Big Data, Big Brother, and You

Additional intersection points have arisen as well that could be cause for concern. The development of the next-generation 9-1-1 (NG9-1-1) system includes provisions for the government to shut down communications and utilities; burgeoning smart grid initiatives making the proxy control of these facilities even easier. But the single biggest factor that has altered the data collection and privacy landscape is the U.S. Government's response to the September 11 attacks. In the interest of national security and the prevention of future attacks, executive orders have been issued by the last and current presidents that authorize warrant-less electronic data collection. With the stroke of a pen, the Patriot Act authorized the National Security Administration (NSA) to monitor, without search warrants, phone calls, internet activity, text messaging, and all other communications.

This surveillance, however, wouldn't be possible without an infrastructure to support it and the participation of communications service providers (CSPs). This groundwork was laid back in 1994 when then-President Bill Clinton signed the Communications Assistance for Law Enforcement Act (CALEA) act into law. The language of CALEA outlines its intent:

“To amend title 18, United States Code, to make clear a telecommunications carrier's duty to cooperate in the interception of communications for Law Enforcement purposes, and for other purposes.”

CALEA sets forth mandates that require CSPs and their vendor partners to design their infrastructure with federal monitoring in mind, and permits the surveillance of telephone, broadband internet, and VoIP traffic. This means if a warrant is issued, CSPs must be able to provide investigators with a variety of customer records. There are several solutions that CSPs turn to for CALEA compliance. There are on-premise hardware solutions like forensics appliances from Solera Networks and Cisco, application-based solutions like NetSentry, and trusted third party solutions like Com Net. There is even an open source project designed to help smaller ISPs meet CALEA compliance without incurring large costs.

What about Skype, Facebook Chat, or WhatsApp? As it's currently worded, CALEA doesn't apply to over-the-top (OTT) communications service, and there hasn't been a formal proposal made to Congress to include such data collection. Nevertheless,"the Department of Justice is complaining that they are going dark, and losing the ability to intercept communication," says Mark Rumold, Legal Fellow with the Electronic Frontier Foundation (EFF). "The Administration is pushing to expand CALEA; what they would have to do is build a backdoor in the code. When you build a backdoor for the FBI, it's not just for the FBI, it's for everybody. Laws that mandate a backdoor threaten everyone's security."