Forgot your password?
typodupeerror
Privacy Government Politics Technology

FCC Demands Universities Comply With Wiretap Law 215

Posted by Zonk
from the keeping-those-dangerous-students-in-line dept.
tabdelgawad writes "The New York Times reports that the FCC is requiring universities to upgrade their online systems to comply with the 1994 wiretap law, which would make it easier for law enforcement to monitor communications online. The universities are not objecting on civil rights grounds (the law requires a court order before monitoring), but on cost grounds (upgrades may cost $7 billion). But with the technology infrastructure in place, what happens if congress decides to relax court order requirements in the future 'in their fight against criminals, terrorists and spies?'"
This discussion has been archived. No new comments can be posted.

FCC Demands Universities Comply With Wiretap Law

Comments Filter:
  • Nice (Score:3, Interesting)

    by Jonnty (910561) <jonnty AT gmail DOT com> on Saturday October 22, 2005 @05:45PM (#13854117) Homepage
    So they have to pay lots of money and reduce their civil rights completly (I don't think any privacy laws are legally binding anymore...) It's got to stop. Unless the court order remains and is completly open, which isn't going to happen, this is just not acceptable. At least I live in Britain, which hasn't got all these civil rights reducing measures...quite yet.
    • Re:Nice (Score:5, Insightful)

      by Pantero Blanco (792776) on Saturday October 22, 2005 @06:13PM (#13854219)
      >>At least I live in Britain, which hasn't got all these civil rights reducing measures...quite yet. ...You're joking, right? Maybe you don't have this specific rights-reduction, but I'd say surveillance cameras all over the place and a handgun ban are pretty bad.
      • Re:Nice (Score:3, Funny)

        by dfjunior (774213)
        surveillance cameras all over the place and a handgun ban

        Welcome to Chicago, my friend
      • Re:Nice (Score:5, Informative)

        by markh1967 (315861) on Saturday October 22, 2005 @08:59PM (#13855029)
        and a handgun ban are pretty bad.

        When it comes to guns the UK population in general has a completely different attitude to than the US. The ban on firearms has practicly the complete support of politicians and the public; there is no gun lobby and it's a non-issue politicly. It could be seen as a reduction in civil rights if people in the UK wanted to own firearms but weren't allowed to but, as things stand, it's universally regarded as a good law. My local shop sells some gun magazines but, tellingly, they store them on the top shelf with the pornography.

    • Re:Nice (Score:5, Informative)

      by timmyf2371 (586051) on Saturday October 22, 2005 @06:24PM (#13854267)
      Sorry to break it to you, but you might want to read up on the Regulatory of Investgatory Powers Bill [the-statio...fice.co.uk].

      In summary, the Government can "request" your password/encryption key at any time. Failure to hand it over, or even to disclose to anyone that you have been "asked" is a criminal offence punishable by jailtime. Oh, and a bunch of other goodies which totally make a mockery of our justice system and civil rights.

      • Universities require FBI to honor Constitution.

        Free speech includes talking in English, Pig Latin, AES, or private, as desired.

      • I was under the impression that law enforcement couldn't force someone to give up a secret key or password to an encrypted file so they can use the file in court because it constitutes a violation of the defendant's 5th amendment rights...

        ...nor shall be compelled in any criminal case to be a witness against himself...

        Isn't forcing someone to give up their password or whatever the same thing as requiring someone to waive their privilege against self-incrimination in order to obtain evidence to which he/

    • by User 956 (568564) on Saturday October 22, 2005 @07:09PM (#13854463) Homepage
      In 2004, court-ordered wiretaps increased by 19% [sfgate.com]. This number doesn't even include terror-related wiretaps (which number an unheard of 1,754). It also doesn't include so-called "secret" wiretaps, allowed by Patriot.

      The only groups these wiretaps hurt are the law-abiding citizens. The smart (read: dangerous) criminals have it all figured out-- Prepaid cell phones.

