antenna@well.sf.ca.us (Robert Horvitz) (05/31/91)
A "Privacy and Technology Task Force," assembled by Sen. Patrick Leahy, has recommended that the Electronic Communications Privacy Act of 1986 (ECPA) be amended to add penalties for the intentional interception of radio signals from cordless phones, wireless data communications, personal communications networks, radio PBXs, advanced Special Mobile Radio systems, and CT2/Telepoint radiotelephones. The Task Force also recommends that the ECPA's penalties for intentional interception be adjusted to focus on "targeted surveillance of specific communications"; that manufacturers be encouraged to put warning labels on "customer premises telephone equipment"; and that Congress examine "encryption technology and its potential impact on enhancing the privacy, security, and authenticity of electronic communications." In addition, the Task Force's report (delivered to Sen. Leahy on May 28th) discusses Caller ID, ID blocking, automated dossier- building, protection for personal electronic transaction data, and government monitoring of data networks. But consensus recommendations were not offered on amending the ECPA in these areas. According to Cathy Russell, counsel for the Senate Subcommittee on Technology and the Law, Sen. Leahy has not decided how to respond to the report. No hearings are scheduled yet, and the recommendations have not been translated into draft legislation. However, something will surely be done to show that Congress cares about electronic privacy. Here is a long excerpt from the radio part of the 23-page report. Capitalized words were set in boldface in the original: "...Computer companies are experimenting with, and seeking FCC licenses for, 'wireless' modems which can transmit data between computers without the computers being wired together, either directly or through phone lines. Such modems will have applications in several environments including the transmission of data from remote sites (a kind of cellular laptop computer) as well as within an office environment (wireless local area network or LAN)... Under current FCC proceedings, there is a likelihood that such communications will not be protected unless the user goes to the expense of full data encryption. THE TASK FORCE RECOMMENDS APPROPRIATE AMENDMENTS TO LEGALLY PROTECT DIGITAL COMMUNICATIONS OF THIS TYPE FROM UNAUTHORIZED INTERCEPTION. "...Cordless phones have reduced the transmission power so that the phenomenon of having calls blast through on an FM radio receiver has been eliminated. Cordless phones also have begun to utilize technology which permits the call to be carried between the handset and base unit on more than one frequency. This feature can and is available to add security and privacy to the phone call. The next generation of phones will utilize digital transmission technology which will make interception more difficult. "Perhaps the most important change since 1986, though, is not technological but societal. The cordless phone, far from being a novelty item used only at `poolside,' has become ubiquitous. A leading telephone equipment supplier now sells as many cordless telephone units as wired sets. It is projected that cordless phones will be in use in 68% of American households by the end of the decade. More and more communications are being carried out by people in private, in their homes and offices, with an expectation that such calls are just like any other phone call. Given such technological changes and under such societal circumstances, the task force concluded that to relieve the government of the duty to obtain a warrant before monitoring such communications is to vitiate much of the protection which should be afforded to communications privacy by the federal wiretap law and the Fourth Amendment. THEREFORE, THE TASK FORCE RECOMMENDS THAT CONSIDERATION BE GIVEN TO ELIMINATION OF THE EXEMPTION FOR CORDLESS PHONES, WHILE PRESERVING AN EXCEPTION FOR UNINTENTIONAL OR ACCIDENTAL PRIVATE PARTY INTERCEPTION. "In recommending both the maintenance and extension of legal protection for `wireless' radio communications, the task force is aware that inexpensive, widely available scanners and other devices are available that make it possible