Eurospook plan for Web and wireless bugs

If Enfopol 98 is genuine, the cops are getting seriously out of control

  • alert
  • submit to reddit

Secure remote control for conventional and virtual desktops

A global wire tapping system covering mobile phone, fixed wire, Internet and satellite is being pushed by the European police co-ordination body, Europol, according to German Web magazine Telepolis. A paper published by the mag (much of the meat in German, sorry people) purports to be a high level Europol document putting forward proposed legislation for Europe, and trailing the prospects of links with US and other non-European security agencies. But if the document, entitled Enfopol 98, is genuine, Europol has moved way beyond its brief. Conspiracy theorists might say that's what you'd expect of a transnational bunch of spooks, but it far exceeds existing European policy on transnational policing and electronic surveillance. "Exactly," as the conspiracy theorists would have it. On the other hand, Enfopol 98 takes numerous European and international initiatives to deal with drugs, terrorism and cybercrime to their logical conclusion. It is claimed to have been drawn up in the form of a "Draft for a Recommended Resolution" by Europol at the EU's behest (Telepolis doesn't specify who within the EU) in order to "simplify the passage of the resolution." The draft does not seem to have appeared at Brussels yet, but that's not to say it won't. Enfopol 98 plans to have tapping built into all communications systems. Each country will have "interception interfaces" in telephone exchanges, ISPs, cellular networks and satellite ground stations. Intriguingly Telepolis alleges that the Iridium ground station in Italy is slated as one of these. It's not known what Iridium's views on this are, but we've heard some interesting suggestions about the usefulness of global commercial satellite phone systems to US security services. Tapping data will be shared across countries - each state should be able to tap into communications right across the EU, and the system is intended to extend to the US, Canada and Australia. The bona fides of the document are also reinforced by the suggestion that an identification system for individuals should be tacked onto it. Data to be exchanged between countries would include names, addresses, phone numbers, credit card numbers, email addresses and computer passwords. Only a crazed cop would think these could be obtained or could be rammed through in legislation. A report by Duncan Campbell in today's Observer newspaper takes the paranoia to fever pitch. Duncan may, like a substantial proportion of The Register, hail from god's own country, but he shows frequent signs of being barking. According to Campbell Enfopol 98 will be brought in as part of the European Convention on Mutual Legal Assistance, and will go into national law by 2000. The sinister bits, says Campbell, will be hidden in a "technical handbook" which is (was) unlikely to be read by ministers. You can see why Europol would want such a system, and why the UK's own dear home secretary Jack Straw (currently trying to figure out a plausible strategy for springing a Chilean mass-murderer) would love to be able to help. You can also see why the bug-happy French security services, who want to read everything, and the control-freak German and Italian ones, who've a long history of urban terrorism, would support it too. But how do you get it through? And how does it work? A system that knows where everybody is, what they're saying, and how to get into all of their email is a global civil liberties no-no. Even if you got it through, all hell would break loose when the people found out (this, incidentally, is why Jack Straw hasn't yet dared to send Pinochet to Northolt airbase, where a Chilean military plane awaits him). Enfopol 98 also requires real-time bugging capabilities. If, say, the Italian security services were bugging a mobile phone in the UK they'd want to do it real time, and just dealing with non-encrypted systems would be tricky, and encrypted GSM very tricky indeed. The networks will squeal if they have to pay for it. ISPs? It's possible to bug by forcing all the major ISPs to implement interception systems, but unless you legislate to licence ISPs, you can't get them all. Then you have to legislate to restrict the available of leased lines (license these as well), then you start to worry about how you intercept calls dialled direct into computers. And then you've got to worry about how you actually read the traffic. Enfopol says codes have to be broken, but it's not clear how. Government agencies don't have any obvious abilities to do this, and although the major software companies would no doubt roll over (not a lot of choice), they don't necessarily cover the more interesting parts of the waterfront. So even if the whole shebang comes in globally, you can still operate secure communications point to point or via the Web (unless of course they then try to make it illegal to transport messages they can't read). It can only work if they can monitor everything, all the time, in real time. And they can't. Europol itself, incidentally, was set up to deal with drugs, and is probably the "high level Group, set up following the Dublin Council, [which] is finalising an Action Plan to fight cybercrime." (EU documentation) Europol's responsibilites have now been extend to include: illicit trafficking in nuclear or radioactive substances; crime linked to clandestine immigration networks; trafficking in stolen vehicles; and trafficking in human beings (sexual exploitation). You can see why it might think it needs the extra surveillance, can't you? ®

New hybrid storage solutions

More from The Register

next story
Quit drooling, fanbois - haven't you SEEN what the iPhone 6 costs?
How keen will buyers be when exposed to the real price?
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Ex-Autonomy execs: HP's latest wad blows apart fraud allegations
Top bods claim IT titan's latest court filing is smoking gun of 'reckless aggression'
Forget silly privacy worries - help biometrics firms make MILLIONS
Beancounter reckons dabs-scanning tech is the next big moneypit
Elon Musk says Tesla's stock price is too high ... welp, NOT ANY MORE
As Nevada throws the SpaceX supremo a $1.25bn bone
Microsoft's Office Delve wants work to be more like being on Facebook
Office Graph, social features for Office 365 going public
prev story


Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.