PRIVACY + SECURITY BLOG

News, Developments, and Insights

Government Surveillance CALEA

In 1994, Congress passed a law called the Communications Assistance for Law Enforcement Act (CALEA), which requires telecommunication providers to build wiretapping and surveillance capabilities for law enforcement officials into their new technologies.

A recent rulemaking by the Federal Communications Commission (FCC) significanty expands the reach of CALEA beyond telephone companies and ISPs:

The federal government, vastly extending the reach of an 11-year-old law, is requiring hundreds of universities, online communications companies and cities to overhaul their Internet computer networks to make it easier for law enforcement authorities to monitor e-mail and other online communications.

The action, which the government says is intended to help catch terrorists and other criminals, has unleashed protests and the threat of lawsuits from universities, which argue that it will cost them at least $7 billion while doing little to apprehend lawbreakers. . . .

The order, issued by the Federal Communications Commission in August and first published in the Federal Register last week, extends the provisions of a 1994 wiretap law not only to universities, but also to libraries, airports providing wireless service and commercial Internet access providers.

It also applies to municipalities that provide Internet access to residents, be they rural towns or cities like Philadelphia and San Francisco, which have plans to build their own Net access networks.

Shouldn’t the government be paying these costs? Why should the government be imposing this quasi-tax on those providing communications services?

According to the article:

If law enforcement officials obtain a court order to monitor the Internet communications of someone at a university, the current approach is to work quietly with campus officials to single out specific sites and install the equipment needed to carry out the surveillance. This low-tech approach has worked well in the past, officials at several campuses said.

But the federal law would apply a high-tech approach, enabling law enforcement to monitor communications at campuses from remote locations at the turn of a switch.

It would require universities to re-engineer their networks so that every Net access point would send all communications not directly onto the Internet, but first to a network operations center where the data packets could be stitched together into a single package for delivery to law enforcement, university officials said.

It is certainly true that new technology can erode the government’s ability to engage in surveillance. It can also enhance the government’s surveillance capabilities too. Setting aside the issue of the merits of the government surveillance, the issue of who pays for it is also a very important one. Placing the costs on those developing or supplying the technology can severely hinder the development of technology and its use. And saddling such a large financial burden on educational institutions at a time of rapidly rising education costs strikes me as very unwise and troublesome.

Originally posted at Concurring Opinions

* * * *

This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. Professor Solove also posts at his blog at LinkedIn. His blog has more than 1 million followers.

Professor Solove is the organizer, along with Paul Schwartz, of the Privacy + Security Forum and International Privacy + Security Forum, annual events designed for seasoned professionals.

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:
*
LinkedIn Influencer blog
*
Twitter
*
Newsletter

TeachPrivacy Ad Privacy Training Security Training 01