Friday, 4 November 2011

Telephone tapping

Telephone tapping (also wire tapping or wiretapping in American English) is the monitoring of telephone and Internet conversations by a third party, often by covert means. The wire tap received its name because, historically, the monitoring connection was an actual electrical tap on the telephone line. Legal wiretapping by a government agency is also called lawful interception. Passive wiretapping monitors or records the traffic, while active wiretapping alters or otherwise affects it.


Legal status


All about: Telephone recording laws



Telephone tapping is officially strictly controlled in many countries to safeguard privacy; this is the case in all developed democracies. In theory, telephone tapping often needs to be authorized by a court, and is, again in theory, normally only approved when evidence shows it is not possible to detect criminal or subversive activity in less intrusive ways; often the law and regulations require that the crime investigated must be at least of a certain severity. In many jurisdictions however, permission for telephone tapping is easily obtained on a routine basis without further investigation by the court or other entity granting such permission. Illegal or unauthorized telephone tapping is often a criminal offense. However, in certain jurisdictions such as Germany, courts will accept illegally recorded phone calls without the other party's consent as evidence, but the unauthorized telephone tapping will be avenged too.
In the United States, federal agencies may be authorized to engage in wiretaps by the United States Foreign Intelligence Surveillance Court, a court with secret proceedings, in certain circumstances.
Under United States federal law and most state laws, there is nothing illegal about one of the parties to a telephone call recording the conversation, or giving permission for calls to be recorded or permitting their telephone line to be tapped. However the telephone recording laws in most U.S. states require only one party to be aware of the recording, while 12 states require both parties to be aware. It is considered better practice to announce at the beginning of a call that the conversation is being recorded.




Methods


Official use


The contracts or licenses by which the state controls telephone companies often require that the companies must provide access for tapping lines to law enforcement. In the U.S., telecommunications carriers are required by law to cooperate in the interception of communications for law enforcement purposes under the terms of Communications Assistance for Law Enforcement Act (CALEA).
When telephone exchanges were mechanical, a tap had to be installed by technicians, linking circuits together to route the audio signal from the call. Now that many exchanges have been converted to digital technology tapping is far simpler and can be ordered remotely by computer. Telephone services provided by cable TV companies also use digital switching technology. If the tap is implemented at a digital switch, the switching computer simply copies the digitized bits that represent the phone conversation to a second line and it is impossible to tell whether a line is being tapped. A well-designed tap installed on a phone wire can be difficult to detect. In some instances some law enforcement maybe able to even access a mobile phone's internal microphone even while it isn't actively being used on a phone call (unless the battery is removed). The noises that some people believe to be telephone taps are simply crosstalk created by the coupling of signals from other phone lines.
Data on the calling and called number, time of call and duration, will generally be collected automatically on all calls and stored for later use by the billing department of the phone company. These data can be accessed by security services, often with fewer legal restrictions than for a tap. This information used to be collected using special equipment known as pen registers and trap and trace devices and U.S. law still refers to it under those names. Today, a list of all calls to a specific number can be obtained by sorting billing records. A telephone tap during which only the call information is recorded but not the contents of the phone calls themselves, is called a pen register tap.
For telephone services via digital exchanges, the information collected may additionally include a log of the type of communications media being used (some services treat data and voice communications differently to conserve bandwidth).
See also: Carnivore (FBI)






Non-official use


A telephone recording adapter (in-line tap). The phone jack connects to the wall socket while the phone being monitored is connected to the adapter's socket. The audio plug connects to the recording device (computer, tape recorder, etc.).
Conversations can be recorded or monitored unofficially, either by tapping by a third party without the knowledge of the parties to the conversation, or recorded by one of the parties. This may or may not be illegal, according to the circumstances and the jurisdiction.
There are a number of ways to monitor telephone conversations. One of the parties may record the conversation by several methods, either on a tape or solid-state recording device, or on a computer running call recording software. The recording,whether overt or covert, may be started manually, automatically by detecting sound on the line (VOX), or automatically whenever the phone is off the hook.
using an inductive coil tap (telephone pickup coil) attached to the handset or near the base of the telephone;
fitting an in-line tap, as discussed below, with a recording output;
using an in-ear microphone while holding the telephone to the ear normally; this picks up both ends of the conversation without too much disparity between the volumes[9]
more crudely and with lower quality, simply using a speakerphone and recording with a normal microphone
The conversation may be monitored (listened to or recorded) covertly by a third party by using an induction coil or a direct electrical connection to the line using a beige box. An induction coil is usually placed underneath the base of a telephone or on the back of a telephone handset to pick up the signal inductively. An electrical connection can be made anywhere in the telephone system, and need not be in the same premises as the telephone. Some apparatus may require occasional access to replace batteries or tapes. Poorly designed tapping or transmitting equipment can cause interference audible to users of the telephone.
The tapped signal may either be recorded at the site of the tap or transmitted by radio or over the telephone wires. As of 2007 state-of-the-art equipment operates in the 30–300 GHz range.[citation needed] The transmitter may be powered from the line to be maintenance-free, and only transmits when a call is in progress. These devices are low-powered as not much power can be drawn from the line, but a state-of-the-art receiver could be located as far away as ten kilometers under ideal conditions, though usually located much closer. Research has shown that a satellite can be used to receive terrestrial transmissions with a power of a few milliwatts. Any sort of radio transmitter whose presence is suspected is detectable with suitable equipment.
Conversation on many early cordless telephones could be picked up with a simple radio scanner or sometimes even a domestic radio. Widespread digital spread spectrum technology and encryption make eavesdropping this much more difficult.
A problem with recording a telephone conversation is that the recorded volume of the two speakers may be very different. A simple tap will have this problem. An in-ear microphone, while involving an additional distorting step by converting the electrical signal to sound and back again, in practice gives better-matched volume. Dedicated, and relatively expensive, telephone recording equipment equalizes the sound at both ends from a direct tap much better.




