Profile: Communications Assistance for Law Enforcement Act (CALEA)
Communications Assistance for Law Enforcement Act (CALEA) was a participant or observer in the following events:
The Communications Assistance for Law Enforcement Act (CALEA) takes effect. CALEA obliges telecommunications providers such as AT&T to give law enforcement agencies and US intelligence organizations the ability to wiretap any domestic or international telephone conversations carried over their networks. In more recent years, the law will be expanded to give law enforcement and intelligence agencies similar abilities to monitor Internet usage by US citizens. [Federal Communications Commission, 2/21/2007]
The Communications Assistance for Law Enforcement Act (CALEA) forces broadband Internet service providers such as Vonage to retrofit their networks for government surveillance purposes. The prime beneficiary of that retrofitting is the FBI’s cutting-edge electronic surveillance system known as DCSNet (see 1997-August 2007 and After), which can now monitor those networks. DCSNet also seems capable of handling other cutting-edge technologies such as push-to-talk, peer-to-peer telephony systems such as Skype, caller-ID spoofing, and phone-number portability. [Wired News, 8/29/2007]
Starting in 1997, the FBI constructs a sophisticated surveillance system that can perform near-instantaneous wiretaps on almost any telephone, cell phone, and Internet communications device, according to documents declassified in August 2007. The system is called the Digital Collection System Network, or DCSNet. It connects FBI wiretapping rooms to switches controlled by land-line operators, Internet-telephony companies, and cellular providers. The documents show that DCSNet is, in reporter Ryan Singel’s words, “far more intricately woven into the nation’s telecom infrastructure than observers suspected.” Steven Bellovin, a computer science professor and surveillance expert, calls DCSNet a “comprehensive wiretap system that intercepts wire-line phones, cellular phones, SMS [short message service, a protocol allowing mobile devices to exchange text messages], and push-to-talk systems.” The system is an entire suite of software that together collects, sifts, and stores phone numbers, phone calls, and text messages. The system directly connects FBI wiretapping offices around the country to a sprawling private communications network. DCSNet is composed of three main clients:
The DCS-3000, also called “Red Hook,” handles pen-registers and trap-and-traces, a type of surveillance that collects signaling information but not communications content.
The DCS-6000, or “Digital Storm,” captures and collects the content—the spoken or written communications—of phone calls and text messages.
The most classified system of the three, the DCS-5000, is used for wiretaps targeting spies or terrorists.
Between the three, the system can allow FBI agents to monitor recorded phone calls and messages in real time, create master wiretap files, send digital recordings to translators, track the location of targets in real time using cell-tower information, and stream intercepts to mobile surveillance vans. The entire system is operated through a private, secure and self-contained backbone that is run for the government by Sprint. Singel gives the following example: “The network allows an FBI agent in New York, for example, to remotely set up a wiretap on a cell phone based in Sacramento, California, and immediately learn the phone’s location, then begin receiving conversations, text messages and voicemail pass codes in New York. With a few keystrokes, the agent can route the recordings to language specialists for translation.” Dialed numbers are subjected to data mining, including so-called “link analysis.” The precise number of US phones being monitored and recorded in this way is classified.
Genesis of DCSNet - The system was made possible by the 1994 Communications Assistance for Law Enforcement Act (CALEA) (see January 1, 1995), which mandated that telecom providers must build “backdoors” in US telephone switches to be used by government wiretappers. CALEA also ordered telecom firms to install only switching equipment that met detailed wiretapping standards. Before CALEA, the FBI would bring a wiretap warrant to a particular telecom, and that firm would itself create a tap. Now, the FBI logs in directly to the telecom networks and monitors a surveillance target itself through DCSNet. FBI special agent Anthony DiClemente, chief of the Data Acquisition and Intercept Section of the FBI’s Operational Technology Division, says the DCS was originally intended in 1997 to be a temporary solution, but has grown into a full-featured CALEA-collection software suite. “CALEA revolutionizes how law enforcement gets intercept information,” he says. “Before CALEA, it was a rudimentary system that mimicked Ma Bell.” Now, under CALEA, phone systems and Internet service providers have been forced to allow DCSNet to access almost all of its data (see 1997-August 2007 and After).
