Why Care About CALEA?
The FCC's argument extending CALEA to information services (like broadband internet access and “interconnected VoIP”) [doc] is less than weak. Congress specifically elected to leave information services (like internet access and internet applications) out of CALEA's reach, and the DC Circuit and the FCC itself have confirmed this understanding in the past.
FCC is likely to argue now that “interconnected VoIP” services, as defined in the E911 order from earlier this summer, are replacements for a substantial portion of the local telephone exchange service, and thus now covered by CALEA. But FCC can't trump the exclusion of information services from CALEA.
FCC here is legislating, not interpreting. FCC simply doesn't have the power to do what it wants to do, but evidently it has promised law enforcement to do its best. On CALEA, not having jurisdiction isn't a good enough reason — apparently — not to act.
This decision is important because it will hand DOJ authority to negotiate with application providers before the launch of a new product or service. DOJ will be mandating what kinds of data will be collected and how that data will be presented to law enforcement. We know they would like this authority from the comments they have filed in the CALEA proceeding.
The internet hasn't worked this way in the past. Before, anyone using the right protocols could launch a new product or device without asking permission. Now, the default setting will be “anything not permitted is prohibited.” That's a change that has tremendous implications for innovation.
It's also important because there are no principled limits to the scope of this mandate. FCC has already said that it will be considering broadening the scope of services defined as “interconnected VoIP.” From law enforcement's perspective, any application or device that allows the exchange of information should be equally easily tappable — which means designed with law enforcement's interests in mind.
It's important to emphasize here that no one questions law enforcement's right to surveil the internet. That's not the issue presented here. The problem here is whether law enforcement should have the right to participate in the design of applications and devices in advance so that they are easily tappable.
The issue is whether “you have to ask permission” is the right default setting for manufacturers and innovators. The tremendous economic growth that has accompanied the internet's rise would not have happened if everything had been forced to get the approval of a government agency.
There's no evidence I'm aware of that law enforcement is having trouble enforcing its warrants. People are quite cooperative. There are better ways to get data to law enforcement than to give them the power to approve new applications. We have time to work on those better ways.
Comments
One Response to “Why Care About CALEA?”
Got something to say?
Hi Susan,
Interesting post, but I assert that you are wrong in essentially every paragraph. The Commission clearly has the authority under CALEA…as well as Title I. Congress clearly intended this result, and still does. (I've sat in the recent hearings where this has been unanimously underscored.) The bit about negotiating with DOJ is pure urban legend. The technical specifications exist for everything that is needed, as do the commercial products and inexpensive third party service offerings. And, yes, there are serious problems in obtaining forensic evidence today, and that's what this is all about. Your post is good rhetoric, but it is not reality.
best,
tony