antenna@well.sf.ca.us (Robert Horvitz) (05/31/91)
A "Privacy and Technology Task Force," assembled by Sen. Patrick
Leahy, has recommended that the Electronic Communications
Privacy Act of 1986 (ECPA) be amended to add penalties for the
intentional interception of radio signals from cordless phones,
wireless data communications, personal communications networks,
radio PBXs, advanced Special Mobile Radio systems, and
CT2/Telepoint radiotelephones.
The Task Force also recommends that the ECPA's penalties for
intentional interception be adjusted to focus on "targeted
surveillance of specific communications"; that manufacturers
be encouraged to put warning labels on "customer premises
telephone equipment"; and that Congress examine "encryption
technology and its potential impact on enhancing the privacy,
security, and authenticity of electronic communications."
In addition, the Task Force's report (delivered to Sen. Leahy on
May 28th) discusses Caller ID, ID blocking, automated dossier-
building, protection for personal electronic transaction
data, and government monitoring of data networks. But consensus
recommendations were not offered on amending the ECPA in these
areas.
According to Cathy Russell, counsel for the Senate Subcommittee
on Technology and the Law, Sen. Leahy has not decided how
to respond to the report. No hearings are scheduled yet,
and the recommendations have not been translated into draft
legislation. However, something will surely be done to show
that Congress cares about electronic privacy.
Here is a long excerpt from the radio part of the 23-page
report. Capitalized words were set in boldface in the original:
"...Computer companies are experimenting with, and seeking FCC
licenses for, 'wireless' modems which can transmit data between
computers without the computers being wired together, either
directly or through phone lines. Such modems will have
applications in several environments including the transmission
of data from remote sites (a kind of cellular laptop computer)
as well as within an office environment (wireless local area
network or LAN)... Under current FCC proceedings, there is a
likelihood that such communications will not be protected unless
the user goes to the expense of full data encryption. THE TASK
FORCE RECOMMENDS APPROPRIATE AMENDMENTS TO LEGALLY PROTECT
DIGITAL COMMUNICATIONS OF THIS TYPE FROM UNAUTHORIZED
INTERCEPTION.
"...Cordless phones have reduced the transmission power so that
the phenomenon of having calls blast through on an FM radio
receiver has been eliminated. Cordless phones also have begun
to utilize technology which permits the call to be carried
between the handset and base unit on more than one frequency.
This feature can and is available to add security and privacy to
the phone call. The next generation of phones will utilize
digital transmission technology which will make interception
more difficult.
"Perhaps the most important change since 1986, though, is not
technological but societal. The cordless phone, far from being
a novelty item used only at `poolside,' has become ubiquitous.
A leading telephone equipment supplier now sells as many
cordless telephone units as wired sets. It is projected that
cordless phones will be in use in 68% of American households by
the end of the decade. More and more communications are being
carried out by people in private, in their homes and offices,
with an expectation that such calls are just like any other
phone call. Given such technological changes and under such
societal circumstances, the task force concluded that to relieve
the government of the duty to obtain a warrant before monitoring
such communications is to vitiate much of the protection which
should be afforded to communications privacy by the federal
wiretap law and the Fourth Amendment. THEREFORE, THE TASK FORCE
RECOMMENDS THAT CONSIDERATION BE GIVEN TO ELIMINATION OF THE
EXEMPTION FOR CORDLESS PHONES, WHILE PRESERVING AN EXCEPTION FOR
UNINTENTIONAL OR ACCIDENTAL PRIVATE PARTY INTERCEPTION.
"In recommending both the maintenance and extension of legal
protection for `wireless' radio communications, the task force
is aware that inexpensive, widely available scanners and other
devices are available that make it possible to intercept radio
communications. The task force strongly believes that such
technologies should not defeat citizens' reasonable expectation
of privacy against government intrusion and that government
agents should conduct electronic surveillance of the
technologies described above only under appropriate court
authorization. At the same time, criminal sanctions could be
overbroad in criminalizing inadvertent and unintentional
interceptions of radio communications by persons with access who
legally possess and use scanner and other devices that intercept
radio communications. The existence of monitoring devices makes
it difficult to rely solely on legal protections against
third-party eavesdropping. The task force is aware that legal
protections may not go far enough in affording citizens real
privacy protection against intentional but undetected private
surveillance. For example, concerns were expressed by a number
of task force members that technical privacy enhancing features
for radio-based systems should be more rapidly deployed by
manufacturers and service providers.