Security Breaches - The system is vulnerable to hacking and security breaches (see 2003). [Wired News, 8/29/2007]
Phil Zimmerman, the creator of the highly regarded “Pretty Good Privacy” (PGP) protocols, sounds an alarm about the 1994 Communications Assistance for Law Enforcement Act (CALEA), which mandated that telephone providers aid government wiretapping “by installing remote wiretap ports onto their digital switches so that the switch traffic would be available for snooping by law enforcement. After CALEA passed (see January 1, 1995), the FBI no longer had to go on-site with wiretapping equipment in order to tap a line—they could monitor and digitally process voice communications from the comfort of the home office.…CALEA opened up a huge can of worms….” Zimmerman writes, “A year after the CALEA passed, the FBI disclosed plans to require the phone companies to build into their infrastructure the capacity to simultaneously wiretap 1 percent of all phone calls in all major US cities. This would represent more than a thousandfold increase over previous levels in the number of phones that could be wiretapped. In previous years, there were only about a thousand court-ordered wiretaps in the United States per year, at the federal, state, and local levels combined. It’s hard to see how the government could even employ enough judges to sign enough wiretap orders to wiretap 1 percent of all our phone calls, much less hire enough federal agents to sit and listen to all that traffic in real time. The only plausible way of processing that amount of traffic is a massive Orwellian application of automated voice recognition technology to sift through it all, searching for interesting keywords or searching for a particular speaker’s voice. If the government doesn’t find the target in the first 1 percent sample, the wiretaps can be shifted over to a different 1 percent until the target is found, or until everyone’s phone line has been checked for subversive traffic. The FBI said they need this capacity to plan for the future. This plan sparked such outrage that it was defeated in Congress. But the mere fact that the FBI even asked for these broad powers is revealing of their agenda.” [Ars Technica, 12/20/2005]
Former AT&T employee Mark Klein. [Source: PBS]The National Security Agency, as part of its huge, covert, and possibly illegal wiretapping program directed at US citizens (see Spring 2001 and After September 11, 2001), begins collecting telephone records of tens of millions of Americans, using data provided by telecommunications firms such as AT&T, Verizon, and BellSouth (see February 5, 2006). The media will not report on this database until May 2006 (see May 11, 2006). The program collects information on US citizens not suspected of any crime or any terrorist connections. Although informed sources say the NSA is not listening to or recording actual conversations, the agency is using the data to analyze calling patterns in an effort to detect terrorist activity. “It’s the largest database ever assembled in the world,” says one anonymous source. The NSA intends “to create a database of every call ever made.” As a result, the NSA has detailed records of the phone activities of tens of millions of US citizens, from local calls to family and friends to international calls. The three telecommunications companies are working with the NSA in part under the Communications Assistance Act for Law Enforcement (CALEA) (see January 1, 1995 and June 13, 2006) and in part under contract to the agency.