      Pre-paid cell phones are literally disposable, one-use toys to the bad guys. You don't even need a fake ID, just cash, and not all that much at that. How can they tap your phone when you use a different phone for each call? The best they could do is tap all the pre-paid phones and listen to every conversation out there -- good luck with that! (wanna bet the NSA is big into voice recognition?)
      • Season Three If you can't get taps on the burners, just sell the crooks pre-tapped phones.
      • This is not that simple anymore - in the most European countries, even if you buy pre-paid phone or just the SIM card for a GSM phone, you have to register it with the operator. Then your ID, address, date of birth and few other things are collected and kept on file. Without this the phone will not be activated and it is illegal to operate it. This change happened after 9/11 when exactly this scheme was discovered - criminals using pre-paid disposable phones. I remember some arrests here in Switzerland in c
        • I purchased two pre-paid GSM cell phones last month, just as a test.

          I bought them in WalMart with cash, and a couple refill cards also with cash. I followed the activation sequence in the manual, doing it from the courtesy phone in a hotel lobby. I was not a registered guest at the hotel.

          The last part of the activation sequence asked me for a name and address. I lied -- just flat out made both up using a PO Box in an adjacent city and a phony name. The computer voice-response on the other end did not kn
    • There is only one way to stop the wholesale destruction of our rights by governmental bodies.

      Revolution. Nothing short of this will make a bit of difference.
  • by Propagandhi (570791) on Saturday October 22, 2005 @05:46PM (#13854121) Journal
    When I first read that headline I thought it said FCC Demands Universe Comply With Wiretap Law... Oddly, it didn't seem at all surprising.
  • Can't read TFA - you need to log in.

    I'm not sure objecting to possible future law changes is valid. While the government has been known to make those proposed law changes, they still actually have to change the law. The problem with some laws, and the ones we usually complain about here, is that they don't need to be changed to be abusive. Court supervision is our society's check on the power of investigating bodies. According to the summary - the law qualifies.

    ZK
    • by Anonymous Coward
      Can't read TFA - you need to log in.

      Here's the text (both pages):

      Colleges Protest Call to Upgrade Online Systems
      E-Mail This
      Printer-Friendly
      Single-Page
      Reprints
      Save Article
      By SAM DILLON and STEPHEN LABATON
      Published: October 23, 2005

      The federal government, vastly extending the reach of an 11-year-old law, is requiring hundreds of universities, online communications companies and cities to overhaul their Internet computer networks to make it easier for law enforcement authorities to monitor e-mail and other onl
    • I remember techs who used to tap into the phones at work and listen to personal calls. It was easy to do, but they needed physical access to the telco closet.

      What are the limitations of the technology that is being deployed?

      Can someone "tap" a connection remotely?

      Wouldn't this easily be defeated by using encrypted connections all the time?
  • Got to love /. (Score:2, Insightful)

    by shawn(at)fsu (447153)
    But with the technology infrastructure in place, what happens if congress decides to relax court order requirements in the future 'in their fight against criminals, terrorists and spies?'

    Every time a stroy likes this gets posted we don't complain about the facts we get cought up in "what if's"

    • What if a student is plotting a terrorist act? Oh no! We may have a way to catch them! The horror!
      • Re:Got to love /. (Score:3, Insightful)

        by hazem (472289)
        What if a citizen is plotting a terrorist act?

        Quick! We must put GPS trackers, head-mounted cameras, and explosive collars on every person so the government can know what they're doing at any moment and blow their heads off at the first sign of unpatriotic activity.

        Seriously, the more we give up our privacy and liberty to "protect our society", the more it becomes a society not worth protecting.
  • Seven billion dollars?! What a universal pain in the ass!
    • Considering how much money they demand from me, I really don't have much sympathy.
    • Expenses aren't even the biggest pain in the ass. You went to the same university as I did, you know how the bureaucracy is. Can you imagine them trying to come to an agreement on how to comply, and the IT people implementing it? Can you imagine them doing it in a way that wouldn't completely piss off all the /.-reading CPSC students even moreso than it already would?
  • by Wesley Felter (138342) <wesley@felter.org> on Saturday October 22, 2005 @05:52PM (#13854137) Homepage
    Where's the fourth horseman? There are supposed to be four!
  • by cgenman (325138) on Saturday October 22, 2005 @05:52PM (#13854138) Homepage
    The federal government wants to make it more difficult for "criminals, terrorists and spies" by opening more backdoors in the system? Isn't that exactly the sort of thing that would make it easier for criminals, terrorists, and spies to get the info they need?
  • LOGIN FOR TFA (Score:3, Informative)

