, essentially a network monitoring port, that would see all data to/from the end-user. The catch is that the initial regulations were not clear on how this had to be setup.
One site of information on this a document written up after a May 2006 meeting:
<a class="jive-link-external" href="http://www.educause.edu/ir/library/pdf/EPO0628.pdf" target="_newWindow">http://www.educause.edu/ir/library/pdf/EPO0628.pdf</a> , where they indicate that only the gateway edge device for a network would need to have this capability.
That doesn't mean that this won't get reinterpreted later to have to go all the way back to the end-user connection to catch internal network traffic, which is how Universities originally interpretted the original ruling.
Here is an earlier document indicating what Educause believed the CALEA order may have required:
<a class="jive-link-external" href="http://www.educause.edu/CALEAFrequentlyAskedQuestions/9357" target="_newWindow">http://www.educause.edu/CALEAFrequentlyAskedQuestions/9357</a>
After the August 2005 order, they indicated a technical requirements document would be released in the October 2005 time frame, but I don't believe that document was ever released.

There are still a lot of unanswered questions with the regulation from the FCC. They arbitrarily extended covered entities, but then did not provide guidance on how to properly comply. The May 2006 document listed above seems to indicate that a third-party-provider could perform these functions for a University or other provider, but with such vagueness in the regulation, I don't know that a third-party provider would even know what to do yet to even offer their services for sale.
For more information from an Education perspective see:
<a class="jive-link-external" href="http://www.educause.edu/content.asp?page_id=645&#38;PARENT_ID=698&#38;bhcp=1" target="_newWindow">http://www.educause.edu/content.asp?page_id=645&#38;PARENT_ID=698&#38;bhcp=1</a>
Posted by JDinKC (303 comments )
Link Flag
Why worry about net neutrality, when this will do FAR MORE damage...
... to the freedom of the intenet. Man, we, the consumers just can't win. Strike that, this isn't about "winning", but rahter about preserving the freedoms and our democracy that we are on guard to protect. In the stories Cnet has reported on this story, they've neglected to report before this decision that Janice Rogers Brown was one of the judges, they instead only focused on the "goobeldegook" judge, which made many think it was going to be struck down. Had Cnet reported that Brown was hearing this case, I would have told you right off the back that this was going be upheld, she's paying Bush back for getting this gig she has now on the DC appealettes court, and she's a freaking nutcase, to boot. She doesn't deserve to be a patent clerk, much less a judge. Congress had good reasons to have not wanted to nominate and approve of her, but because of the GOP senators bulling there way to forcing a nuclear option, she got on the bed. Unbelieveable. She should have recused herslf from this case, being it's what Bush and the DoJ are pressureing the companies to comply, which is why they had Kevin Matin right this up for the FCC. Well, people get what they voted for, I guess, but I didn't vote for these people, and don't deserve their actions.
Posted by MisterFlibble (207 comments )
Reply Link Flag
Why worry about net neutrality, when this will do FAR MORE damage...
... to the freedom of the internet. Man, we, the consumers just can't win. Strike that, this isn't about "winning", but rahter about preserving the freedoms and our democracy that we are on guard to protect. In the stories Cnet has reported on this story, they've neglected to report before this decision that Janice Rogers Brown was one of the judges, they instead only focused on the "goobeldegook" judge, which made many think it was going to be struck down. Had Cnet reported that Brown was hearing this case, I would have told you right off the back that this was going be upheld, she's paying Bush back for getting this gig she has now on the DC appealettes court, and she's a freaking nutcase, to boot. She doesn't deserve to be a patent clerk, much less a judge. Congress had good reasons to have not wanted to nominate and approve of her, but because of the GOP senators bulling there way to forcing a nuclear option, she got on the bed. Unbelieveable. She should have recused herslf from this case, being it's what Bush and the DoJ are pressureing the companies to comply, which is why they had Kevin Matin right this up for the FCC. Well, people get what they voted for, I guess, but I didn't vote for these people, and don't deserve their actions.
Posted by MisterFlibble (207 comments )
Reply Link Flag
Why do the FBI need these laws? The NSA has already built secret rooms which analyze and store every packet of data sent over the internet (without a warrant): why don't the FBI just ask the NSA for access to the stored data that they are already collecting and spending billions of dollars to maintain rather than forcing individual corporations to "pay" for upgrades which give them access to the same data?

The patriot act has already "united" all the justice departments branches into a singlular unit that shared all of their individually-collected data. That means that the FBI already has the data they are requesting access to, despite the fact that the average citizen is supposed to be innocent until proven guilty.

This legislation seems a bit broad, redundant, and overreaching.
Posted by McSatan (9 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.