The FBI wants to read your email
Following the passage of new wiretap rules for wireless phones, official Washington is gearing up for a fight over the privacy of email and other personal computer files.
Last week, the FBI won a small victory from federal regulators that will allow it to listen in on conversations and track the location of wireless phone users, as long as the agency first gets a court order.
But law enforcement officials say this is only half the battle. The FBI is now looking for new powers to break through security software that renders email and other Internet communications incoherent when traveling along a digital network. Even if the agency has the power to tap digital communications, it still can't read or understand the messages sent if they are protected by security software.
Privacy advocates, software industry executives, and a growing cadre of tech-friendly legislators have strongly opposed the FBI's efforts, saying that giving law enforcement easy access to protected email and other files could open the door to malicious hackers--or even official abuse.
When Congress returns from its summer break later this month, it plans to take up the question of how to regulate security issues with encryption software, which allows a user to scramble computer files, email, or Internet voice conversations so they are indecipherable without a software "key."
The leading bill in the debate, which would ease regulations over encryption software, is strongly opposed by the FBI.
"The effort behind [our 1994 digital wiretap law] was to assure that law enforcement would still have wiretap ability," said Sen. Bob Goodlatte (R-Virginia), the author of the pending Security and Freedom through Encryption Act. "There has never been a guarantee that they would get the content [of messages]."
The technology of privacy
The battles over the privacy of digital phone conversations and computer files have been pushed to the fore in recent years as advanced technology has made it increasingly easier for criminals to avoid the long arm of the law.
FBI officials say they need to be able to read encrypted messages as part of their push to prevent criminal activity. Tapping phone lines is of little value if criminals can send digitally scrambled messages--even if the software to do so is still not widely used, they say.
"We're advocating that commercially available encryption software should have some means of access to the plain text," said FBI spokesman Barry White. "To do otherwise would jeopardize public safety."
The new digital wiretap rules, passed by the Federal Communications Commission last week, stem from a 1994 law dubbed the Communications Assistance for Law Enforcement Act. They are largely geared to make sure the FBI can monitor and trace conversations on digital networks, such as wireless or cable telephone systems, just as they can on traditional telephone networks.
Yet privacy groups and even some lawmakers have said the FCC went too far in its latest decision in giving law enforcement new powers to monitor digital conversations.
"I don't want to say we've lost," said Mark Rotenburg, director of the Electronic Privacy Information Center (EPIC), one of the leading groups lobbying for stronger privacy protections. "But I certainly don't think we've won."
Rotenburg said his group would likely appeal the new rules, or even take the issue back to Congress.
Looking for the back door
FBI officials have long pressed for laws that would allow them to translate the content of encrypted messages produced in the United States through a technological "back door," or special code built into the software.
Yet Congress has not been receptive to this plan. Goodlatte's bill, which will likely reach the House this month, explicitly bars the government from requiring this kind of mandatory "back door" to be built into commercial software.
The government also has tried to slow the export of unbreakable encryption products overseas, hoping to keep it out of the hands of foreign criminals. But this effort too has met increasing resistance in Congress and in the courts.
Software programs that can give email and other files unbreakable protection are already being written overseas, so it makes no sense for American programs to be written with built-in weaknesses, opponents of the FBI's stance say.
"We are willing to do things to help law enforcement to deal with encryption," Goodlatte said. "But they're going to have to deal with this problem no matter what we do."
Other solutions
Law enforcement has pulled back from some of its original proposals, and is now backing legislation that would give tax credits to software developers if they create accessible encryption software, as well as require government agencies to use encryption that can be unscrambled by authorized outsiders.
But officials also are looking for new ways around the security problem. According to a memo first obtained by the Washington Post, Justice Department officials are seeking to get the authority to place bugs in suspected criminals' computers to gain access to email and other files--before they are encrypted.
This has privacy groups on guard.
"We have the sense that over the long term, [the encryption argument] is not an issue that the U.S. federal government will win," Rotenburg said. "But what is happening in the meantime is that governments are successfully seeking expanded surveillance authority. That's been the story behind the story in the encryption debate."