to intercept radio communications. The task force strongly believes that such technologies should not defeat citizens' reasonable expectation of privacy against government intrusion and that government agents should conduct electronic surveillance of the technologies described above only under appropriate court authorization. At the same time, criminal sanctions could be overbroad in criminalizing inadvertent and unintentional interceptions of radio communications by persons with access who legally possess and use scanner and other devices that intercept radio communications. The existence of monitoring devices makes it difficult to rely solely on legal protections against third-party eavesdropping. The task force is aware that legal protections may not go far enough in affording citizens real privacy protection against intentional but undetected private surveillance. For example, concerns were expressed by a number of task force members that technical privacy enhancing features for radio-based systems should be more rapidly deployed by manufacturers and service providers. "To rectify this situation, the task force does not want to overcriminalize in this area, i.e., penalize unintentional conduct. THE TASK FORCE IS OF THE VIEW THAT THE RIGHTS OF PRIVATE CITIZENS USING RADIO SCANNERS CAN APPROPRIATELY BE ADDRESSED BY CLEARLY SETTING FORTH INTENT REQUIREMENTS IN THE ACT, BY TYING THE CRIMINAL PENALTY TO TARGETED SURVEILLANCE OF SPECIFIC COMMUNICATIONS AND BY FURTHER ADJUSTING THE CIVIL AND CRIMINAL PENALTY STRUCTURE OF THE ACT, RATHER THAN EXEMPTING WHOLE CATEGORIES OF TELEPHONE TECHNOLOGIES AND THUS MAKING THEM FAIR GAME FOR MONITORING BY GOVERNMENT AGENTS WITHOUT A WARRANT, CORPORATE SPIES, OR JUST PLAIN SNOOPS. "Second, in order to ensure that citizens both understand the vulnerability of particular radio technologies to private, intentional, illegal interception and to encourage industry to develop and market communications devices that are less vulnerable to intrusion, THE TASK FORCE ENDORSES THE CONCEPT THAT ECPA SHOULD BE AMENDED IN SUCH A WAY AS TO ENCOURAGE THE PLACEMENT OF WARNINGS AND NOTICE OF THE VULNERABILITY OF CUSTOMER PREMISES TELEPHONE EQUIPMENT ON SPECIFIC [CUSTOMER PREMISES EQUIPMENT] AND THAT MANUFACTURERS BE ENCOURAGED TO MAKE CONSUMERS AWARE OF THE TECHNICAL LEVELS OF PRIVACY ON DIFFERENT TYPES OF EQUIPMENT. The task force believes this will encourage industry to compete with each other in developing devices which are more secure. THE TASK FORCE BELIEVES CONGRESS SHOULD WORK WITH THE FCC, INDUSTRY, AND TECHNICAL EXPERTS TO FUTHER EXPLORE WAYS TO ENHANCE THE SECURITY OF DIFFERENT TYPES OF EQUIPMENT AND TO FURTHER EXPLORE WAYS TO ENHANCE CONSUMER AWARENESS OF THE SECURITY OF DIFFERENT TYPES OF EQUIPMENT AND LAWS PERTAINING TO COMMUNICATIONS PRIVACY. IN PARTICULAR, THE TASK FORCE RECOMMENDS THE EXAMINATION OF ENCRYPTION TECHNOLOGY AND ITS POTENTIAL IMPACT ON ENHANCING THE PRIVACY, SECURITY, AND AUTHENTICITY OF ELECTRONIC COMMUNICATIONS. THE TASK FORCE FURTHER ENCOURAGES COMMUNICATIONS SERVICE PROVIDERS TO CONTINUE TO EXPLORE THE INCORPORATION OF ENCRYPTION AND OTHER PRIVACY ENHANCING FEATURES IN NEW COMMUNICATIONS SERVICES, SO AS TO IMPROVE COMMUNICATIONS PRIVACY..." - - - - - rh: While I disagree with many parts of this report, at least there is some recognition that receiver owners have rights, too, and not just those who transmit. If you would like to express your views on the report, or suggest possible amendments to the ECPA, you can write to: John Podesta Chairman, Privacy & Technology Task Force 424 C Street NE Washington, DC 20002 or Senator Patrick Leahy, Chairman Subcommittee on Technology and the Law 815 Hart Senate Office Building Washington, DC 20510 -- !.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.|.!.| Robert Horvitz 1122-1/2 E St. SE Washington, DC 20003-2232 USA uucp: ...uunet!capital!rhorvitz
smith@sndpit.enet.dec.com (Willie Smith) (05/31/91)
