[hcs-d] Government wiretapping

Joshua Kroll kroll at cs.princeton.edu
Tue Sep 28 09:19:54 EDT 2010

So let's take a step back and a deep breath, and then dive into what
amounts to an interesting policy discussion with, as people's visceral
reactions have shown, very important consequences.

This proposal - not even released yet, but a proposal nonetheless - is
hardly about designing backdoors into crypto or into communications
protocols. It's about putting an obligation on service providers to
force them to be able to, a priori, be capable of complying with a
wiretap order.

Let's step back a moment: what is a wiretap order? And how does law
enforcement get one? I'm not a lawyer (and thus nothing I say should
be construed as legal advice), but I do play one in part time jobs and
graduate school. So basically, law enforcement can write a criminal
subpoena (basically, a letter from a prosecutor) asking for certain
types of information from service providers. For example, they can ask
for a "pen register tap", which notifies them whenever you place a
phone call of when you call, when you hang up, and the number you
dialed. They can ask Internet service providers for information that's
similar (i.e. not the content of what you saw, but maybe the DNS
queries you made or the IPs you connected to - the jurisprudence of
exactly what is covered is evolving in the courts as we speak). A real
wiretap order, though, is a court-ordered warrant, and thus there's no
4th Amendment defense against it (there's a question of
"reasonableness", but the court is supposed to consider that when the
warrant is issued, and the standards to get a warrant require that
prosecutors really make sure that they have their t's dotted and their
eyes crossed before they ever put a request before a judge (judges may
otherwise deny a prosecutor's request out of hand, in a kind of

The distinction between "content" information and "transactional"
information is codified, as EJ said, in a law called the Electronic
Communications Privacy Act, or ECPA (Title II of ECPA is sometimes
called the Stored Communications Act). ECPA is at best antiquated and
at worst poorly written. It says for example that if you give up
possession of your electronic data to a third party (say, you use
GMail for your e-mail), then there's no need for a warrant to get at
it, only for a subpoena (there's a limit for "stored communications"
such as e-mail  where the government may only subpoena communications
that are over 120 days old). Further, the government can even require
the third party to delay notifying you that you're being
searched/watched until after they've gotten what they are looking for.
This proposal comes into a Washington milieu where ECPA reform is a
hot topic (it's been the subject of something like 4 or 5 hearings in
Congress this year already). And that's sensible: ECPA was written
before you were born. We still weren't comfortable using Gopher.

The other relevant law is CALEA: The Communication Assistance for Law
Enforcement Act, which requires that phone companies build into their
systems a special network for law enforcement to be able to split off
and listen to calls. The special network is operated by the phone
carrier and is used in response to what the phone carrier either
considers a valid wiretap order or at least in response to an order
that they're too lazy to check. So in the movies when you see the FBI
tap into a phone call as it's happening? That's real, sort of. It can
be done, but the warrant probably needs to wind its way through an
expedited process in the phone carrier's legal department first.

There are lots of known problems with CALEA. If you enjoy being
scared, go look up papers in the security research literature about
how to hack into the phone system via the CALEA backdoors. You'll find
that more access points to a system inevitably make it less secure and
less reliable and trustworthy. For extra background into how to have
an intelligent policy discussion about similar issues, go read about
something called "Clipper", the NSA's
"trust-us-we-know-what-we're-doing" solution to a similar problem.

So what's this proposal about? It's about putting CALEA-like
obligations on "communications service providers" on the Internet.
What's a communication service? Who is a provider? How would this even
work? We Just Don't Know. But you can imagine that almost any
definition is going to be way too broad. Can you imagine if you were
trying to start Twitter and you had to pay lawyers to tell you if you
were complying with this law, so that you could avoid hefty government
fines? Can you imagine how much money it would cost Google, Yahoo,
Facebook, and Microsoft to engineer and deploy solutions that would
comply? Such regulations would make the Internet industry more like
the telecom industry: slow, rule-bound, and highly consolidated into
large firms which can deal with these sorts fo burdens.

Worse, you can imagine that somehow providers of encrypted services
would be required either to hold the keys in escrow if requested or to
simply record all the plaintext messages in case they're later
requested. And there's rumor that it would require foreign companies
who offer encrypted communications to establish domestic offices that
are capable of providing interception as a condition of providing
service in America. Can you imagine if every country required this?
The Internet is cool because you, right now, can start a business and
have every Internet user in the world as a potential customer. If you
couldn't offer communications services without establishing an
overseas office? It would cripple Internet service development.

So what's a techie to do? Well, I'm not too worried, for a start: the
forces of money are with the forces of good on this one. And it's
really easy to oppose this proposal by making it into a jobs issue
("Come on, Mr. Congressman. Surely you don't want to hamper American
innovation, stall foreign investment, and eliminate high-paying
high-tech jobs, do you?"). But you're fighting the forces of fear
("you can't expect criminals to just be able to instantly evade law
enforcement detection! We've got to protect the public!").

