CTIA seeks delay in e-mail interception standards

August 27, 2001

A wireless telecommunications advocacy group is asking the Federal Communications Commission again to hold off setting a wireless e-mail interception standard, a delay it views as needed to stop the FBI's Carnivore snooping software from becoming the de facto standard.

Wireless providers are charged with creating such a standard under the Communications Assistance for Law Enforcement Act (CALEA) to help law-enforcement agencies intercept e-mail that is sent over wireless networks.

According to an Aug. 15 letter from the Cellular Telecommunications & Internet Association to the FCC, the CTIA asked the FCC last year to suspend the standards process, "until the Commission had all the necessary information to make a realistic compliance determination."

Although the FCC set a deadline of Sept. 30 by which an interception standard, also known as packet mode assistance capability, should be set, the CTIA said it's no closer to doing so.

The reason: wireless carriers transmit data packets, which can contain all or part of numerous messages, in varied ways.

In the letter, CTIA attorney Michael Altschul wrote: "Since packet data protocols vary significantly, a single packet data standard is unlikely to work for all protocols. [The CTIA] has convened a standards effort ... to attempt to create an interface between the carrier and the law-enforcement agency for receipt of intercepted packets. This group's work is just beginning.

"While carriers and manufacturers have collaborated in good faith, uncertainty about legal requirements and the pending Commission decision has delayed development of any solution," the letter continued. "Thus, it is clear that there is no commercially available technology to meet assistance capabilities by the Commission's September 30, 2001, deadline."

Altschul's letter then goes on to say that Carnivore is the only technology available that could intercept packets, regardless of carrier.

The FBI said it has no plans to use DCS1000, formerly known as Carnivore, to comply with CALEA. In response to a Computerworld inquiry today, an FBI official said, "We have never proposed or planned to have Carnivore used as a solution for CALEA compliance. On the contrary, the limited frequency of its use is diminishing as industry's capability and capacity increase."

The CTIA letter didn't explain why the use of Carnivore to intercept wireless e-mails would be any different from its use to intercept e-mail sent over a wired network. The FBI can already extract messages sent via wired network -- as long as they are covered by the equivalent of a wiretap warrant.

It's illegal to view any but the messages covered by a warrant, as Donald M. Kerr, Assistant Director of the FBI's Laboratory Division noted in his statement to the U.S. House of Representatives in March of this year.

In addition, service providers are careful to not make themselves legally liable as well. "Service providers and their personnel are also subject to the electronic surveillance laws, meaning that unauthorized electronic surveillance of their customers [or anyone else] is forbidden, and criminal and civil liability may be assessed for violations," Kerr said.