In article <25147@well.sf.ca.us>, antenna@well.sf.ca.us (Robert Horvitz) writes... >A "Privacy and Technology Task Force," assembled by Sen. Patrick >Leahy, has recommended that the Electronic Communications >Privacy Act of 1986 (ECPA) be amended to add penalties for the >intentional interception of radio signals from [...] >wireless data communications, personal communications networks, Wow, so I couldn't set my TNC to "MONITOR ON", and the status of listening to the various 2-meter repeaters I hear on my commute gets fuzzy too. Clever... 1/2 :+) Willie Smith smith@sndpit.enet.dec.com smith%sndpit.enet.dec.com@decwrl.dec.com {Usenet!Backbone}!decwrl!sndpit.enet.dec.com!smith
gary@ke4zv.UUCP (Gary Coffman) (06/01/91)
A general comment on privacy issues. No one should have *any* expectation of privacy for any transmission that intrudes on the property of others unless that intrusion is deliberate and contractually agreed upon. It should be *solely* the operator of such transmission equipment's responsibility to take whatever technical measures necessary to insure the degree of privacy desired for the contents of any intrusive transmission. There should be no criminalization whatsoever for the possession or use of any form of receiving equipment. In layman's terms, if I shout at my wife, and the neighbors hear, it's my problem, not theirs. It should not be a crime for them to have their ears open to any sound that may cross their property. This is only common sense, and any law that attempts to operate contrary to common sense is automatically bad law. Gary KE4ZV
vail@tegra.COM (Johnathan Vail) (06/05/91)
antenna@well.sf.ca.us writes: [text of ECPA ammendments] rh: While I disagree with many parts of this report, at least there is some recognition that receiver owners have rights, too, and not just those who transmit. I didn't see any of that in the report. What I saw was what looks like an attempt to protect the privacy of radio by passing more laws saying it is illegal to listen. Then they go on to say that maybe they should also pass a law to force manufacturers to tell consumers that their equipment isn't private after all. Then they finish by wishing that they had better technology to fix the problem in the first place. My summary: 1) Pass a stupid unenforceable law. 2) Pass another law to warn people that the first law doesn't work. 3) Wish that technology would make radio private in the first place because the other laws don't really do anything about privacy of radio. Not to flame, though. I appreciate the report and the addresses of the appropriate people to write to. "A screaming comes across the sky" _____ | | Johnathan Vail | n1dxg@tegra.com |Tegra| (508) 663-7435 | N1DXG@448.625-(WorldNet) ----- jv@n1dxg.ampr.org {...sun!sunne ..uunet}!tegra!vail
kaufman@neon.Stanford.EDU (Marc T. Kaufman) (06/05/91)
vail@tegra.COM (Johnathan Vail) writes: >antenna@well.sf.ca.us writes: - [text of ECPA ammendments] - rh: While I disagree with many parts of this report, at least - there is some recognition that receiver owners have rights, too, - and not just those who transmit. >I didn't see any of that in the report. What I saw was what looks >like an attempt to protect the privacy of radio by passing more laws >saying it is illegal to listen. Then they go on to say that maybe >they should also pass a law to force manufacturers to tell consumers >that their equipment isn't private after all. Then they finish by >wishing that they had better technology to fix the problem in the >first place. Not quite. What they said was that it is illegal for GOVERNMENT to use the results of listening in a prosecution, if the government did not have a court authorization. This makes the conversation "private" in a legal sense, if not in practice. I think the question the amendments are trying to address is: should the government have the RIGHT to listen (and use what you say against you) just because they have the TECHNOLOGY to do so. Remember, the government probably has the technology to listen to you even if you encrypt against casual listeners. Marc Kaufman (kaufman@Neon.stanford.edu)
6500hage@ucsbuxa.ucsb.edu (William F. Hagen) (06/06/91)
Maybe legislation should be included that requires private radio communication to prevent its transmissions from going places where they dont want it listened to. Ie., if someones radio waves are entering my premises, maybe they are intruding or invading my property and my only protection is to listen and see what the intrusion is.