"To rectify this situation, the task force does not want to
overcriminalize in this area, i.e., penalize unintentional
conduct. THE TASK FORCE IS OF THE VIEW THAT THE RIGHTS OF
PRIVATE CITIZENS USING RADIO SCANNERS CAN APPROPRIATELY BE
ADDRESSED BY CLEARLY SETTING FORTH INTENT REQUIREMENTS IN THE
ACT, BY TYING THE CRIMINAL PENALTY TO TARGETED SURVEILLANCE OF
SPECIFIC COMMUNICATIONS AND BY FURTHER ADJUSTING THE CIVIL AND
CRIMINAL PENALTY STRUCTURE OF THE ACT, RATHER THAN EXEMPTING
WHOLE CATEGORIES OF TELEPHONE TECHNOLOGIES AND THUS MAKING THEM
FAIR GAME FOR MONITORING BY GOVERNMENT AGENTS WITHOUT A WARRANT,
CORPORATE SPIES, OR JUST PLAIN SNOOPS.
"Second, in order to ensure that citizens both understand the
vulnerability of particular radio technologies to private,
intentional, illegal interception and to encourage industry to
develop and market communications devices that are less
vulnerable to intrusion, THE TASK FORCE ENDORSES THE CONCEPT
THAT ECPA SHOULD BE AMENDED IN SUCH A WAY AS TO ENCOURAGE THE
PLACEMENT OF WARNINGS AND NOTICE OF THE VULNERABILITY OF
CUSTOMER PREMISES TELEPHONE EQUIPMENT ON SPECIFIC [CUSTOMER
PREMISES EQUIPMENT] AND THAT MANUFACTURERS BE ENCOURAGED TO MAKE
CONSUMERS AWARE OF THE TECHNICAL LEVELS OF PRIVACY ON DIFFERENT
TYPES OF EQUIPMENT. The task force believes this will encourage
industry to compete with each other in developing devices which
are more secure. THE TASK FORCE BELIEVES CONGRESS SHOULD WORK
WITH THE FCC, INDUSTRY, AND TECHNICAL EXPERTS TO FUTHER EXPLORE
WAYS TO ENHANCE THE SECURITY OF DIFFERENT TYPES OF EQUIPMENT AND
TO FURTHER EXPLORE WAYS TO ENHANCE CONSUMER AWARENESS OF THE
SECURITY OF DIFFERENT TYPES OF EQUIPMENT AND LAWS PERTAINING TO
COMMUNICATIONS PRIVACY. IN PARTICULAR, THE TASK FORCE
RECOMMENDS THE EXAMINATION OF ENCRYPTION TECHNOLOGY AND ITS
POTENTIAL IMPACT ON ENHANCING THE PRIVACY, SECURITY, AND
AUTHENTICITY OF ELECTRONIC COMMUNICATIONS. THE TASK FORCE
FURTHER ENCOURAGES COMMUNICATIONS SERVICE PROVIDERS TO CONTINUE
TO EXPLORE THE INCORPORATION OF ENCRYPTION AND OTHER PRIVACY
ENHANCING FEATURES IN NEW COMMUNICATIONS SERVICES, SO AS TO
IMPROVE COMMUNICATIONS PRIVACY..."
- - - - -
rh: While I disagree with many parts of this report, at least
there is some recognition that receiver owners have rights, too,
and not just those who transmit.
