FCC Criticized for VoIP Tapping Requirements

Broadband Internet service and voice over Internet protocol (VoIP) companies must build technology that allows "tapping" for interception by U.S. law enforcement officials to comply with a ruling by the Federal Communications Commission last week that critics complain unnecessarily and unilaterally expands federal rules on eavesdropping.

Civil liberties and computer security groups were quick to point out the threats the ruling posed to privacy and software through vulnerability of the third-party access intended for officials, but likely to be targeted by attackers. Technology experts also raised concerns that the ruling, which requires the tapping technology within a year and a half, will stifle technology innovation.

"It is contrary to the CALEA statute," Electronic Frontier Foundation staff attorney Kurt Opsahl told TechNewsWorld, referring to the FCC's ruling on the Communications Assistance for Law Enforcement Act (CALEA). "It's going to endanger privacy and stifle innovation."

Broader Definition

The FCC ruling, announced last week, has still not been released in detail, Opsahl said. However, in a press release on its decision, the FCC said it found the definition of "telecommunications carrier" in CALEA was broader than the definition of the same term in the Communications Act and can encompass providers of services that are not classified as telecom carriers under the Communications Act, including broadband Internet and VoIP providers.

"CALEA contains a provision that authorizes the Commission to deem an entity a telecommunications carrier if the Commission finds that such a service is a replacement for a substantial portion of the local telephone exchange," said an FCC statement.

The commission is giving companies 18 months to comply with the ruling, which would require tapping technology for broadband and "interconnected VoIP carriers."

Stretching the Statute

EFF's Opsahl, who stressed that definitions will be key in the details of the ruling, said there is a great deal of concern over the justification for the expanse of CALEA. He claimed the broadening of the statute puts "the Internet as a forum of free expression" at risk.

"At this point, [the issue] is really those who want to expand [CALEA] should show why," Opsahl said. "Not those concerned about privacy having to argue why not."

The EFF attorney added the FCC had shown no justification for the ruling, which is likely to be challenged in court.

"It's likely, because it really stretches the statute to the breaking point," he said. "Companies have 18 months to comply. There's plenty of time for this to go to a court before any of the serious deadlines arrive."

Lack of Authority, Industry

Center for Democracy and Technology staff counsel John Morris told TechNewsWorld the ruling has inspired some apprehension over the FCC's authority to extend CALEA requirements.

"We think very strongly not only is it not a good answer, we believe the FCC has exceeded its authority to extend CALEA," he said.

Indicating his organization has lobbied the FCC on behalf of technology companies, Morris said it remains unclear what law enforcement will require. In addition, the fact that the FBI may have to approve technology before it's deployed on the Internet may push innovative companies and developers out of the U.S.

"The technology innovation may get offshored so innovation can happen in the test-tube environment of the Internet," he said.

Legal Risk

In a statement on the ruling, FCC chairman Kevin Martin highlighted the need to respond to the requirements of law enforcement, a reference to a request for the expanded CALEA ruling from the U.S. Justice Department, Federal Bureau of Investigation and Drug Enforcement Agency.

"These services have proliferated in recent years, and they continue to grow at exponential rates," Martin said, referring to VoIP. "Given this, it is critical to our nation's security that VoIP and broadband Internet access providers have CALEA obligations."

However, although she voted in favor of the ruling and stressed the importance of assisting law enforcement, FCC Commissioner Kathleen Abernathy is responding to concerns with an admission that legal issues are likely to arise.

In a statement, Abernathy said, "Because litigation is as inevitable as death and taxes, and because some might not read the statute to permit the extension of CALEA to the broadband Internet access and VoIP services at issue here, I have stated my concern that an approach like the one we adopt today is not without legal risk."