phil@ux1.cso.uiuc.edu (Phil Howard KA9WGN) (06/06/91)
vail@tegra.COM (Johnathan Vail) writes: >My summary: > > 1) Pass a stupid unenforceable law. > 2) Pass another law to warn people that the first law doesn't > work. > 3) Wish that technology would make radio private in the first > place because the other laws don't really do anything > about privacy of radio. This technology is already known and exists. It's not quite as cheap as it could be, and would be if it were part of the wider consumer use of radio spectrum (e.g. cellular). If there is going to be a law passed, let it be one that requires the use of encrypted radio communications as the only means to achieve private communications. Require it absolutely for commom carriers. -- /***************************************************************************\ / Phil Howard -- KA9WGN -- phil@ux1.cso.uiuc.edu | Guns don't aim guns at \ \ Lietuva laisva -- Brivu Latviju -- Eesti vabaks | people; CRIMINALS do!! / \***************************************************************************/
vail@tegra.COM (Johnathan Vail) (06/06/91)
In article <1991Jun5.160706.24871@neon.Stanford.EDU> kaufman@neon.Stanford.EDU (Marc T. Kaufman) writes: vail@tegra.COM (Johnathan Vail (Me!)) writes: >antenna@well.sf.ca.us writes: - [text of ECPA ammendments] - rh: While I disagree with many parts of this report, at least - there is some recognition that receiver owners have rights, too, - and not just those who transmit. >I didn't see any of that in the report. What I saw was what looks >like an attempt to protect the privacy of radio by passing more laws >saying it is illegal to listen. Then they go on to say that maybe >they should also pass a law to force manufacturers to tell consumers >that their equipment isn't private after all. Then they finish by >wishing that they had better technology to fix the problem in the >first place. Not quite. What they said was that it is illegal for GOVERNMENT to use the results of listening in a prosecution, if the government did not have a court authorization. This makes the conversation "private" in a legal sense, if not in practice. I think the question the amendments are trying to address is: should the government have the RIGHT to listen (and use what you say against you) just because they have the TECHNOLOGY to do so. Remember, the government probably has the technology to listen to you even if you encrypt against casual listeners. hmmm I reread the original post and I see what you are saying but nowhere did it state specifically that listening is legal. What they did (in my opinion) was to recognize that it is unreasonable to enforce the law on the average citizen with a scanner. As I see it not only would the original ECPA be upheld but cordless phones would now be "protected" be the amendment. They use the word 'intentional' a lot implying that that the casual listener can get away with it somehow. It does specifically state the the govt needs a warrant. If I 'intentionally' tune my R7000 to 49 or 800 MHZ to listen to whats going on I would be in violation of the law. That is the way I read the proposed ammendment and I feel that this is wrong. jv . . The end of the world doesn't come suddenly and without warning. To 9 3 imagine it does is to be fooled by popular misconception and thus . fail to recognize the larger picture. The end of the world is an ongoing process. It starts slowly, imperceptably then blossoms unnoticed in our very midst until it has engulfed all that there is and none is free from its spell. _____ | | Johnathan Vail | n1dxg@tegra.com |Tegra| (508) 663-7435 | N1DXG@448.625-(WorldNet) ----- jv@n1dxg.ampr.org {...sun!sunne ..uunet}!tegra!vail
jeff@markets.amix.com (Jeff Crilly N6ZFX) (06/08/91)
In article <1991Jun6.044639.20039@ux1.cso.uiuc.edu> phil@ux1.cso.uiuc.edu (Phil Howard KA9WGN) writes: >vail@tegra.COM (Johnathan Vail) writes: > >>My summary: >> >> 1) Pass a stupid unenforceable law. >> 2) Pass another law to warn people that the first law doesn't >> work. >> 3) Wish that technology would make radio private in the first >> place because the other laws don't really do anything >> about privacy of radio. > >This technology is already known and exists. It's not quite as cheap >as it could be, and would be if it were part of the wider consumer use >of radio spectrum (e.g. cellular). > >If there is going to be a law passed, let it be one that requires the >use of encrypted radio communications as the only means to achieve >private communications. Require it absolutely for commom carriers. >-- But if communications is encrypted, then the government would have no way of listening in whe the courts allow them to. Of course, the common carrier could do the encrypting and have the technology to provide the government with "decryption" devices. Alot of the followup posts have been focusing on the issue of privacy from government, e.g. "folks don't want the government to be allowed to use what you say on the cordless-phone|baby-monitor|cell-phone to be used against you". Actually I see it as the government trying to figure out how they can pass a law that makes the users of these devices happy by giving them a sense of privacy. IMHO, the real problem is folks monitoring corporate-deals|unfaithful-wives|stock- deals-in-progress and taking the information and selling it or using it for blackmail purposes. If the government can't assure users that their conversations are reasonably private then the users that require reasonably private communications are not going to use the technology. By "reasonable", I mean, for example, that everyone knows (or should know) that government *can* monitor your conersations (e.g. tap your phone) if they think your doing something illegal and that other individuals aren't "listening in". I see the portion of the ECPA that deals with cellular as a pacifier for the cellular providers and users. Jeff