Feeds

Easy VoIP wiretaps coming soon

FCC poised to require CALEA compliance

  • alert
  • submit to reddit

The essential guide to IT transformation

Virtually everything done via TCP/IP, with the (for now) exception of instant messaging, is on its way to becoming wiretap-friendly, thanks to a tentative 5-0 decision by the US Federal Communications Commission (FCC) on Wednesday.

Thanks to relentless lobbying and fear-mongering by law enforcement outfits and the companies that sell surveillance equipment to them, all broadband communications, including VoIP, will have to be modified to allow the Feds to patch in easily and immediately, in order to comply with the 1994 Communications Assistance to Law Enforcement Act (CALEA).

VoIP schemes that work only between computers will not be affected. Only so-called 'managed' services - those that allow VoIP and PSTN to communicate - will have to comply. Instant messaging is also exempt, although the Feds lobbied ruthlessly for its inclusion, and will no doubt continue until the government finally gives it to them.

Encrypted VoIP is available, but only through pricey services geared towards corporate clients. It is possible that the FCC action might result in the development of inexpensive encryption solutions for more basic VoIP services, perhaps via TLS (Transport Layer Security), though it is difficult to imagine extending encryption to calls where VoIP and PSTN are communicating.

Other regulatory disputes involving VoIP were not considered in Wednesday's vote. Additionally, 'push to talk' walkie-talkie mobile phone services are equally affected by the CALEA, the FCC has decided. It does not appear that broadband and VoIP providers will receive assistance with the costs of implementing CALEA compliance, unless Congress decides to come to their rescue.

The public comment period for VoIP CALEA compliance is still open, but with such a strong bias visible in Wednesday's preliminary vote, it is highly unlikely that anything can alter the FCC's direction. Final approval is all but certain. ®

Thomas C Greene is the author of Computer Security for the Home and Small Office, a comprehensive guide to system hardening, malware protection, online anonymity, encryption, and data hygiene for Windows and Linux.

Secure remote control for conventional and virtual desktops

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
So, Apple won't sell cheap kit? Prepare the iOS garden wall WRECKING BALL
It can throw the low cost race if it looks to the cloud
Time Warner Cable customers SQUEAL as US network goes offline
A rude awakening: North Americans greeted with outage drama
We need less U.S. in our WWW – Euro digital chief Steelie Neelie
EC moves to shift status quo at Internet Governance Forum
Google has spaffed more cash on lobbying this year than Big Cable
Don't worry, it'll be cheaper when they use drones
EE fails to apologise for HUGE T-Mobile outage that hit Brits on Friday
Customer: 'Please change your name to occasionally somewhere'
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?