FCC's VoIP Wiretapping Rules challanged

Grant Gross, IDG News Service
Tuesday, October 25, 2005

WASHINGTON--A group of privacy advocates and technology companies today filed court papers to challenge a ruling by the U.S. Federal Communications Commission, saying it overstepped its authority by requiring Internet telephony providers to allow wiretapping by law enforcement agencies.
The groups, including advocacy groups the Center for Democracy and Technology and the Electronic Frontier Foundation, argued that an FCC's ruling on Voice over Internet Protocol could introduce security vulnerabilities into such services, could drive up costs for customers, and could open up additional Internet applications, such as instant messaging, to wiretap rules.

The August 2004 FCC ruling requires VoIP providers, by early 2007, to build in technology that complies with a 1994 telephone wiretapping law called the Communications Assistance for Law Enforcement Act (CALEA). But adding such functionality to VoIP could introduce security holes by increasing the complexity of the code, and it could open up vulnerabilities to sophisticated hackers, said Susan Landau, a Sun Microsystems engineer.

"What the FCC rule does is say, 'Build surveillance technology into Internet Protocol,'" she said. "We feel that's very dangerous and weakens national security rather than strengthens it."