    by Lurk3r (786010) on Saturday October 22, 2005 @05:53PM (#13854139)
    A login for TFA is Login: slashdot@slashdot.org Password: slashdot
  • Ex parte, friends. (Score:5, Insightful)

    by fuzzy12345 (745891) on Saturday October 22, 2005 @05:57PM (#13854159)
    One thing you have to understand: Our legal system is normally an adversarial one. It isn't the judge's role to question one side's assertion, that's the other side's job. The judge is typically a neutral arbiter who doesn't ask hard questions, but relies on the self-interest of two warring parties to expose each other's weaknesses.

    Wiretap orders are ex-parte. That is, only one party is present, and the judge, normally neutral, is expected to suddenly become a more active participant in the search for justice (like judges in civil/Napoleonic code type jurisdictions are), asking hard questions in place of the absent other party. Needless to say, a judge who normally acts in one paradigm (and indeed has no training in the other) isn't likely to suddenly change his stripes. Further, the police know full well which judges are likely to ask a question or two and which are likely to issue an order without question, so judge shopping inevitably occurs.

    What percentage of search warrants and wiretap requests are denied? I challenge you to even find statistics about such things.

    Parte on, dudes.

    • There ought to be a privacy advocate whose job it was to be the devil's advocate at hearings on search warrants and oppose them. That way the judge could retain his or her familiar neutral role and warrants would be subject to great scrutiny.

    • The statistics are easy to find. However that won't help you sleep better. In 2004 there were aboyt 3500 wiretap requests by law enforcement agencies. NONE were denied.

      What is surprising to me is the relatively small number. On the other hand it seems pretty unlikely that Congress will be under any pressure to pass a law granting wiretap authority without court approval since the courts never deny a wiretap application.

      Of course you are free to ask to supress such evidence in the case you are brought to tri
      • I am not surprised that the total number of wiretaps requested is small, and only mildly surprised that the number that were denied is zero (I would have expected a handfull, but not many more than that). It would be interesting to see the historical statistics, but (a) the police learned that the judges were serious about the need to show cause for a wiretap and (b) the bad guys learned to not say important things over the phone. If I were a bad guy, and real-time voice communications with other bad guys w
      • In 2004 there were aboyt 3500 wiretap requests by law enforcement agencies. NONE were denied.

        I'm skeptical that wiretap requests are ever actually "denied" outright, even when the system is working properly. My understanding is that usually the judge simply tells the officer, "you'll need to add information X, Y and Z to your request before I will authorize it." At that point, the officer either investigates further and obtains 'information X, Y, and Z', or just doesn't bother coming back.

  • by AppleFever (917782) on Saturday October 22, 2005 @05:59PM (#13854166)
    I already know that my university network isn't secure from fellow students, so basically what this does is allow law enforcement to sit on their asses from work and see what us kiddos are doing...when all they needed to do was walk their laptop over here and plug into the wall and they can do the same.

    The solution is simple, and I do it myself. I SSH Tunnel all of my traffic out of my university to my off-site server so that I don't have to worry about an insecure network. I don't have any control over their policies and sniffing is very simple, even on a switched network.

    When your ISP (the university) doesn't have your security in mind, then why should I trust them? And I have even more reason to now.

    And I am not forgetting that the off-site server will soon have a similar back door made by my ISP. And when that happens, I might as well look for a server in NL.

    _ _ _ _ _ _
    Got Teeth?
    http://www.doctorgallagher.com/ [doctorgallagher.com]
  • by Pyromage (19360) on Saturday October 22, 2005 @05:59PM (#13854167) Homepage
    I'm on your side in this one, but honestly, how could you possibly think that "Well, they might decide to fuck us later" is a valid argument?

