[c-nsp] CALEA was Re: OT - Dark Fiber

Justin Shore justin at justinshore.com
Sun Sep 6 11:13:38 EDT 2009 

Scott Granados wrote:
> Why does anyone comply with CALEA?  Especially after the abuses of the 
> last 8 years and probably a lot farther back than that?  I've been 
> reading about the requirements and the idea that ISPs cooperate with law 
> enforcement really makes me uneasy on a civil liberties basis. Does 
> Uncle Sam scare tactic people in to compliance?  There's just something 
> about making things easier for the NSA and any number of alphabet soup 
> agencies that strikes me as unamerican (to use their own phrase against 
> them) and wrong. Or was it created simply to create a new space for 
> security products and C, J and the others were really good at lobbying?
>    Since it doesn't require the ISP to break open encrypted traffic it 
> almost makes me think a public key system that lets the end user encrypt 
> everything from phone to television with their own keys makes some sense 
> so there's nothing left in the clear for entertaining the James Bond 
> crowd! Probably not practical at all but this thread just convinced me 
> not to use split tunneling.;)

Well, probably because it's REQUIRED BY LAW.  Not complying is a felony, 
not just a simple civil offense.  They go after company officers.  Try 
convincing your company officers not to do it; see if they want to take 
the chance.  All SPs were required to officially respond to the FTC with 
a plan for how they were going to make their network CALEA ready.  Not 
replying was not an option.

Politics of the last administration aside, it's not a bad thing that SPs 
be able to assist law enforcement.  Telcos have been required to do so 
for longer than most people on this list have been alive.  As voice 
traffic moves off the PSTN to the Internet logically CALEA has to 
follow.  Does that mean that the intelligence agencies will follow the 
letter of the law and not abuse it?  Certainly not.  The FBI has already 
shown that they will abuse it with National Security Letters.  That will 
happen under any administration though.  Hopefully it will be reduced 
under the present administration and the process will be tuned and 
refined.  Intelligence agencies (IAs) will always want more data and 
consumers and their SPs will always want to give up less.  The way we 
help limit the IAs is through the political processes, not through 
non-compliance.  An individual's civil disobedience seldom works.  Try 
non-compliance with the tax man and see how far you get.

Justin
  CALEA-compliant since 2007

More information about the cisco-nsp mailing list