Location data


Mobile phones are, in surveillance terms, a major liability. This liability will only increase as the new third-generation (3G) phones are introduced, as the base stations will be located closer together. For mobile phones the major threat is the collection of communications data. This data does not only include information about the time, duration, originator and recipient of the call, but also the identification of the base station where the call was made from, which equals its approximate geographical location. This data is stored with the details of the call and has utmost importance for traffic analysis.
It is also possible to get greater resolution of a phone's location by combining information from a number of cells surrounding the location, which cells routinely communicate (to agree on the next handoff—for a moving phone) and measuring the timing advance, a correction for the speed of light in the GSM standard. This additional precision must be specifically enabled by the telephone company—it is not part of the network's ordinary operation.
The second generation mobile phones (circa 1978 through 1990) could be easily monitored by anyone with a 'scanning all-band receiver' because the system used an analog transmission system-like an ordinary radio transmitter. The third generation digital phones are harder to monitor because they use digitally-encoded and compressed transmission. However the government can tap mobile phones with the cooperation of the phone company. It is also possible for organizations with the correct technical equipment to monitor mobile phone communications and decrypt the audio. A device called an "IMSI-catcher" pretends to the mobile phones in its vicinity to be a legitimate base station of the mobile phone network, subjecting the communication between the phone and the network to a man-in-the-middle attack. This is possible because while the mobile phone has to authenticate itself to the mobile telephone network, the network does not authenticate itself to the phone. Once the mobile phone has accepted the IMSI-catcher as its base station the IMSI-catcher can deactivate GSM encryption using a special flag. All calls made from the tapped mobile phone go through the IMSI-catcher and are then passed on to the mobile network. Some phones include a special monitor mode (activated with secret codes or special software) which displays GSM operating parameters such as encryption while a call is being made. There is no defense against IMSI-catcher based eavesdropping, except using end-to-end call encryption; products offering this feature, secure telephones, are already beginning to appear on the market, though they tend to be expensive and incompatible with each other, which limits their proliferation.




Internet


In 1995, Peter Garza, a Special Agent with the Naval Criminal Investigative Service, conducted the first court-ordered Internet wiretap in the United States while investigating Julio Cesar Ardita ("El Griton").
As technologies emerge, including VoIP, new questions are raised about law enforcement access to communications (see VoIP recording). In 2004, the Federal Communications Commission was asked to clarify how the Communications Assistance for Law Enforcement Act (CALEA) related to Internet service providers. The FCC stated that “providers of broadband Internet access and voice over Internet protocol (“VoIP”) services are regulable as “telecommunications carriers” under the Act.” Those affected by the Act will have to provide access to law enforcement officers who need to monitor or intercept communications transmitted through their networks. As of 2009, warrantless surveillance of internet activity has consistently been upheld in FISA court.
The Internet Engineering Task Force has decided not to consider requirements for wiretapping as part of the process for creating and maintaining IETF standards.
Typically, illegal Internet wiretapping will be conducted via Wi-Fi connection to someone's internet by cracking the WEP or WPA key, using a tool such as Aircrack-ng or Kismet. Once in, the intruder will rely on a number of potential tactics, for example an ARP spoofing attack which will allow the intruder to view packets in a tool such as Wireshark or Ettercap.
One issue that Internet wiretapping is yet to overcome is that of steganography, whereby a user encodes, or “hides”, one file inside another (usually a larger, dense file like a MP3 or JPEG image). With modern advancements in encoding technologies, the resulting combined file is essentially indistinguishable to anyone attempting to view it, unless they have the necessary protocol to extract the hidden file. US News reported that this technique was commonly used by Osama bin Laden as a way to communicate with his terrorist cells.
There are a number of steganographic programs available online, such as Wnstorm, QuickCrypto, and TextHide.




