wmartin@st-louis-emh2.army.mil (Will Martin -- AMXAL-RI) (04/15/89)
This is a follow-up posting from the Risks Digest on the Boston cellular eavesdropping subject; being sent to Telecom to keep its archives complete on the subject. ***Begin included item*** Date: Tue, 11 Apr 89 10:22:10 EDT From: roskos@ida.org (Eric Roskos) Subject: Re: Cellular Telephones (Re: Thayer, RISKS-8.53) > Has the law changed? I was led to understand that the FCC does not ban > the reception of any signal. Of course, banning the reception of > certain signals is going to be tough to enforce anyway. [I originally wrote the following posting in response to the first cellular telephone posting, then decided not to send it because (a) I'd already made several RISKS postings recently and (b) I'm reluctant to comment on legal matters when many legal people seem to get upset by lay-persons doing so. However, in response to the above question I decided to send it in anyway.] (Re: Den Beste, RISKS-8.52) > The article goes on to say that Radio Shack no longer sells that model, and > that the FCC says such eavesdropping is illegal. Intentionally listening to cellular communications is a violation of PL 99-508, "The Electronic Communications Privacy Act of 1986," and the violator is subject to a $500 criminal fine if the interception was of cellular telephone and not for one of the "bad purposes" defined in the legislation (other types of violations have penalties up to $250,000 for an individual or $500,000 for an organization). Accidentally encountering such a broadcast while tuning this model of receiver is not a violation if you do not intentionally listen to it, i.e., if you just pass by it in the course of tuning the radio; this issue was specifically addressed in the ECPA. The cellular telephone frequencies are adjacent to and overlap part of the UHF TV band, so it is also possible to tune them on older, continuous (as vs. discrete)-tuning UHF TV sets. It was reported in the press that the FCC recently stated that it is not illegal to manufacture and sell radios that tune the cellular frequencies, and in the past the FCC has allegedly declined to enforce the ECPA as applied to cellular telephones. On the other hand, the Cellular Telecommunications Industry Association recently used legal measures to force Grove Enterprises, a small dealer of radio equipment in North Carolina, to stop enabling a disabled feature of Radio Shack scanners that allowed reception of cellular telephone. It's interesting to note that Radio Shack was one of the companies listed in the Senate Report 99-541 as "support[ing] the principles involved in the [ECPA] legislation," and they manufacture a radio which has an option jumper that enables reception of these communications. It is currently sold with this option disabled. There is currently an ongoing debate between radio hobbyists and various sections of the government on application of the ECPA to cellular telephone communications. Recent issues of the monthly periodical _Monitoring_Times_ contain a good bit of editorializing and news items on the subject; there was also a recent book specifically about how to intercept radio telephone communications released by a publisher oriented towards "communications monitoring" topics. It also appears to be the case that a lot of scanners are sold and modified to receive cellular communications, and that the popular opinion is that the ECPA will not be enforced with regard to cellular telephone. From a practical standpoint, this suggests that it is wise to assume that any cellular telephone communications are probably being listened to. From the viewpoint of the potential listener, like the types of unauthorized computer access discussed here recently, in the absence of strong enforcement it is probably largely an ethical consideration: whether or not it is technically legal or illegal, one has to consider whether it is ethical. And, as I've argued in the past, Ethics per se doesn't say whether this sort of activity is "ethical." It's a difficult problem to address, other than simply to realize that the problem exists, and act in an informed manner. Disclaimers: The above comments result from reading published documents on the ECPA, and are *not* the opinions of a legal professional. My interest in the subject is solely in the area of keeping up with security and privacy issues, and does not necessarily reflect the opinion of anyone else. Eric Roskos (roskos@CS.IDA.ORG or Roskos@DOCKMASTER.ARPA) ***End item***