Here's One Way to Try to Avoid the FBI's Internet Wiretapping Proposal
If The New York Times is to be believed, the Obama administration is "on the verge of" signing off on a proposal from the FBI that would make it easier for the agency's to intercept online communications. Please allow us to offer a tip that may help you avoid the Feds' steely gaze.
RELATED: FBI Raids in New York and California Target Anonymous
We should first explain what is being proposed. For some time, the FBI has sought a way to observe information that passes through internet service providers in the same way they can (with a warrant) listen in on phone conversations. The problem is that while it's relatively easy for the FBI to deal with the handful of companies that operate telephone networks, there are many, many platforms on the Internet which people use to communicate: Gchat, Facebook, Twitter direct messages, Snapchat, etc. And as people — specifically, the people who the FBI wants to listen in on — use phones less and the Internet more, less and less communication is visible to their wiretapping. In testimony before Congress in 2011, the FBI's general counsel described what she called the "Going Dark" problem.
[S]ome providers are currently obligated by law to have technical solutions in place prior to receiving a court order to intercept electronic communications, but do not maintain those solutions in a manner consistent with their legal mandate. Other providers have no such existing mandate and simply develop capabilities upon receipt of a court order. In our experience, some providers actively work with the government to develop intercept solutions, while others do not have the technical expertise or resources to do so. As a result, on a regular basis, the government is unable to obtain communications and related data, even when authorized by a court to do so.
The problem isn't really encryption, as such. While communications over Facebook and GMail and Apple's iMessage are encrypted, what the FBI really wants is a way for those companies — and others that don't use encryption — to let it peek in on what is being said.
RELATED: If the FBI Nails News Corp. It'll Be for Bribery, Not Hacking
Not always, mind you — just after they get a court order. The FBI presents it as a natural evolution of its existing ability to eavesdrop on phone calls once a judge signs a warrant. In those cases, the FBI approaches a phone company, which allows access to communications involving a party. What the FBI wants to do, it assures those asking, is simply to allow that same sort of ability if it goes and knocks on Facebook's front door, warrant in-hand. The Times quotes another of the FBI's attorneys.
“This doesn’t create any new legal surveillance authority,” [Andrew Weissmann] said. “This always requires a court order. None of the ‘going dark’ solutions would do anything except update the law given means of modern communications.”
Late last month, The Washington Post reported on the proposal being developed by a government task force which would need to be passed by Congress. The amendment to the existing wiretapping law — the Communications Assistance to Law Enforcement Act — would allow a court to impose a series of increasing fines if a firm won't or can't comply with an FBI request to allow it to observe communications. (In the past, the Feds would apparently back off from companies that resisted.) In addition to indicating the president's likely support, The Times clarified how it would work in practice:
Under the proposal, officials said, for a company to be eligible for the strictest deadlines and fines — starting at $25,000 a day — it must first have been put on notice that it needed surveillance capabilities, triggering a 30-day period to consult with the government on any technical problems. …
Foreign-based communications services that do business in the United States would be subject to the same procedures, and would be required to have a point of contact on domestic soil who could be served with a wiretap order, officials said.
That notice that begins the 30-day requirement for compliance could, for example, be in the form of the signed warrant from the judge.
RELATED: FBI Confirms Arrests in Anonymous Hacking Case
It sounds simple. It is not.
RELATED: FBI Makes an Arrest for Threats to Eric Cantor's Family
For one thing, internet communications are not like phone calls. While the FBI's goal isn't to break encryption directly, that's its effect in practice. This is not a trivial endeavor. Internet traffic is encrypted at various levels of difficulty, some of which are far harder to access than others. In some cases, the encryption takes place between users and isn't done by the company. Coming up with systems to allow the FBI access to communication could theoretically be very time- and resource-consuming. Because that cost is borne differently by companies of different sizes, The Times points out a strategy for those looking to evade observation.
The difference [in the latest proposal], officials say, means that start-ups with a small number of users would have fewer worries about wiretapping issues unless the companies became popular enough to come to the Justice Department’s attention.
Which brings us to the most obvious way for terrorists or drug dealers or law-breakers or, yes, privacy puritans to avoid the FBI's proposed wiretapping ability: if you want to reduce the likelihood that your communications will be observed, check out what will hereafter be known as "burner" companies — new shops that enable the sort of communications you want to do but are unlikely to have enough users that one draws the attention of the FBI. Become a TechCrunch afficianado! When a company announces it's "a new way to connect people," that's your best bet, as long as it doesn't become too popular. (The "burner" analogy to cheap cell phones — you've seen The Wire, right? — is flawed, of course; that would be more like creating new Facebook accounts to send messages for a day or so.)
RELATED: The Unabomber May Work With the FBI on 1982 Tylenol Poisonings
But of course, the FBI is not the only who might have an easier time observing your communications if the proposal goes forward. Opponents argue that placing backdoors into online platforms, these companies will necessarily be creating a way for anyone with enough savvy and access (i.e. hackers) to discover and break in. The Verge quotes a professor from Columbia University: "I think it’s a disaster waiting to happen.”
There is a tiny chance that all of this is moot. The Guardian's Glenn Greenwald pointed to a CNN interview last week with a former FBI agent who claimed that the federal government was already storing all digital communication. All as in all. This is highly unlikely, if only because of the infrastructure that would be required. But if it is the case: Go ahead and use Facebook.
Photo: The FBI comes knocking. (AP)
