[CS-FSLUG] The Call Is Cheap. The Wiretap Is Extra.

[Fred Miller]

The Call Is Cheap. The Wiretap Is Extra.

By KEN BELSON

At first glance, it might seem like the simple extension of a standard tool
in the fight against the bad guys.

But in fact, wiretapping Internet phones to monitor criminals and terrorists
is costly and complex, and potentially a big burden on new businesses trying
to sell the phone service.

Earlier this month, the Federal Communications Commission voted unanimously
to move forward with rules that would compel the businesses to make it
possible for law enforcement agencies to eavesdrop on Internet calls.

But developing systems to wiretap calls that travel over high-speed data
networks - a task that the companies are being asked to pay for - has caused
executives and some lawmakers to worry that helping the police may stifle
innovation and force the budding industry to alter its services. That
requirement, they say, could undermine some of the reasons Internet phones
are starting to become popular: lower cost and more flexible features.

The commission's preliminary decision, announced on Aug. 4, is a major step
in the long process of deciding how Internet-based conversations could be
monitored. Regulators will now hear three months of public testimony on the
ruling. Few expect a resolution of the issue this year, but it is not hard
to figure out who will ultimately pay for the wiretapping capability.

"All the costs carriers incur are ultimately going to be passed on to the
consumer," said Tom Kershaw, vice president for voice-over-Internet services
at VeriSign
<http://www.nytimes.com/redirect/marketwatch/redirect.ctx?MW=http://custom.m
arketwatch.com/custom/nyt-com/html-companyprofile.asp&symb=VRSN> , which
provides surveillance support for Internet phone companies.

Tapping Internet phones is far more complicated than listening in on
traditional calls because the wiretapper has to isolate voice packets moving
over the Internet from data and other information packets also traveling on
the network.

While traditional calls are steady electronic voice signals sent over a
dedicated wire, Internet calls move as data packets containing as little as
a hundredth of a second of sound, or less than one syllable, which follow
often-unpredictable paths before they are reassembled on the receiving end
to form a conversation.

To make wiretapping possible, Internet phone companies would have to buy
equipment and software as well as hire technicians, or contract with
VeriSign or one of its competitors. The costs could run into the millions of
dollars, depending on the size of the Internet phone company and the number
of government requests.

The requirement to cooperate with law enforcement agencies is unlikely to
drive any Internet phone company out of business, though it could cut into
profits. Last year, the agencies conducted about 1,500 wiretaps, with the
bulk of them in major cities like New York and Miami. The Federal Bureau of
Investigation has yet to complete a wiretap over Internet phone services.

"It doesn't break the business model, but it means free telephone service is
impossible," said John Pescatore, the lead security analyst at Gartner
<http://www.nytimes.com/redirect/marketwatch/redirect.ctx?MW=http://custom.m
arketwatch.com/custom/nyt-com/html-companyprofile.asp&symb=IT>  Inc., a
research group. "You might see add-on surcharges."

Internet companies are starting to gear up for the federal requirements.
Many Internet phone companies, including Vonage, which has the largest
number of subscribers, already supply the police with the phone numbers that
a person under court-sanctioned surveillance dials and the origin of calls
he or she receives, plus information about the connections, like whether a
conference call was convened. The vast majority of court orders for
wiretapping involve this kind of monitoring, known as "trap and trace,"
which is typically used at the beginning of an investigation.

The less frequent, but more complicated, monitoring request is to allow the
police to listen to conversations as they occur. In those cases, the
differences between the architecture of traditional circuit-switched phone
networks and the Internet are crucial.

With traditional phone networks, calls are routed through central
circuit-switching stations, which connect long-haul phone networks and the
wires that go into homes and offices. Typically, phone carriers have
installed dedicated servers at or near the switches, which can isolate
conversations from a specific phone number and send them to police agencies
in a standardized format. In 1994, when federal wiretapping laws were
revised, Congress initially set aside $500 million to help carriers pay for
this extra equipment to route calls to the police.

In tapping an Internet phone, police first need to find out which company is
responsible for maintaining the phone number. That could be a big phone
company, a cable company, an Internet phone provider or peer-to-peer
services that match callers but do not aid in the transmission of the call.
Law enforcement agencies could also ask broadband providers to isolate voice
streams on their networks that are traveling to and from a specific
location.

"In the circuit-switch world, the caller and content were in the domain of a
single carrier," said Julius P. Knapp, a deputy chief in the Office of
Engineering and Technology at the Federal Communications Commission. "In the
Internet world, you have to identify who is in the best position to get the
information."

Once the F.B.I. determines the suspect's Internet phone provider, it orders
the company to program its servers to intercept specified calls to and from
the suspect's phone. When a phone call is not tapped, the server sends the
call to its destination. When a call is to be tapped, the phone company's
server instructs an Internet router to make a copy of the call and send it
to the law enforcement agency.

The task is complicated because the phone provider has to use special
software to sniff out specific voice packets from among all the data packets
traveling from the suspect's connection. Unlike traditional phone taps, this
process does not reveal the caller's location, because users can plug their
Internet phone modems into any broadband connection, even overseas.

But like any security check, this monitoring can slow networks and even
degrade the quality of the call. It could also potentially intercept data
packets along with other types of voice packets - from cellphones, for
example - a possibility that alarms privacy groups worried that the police
will collect information beyond their authority.

"The potential for misuse is pretty broad because what you are doing is a
form of packet-sniffing," said Lee Tien, a staff lawyer at the Electronic
Frontier Foundation in San Francisco. "The problem is that if you are using
a sniffer box to perform the interception, you may handle all the traffic
going through. In the end, a packet sniffer gets you everything."

Some groups, like the American Civil Liberties Union, say law enforcement
agencies are trying to turn phone companies into government spies. Law
enforcement groups and service providers, however, say software is
sufficiently sophisticated to only siphon relevant calls. They also say that
having the companies take charge of finding a solution should allay
suspicion that the government is trying to overstep its authority.

The F.B.I. is not trying to use the wiretap law "to dip into the Internet,"
said one senior official at the bureau.

Another issue involves decoding encrypted conversations. It is easier to
encrypt digital conversations than those in an analog format, and a growing
number of Internet phone providers are encrypting their calls. Unscrambling
the calls requires another piece of software.

"It's an added layer of complexity," said Richard Tworek, the chief
executive of Qovia, which provides software to Internet service providers to
make sure the networks are running properly.

The biggest challenge, Mr. Tworek and others say, is tracking down phone
conversations that are connected by peer-to-peer software. This software
essentially piggybacks on the networks of its users; calls are not connected
at a central location. To trace such calls, investigators would have to sift
through trillions of packets at routers that channel data around Internet
networks - a daunting task, industry experts say.

This type of peer-to-peer calling is still emerging, so the threat is rather
remote. But some companies that offer this software operate overseas, so
they fall outside the jurisdiction of the United States government. The
communications commission's recent ruling does not cover this type of
peer-to-peer communication.

Industry experts, though, expect this decentralized form of Internet phone
service to spread, which will require even more sophisticated Internet
wiretapping solutions. About that challenge, Mr. Tworek could only say,
"It's a huge headache."

http://www.nytimes.com/adx/bin/adx_click.html?type=goto&page=www.nytimes.co
m/printer-friendly&pos=Position1&camp=foxsearch50a-nyt5&ad=gardenstate-pf&go
to=http%3A%2F%2Fwww%2Efoxsearchlight%2Ecom%2Fgardenstate%2Findex%5Fnyt%2Ehtm
l

-- 
"Running Windows on a Pentium is like getting a Porsche but only being
able to drive it in reverse with the handbrake on."