VoIP Wiretaps: Good Intentions, Bad Legal Logic?


There seems to be no dispute that Internet telephony should be available to
law enforcement officials armed with legal warrants. Both Congress and the
Federal Communications Commission (FCC) have said the emerging technology
must be surveillance friendly.


Voice over IP providers have repeatedly said they don’t
wish to be known as the terrorists’ telephone system of choice, either out
of patriotism or sound business logic or both. They have told Washington on
numerous occasions this year they will comply with any laws necessary.


“We can and will comply with any regulations put forward,” Jason Talley,
president and CEO of commercial and residential VoIP provider Nuvio, said
Thursday. “No one wants to open a hole in national security.”


The problem for the regulators is that there is no specific law saying VoIP
is subject to surveillance. The problem for VoIP providers is that no one
knows what Washington will do to plug the hole. As Talley says, “We’re not
obligated to do anything right now.”


Traditional telephone carriers must comply with the Communications Assistance
for Law Enforcement Act (CALEA), which standardizes the system
configurations for legal wiretaps. When Congress approved CALEA, it provided
more than $500 million to help the telcos comply.


On Wednesday, the FCC took the first tentative step to mandate minimum
surveillance compliance rules for Internet telephony, voting to
initiate a rulemaking proceeding focusing on VoIP wiretapping. The agency’s
legal hook is that CALEA can be interpreted to cover VoIP. On a day that the
FCC devoted to national security issues, the commissioners voted 5-0 to
approve the proceeding, even though several questioned the legal basis of the
decision.


According to the FCC, CALEA applies to traditional carriers and any
“replacement for a substantial portion of the local telephone exchange
service.” With traditional phone calls, voice packets travels from one fixed
point to another, making intercepting traffic fairly routine. VoIP calls, on
the other hand, are data packets that can travel several routes and even change
direction as the network seeks the clearest path. It remains an open legal
question whether VoIP is a just another service like e-mail or actually is a
substitute for the public switched telephone network .


Republican Commissioner Kathleen Abernathy said the FCC staff had come up
with a “plausible interpretation” of CALEA, yet it was “fraught with legal
risk.” Democrat Michael Copps more bluntly said, “It is flush with tentative
conclusions that stretch the statutory fabric to the point of tear.”


Both Abernathy and Copps predicted inevitable legal challenges to the
interpretation if the rules are ultimately approved. The rulemaking process
will last at least until the end of the year before the FCC makes a final
decision.


“I’m sure [if approved] there will be court challenges,” Talley said,
stressing that it is premature to jump to such conclusions. “This is an
attempt to satisfy congressional concerns about VoIP. “I think the
commission will go back and make sure they are complying with the law.”


Talley was more concerned with the cost of possible CALEA compliance.


Noting the congressional grant to telcos for CALEA compliance, Talley said
making VoIP providers comply without similar funding would amount to
“another unfounded mandate pushed off on us by [Attorney General] John
Ashcroft.”


Talley also questioned the technological feasibility of CALEA compliance,
saying there are better ways to utilize VoIP for surveillance.


“The FBI knows CALEA and wants the same rules to apply. Standardization is
really what CALEA is all about,” he said. “They just want to come in and
plug in a jack. It reduces time for law enforcement. We [VoIP
providers] could do things so much better than CALEA. We’re dealing with
data on the VoIP side and there are a lot more ways to go about
surveillance.”

News Around the Web