    If it were, you wouldn't be allowed to do anything. Well, if I pay you for my groceries, you might just take the money and run, so I don't have to pay. But officer, if you arrest me, you might beat a confession out of me, so you're not allowed to arrest me.

    No, congress isn't supposed to be allowed to fuck me over things I 'might' do, and the inverse applies too.
    • I know it's not fair to editorialize in a story submission, though I'd probably do it again in this case.

      The problem with your analogies is that Congress has a history of ignoring privacy rights when it suits them. Consider how fast the Patriot Act passed Congress. And consider the 'turbo' subpoenas of the DMCA.

      I think it's good to have both technological and legal barriers to invasions of privacy. I don't want to live in a world where the government has the technological capability, if not the legal rig
      • Um. The problem with your counter argument is that citizens have a history of breaking laws and doing nasty, bad things to each other and organizations. What then, your point? Do you want to live in a world where the average joe has the technological capability, if not the legal right, to break whatever law/mores they choose? The coin has two sides.
    • Because it has been seen over and over and over again that once invasive infrastructure is allowed to exist, it WILL be abused. Creeping featurism.

      For example, the law in Virginia requiring seat belt use is obviously a violation of civil liberties. What right does the government have to try and protect me from myself? None. The interested parties knew it wouldn't pass.... so to get it passed, it was worded that "we will never use it as a primary way to issue citations. We will never pull anyone over f
      • Fast forward several years and... SURPRISE! Now that people are used to giving up their rights it was much easier to pass the original intent of the law. So now the law was revised and the police *CAN* pull you over and ticket you for not wearing a seatbelt... even for no other reason. I would never get in a car without wearning a seatbelt, regardless of any laws... but that is not the point.

        Yah ... they pulled that here in Illinois too. The hue-and-cry over the original seat-belt law was deafening, but
        • Add California to the list of seatbelt laws.

          They were originally passed as "the state winds up having to pay for them..."

          My opinion on seatbelt (and helmet) laws is this: Feel free not to wear a seatbelt of a helmet. If you're not wearing one, and you're injured, you won't get a cent in aid from the state, so your insurance better be paid up.
  • FCC taps YOU!

    errrr.... never mind...

  • As technology facilitates eavesdropping and spying on each other, one may well assume that the only reasonable thing to do is to adopt a position of total openness of information for all, with nobody having any secrets to hide. The real question here is...If we were all wiretapped. How many of us would have things to hide?
    • The only people with "nothing to hide" are the people who own nothing, know nothing of value, and don't do anything that might be of interest to others.

      Even Oog the Caveman has a secret (where he hides his stash of dried meat.)

  • Perhaps the US government in their infinite wisdom could devise some plan whereas they go about renetworking the entire internet through the FBI? After all, the US does own the world. Don't we?
  • by tbuckner (861471) on Saturday October 22, 2005 @06:10PM (#13854212)
    Let's face it, an inefficient law-enforcement apparatus is the only reason we still have certain freedoms at all. The closer the government can get to truly universal surveillance (total tapping capability, cameras everywhere, biometrics and data-mining methods to handle the firehose of data), the closer we come to a police state that cannot be resisted. That's why the feds are leaning on Skype and other VOIP providers; currently, Skype can't be tapped.

    The most dangerous weapon a criminal can carry is a badge.
    • > Skype can't be tapped

      you meant to say "skype, the telco now owned by ebay, does not have any known back doors"

      Remember how lotus notes's export encryption system used to include half the secret key in part of the transmission, so the nsa/fbi could pick it up, leaving only a, what, 64 bit key to break? In closed source code, putting in back doors for the government(s) is not only technically easy, it's the kind of thing that management think is a good idea.

  • But with the technology infrastructure in place, what happens if congress decides to relax court order requirements in the future 'in their fight against criminals, terrorists and spies?

    Civil Libertarians worry too much about infrastructure. Not that the treat to privacy isn't real. But not having an evesdropping infrastructure in place doesn't buy us much.

