WASHINGTON-As the compliance deadline for the digital wiretap law looms ever closer, policy makers last week again attempted to gain advantage on the legislative, regulatory and standards fronts.
On the legislative side, the fallout from an aborted attempt by a low-ranking minority member, Rep. Zoe Lofgren (D-Calif.), indicates that Rep. Bill McCollum (R-Fla.), chairman of the House crime subcommittee, still is struggling with identifying his role in the Capitol Hill debate over what, if anything, needs to be done to change the Communications Assistance for Law Enforcement Act of 1994.
On the regulatory front, the telecommunications industry urged the Federal Communications Commission to put off the Oct. 25 compliance date because of the lack of a law-enforcement-blessed standard. The FBI, on the other hand, told the FCC it did not have the authority to offer a blanket extension to the entire industry but rather was limited to extending the compliance deadline to individual carriers.
On standards, the Personal Communications Industry Association released a compliance standard for one-way paging that claims to be a “safe harbor” from noncompliance fines for paging service providers that implement it but which also has not been endorsed by law enforcement.
Legislation
Chairman McCollum may not introduce comprehensive legislation on CALEA this year; instead he may wait for the two sides-industry and law enforcement-to come to some sort of agreement, which could be the basis of legislative language being added to another vehicle such as an appropriations bill for the Department of Justice or a DOJ authorization bill, said congressional sources.
McCollum was able to convince Lofgren to withdraw an amendment to the DOJ authorization bill by promising to introduce legislation by July. However, his strategy seems to have changed because McCollum would rather broker a compromise between industry and law enforcement.
Congressional sources say McCollum made the public pronouncement of legislation this summer to diffuse a potentially embarrassing situation. It would not look right for a “low-ranking minority member to offer something before the chairman [of the subcommittee with jurisdiction] acts,” one congressional source said.
If McCollum is forced to offer legislation because of the lack of a compromise between the parties, the legislation would be very narrow. The bill would either codify FCC rulings on the issues or only extend the two controversial dates involved in the CALEA implementation debate: Jan. 1, 1995, and Oct. 25, 1998. The McCollum legislation is not expected to address the so-called punch list of nine capabilities the FBI says is necessary and industry and privacy groups claim is beyond the scope of CALEA.
A “dates-only bill” would be welcomed by the industry, said Thomas Wheeler, president of the Cellular Telecommunications Industry Association. “I am concerned that the FBI is playing a four corners game designed to push everybody’s back up against the October 25th wall. If that wall is then moved, then there is more room for rational people to sit down” and reach a compromise on the capabilities issue and the January 1995 date, Wheeler said.
Whatever happens on Capitol Hill, whether McCollum offers legislation or language is attached to another vehicle, it appears that legislation introduced by Rep. Bob Barr (R-Ga.) and strongly supported by industry is dead this year. The Barr legislation would have extended the dates in question to after the next millennium.
Regulation
The FCC is considering whether to extend the compliance deadline for CALEA for at least two years in response to various petitions filed claiming that compliance cannot be achieved because of the uncertainty of the standard. The FCC is reviewing separately whether an industry interim standard is too little, too much or just right.
The industry, unsurprisingly and overwhelmingly, supports extending the deadline. The extension requests vary from Oct. 25, 2000, to two years following completion of the standards proceeding. CTIA is critical of the FCC for waiting until less than six months before the deadline to consider a petition it filed July 16, 1997. “We wish the FCC had acted on this when we asked them to in July then the FCC wouldn’t be so much under the gun. They are the body that was appointed to decide this,” Wheeler said last week.
CTIA said it believes the FBI was instrumental in getting the FCC to “sit on” the petition, citing Freedom of Information Act documents obtained from the FCC. “DOJ opposed the [CTIA July 1997] petition in meetings with the [FCC] while at the same time law enforcement attempted to block promulgation of any industry standard,” CTIA said.
In contrast, the FBI said industry’s requests are “premised on a fundamental misunderstanding of [CALEA]. The basic premise of petitioners’ arguments is that members of the telecommunications industry may be excused from compliance with CALEA’s law enforcement assistance obligations unless and until a stable safe-harbor method of compliance becomes available … [CALEA’s] core law enforcement assistance obligations are in no way dependent upon the stability-or even the existence-of a safe-harbor method of compliance.”
Also at issue is how the FCC should proceed from this point. CTIA has urged the FCC to adopt a phased approach:
1) Grant an immediate stay of CALEA compliance pending determination of CALEA’s capability requirements;
2) Grant a year for the telecommunications standards body to complete technical specifications to implement the FCC’s decision on the standard; and
3) Extend the compliance date for 24 months after completion and promulgation of the revised standard.
The FBI has said the FCC should grant a limited extension while the industry implements the industry standard and the FCC evaluates the punch list. Any further changes to the standard and any further extensions would be the subject of a further proceeding.
CTIA commented that manufacturers are unwilling to develop products that may have to be changed and modified before they can even be deployed and installed.
Standards
While the telecom industry, privacy groups and law enforcement continue to argue over the appropriateness of the industry’s interim standard for broadband communications, PCIA last week released details of a compliance standard for one-way paging. The standard calls for law enforcement to use cloned pagers to intercept messages under surveillance. The standard is called a safe harbor for paging providers that implement it but as of press time, the FBI had not seen the document so the agency could not make a comment on it. “Anyone can make an assertion, but that does not make it so,” one FBI official said.
In reality, the standard will probably be accepted by the FBI because law enforcement already uses cloned pagers for surveillance. “In many respects, cloning has been the standard of choice for law enforcement,” said Rob Hoggarth, senior vice president of paging and messaging.
The standard calls for law enforcement to supply pagers to a paging provider with proper court authorization. The provider would initialize the clone to receive the same messages received by the target of the investigation. When the court authorization has expired, law enforcement returns the pagers to the paging provider to be deactivated.