If you would like to express your views on the report, or
suggest possible amendments to the ECPA, you can write to:
John Podesta
Chairman, Privacy & Technology Task Force
424 C Street NE
Washington, DC 20002
or
Senator Patrick Leahy, Chairman
Subcommittee on Technology and the Law
815 Hart Senate Office Building
Washington, DC 20510
--
!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|
Robert Horvitz 1122-1/2 E St. SE Washington, DC 20003-2232 USA
uucp: ...uunet!capital!rhorvitzsmith@sndpit.enet.dec.com (Willie Smith) (05/31/91)
In article <25147@well.sf.ca.us>, antenna@well.sf.ca.us (Robert Horvitz) writes... >A "Privacy and Technology Task Force," assembled by Sen. Patrick >Leahy, has recommended that the Electronic Communications >Privacy Act of 1986 (ECPA) be amended to add penalties for the >intentional interception of radio signals from [...] >wireless data communications, personal communications networks, Wow, so I couldn't set my TNC to "MONITOR ON", and the status of listening to the various 2-meter repeaters I hear on my commute gets fuzzy too. Clever... 1/2 :+) Willie Smith smith@sndpit.enet.dec.com smith%sndpit.enet.dec.com@decwrl.dec.com {Usenet!Backbone}!decwrl!sndpit.enet.dec.com!smith
gary@ke4zv.UUCP (Gary Coffman) (06/01/91)
A general comment on privacy issues. No one should have *any* expectation of privacy for any transmission that intrudes on the property of others unless that intrusion is deliberate and contractually agreed upon. It should be *solely* the operator of such transmission equipment's responsibility to take whatever technical measures necessary to insure the degree of privacy desired for the contents of any intrusive transmission. There should be no criminalization whatsoever for the possession or use of any form of receiving equipment. In layman's terms, if I shout at my wife, and the neighbors hear, it's my problem, not theirs. It should not be a crime for them to have their ears open to any sound that may cross their property. This is only common sense, and any law that attempts to operate contrary to common sense is automatically bad law. Gary KE4ZV
vail@tegra.COM (Johnathan Vail) (06/05/91)
antenna@well.sf.ca.us writes: [text of ECPA ammendments] rh: While I disagree with many parts of this report, at least there is some recognition that receiver owners have rights, too, and not just those who transmit. I didn't see any of that in the report. What I saw was what looks like an attempt to protect the privacy of radio by passing more laws saying it is illegal to listen. Then they go on to say that maybe they should also pass a law to force manufacturers to tell consumers that their equipment isn't private after all. Then they finish by wishing that they had better technology to fix the problem in the first place. My summary: 1) Pass a stupid unenforceable law. 2) Pass another law to warn people that the first law doesn't work. 3) Wish that technology would make radio private in the first place because the other laws don't really do anything about privacy of radio. Not to flame, though. I appreciate the report and the addresses of the appropriate people to write to. "A screaming comes across the sky" _____ | | Johnathan Vail | n1dxg@tegra.com |Tegra| (508) 663-7435 | N1DXG@448.625-(WorldNet) ----- jv@n1dxg.ampr.org {...sun!sunne ..uunet}!tegra!vail
kaufman@neon.Stanford.EDU (Marc T. Kaufman) (06/05/91)
vail@tegra.COM (Johnathan Vail) writes: >antenna@well.sf.ca.us writes: - [text of ECPA ammendments] - rh: While I disagree with many parts of this report, at least - there is some recognition that receiver owners have rights, too, - and not just those who transmit. >I didn't see any of that in the report. What I saw was what looks >like an attempt to protect the privacy of radio by passing more laws >saying it is illegal to listen. Then they go on to say that maybe >they should also pass a law to force manufacturers to tell consumers >that their equipment isn't private after all. Then they finish by >wishing that they had better technology to fix the problem in the >first place. Not quite. What they said was that it is illegal for GOVERNMENT to use the results of listening in a prosecution, if the government did not have a court authorization. This makes the conversation "private" in a legal sense, if not in practice. I think the question the amendments are trying to address is: should the government have the RIGHT to listen (and use what you say against you) just because they have the TECHNOLOGY to do so. Remember, the government probably has the technology to listen to you even if you encrypt against casual listeners. Marc Kaufman (kaufman@Neon.stanford.edu)
6500hage@ucsbuxa.ucsb.edu (William F. Hagen) (06/06/91)
Maybe legislation should be included that requires private radio communication to prevent its transmissions from going places where they dont want it listened to. Ie., if someones radio waves are entering my premises, maybe they are intruding or invading my property and my only protection is to listen and see what the intrusion is.