    Consider the phone system. Not so long ago, you tapping a phone was hard. You had to make a physical connection to the specific phone line. ("Hey Bug

  • the FCC is requiring universities to upgrade their online systems Why doesnt the FCC downgrade their online systems? That way everybody will be nice and compatible again, and I can continue my download of The 40 Year Old Virgin torrent. Maybe a little pr0n too while I'm at it...
  • My own insane theory (Score:4, Interesting)

    by pcgamez (40751) on Saturday October 22, 2005 @06:19PM (#13854246)
    Why doesn't the FCC pay for it? I bet that will get them to have some common sense. I of course realise this means that the cost will still be the same or more. What it will also do is raise more congressional concern as the FCC will have to request that amount.
    • Umm, because it's law that the universities have to have this capability? It's been law for >10 years... it's not like the universities haven't had time to get this implemented.

      It's illegal to drive with a burnt-out headlight. If your car has a burnt headlight, should the policeman who pulled you over pay for the replacement bulb?

  • by creimer (824291) on Saturday October 22, 2005 @06:22PM (#13854262) Homepage
    I waited three years for the C++ classes to become available at the local community college since the school didn't have the money to renew the Microsoft site license. (Java and Linux was taught during the meantime; not bad but job market for C++ programmers is a tad bit larger.) Now the Feds want the schools to upgrade the network infrastructure to find the next Neo in the Matrix. Oh, my gosh. I wonder which budget that little hardware upgrade is going to come from. Guess I'll be learning more Java at Starbucks when I graduate.
  • Universities are well known for harboring dissidents and terrorists [kent.edu].

    It's all that edumakashun. We should get rid of that, too.

    • "US Universities have been especially anti-American since the '60s."

      Ok, define "anti-American". What is an American? Is it any U.S. citizen? illegals? But then again, we all have different beliefs. You pick a few instances, of which none can be best decribed using the term "anti-American", and then conclude what? Your not thinking too straight. During WWII in Germany, was a Jew anti-German, was a Nazi anti-German, was an American citizen living in Germany anti-German? Do you see my point? I hope so.
  • by miu (626917)
    The feds have had CALEA ready to spring on ISPs for a long time, this would pretty much kill smaller ISPs and probably result in rate hikes for the big guys. Title 3 warrants right now require a judge and very specific procedures (3 teams to handle raw, intermediate, final - kinda like a clean room reverse engineering job), CALEA requires none of this - requires no intervention or knowledge by the operators of the system to activate - the cops can go fishing and obtain a warrant later. I personally don't b
    • How secret do CALEA warrants have to be?

      Could you say to the govt "we will put your back door in, but have a status page saying what you are listening to?" That would be a way to make fun of them while being compliant? Or is it some box they stick in on the monitor port that you aren't allowed near, Carnivore style.

      I dont understand how to fully comply either. How can you intercept packets sent to nodes on the same WLAN, packets that dont even go through the router? Would all single-lan packets have to be r
  • But with the technology infrastructure in place, what happens if congress decides to relax court order requirements in the future 'in their fight against criminals, terrorists and spies?'"

    --
    "What happens if (insert bogey-man phrase/villain of the moment here) happens?"

    What happens in the case of change is chage. Your question can be applied to anything, that makes the question a worthless waste of time.

    The article very clearly states the issue is time for compliance, not application of a law THIRTEEN YEARS
  • what happens if congress decides to relax court order requirements in the future 'in their fight against criminals, terrorists and spies?

    By the time Congress and the courts have anything to say about it, the guys who get things done have already done it. This is an old story which plays out again and again with emerging technologies.

    See, for example, COINTELPRO [wikipedia.org], although Watergate, Iran-Contra etc. demonstrate the same principle: Congress and the courts are less ... Executive branches of government,
  • by xigxag (167441) on Saturday October 22, 2005 @07:04PM (#13854447)
    What's to stop some would-be terrorist from simply encrypting his communications? He and his cohorts could probably use a one time pad so that even if older transmissions were tapped and the alleged terrorist captured, he'd be unable to disclose the old passwords to decode his old conversations.

