Want CNET to notify you of price drops and the latest stories?

Dutch ISP won't tap email

The company refuses to let local police "tap" a customer's online activity, underscoring the debate about online privacy vs. criminal investigation.

3 min read
A Dutch Internet service provider today has refused to let local police "tap" a customer's online activity. The dispute underscores the growing global conflict between Net users' right to privacy and law enforcement's desire to eavesdrop on those who are under criminal investigation.

XS4all (pronounced "access for all") said it will not comply with an October 31 request from the Dutch Ministry of Justice's Forensic Science Laboratory to monitor one of its subscriber's Net surfing activities as well as all communication via email, newsgroups, and chat rooms.

"There is no legal basis in the Netherlands to apply that kind of Internet tapping. The police are just trying to go faster than the lawmakers," Maurice Wessling, a spokesman for XS4all, told CNET's NEWS.COM today.

"At the moment, our legal advisors are saying that police with a warrant have the authority to ask who is behind a certain email address," he added. "But reading email or doing a complete Internet tap is not part of the law. However, I'm very sure it will be in the future."

According to Wessling, the ministry backed up its request with the country's 1993 Computer Crime Act, which gave judges the authority to request data stored in computers for use in court cases.

But XS4all says this doesn't apply to "bugging" citizens' email. The 1950 European Commission on Human Rights prohibits wiretapping without a warrant.

The Dutch ISP actually hopes that police will take legal action so a court can decide the issue. The outcome of the dispute could set a precedent in the Netherlands as to whether its current electronic surveillance laws apply to the Net.

The Netherlands isn't the only country grappling with Internet surveillance. Lawmakers and law enforcement officials around the world are reexamining their telephone wiretap policies to address communication over computer networks and digital telephony.

"Most countries have not updated their wiretap laws to include electronic networks, but a lot of the European countries are considering it," said David Banisar, staff counsel for the Electronic Privacy Information Center (EPIC).

For example, Britain's National Criminal Intelligence Service submitted a report this year calling for new legislation to permit police to monitor and intercept email, according to a report by London's Daily Telegraph. However, the report said, due to a loophole in the current law, British police could tap online messages now if they have a warrant.

In the United States, privacy advocates are trying to halt efforts by the FBI to expand its wiretapping authority under the Communications Assistance for Law Enforcement Act (CALEA). Enacted by Congress in 1994, the act allocated millions of dollars to help U.S. phone companies upgrade their networks so they could accommodate court-ordered wiretapping techniques by law enforcement officials. The FBI is apparently seeking easier access to communications sent over Net backbones or wireless devices under the law.

"In the U.S., we're expecting that the next thing the government will do is expand CALEA to require that networking technologies have built-in surveillance capabilities," the EPIC's Banisar added.

Aside from Net tapping, the FBI says it also needs a new law to help solve crimes that have emerged with widespread use of the Net. Along with some U.S. lawmakers, the agency is pushing for domestic controls on encryption, a technology that scrambles digital messages so they are unreadable if intercepted. Proponents of the Secure Public Networks Act want to make "key recovery" a component of a majority of the networks in the country, which gives law enforcement access to the keys that decode encrypted messages.