FBI Proposal May Undermine Cybersecurity, Experts Say

Information Security

The Center for Democracy and Technology posted a report from 20 of the leading experts in computer and network security criticizing the Federal Bureau of Investigation’s (FBI) proposal to require makers of secure communication tools to redesign their systems to make them wiretap compatible.

Currently, the Communications Assistance for Law Enforcement Act (CALEA) requires telecommunications carriers enable law enforcement officials to conduct electronic surveillance pursuant to court order or other lawful authorization.

From the report CALEA II: Risks of Wiretap Modifications to Endpoints: “This report explains how mandating wiretap capabilities in endpoints poses serious security risks. Requiring software vendors to build intercept functionality into their products is unwise and will be ineffective, with the result being serious consequences for the economic well-being and national security of the United States.”

The report concludes: “The FBI’s desire to expand CALEA mandates amounts to developing for our adversaries capabilities that they may not have the competence, access, or resources to develop on their own. In that sense, the endpoint wiretap mandate of CALEA II may lower the already low barriers to successful cybersecurity attacks. We believe that on balance mandating that endpoint software vendors build intercept functionality into their products will be much more costly to personal, economic and governmental security overall than the risks associated with ‘not’ being able to wiretap all communications.”

Article formerly posted at https://www.hsdl.org/blog/newpost/view/s_4789