phil@ux1.cso.uiuc.edu (Phil Howard KA9WGN) (06/06/91)
vail@tegra.COM (Johnathan Vail) writes: >My summary: > > 1) Pass a stupid unenforceable law. > 2) Pass another law to warn people that the first law doesn't > work. > 3) Wish that technology would make radio private in the first > place because the other laws don't really do anything > about privacy of radio. This technology is already known and exists. It's not quite as cheap as it could be, and would be if it were part of the wider consumer use of radio spectrum (e.g. cellular). If there is going to be a law passed, let it be one that requires the use of encrypted radio communications as the only means to achieve private communications. Require it absolutely for commom carriers. -- /***************************************************************************\ / Phil Howard -- KA9WGN -- phil@ux1.cso.uiuc.edu | Guns don't aim guns at \ \ Lietuva laisva -- Brivu Latviju -- Eesti vabaks | people; CRIMINALS do!! / \***************************************************************************/
vail@tegra.COM (Johnathan Vail) (06/06/91)
In article <1991Jun5.160706.24871@neon.Stanford.EDU> kaufman@neon.Stanford.EDU (Marc T. Kaufman) writes: vail@tegra.COM (Johnathan Vail (Me!)) writes: >antenna@well.sf.ca.us writes: - [text of ECPA ammendments] - rh: While I disagree with many parts of this report, at least - there is some recognition that receiver owners have rights, too, - and not just those who transmit. >I didn't see any of that in the report. What I saw was what looks >like an attempt to protect the privacy of radio by passing more laws >saying it is illegal to listen. Then they go on to say that maybe >they should also pass a law to force manufacturers to tell consumers >that their equipment isn't private after all. Then they finish by >wishing that they had better technology to fix the problem in the >first place. Not quite. What they said was that it is illegal for GOVERNMENT to use the results of listening in a prosecution, if the government did not have a court authorization. This makes the conversation "private" in a legal sense, if not in practice. I think the question the amendments are trying to address is: should the government have the RIGHT to listen (and use what you say against you) just because they have the TECHNOLOGY to do so. Remember, the government probably has the technology to listen to you even if you encrypt against casual listeners. hmmm I reread the original post and I see what you are saying but nowhere did it state specifically that listening is legal. What they did (in my opinion) was to recognize that it is unreasonable to enforce the law on the average citizen with a scanner. As I see it not only would the original ECPA be upheld but cordless phones would now be "protected" be the amendment. They use the word 'intentional' a lot implying that that the casual listener can get away with it somehow. It does specifically state the the govt needs a warrant. If I 'intentionally' tune my R7000 to 49 or 800 MHZ to listen to whats going on I would be in violation of the law. That is the way I read the proposed ammendment and I feel that this is wrong. jv . . The end of the world doesn't come suddenly and without warning. To 9 3 imagine it does is to be fooled by popular misconception and thus . fail to recognize the larger picture. The end of the world is an ongoing process. It starts slowly, imperceptably then blossoms unnoticed in our very midst until it has engulfed all that there is and none is free from its spell. _____ | | Johnathan Vail | n1dxg@tegra.com |Tegra| (508) 663-7435 | N1DXG@448.625-(WorldNet) ----- jv@n1dxg.ampr.org {...sun!sunne ..uunet}!tegra!vail
jeff@markets.amix.com (Jeff Crilly N6ZFX) (06/08/91)
In article <1991Jun6.044639.20039@ux1.cso.uiuc.edu> phil@ux1.cso.uiuc.edu (Phil Howard KA9WGN) writes: >vail@tegra.COM (Johnathan Vail) writes: > >>My summary: >> >> 1) Pass a stupid unenforceable law. >> 2) Pass another law to warn people that the first law doesn't >> work. >> 3) Wish that technology would make radio private in the first >> place because the other laws don't really do anything >> about privacy of radio. > >This technology is already known and exists. It's not quite as cheap >as it could be, and would be if it were part of the wider consumer use >of radio spectrum (e.g. cellular). > >If there is going to be a law passed, let it be one that requires the >use of encrypted radio communications as the only means to achieve >private communications. Require it absolutely for commom carriers. >-- But if communications is encrypted, then the government would have no way of listening in whe the courts allow them to. Of course, the common carrier could do the encrypting and have the technology to provide the government with "decryption" devices. Alot of the followup posts have been focusing on the issue of privacy from government, e.g. "folks don't want the government to be allowed to use what you say on the cordless-phone|baby-monitor|cell-phone to be used against you". Actually I see it as the government trying to figure out how they can pass a law that makes the users of these devices happy by giving them a sense of privacy. IMHO, the real problem is folks monitoring corporate-deals|unfaithful-wives|stock- deals-in-progress and taking the information and selling it or using it for blackmail purposes. If the government can't assure users that their conversations are reasonably private then the users that require reasonably private communications are not going to use the technology. By "reasonable", I mean, for example, that everyone knows (or should know) that government *can* monitor your conersations (e.g. tap your phone) if they think your doing something illegal and that other individuals aren't "listening in". I see the portion of the ECPA that deals with cellular as a pacifier for the cellular providers and users. Jeff