So that's always tough. Still, it's better to make the discussion one
about the balance we as a society are willing to make between the
powers of law enforcement, the protection of civil liberties, and the
freedom of business to innovate. Making the discussion about the
technical risk of putting back doors in your secure systems puts you
in the technologist's usual position of being 100% right and 100%
guaranteed to lose the argument. Making the argument about how
protocol designers and cryptographers will comply just takes the
discussion into an esoteric world that doesn't really have a lot to do
with the policy proposal in question (since it would apply to
/providers of services/ and not to /technologies/).

All that said, it's a worthy issue to think through. And it's probably
right that discussion of it actually will distract from
possibly-objectionable terms for law-enforcement access to
communications in a rewritten ECPA. So stay vigilant, and don't be
distracted by a punch in the gut now and then.

For truthiness,

On Mon, Sep 27, 2010 at 10:43 PM, Zak Stone <zstone at gmail.com> wrote:
> Yes, the concern here is that universal backdoors would allow the
> government (and hackers who exploit the backdoors) to run universal
> wiretaps all the time.
> Zak
> On Mon, Sep 27, 2010 at 10:35 PM, EJ Bensing
> <ebensing at college.harvard.edu> wrote:
>> As a point to clarify on Byron’s interpretation of the 4th amendment… the
>> courts have basically ruled that anything stored in the cloud (IE. Emails,
>> ect.) don’t require a search warrant to access. They just have to comply
>> with a law called the Electronic Communications Privacy Act. This means that
>> if companies were forced to build backdoors in their software, they could be
>> exploited without judicial oversight as long as that act was followed.
>> We were actually talking about this today in my seminar (which is on laws
>> relating to the internet)
>> Needless to say, this is an incredibly ridiculous and damaging bill. But
>> congress seems to be a roll lately…
>> http://www.eff.org/deeplinks/2010/09/censorship-internet-takes-center-stage-online
>> -E.J. Bensing
>> From: hcs-discuss-bounces at lists.hcs.harvard.edu
>> [mailto:hcs-discuss-bounces at lists.hcs.harvard.edu] On Behalf Of Joe
>> Zimmerman
>> Sent: Monday, September 27, 2010 10:13 PM
>> To: Ted Pak
>> Cc: Carl Jackson; Greg Brockman; hcs-discuss at hcs.harvard.edu
>> Subject: Re: [hcs-d] Government wiretapping
>> On Mon, Sep 27, 2010 at 7:02 PM, Ted Pak <tpak at fas.harvard..edu> wrote:
>> If this actually happens, and I really doubt it will, it reminds me of the
>> days where the government restricted civilian use of encryption technology
>> so it could keep the military grade stuff for itself.  It was literally
>> illegal to do encryption above a certain key-length.  I thought we had moved
>> past that.
>> From the article:
>> "Developers of software that enables peer-to-peer communication must
>> redesign their service to allow interception."
>> I think that's where they're headed.
>> -Joe
>> On Sep 27, 2010, at 9:49 PM, Greg Brockman wrote:
>>> Wait, as I understand the proposed law, it's not about trying to get
>>> around legal process.  Rather, it's about making sure that when the
>>> government gets a warrant for a Skype phone call, Skype has the
>>> technical ability to decrypt said phone call and give it to the
>>> government.  The government itself will not gain that ability and will
>>> still have to go through exactly the same protocols they do now.
>>> Greg
>>> On Mon, Sep 27, 2010 at 9:35 PM, Joe Zimmerman <joe at hcs.harvard.edu>
>>> wrote:
>>>>> While I'm no lawyer, it seems unlikely that any such mandate would hold
>>>>> up
>>>>> in court.
>>>> I'm not sure about that. Courts have done some pretty crazy things in the
>>>> past (e.g., letting the DMCA stand).
>>>>> Plus, to access said encrypted data, the government would still
>>>>> technically need a warrant. The 4th amendment prohibits the government
>>>>> from
>>>>> accessing the information without a search warrant, so any charges they
>>>>> tried to bring against people based on evidence obtained without a
>>>>> warrant
>>>>> would be thrown out before you can say "constitutional rights".
>>>>> And remember that the 5th amendment means that people have the right to
>>>>> confront the evidence against them -- in particular the witnesses
>>>>> against
>>>>> them -- making any charges doubly difficult for the government....
>>>> Assuming the cases went to trial, as opposed to the people just
>>>> disappearing. Or, what is probably more common, the information gathered
>>>> being used extralegally to blackmail or frame people for other things.
>>>>> It's not to say that I approve of this policy. Honestly, why the
>>>>> intelligence community goes to such lengths to avoid appropriate legal
>>>>> processes (such as search warrants) boggles the mind. Particularly when
>>>>> there are special courts set up specifically for the purpose of issuing
>>>>> warrants for sensitive investigations.