    Further, I imagine that it's possible to multiplex your voice signal with some other innocuous sound-transmission so that it would be impossible to tell if you were on actually on the line or not. Would-be wiretappers would hear nothing but slightly distorted Liza Minelli showtunes. Or am I wrong?
    • by Anonymous Coward
      As someone who's job will be to execute these damn pronouncements, I have a lot of work to do to catch up with the letter of the law. Obviously, if someone were to securely encrypt their data/communications, CALEA won't unlock it. I need to learn what CALEA require me to guarantee access to, exactly. I don't control the lions share of communications on our network. E.G. - we don't control instant messaging; people use AIM, etc.

      One of the hot topics in college/university settings is what next generation
    • What's to stop some would-be terrorist from simply encrypting his communications? He and his cohorts could probably use a one time pad so that even if older transmissions were tapped and the alleged terrorist captured, he'd be unable to disclose the old passwords to decode his old conversations.

      Well, technically nothing.

      But then they'll outlaw the use of encryption unless with a federally approved mechanism with the same back-door as the rest of the infrastructure.

      And, when they demand you hand over the pas

  • by constantnormal (512494) on Saturday October 22, 2005 @07:23PM (#13854515)
    ... why Homeland Defense is so eager to pursue the "criminals, terrorists and spies" lurking in this country, and so afraid to pursue them in Saudi Arabia, Pakistan, and other nations where they obviously exist in great abundance?

    Is is simply a case of looking for one's lost keys under the streetlight across the street, where you've not been, instead of down through the sewer grate you're standing over, just 'cause the light is better over there?

    If they really want to start locally, I think they'd have more success bugging the phones and routers of the Congress and Executive branch, and posting the results on the web to further the cause of transparency and honesty in government. Nothing more would be required -- no investigations, no prosecutions, because we live in a nation with a free press and the freedom to vote our feeble minds.

    Yes, let's bug every nook and cranny in the Capitol -- I believe we would root out a great many "criminals, terrorists and spies". It would not greatly surprise me to find Osama bin Laden living the good life in some Georgetown penthouse apartment.

    "It could probably be shown by facts and figures that there is no distinctly native American criminal class except Congress." -- Mark Twain

  • That's why I use carrier pigeons and the bad guys use pen&paper with bicyle couriers. Back in the first Gulf War after we destroyed just about all of Iraq's communication systems they used guys on bikes/mopeds/horses/donkeys to send messages. There are dozens of places a message can be hidden on a person, paper sewn into clothing, rolled paper in a pen tube, paper in a pack of smokes. Wait, it's 2005 now, forget carrying paper, flash memory cards are a lot smaller than a couple pieces of folded paper. H
  • If we encrypt *everything* it will make the task of tapping too daunting.

  • ...and say "no, my conversations are none of your business"?
  • ..other than the fact that it is a waste of money. This is merely a case of big government shovelling our money into a fire, not a case of our rights being eroded. Or at least it's not the right to privacy that is at risk, merely(?!) the right to not have people dip their hands into our wallets.

    The reason for this, is that even without CALEA, you have to assume that other peoples' networks (i.e. your university's network, your employer's network, and for fuck's sake, The Internet itself) are insecure.

    • End to end encryption with a negotiated session key (as opposed to a previously known and never transmitted shared key) is useless: a man in the middle will intercept the key exchange and all bets are off with respect to security.

      The only real way to do end-to-end encryption is with a preshared key (a long one), or failing that, a long, randomly generated session key protected by a simple password (not so good but okay.) People always think that end to end encryption on an insecure link is the answer to it,
  • One thing I've always been unclear about are technical requirements to comply with CALEA for a packet-switched network. Other than providing the FBI on an as-court-ordered basis with rack space and a SPAN port off of either an aggregation switch or a switch close to the target, what else is there to do?

    Regarding the specifics of the situation of this university, it seems to be a real stretch that a school should be required to comply with CALEA. Organizations that provide a telecommunications service to

  • Have fun, drive the FBI crazy, convince them telepathy works, them let them try to figure out how they are going to wire tap that.

"A car is just a big purse on wheels." -- Johanna Reynolds

Working...