Surveillance Much More Extensive Than Acknowledged - The wiretapping program, which features electronic surveillance of US citizens without court warrants or judicial oversight, is far more extensive than anything the White House or the NSA has ever publicly acknowledged. President Bush will repeatedly insist that the NSA focuses exclusively on monitoring international calls where one of the call participants is a known terrorist suspect or has a connection to terrorist groups (see December 17, 2005 and May 11, 2006), and he and other officials always insist that domestic calls are not monitored. This will be proven false. The NSA has become expert at “data mining,” sifting through reams of information in search of patterns. The warrantless wiretapping database is one source of information for the NSA’s data mining. As long as the NSA does not collect “personal identifiers”—names, Social Security numbers, street addresses, and the like—such data mining is legal. But the actual efficacy of the wiretapping program in learning about terrorists and possibly preventing terrorist attacks is unclear at best. And many wonder if the NSA is not repeating its activities from the 1950s and 1960s, when it conducted “Operation Shamrock” (see 1945-1975), a 20-year program of warrantless wiretaps of international phone calls at the behest of the CIA and other intelligence agencies. Operation Shamrock, among other things, led to the 1978 passage of the Foreign Intelligence Surveillance Act (see 1978). [USA Today, 5/11/2006] In May 2006, former NSA director Bobby Ray Inman will say, “[T]his activity is not authorized” (see May 12, 2006). [Democracy Now!, 5/12/2006]
Secret Data Mining Center - In May 2006, retired AT&T technician Mark Klein, a 22-year veteran of the firm, will file a court affidavit saying that he saw the firm construct a secret data-mining center in its San Francisco switching center that would let the NSA monitor domestic and international communications (see January 2003). And former AT&T workers say that, as early as 2002, AT&T has maintained a secret area in its Bridgeton, Missouri, facility that is likely being used for NSA surveillance (see Late 2002-Early 2003).
Domestic Surveillance Possibly Began Before 9/11 - Though Bush officials admit to beginning surveillance of US citizens only after the 9/11 attacks, some evidence indicates that the domestic surveillance program began some time before 9/11 (see Late 1999, February 27, 2000, December 2000, February 2001, February 2001, Spring 2001, and July 2001).
Entity Tags: Terrorist Surveillance Program, Verizon Communications, Mark Klein, George W. Bush, AT&T, BellSouth, Central Intelligence Agency, Communications Assistance for Law Enforcement Act (CALEA), Foreign Intelligence Surveillance Act, Qwest, National Security Agency
Timeline Tags: Civil Liberties
Vinton Cerf. [Source: Ipswitch.com]The Information Technology Association of America, an information technology (IT) trade association, presents a paper authored by Internet founder Vinton Cerf and others which notes that the new capabilities of electronic surveillance of Internet, cellular communications, and voice-over internet protocols (VoIP) by US government and law enforcement officials under CALEA (see January 1, 1995) is inherently dangerous for fundamental civil liberties as well as technological innovation. (CALEA mandates that US telecommunications providers such as AT&T give US law enforcement agencies and intelligence organizations the ability to wiretap any domestic or international telephone conversations carried over their networks.) Cerf and his colleagues write, “In order to extend authorized interception much beyond the easy scenario, it is necessary either to eliminate the flexibility that Internet communications allow, or else introduce serious security risks to domestic VoIP implementations. The former would have significant negative effects on US ability to innovate, while the latter is simply dangerous. The current FBI and FCC direction on CALEA applied to VoIP carries great risks.” In order to implement the mandates of CALEA, the authors write, the nation’s electronic communications systems will become inherently less secure from hackers and others seeking to eavesdrop or disrupt communications, innocent citizens will not be secure from possibly illegal surveillance by law enforcement or intelligence agencies, and the nation’s communications systems will face near-insurmountable technological hurdles that will make it difficult for US telecommunications and Internet providers to continue to innovate and improve services. They conclude, “The real cost of a poorly conceived ‘packet CALEA’ requirement would be the destruction of American leadership in the world of telecommunications and the services built on them. This would cause enormous and very serious national-security implications. Blindly applying CALEA to VoIP and realtime Internet communications is simply not worth this risk.” [Information Technology Association of America, 7/13/2006 ]
Receive weekly email updates summarizing what contributors have added to the History Commons database
Developing and maintaining this site is very labor intensive. If you find it useful, please give us a hand and donate what you can.
If you would like to help us with this effort, please contact us. We need help with programming (Java, JDO, mysql, and xml), design, networking, and publicity. If you want to contribute information to this site, click the register link at the top of the page, and start contributing.