The privacy angle
Someone called me today to ask me what I thought about the connection (if any) between privacy and the recent CALEA ruling.
There are at least three possible responses I came up with — only two of which I gave on the phone (things are always clearer after you hang up, aren't they?). One is that CALEA is just about how things are designed, not whether law enforcement is entitled to ask service providers for data. CALEA says “assuming a lawful warrant is being implemented, we want to make it easier for law enforcement to get access to data.” On this reading, extending CALEA to more services and more connections shouldn't make a difference to individual privacy vis-a-vis governmental requests for data — government has to go to a judicial officer to get authority to ask for the data in the first place.
A second response, though, is that we have no idea how the FCC's adventurous extension of CALEA will change the privacy landscape. The ongoing NSA scandal reveals that we don't know what this Administration is willing to do without a warrant. We don't know how closely service providers are already cooperating with law enforcement/national security requests without needing the entire apparatus of warrants and judges. We are in the dark. In the dark, you can't see the change between one privacy regime and another — it all looks the same.
A third response is that it's likely that extending CALEA's scope diminishes our privacy. If it's easier for government to get access to data, because things have been designed in advance so as to be easily tappable, they'll get more data and will know more about us. At the least, extending CALEA clearly doesn't heighten privacy protection in this country.
What do you think?
Comments
4 Responses to “The privacy angle”
Got something to say?
Susan,
the Americans seem to be not interested in privacy at all. What you and people like you may need to do, is start an educational campaign. Talk to students and pupils, explain them (they will understand it easier) why privacy is important.
Tell them that to give their phone in the GAP shop is not only stupid, but also dangerous.
Parallel, can't you talk to law-makers? Accept if not all, at least some of the European Directives.
Wiretapping of the kind happening in the US, should have driven resignations in Europe. In the US even the public opinion doesn't care…
In Bellovin, et al, Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP (13 Jun 2006), the authors note on p.13:
This isn't a new observation, but it's good to see it getting attention in a recent report by well-known and respected authors.
On the topic of privacy, note that Ron Suskind's new book The One Percent Solution asserts that the Administration worked closely with First Data Corporation and its parent Western Union to track, sometimes in real time, financial transactions. When combined with the collection of call records, the NSA has an incredible insight into the daily lives of ordinary Americans. While this capability may be directed today at terrorists, it can easily be directed at something else tomorrow and who would know? As for the extention of CALEA, if you believe voice is going to be a ubiquitous application embedded in any number of devices and services, then you better believe that your privacy is being eroded.
Hi Susan,
Actually, it does. I highly recommend actually reading the statute and the Commission's implementing rules - particularly the security provisions now incorporated in 47 CFR 1.20003 and 1.20004. The technical “tappling” portion is relatively easily accomplished. What CALEA does is simply assure it's uniformly available through a common protected technical interface….and that there is an effective security office capability and policies that protect privacy and legal process.