Mobile phone


Mobile phones have numerous privacy issues. Governments, law enforcement and intelligence services use mobiles to perform surveillance in the UK and the US. They possess technology to activate the microphones in cell phones remotely in order to listen to conversations that take place near to the person who holds the phone.
Mobile phones are also commonly used to collect location data. While the phone is turned on, the geographical location of a mobile phone can be determined easily (whether it is being used or not), using a technique known multilateration to calculate the differences in time for a signal to travel from the cell phone to each of several cell towers near the owner of the phone.




Webtapping


Logging the IP addresses of users that access certain websites is commonly called "webtapping".
Webtapping is used to monitor websites that presumably contain dangerous or sensitive materials, and the people that access them. Though it is allowed by the USA PATRIOT Act, it is considered by many a questionable practice,[citation needed] if not an all-out violation of civil liberties.




History


Telephone wiretapping began in the 1890s, following the invention of the telephone recorder, and its constitutionality was established in the Prohibition Era conviction of bootlegger Roy Olmstead. Wiretapping has also been carried out under most Presidents, sometimes with a lawful warrant since the Supreme Court ruled it constitutional in 1928. On October 19, 1963, U.S. Attorney General Robert F. Kennedy, who served under John F. Kennedy and Lyndon B. Johnson, authorized the FBI to begin wiretapping the communications of Rev. Martin Luther King, Jr. The wiretaps remained in place until April 1965 at his home and June 1966 at his office.
The history of voice communication technology begins in 1876 with the invention of Alexander Graham Bell’s telephone. In the 1890s, “law enforcement agencies begin tapping wires on early telephone networks”. Remote voice communications “were carried almost exclusively by circuit-switched systems,” where telephone switches would connect wires to form a continuous circuit and disconnect the wires when the call ended). All other telephone services, such as call forwarding and message taking, were handled by human operators. However, the first computerized telephone switch was developed by Bell Labs in 1965. This got rid of standard wiretapping techniques.
In the 1970s, optical fibers become a medium for telecommunications. These fiber lines, which are “long, thin strands of glass that carry signals via laser light,” are more secure than radio, and have become very cheap. From the 1990s to the present, the majority of communications from “one fixed location to another have moved by fiber.” Since these fiber communications are “wired,” U.S. law “gives them greater protection.”
The earliest wiretaps were extra wires—“connected to the line between the telephone company’s central office and the subscriber—that carried the signal to a pair of earphones and a recorder. Later on, wiretaps were installed at the central office on the frames that held the incoming wires.”
Before the Japanese attack on Pearl Harbor and the subsequent entry of the United States into World War II, the U.S. House of Representatives held hearings on the legality of wiretapping for national defense. Significant legislation and judicial decisions on the legality and constitutionality of wiretapping had taken place years before World War II. However, it took on new urgency at that time of national crisis. The actions of the government regarding wiretapping for the purpose of national defense in the current war on terror have drawn considerable attention and criticism. In the World War II era, the public was also aware of the controversy over the question of the constitutionality and legality of wiretapping. Furthermore, the public was concerned with the decisions that the legislative and judicial branches of the government were making regarding wiretapping.
In the Greek telephone tapping case 2004-2005 more than 100 mobile phone numbers belonging mostly to members of the Greek government, including the Prime Minister of Greece, and top-ranking civil servants were found to have been illegally tapped for a period of at least one year. The Greek government concluded this had been done by a foreign intelligence agency, for security reasons related to the 2004 Olympic Games, by unlawfully activating the lawful interception subsystem of the Vodafone Greece mobile network. An Italian tapping case which surfaced in November 2007 revealed significant manipulation of the news at the national television company RAI.




