WASHINGTON – A government task force is preparing legislation that would pressure companies such as Facebook and Google to enable law enforcement officials to intercept online communications as they occur, according to current and former U.S. officials familiar with the effort.
Driven by FBI concerns that it is unable to tap the Internet communications of terrorists and other criminals, the task force’s proposal would penalize companies that failed to heed wiretap orders, court authorizations for the government to intercept suspects’ communications.
Rather than antagonizing companies whose cooperation they need, federal officials typically back off when a company is resistant, industry and former officials said. But law enforcement officials say the cloak drawn on suspects’ online activities — what the FBI calls the “going dark” problem — means that critical evidence can be missed.
“The importance to us is pretty clear,” Andrew Weissmann, the FBI’s general counsel, said last month at an American Bar Association discussion on legal challenges posed by new technologies. “We don’t have the ability to go to court and say, ‘We need a court order to effectuate the intercept.’ Other countries have that. Most people assume that’s what you’re getting when you go to a court.”
There is currently no way to easily wiretap some of these communications methods and companies effectively have been able to avoid complying with court orders. While the companies argue that they have no means to facilitate the wiretap, the government, in turn, has no desire to enter into what could be a drawn-out contempt proceeding.
Under the draft proposal, a court could levy a series of escalating fines, starting at tens of thousands of dollars, on firms that fail to comply with wiretap orders, according to persons who spoke on the condition of anonymity to discuss internal deliberations. A company that does not comply with an order within a certain period would face an automatic judicial inquiry, which could lead to fines. After 90 days, fines that remain unpaid would double daily.
Instead of setting rules that dictate how the wiretap capability must be built, the proposal would let companies develop the solutions as long as those solutions yielded the needed data. That flexibility was seen as inevitable by those crafting the proposal, given the range of technology companies that might receive wiretap orders. Smaller companies would be exempt from the fines.
The proposal, however, is likely to encounter resistance, industry officials and privacy advocates said.
“This proposal is a non-starter that would drive innovators overseas and cost American jobs,” said Greg Nojeim, a senior counsel at the Center for Democracy and Technology, which focuses on issues of privacy and security. “They might as well call it the Cyber Insecurity and Anti-Employment Act.”
The Obama administration has not yet signed off on the proposal. Justice Department, FBI and White House officials declined to comment. Still, Weissmann said at the ABA discussion that the issue is the bureau’s top legislative priority this year, but he declined to provide details about the proposal.
The issue of online surveillance has taken on added urgency with the explosion of social media and chat services and the proliferation of different types of online communication. Technology firms are seen as critical sources of information about crime and terrorism suspects.
“Today, if you’re a tech company that’s created a new and popular way to communicate, it’s only a matter of time before the FBI shows up with a court order to read or hear some conversation,” said Michael Sussmann, a former federal prosecutor and a partner at the law firm Perkins Coie’s Washington office who represents technology firms. “If the data can help solve crimes, the government will be interested.”
Some technology companies have developed a wiretap capability for some of their services. But a range of communications companies and services are not required to do so under what is known as CALEA, the 1994 Communications Assistance for Law Enforcement Act. Among those services are social media networks and the chat features on online gaming sites.
Former officials say the challenge for investigators was exacerbated in 2010, when Google began end-to-end encryption of its email and text messages after its networks were hacked. Facebook followed suit. That made it more difficult for the FBI to intercept email by serving a court order on the Internet service provider, whose pipes would carry the encrypted traffic.
The proposal would make clear that CALEA extends to Internet phone calls conducted between two computer users without going through a central company server — what is sometimes called “peer-to-peer” communication. But the heart of the proposal would add a provision to the 1968 Wiretap Act that would allow a court to levy fines.
Proponents say adding an enforcement provision to the 1968 Wiretap Act is a more politically palatable way of achieving that goal than by amending CALEA to redefine what types of companies should be covered.
Industry and privacy experts, including some former government officials, are skeptical. Some said a few companies will resist because they believe they might lose customers who have privacy concerns.