by Ken "Caesar" Fisher (http://www.arstechnica.com/)
http://educate-yourself.org/cn/broadened FBI wiretapping14mar04.shtml
March 14, 2004

Yesterday the FBI made public its new proposal for wiretapping powers that would powerfully extend such powers to broadband services such as DSL and cable-based access. The gist of the proposal is simple: the FBI wants to be able to easily set up wiretapping on all kinds of Internet traffic, the key word here being easily. As this report notes, this could mean that to be compliant with the rules (should they pass), both ISPs and developers would need to build back-doors into their services and the technologies that run on top of them. This could mean increased traffic monitoring in general for consumers, plus built-in ways to monitor, oh let's say, things like WiFi-based VoIP phones.

Legal experts said the 85-page filing includes language that could be interpreted as forcing companies to build backdoors into everything from instant messaging and voice over Internet Protocol (VoIP) programs to Microsoft's Xbox Live gaming service. The introduction of new services that did not support a back door for police would be outlawed, and companies would be given 15 months to make sure existing services comply.

At the heart of the matter is 1994's Communications Assistance for Law Enforcement Act (CALEA), which requires all telecommunications providers to help law enforcement conduct wiretaps. To date, broadband providers have been excepted, but the FBI wants this to change. Industry advocates worry that the price of compliance would raise prices for consumers, as providers would have to significantly retool their services. If the government pays, then the taxpayer pays. Legal experts also note that the CALEA, when it was formulated, knew nothing of today's Patriot Act, which now enables wiretaps to be executed without a court order in cases of suspected terrorism. It's a love-in all around, folks.

What hasn't been talked about are the dangers of building backdoors in principle. Can anything be secure when there's a built-in method for bypassing security? What's to stop, say, the FBI's proposed backdoors from becoming the new pot of gold at the end of some hacker's rainbow, or, dare I say it, a terrorist's, for that matter? And what's the use of this when any criminal with a clue would just use strong encryption? Still, the FBI is right to a certain extent: the Internet is as much of a communications network as any other. The question is: in what ways is it different from other networks, and why hasn't this generational advancement spurred some truly innovative thinking in law enforcement?

Forward courtesy of bp