Stolen from Wired http://www.wired.com/news/politics/0,1283,32100,00.html
10:45 a.m. 25.Oct.99.PDTThe Internet's standards body should not craft technology to aid government surveillance, a prominent conservative congressman says.
Representative Bob Barr (R-Georgia) said that there is no reason for the Internet Engineering Task Force to support wiretapping in the next generation of protocols and that doing so would be "dangerous."
"For the sake of protecting freedom, commerce, and privacy on the Internet, I urge you to draw the line firmly and early, by immediately rejecting any attempts to force a cumbersome, expensive, and dangerous surveillance architecture on the Internet," Barr wrote in a letter to IETF chairman Fred Baker.
Next month, the IETF will decide whether to support government surveillance in the protocols that computers connected to the Internet use to communicate. The FBI has said those standards should support lawful wiretaps.
Barr predicted that if the IETF complies with the FBI's wishes, privacy would be endangered online through back doors in products, law enforcement would be emboldened and demand even more access, and the costs to consumers would rise.
Since his election in 1994, Barr has become a prominent privacy advocate in Congress, frequently siding with the ACLU and denouncing expansions of government power such as FBI demands for "roving" wiretaps. Best known for demanding Clinton's impeachment even before the Lewinsky scandal, Barr has also fought against same-sex marriages and drug legalization.
While Barr's letter is intended to signal that Congress is interested in what has been an internal IETF debate -- and may be the first time that a legislator has ever weighed in on one -- it could have limited impact.
The IETF is an international standards-setting body that has long prided itself on being above parochial, national concerns.
Then again, say law enforcement agents, nations have required their telephone companies to support wiretapping, and may require Internet companies to buy snoopable products as more communication takes place online.
"I'm not aware of any country that does not allow for the use of electronic surveillance," an FBI spokesman told Wired News. "This is an issue that has no country bounds."
In discussions on an internal IETF mailing list, some proponents of readily-available wiretapping have said that a 1994 law called the Communications Assistance to Law Enforcement Act, or CALEA, may require Net-telephony companies to support surveillance.
"In my opinion, Internet telephony in its current form falls far short of the statutory definitions in CALEA," Barr said. "Furthermore, based on Congress' intent to do nothing more than maintain the status quo by enacting CALEA, it is questionable whether Internet telephony could ever be appropriately included under the Act's mandates."
Barr indicated he would consider introducing legislation to block the Clinton administration from making any such demands.
October 25, 1999
Mr. Fred Baker
IETF Secretariat
C/o Corporation for National Research Initiatives
1895 Preston White Drive
Suite 100
Reston, Virginia 20191-5434
IN RE: Wiretapping and Internet Telephony
Dear Mr. Baker:
In light of the fact that the Internet Engineering Task Force (IETF) has become involved in the Communications Assistance to Law Enforcement Act (CALEA) compliance debate, I write to urge your strong opposition to any effort to force a surveillance-friendly architecture on the Internet. There are several reasons why opposition to such efforts is critical.
When CALEA was enacted in 1994, law enforcement officials assured Congress its only effect would be to maintain the wiretapping status quo. Since then, the same officials have used every opportunity to pressure telecommunications companies to create unprecedented monitoring capabilities going far beyond the status quo, CALEA's mandates, the intent of Congress, and the Fourth Amendment. Even worse, the telecommunications companies have been forced to either pass these costs along to their customers or contest law enforcement's demands in court.
In my opinion, Internet telephony in its current form falls far short of the statutory definitions in CALEA. Furthermore, based on Congress's intent to do nothing more than maintain the status quo by enacting CALEA, it is questionable whether Internet telephony could ever be appropriately included under the Act's mandates. Of course, this fact will not put an end to demands by law enforcement and regulators that Internet service providers and telecommunications companies make their jobs easier by wiretapping the Internet for them.
If you encourage such steps, several things will happen. First, network and software creators will begin building flaws into products in order to create back doors for law enforcement. In the process, the security that serves as a prerequisite and incentive for electronic commerce and communication will be threatened. As hackers demonstrate with frightening regularity, practically no system is fully secure. Building intentional flaws into systems will expose them to criminal abuse and unconstitutional monitoring.
Secondly, an initial demand for limited access to Internet telephone calls will soon expand into an ever-increasing demand for access to all voice communications, followed by a demand for access to e-mail and data traffic. If the IETF gets in the business of trying to anticipate what the government might demand, government agencies will thank you for your efforts, and promptly issue more demands. It is a virtual certainty the government's demands will exceed the private sector's willingness and ability to comply with them. The only real question is precisely when that point will be reached.
Finally, Internet-based companies will be forced to pass compliance and legal costs along to their customers. In a sector where cost-competitiveness is critical, compliance costs could bring the development of exciting new Internet telephony products and services to a virtual standstill. Similar effects could also be felt on practically every Internet company, if surveillance mandates are expanded beyond telephony.
For the sake of protecting freedom, commerce, and privacy on the Internet, I urge you to draw the line firmly and early, by immediately rejecting any attempts to force a cumbersome, expensive, and dangerous surveillance architecture on the Internet. If you arrive at the conclusion further legal protections are needed to ensure a massive wiretapping structure is not imposed on the Internet, I would welcome the opportunity to discuss how best to enact them.
With kind regards, I am,
very truly yours,
BOB BARR
Member of Congress