CrimethInc. sticker on a telephone warning users of phone tapping by the U.S. government.
In 1967, the U.S. Supreme Court ruled that wiretapping (or “intercepting communications”) requires a warrant in the Katz v. United States case. In 1968, Congress passed a law that provided warrants for wiretapping in criminal investigations. In 1978, the Foreign Intelligence Surveillance Act (FISA) created a “secret federal court for issuing wiretap warrants in national security cases.” This was in response to findings from the Watergate break-in, which allegedly uncovered a history of presidential operations that had used surveillance on domestic and foreign political organizations.
In 1994, Congress approved the Communications Assistance for Law Enforcement Act (CALEA), which “requires telephone companies to be able to install more effective wiretaps. In 2004, the Federal Bureau of Investigation (FBI), United States Department of Justice (DOJ), Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF), and Drug Enforcement Agency (DEA) wanted to expand CALEA requirements to VoIP service.”
The Federal Communications Commission (FCC) ruled in August 2005 that “broadband-service providers and interconnected VoIP providers fall within CALEA’s scope. Currently, instant messaging, web boards and site visits are not included in CALEA’s jurisdiction. In 2007, Congress amended FISA to “allow the government to monitor more communications without a warrant.” In 2008, President George W. Bush expanded the surveillance of internet traffic to and from the U.S. government by signing a national security directive.
In 2008, Wired and other media reported a lamplighter disclosed a "Quantico Circuit" — a 45 megabit/second DS-3 line linking a carrier's most sensitive network in an affidavit that was the basis for a lawsuit against Verizon Wireless. The circuit provides direct access to all content and all information concerning the origin and termination of telephone calls placed on the Verizon Wireless network as well as the actual content of calls, according to the filing.
The most recent case of U.S. wiretapping was the NSA warrantless surveillance controversy discovered in December 2005. It aroused much controversy, after then President George W. Bush admitted to violating a specific federal statute (FISA) and the warrant requirement of the Fourth Amendment to the United States Constitution. The President claimed his authorization was consistent with other federal statutes (AUMF) and other provisions of the Constitution, was necessary to keep America safe from terrorism, and could lead to the capture of notorious terrorists responsible for the September 11 attacks in 2001.
One difference between foreign wiretapping and domestic wiretapping is that, when operating in other countries, “American intelligence services could not place wiretaps on phone lines as easily as they could in the U.S.” Also, domestically, wiretapping is regarded as an extreme investigative technique, whereas outside of the country, the interception of communications is huge. The National Security Agency (NSA) “spends billions of dollars every year intercepting foreign communications from ground bases, ships, airplanes and satellites”.
FISA distinguishes between U.S. persons and foreigners, between communications inside and outside the U.S., and between wired and wireless communications. Wired communications within the U.S. are protected, since intercepting them requires a warrant.




NSA warrantless surveillance controversy


In the most recent issue concerning warrantless wiretapping, earlier in 2007 a Foreign Intelligence Surveillance Act (FISA) court ruled that it increased restraints on the National Security Agency (NSA). The new court ruling requires the NSA to obtain a warrant when intercepting or eavesdropping on foreign-to-foreign intelligence if it passes through any U.S. networks. The Bush Administration in response to this passed a stopgap legislation very quickly through congress that only temporarily relieves the NSA of this prior ruling. Director of National Intelligence Mike McConnell said to Congress that the new ruling could potentially decrease the amount of useful information they collected on groups like al Qaeda by almost two thirds. He also stated that applying for a warrant can run up to 90 pages and can be time consuming and labor intensive.
Very active in this issue is The American Civil Liberties Union (ACLU). The ACLU has brought about many legal cases challenging the constitutionality of the bill, asserting that it violates Americans' right to free speech and privacy. They have filed lawsuits, motions, and complaints in over 27 states so far to oppose any legislation that encourages unchecked government surveillance. In response to the government arguments, Caroline Fredrickson, Director of the ACLU Washington Legislative Office has said of the bill: “Where will Congress go from here? More unfettered power for an administration that has no respect for the privacy of the citizenry that elected it?”
The stopgap that was hastily put in place by the former Bush Administration expired in February 2008. By then, Congress and FISA reached a compromise on the details of the bill. ACLU advocates pushed to require NSA to provide individual warrants when Americans are involved and on the other hand, U.S. intelligence agencies and the Administration wanted as few obstacles in their way of intercepting private information. Both sides have both shown the possibility for a compromise to accept a Bill that would require a FISA court to approve NSA’s procedures while intercepting foreign intelligence when it involves Americans.
However, a later addition to this bill, that was insisted on by then President Bush and Mike McConnell, granted retroactive immunity to telecommunications companies for any "intelligence activity involving communications" that was "designed to detect or prevent a terrorist attack" or attack preparations. The Bush Administration has acknowledged that intelligence agencies conducted warrantless eavesdropping on Americans with the help of Telecom companies such as Verizon, AT&T, and Qwest. All three of these Telecom companies faced multiple civil lawsuits related to their handling of phone records and the passing of this bill granted them immunity.
In favor of the bill, McConnell has said, such immunity was necessary to prevent the telecoms from being bankrupted and to encourage them to continue to cooperate with intelligence agencies. Bush said that he would veto any intelligence bill passed that did not include immunity. Liz Rose, spokeswoman for the Washington office of the ACLU, says the language of the bill is a "blank check" that would cover not only the warrantless wiretapping program the Bush administration has acknowledged, but any unconfirmed or previously unknown program. Sen. Russ Feingold, D-Wis., promised to lead a filibuster to block approval of retroactive immunity. "Retroactive immunity set the terrible precedent that breaking the law is permissible and companies need not worry about the privacy of their customers," Feingold said.


All about: Telephone recording laws

No comments: