This story appeared on Network World at
http://www.networkworld.com/columnists/2011/030711bradner.html

Lighting the dark: Must you make your application wiretap-able?

'Net Insider By Scott Bradner, Network World
February 28, 2011 05:13 PM ET

Law enforcement has a problem, and you may be part of it.

If your company makes an Internet application that enables its users to communicate with each other and you do not have a way to hand over those communications in real time to law enforcement, then you are part of the problem. If one grants that there is a problem, as I do, the question becomes: "Is the solution worse than the problem?"

The U.S. House Committee on the Judiciary recently held a hearing on the general problems faced by law enforcement in today's Internet. They called the hearing "Going Dark: Lawful Electronic Surveillance in the Face of New Technologies."

During the hearing, FBI General Counsel Valerie Caproni clearly described the problems faced by law enforcement, noting that not all telecommunications providers were able to quickly meet their obligations under the Communications Assistance for Law Enforcement Act (CALEA). But she focused most of her testimony on the problem that law enforcement has in getting real-time communication among users of modern Internet applications.

Developers of these applications rarely consider that law enforcement might be interested in communications among their users. Some of those that do may decide that such interest would violate their users' privacy even if those users might be using the communication channel for evil purposes. Her testimony was backed up by Mark Marshall, president of the International Association of Chiefs of Police.

While Caproni specifically did not ask for any new laws to be enacted at this point, the implication was that it would be a good idea if the developers of Internet applications included the ability to wiretap the communications among their users.

But adding the ability to wiretap presents its own issues -- issues that were well covered by security and privacy expert Susan Landau. She pointed out that adding wiretap functionality is, by definition, adding an exploitable vulnerability. She also provided examples of such exploitation in current telecommunications systems.

The FBI's Caproni said that court orders for wiretaps are "the most difficult for investigating authorities to obtain and use" because of the protections in U.S. law. She did not suggest that these protections be lessened, but also did not mention that many other countries lack such protections. Since U.S.-developed technology is in use all over the world, wiretap back doors in U.S.-developed applications are likely to be exploited by governments far less interested in civil liberties than is the U.S. government.

Thus, application developers are placed in a quandary. On one hand, the law enforcement problems are very real -- there are some very bad people "out there." On the other hand, adding wiretap ability to your application may mean that some of those bad people, as well as bad governments, will be able to exploit your application in furtherance of their own aims.

If you are in the application writing business and your applications permit users to directly communicate with each other, you may be inadvertently developing a communication vehicle for terrorists, or for dissidents fighting a corrupt government. Adding wiretap functionality may help fight use by bad guys, while the same functionality may put good guys in danger. At this point adding such functionality is still your choice; in the future it may not be.

Disclaimer: While a few Harvard dropouts have done OK in developing applications or systems that enable user communication, and Harvard itself has developed a few systems that do the same, I know of no university position on including wiretap functions in such applications. Thus the above discussion is my own, not Harvard's.