« Office Suites: Who's Number Two? | Main | Dell Support, Does it Exist? »

Electronic Suveillance: Who's Watching the Watchers?

As if it wasn't bad enough that President Bush agreed to and supports the apparent illegal electronic surveillance of phone/data communications, did you know some of the surveillance is sub-contracted out to private companies?

This startling claim is buried in a larger story written by PBS columnist Robert X. Cringely in his January 19, 2006 post . In it, he says that the so called pen/traps that record call identifying information (i.e., the outgoing and incoming phone numbers) is sub-contracted out by the phone companies. Cringely speculates that they (the telcos) do this to isolate themselves from legal liability concerns (like the ones that will be coming their way when all of this hits the courts).

It's bad enough that the NSA may be doing illegal surveillance - at least they are government employees and are therefore accountable to elected officials (theoretically, if not in practice). But who is a private business accountable to? The frightening answer is - no one. And to shield themselves even more, the telcos are sub-contracting out this very serious work.

But this whole story keeps getting worse.

Cringely also, in an earlier post, talks about the technology used to make the phone taps:

The typical CALEA installation on a Siemens ESWD or a Lucent 5E or a Nortel DMS 500 runs on a Sun workstation sitting in the machine room down at the phone company. The workstation is password protected, but it typically doesn't run Secure Solaris. It often does not lie behind a firewall. Heck, it usually doesn't even lie behind a door. It has a direct connection to the Internet because, believe it or not, that is how the wiretap data is collected and transmitted. And by just about any measure, that workstation doesn't meet federal standards for evidence integrity.

And it can be hacked.

And it has been.

He goes on to say:

This vulnerability is never discussed in public because it is an embarrassment to law enforcement and because the agencies that pay for CALEA don't want its vulnerability to be known. That might compromise national security. Alas, national security is already compromised by the system itself, and the people who might take advantage of the vulnerability have known about it for years. Only we are kept in the dark.

To these people President Bush's administration has entrusted the private communications of its citizens.

End note: Please be aware I am not saying we don't need intelligence. The US does have enemies. These enemies are trying to kill us. However, the point is not whether we should have intelligence gathering. The point is, how to do we go about in a way that preserves our freedoms? How do we go about in a way that preserves the checks and balances that the founding fathers felt were critical to our very survival as a republic? These are the questions that I am concerned about.

Comments

There is one positive point about the shambled data gathereing (I refuse to call it inteligence cause it has nothing to do with intelect). All the data becomes totally useless in court if anyone can prove a break-in into one of these systems. The data becomes seriously useless for anyone trying to exploit it for comercial or criminal purposes as well. So all your fear about privacy is needless once you can start feeding bogus information into the system.