Big Brother wants to create a backdoor into your online communications with CALEA
According to the New York Times, President Obama is "on the verge of backing" a proposal by the FBI to introduce legislation dramatically expanding the reach of the Communications Assistance for Law Enforcement Act, or CALEA. CALEA forces telephone companies to provide backdoors to the government so that it can spy on users after obtaining court approval, and was expanded in 2006 to reach Internet technologies like VoIP. The new proposal reportedly allows the FBI to listen in on any conversation online, regardless of the technology used, by mandating engineers build "backdoors" into communications software.
We urge EFF supporters to tell the administration now to stop this proposal, provisionally called CALEA II.
The rumored proposal is a tremendous blow to security and privacy and is based on the FBI's complaint that it is "Going Dark," or unable to listen in on Internet users' communications. But the FBI has offered few concrete examples and no significant numbers of situations where it has been stymied by communications technology like encryption. To the contrary, with the growth of digital communications, the FBI has an unprecedented level of access to our communications and personal data; access which it regularly uses. In an age where the government claims to want to beef up Internet security, any backdoors into our communications makes our infrastructure weaker.
Backdoors also take away developers' right to innovate and users' right to protect their privacy and First Amendment-protected anonymity of speech with the technologies of their choice. The FBI's dream of an Internet where it can listen to anything, even with a court order, is wrong and inconsistent with our values. One should be able to have a private conversation online, just as one can have a private conversation in person.
Despite the FBI's rhetoric, there are few concrete examples of the FBI's purported need to expand its already efficient all-seeing eye. Current law requires annual reporting by the Department of Justice (DOJ) regarding the use of the government's wiretapping powers; the report includes statistics on how often Federal law enforcement has been impeded in a court-authorized investigation by encryption or has been unable to access communications. These statistics show that this has happened only rarely. In its most recent report—from 2010—DOJ reported that encryption had only been encountered all of 12 times.
Did the encryption stop the investigation, or even prevent the wiretappers from figuring out what was being said? No. The report admits that in all of these instances, police were able to obtain the plain text of communications. Previous years' numbers are similar. Aside from government reports, in 2012 telecommunications companies also revealed that a very low percentage of law enforcement requests for user information were rejected. In AT&T's case, only 965 out of over 250,000 requests for user information were rejected. Overall, the available public statistics don't appear to support the FBI's claims about its inability to access communications.
Former White House Chief Counselor for Privacy Peter Swire and Kenesa Ahmad argued persuasively in 2011 that, overall, "today [is] a golden age for surveillance"—regardless of whether law enforcement is assured of automatic access to each and every kind of communication, and regardless of whether individuals sometimes succeed in using privacy technologies to protect themselves against some kinds of surveillance.
CALEA II will force companies with messaging services—from Google to Twitter to video game developers—to insert backdoors into their platforms. But backdoors only make us weaker and more vulnerable. It's ironic that CALEA II may be proposed only months after Congress pushed “cybersecurity” legislation to protect our networks. The notion of mandating backdoors in software is the antithesis of online security, which is why some academics have called it a “ticking time bomb.”
A proposal to expand backdoors into communications software ensures that online hackers, communications company insiders, and nation-states have a direct entrance to attack—and steal from—companies and government agencies. In one notorious example, someone exploited backdoors in a Greek phone company's systems and recorded sensitive conversations involving the Prime Minister. Wiretapping backdoors even affect national security. In 2012, Wired revealed the NSA's discovery and concern that every telephone switch for sale to the Department of Defense had security vulnerabilities due to the legally-mandated wiretap implementation. If politicians are serious about online security, they will not make these security blunders even worse by bringing more sensitive communication technologies under CALEA's scope.
Just last week, an ad hoc group of twenty renowned computer security experts issued a report explaining their consensus that CALEA II proposals could seriously harm computer security. These experts said that a requirement to weaken security with deliberate backdoors “amounts to developing for our adversaries capabilities that they may not have the competence, access or resources to develop on their own.”
And now the Washington Post has reported that intruders, allegedly working on behalf of the Chinese government, broke into Google's existing surveillance systems. (In this case, the report says that the intruders learned who was targeted by these systems, rather than accessing the contents of the targets' accounts or communications—but it's easy to see that wiretap contents would ultimately represent an even bigger target, and a bigger prize. Even more exciting would be the prospect of remotely activating new wiretaps against victims of an intruder's choice.)
https://www.eff.org/deeplinks/2013/05/caleatw
Enforcement of the Communications Assistance for Law Enforcement Act:
http://www.law.cornell.edu/uscode/text/18/2522
TPP: The biggest threat to the internet you've probably never heard of:
When most people think of a trade agreement, they're unlikely to think that it would have anything to do with regulating the Internet. For more than a decade however, the Office of the U.S. Trade Representative has included copyright enforcement in international trade deals. Such provisions empower countries to enact digital restrictions in the name of preventing illegal file sharing. In practice, these copyright measures strip Internet users of their rights to privacy, free speech, and access to knowledge and culture, and could even work to undermine their very purpose of enabling and promoting innovation and creativity.
Such provisions closely mirror the language carried in the U.S. Digital Millennium Copyright Act (DMCA). Up to this point, we have already seen over 15 years of harmful effects due to the DMCA and now there are widespread efforts in the U.S. to reform it. It's therefore both improper and contradictory for the U.S. Trade Rep to push the U.S. copyright system around the world when our own government recognizes that our system is defective.
This new animated video explains how two provisions of the Trans-Pacific Partnership (TPP) agreement's intellectual property chapter threaten users' rights. First, it creates legal incentives for Internet and online service providers to police their users' activities for copyright infringement. Second, the TPP carries rigid protections for digital rights management (DRM) in ways that could create expansive chilling effects for anyone who wishes to legally share and interact with their content and devices.
https://www.eff.org/deeplinks/2013/05/new-animated-video-about-tpp-and-its-chilling-effects