- FBI raided millionaire YouTuber’s home, allegedly took everything Thursday 6:55 PM
- A fake Labour party website is spreading disinformation in Britain Thursday 6:16 PM
- Twitter bans cricket club for posting ISIS content in apparent hack Thursday 6:12 PM
- This dad remade his daughter’s NSFW photo—and people are loving it Thursday 5:51 PM
- Teen allegedly posted ‘slave for sale’ Craigslist ad featuring his Black classmate Thursday 5:28 PM
- People are crushed that this teen love story might be a TikTok ‘joke’ Thursday 4:50 PM
- Is Jacob Wohl evading his Twitter ban with Jack Burkman’s account? Thursday 2:06 PM
- Biden’s most perplexing debate answers, explained Thursday 2:03 PM
- How to stream Colts vs. Texans on Thursday Night Football Thursday 12:52 PM
- Netflix drops ‘A Christmas Prince: The Royal Baby’ trailer Thursday 12:43 PM
- Uber says it will audio-record rides to address safety concerns Thursday 12:41 PM
- ‘Avengers: Endgame’ writers go in-depth on how they decided which superheroes lived and died Thursday 12:22 PM
- How to watch Duke vs. Cal in the 2K Empire classic Thursday 12:09 PM
- Trump’s impeachment notes get riffed into punk songs Thursday 12:01 PM
- Pete Buttigieg can’t do the Pete Buttigieg dance Thursday 11:55 AM
FCC chairman opens the door to new Internet wiretapping powers
Privacy groups are worried that Congress will once again expand Internet surveillance.
The head of the Federal Communications Commission on Tuesday raised the possibility that the spread of encryption signaled the need for an update to a landmark wiretapping law.
During testimony before the House Subcommittee on Communications and Technology, FCC Chairman Tom Wheeler floated the idea of extending the Communications Assistance for Law Enforcement Act (CALEA) to cover more technology companies.
CALEA, which passed in 1994, originally required only phone companies to build their systems to accommodate court-ordered government wiretaps, also known as “lawful intercepts.” At the urging of the George W. Bush administration, Congress amended it to cover Internet service providers and voice-over-Internet-protocol (VoIP) companies.
“It is an old law that predates the modern computing and communications system, cybersecurity threats, and the need to routinely use encryption in everyday life.”
“One of the issues here is the question of, ‘What is a lawful intercept?'” Wheeler said at Tuesday’s House hearing. He noted that Congress had answered this question with its earlier work on CALEA, but he added, “Things have moved on since then.”
Wheeler then pointed to a report about terrorists allegedly using the Playstation 4‘s chat feature to plan attacks, calling that technology “outside the scope of anything ever considered in CALEA” and adding, “There’s probably opportunities to update the lawful intercept concept.”
An FCC spokesman clarified to the Daily Dot that Wheeler was not seeking changes to CALEA but rather noting Congress’ ability to make those changes if it deemed them necessary. The spokesman said that the FCC would respond if Congress or the law-enforcement community asked it to change how it interpreted the existing law. As a regulatory agency, the FCC is required to ensure that companies fulfill their technical obligations under CALEA.
Wheeler may not have been asking Congress to update CALEA, but his comments might alarm many in the privacy community, which fought a bitter battle over CALEA—as part of a broader encryption debate called the “crypto wars”—and eventually won several exemptions.
“Absolutely, that concerns us,” Lee Tien, a senior staff attorney at the Electronic Frontier Foundation, told the Daily Dot in an email. Tien argued that, because CALEA was written at a time before ubiquitous encryption, Congress could not reasonably expand it today.
“CALEA essentially treats communications in the clear as the norm,” he said. “It is an old law that predates the modern computing and communications system, cybersecurity threats, and the need to routinely use encryption in everyday life.”
Any expansive revision of CALEA would likely target its three privacy-minded limitations. These provisions specify that the government can’t mandate the inclusion or exclusion of specific features; that “information services” companies (essentially any Internet companies other than ISPs) are exempt from the law; and that companies subject to CALEA don’t have to decrypt communications as part of wiretaps unless they have the decryption keys.
Taken together, these limitations provided a strong bulwark against far-reaching Internet wiretapping. Seth Schoen, a senior staff technologist at the EFF, told the Daily Dot in July that these provisions shielded companies like Apple from having to facilitate wiretaps—and, in particular, from having to put wiretap-friendly “backdoors” in their encryption.
“Essentially, each part of [the limitations section] provides a reason why the current CALEA couldn’t be applied to make Apple change its software,” Schoen said. “Because it doesn’t apply to Apple [as an information service], because it can’t be used to dictate features, and because companies aren’t responsible for decrypting unless they have the keys.”
A spokesman for Rep. Fred Upton (R-Mich.), the chairman of the House Energy and Commerce Committee, did not say whether Upton wanted to update CALEA. A spokesman for Rep. Greg Walden (R-Ore.), the chairman of the Subcommittee on Communications and Technology, did not respond when asked the same question.
Photo via Dieter R/Flickr (CC BY 2.0)
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.