>>>> See above, in part. Although, it occurs to me that the government has an
>>>> interesting angle here: right now, so much data on the Internet is
>>>> encrypted
>>>> that the feds don't know what to look for. Most of this is due to traffic
>>>> over SSL, destined for servers that have a physical and legal presence
>>>> and
>>>> whose owners can be held accountable to the proposed new law. If all of
>>>> this
>>>> traffic effectively became cleartext (on account of the backdoor), it
>>>> would
>>>> become much more feasible to look for encrypted transmissions (any
>>>> whatsoever) as a sign of suspicious activity.
>>>> -Joe
>>>>> On Mon, Sep 27, 2010 at 20:05, Zak Stone <zstone at gmail.com> wrote:
>>>>>> I imagine most businesses will vehemently oppose the legislation:
>>>>>> http://www.nytimes.com/2010/09/28/business/global/28secure.html
>>>>>> Zak
>>>>>> On Mon, Sep 27, 2010 at 5:37 PM, Zak Stone <zstone at gmail.com> wrote:
>>>>>>> It may be time to lobby Congress, folks, especially if there are plans
>>>>>>> to somehow prohibit individuals from using strong encryption
>>>>>>> technology. This legislation hasn't passed yet.
>>>>>>> Zak
>>>>>>> On Mon, Sep 27, 2010 at 5:30 PM, Joe Zimmerman <joe at hcs.harvard.edu>
>>>>>>> wrote:
>>>>>>>> Not to mention the entirety of Nineteen Eighty-Four.
>>>>>>>> -Joe
>>>>>>>> On Mon, Sep 27, 2010 at 1:46 PM, Siddarth Chandrasekaran
>>>>>>>> <chandrasekaran.siddarth at gmail.com> wrote:
>>>>>>>>> Frighteningly relevant:
>>>>>>>>> http://www.youtube.com/watch?v=7DRAD-j8ObI
>>>>>>>>> "There are of course those who do not want us to speak. I suspect
>>>>>>>>> even
>>>>>>>>> now, orders are being shouted into telephones, and men with guns
>>>>>>>>> will
>>>>>>>>> soon be on their way. Why? Because while the truncheon may be used
>>>>>>>>> in
>>>>>>>>> lieu of conversation, words will always retain their power. Words
>>>>>>>>> offer the means to meaning, and for those who will listen, the
>>>>>>>>> enunciation of truth. And the truth is, there is something terribly
>>>>>>>>> wrong with this country, isn't there? Cruelty and injustice,
>>>>>>>>> intolerance and oppression. And where once you had the freedom to
>>>>>>>>> object, to think and speak as you saw fit, you now have censors and
>>>>>>>>> systems of surveillance coercing your conformity and soliciting your
>>>>>>>>> submission. How did this happen? Who's to blame?"
>>>>>>>>> Siddarth
>>>>>>>>> On Mon, Sep 27, 2010 at 4:39 PM, Jim Danz <danz at fas.harvard.edu>
>>>>>>>>> wrote:
>>>>>>>>>> What?  That's never happened to me on NYT and I'm definitely not a
>>>>>>>>>> member.
>>>>>>>>>> On Mon, Sep 27, 2010 at 4:35 PM, Carl Jackson <carl at avtok.com>
>>>>>>>>>> wrote:
>>>>>>>>>>> http://imgur.com/tyiT0
>>>>>>>>>>> In other news, this is really really unfortunate. I'll probably
>>>>>>>>>>> say
>>>>>>>>>>> more
>>>>>>>>>>> angry words when I figure out how to read the article :P
>>>>>>>>>>> Carl
>>>>>>>>>>> On Sep 27, 2010, at 4:30 PM, Greg Brockman wrote:
>>>>>>>>>>>> Looks like the government is considering mandating communication
>>>>>>>>>>>> service providers to put backdoors in their softwares' crypto:
>>>>>>>>>>>> http://www.nytimes.com/2010/09/27/us/27wiretap.html?_r=1
>>>>>>>>>>>> Any thoughts?
>>>>>>>>>>>> Best,
>>>>>>>>>>>> Greg
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> hcs-discuss mailing list
>>>>>>>>>>>> hcs-discuss at lists.hcs.harvard.edu
>>>>>>>>>>>> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> hcs-discuss mailing list
>>>>>>>>>>> hcs-discuss at lists.hcs.harvard.edu
>>>>>>>>>>> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss
>>>>>>>>>> _______________________________________________
>>>>>>>>>> hcs-discuss mailing list
>>>>>>>>>> hcs-discuss at lists.hcs.harvard.edu
>>>>>>>>>> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss
>>>>>>>>> _______________________________________________
>>>>>>>>> hcs-discuss mailing list
>>>>>>>>> hcs-discuss at lists.hcs.harvard.edu
>>>>>>>>> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss
>>>>>>>> _______________________________________________
>>>>>>>> hcs-discuss mailing list
>>>>>>>> hcs-discuss at lists.hcs.harvard.edu
>>>>>>>> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss
>>>>>> _______________________________________________
>>>>>> hcs-discuss mailing list
>>>>>> hcs-discuss at lists.hcs.harvard.edu
>>>>>> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss
>>> _______________________________________________
>>> hcs-discuss mailing list
>>> hcs-discuss at lists..hcs.harvard.edu
>>> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss
>> _______________________________________________
>> hcs-discuss mailing list
>> hcs-discuss at lists.hcs.harvard.edu
>> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss
> _______________________________________________
> hcs-discuss mailing list
> hcs-discuss at lists.hcs.harvard.edu
> https://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss

More information about the hcs-discuss mailing list