According to a very detailed CNET article the FBI had internal communication about the DCAC’s budget as early as January 2008. Now this could be an indication that they were preparing a proposal for the new group, but as there have been additional budget requests it is more likely that the agency was established and has been working for three years to get up to speed.



One of the things to look for when something like this happens is for new legislation to be established during the timeline of the agency. According to an FBI post on Google + ( Interesting choice of social network) “The NDCAC will have the functionality to leverage the research and development efforts of federal, state, and local law enforcement with respect to electronic surveillance capabilities and facilitate the sharing of technology among law enforcement agencies.”



Now we know that the FBI has pushed for (and gotten) several key wiretapping laws. In 1994 the Communications Assistance for Law Enforcement Act was passed and it has received several updates to expand some of its coverage. They have asked for laws that would prevent individuals from encrypting their own data over an Internet Service Providers network unless they gave the ISP the keys first. The first target is VoIP communications which often have private keys that the provider does not maintain. They want services like Skype to change the way they operate so that they can decrypt any and all conversations for law enforcement use.



Fortunately so far the courts have ruled that encryption code is part of protected speech so you will still be able to get your hands on other encryption software to protect your communications. Now the interesting part of this situation was a statement made by the FBI’ General Counsel Valerie Caproni, “We're talking about lawfully authorized intercepts”. Which would seem to indicate that a warrant would still be required… at least it would until they manage to push CISPA through. At that point there is no requirement for a warrant, law enforcement (or any agency) could simply ask and get the information (yes the wording of that law is that loose).



Additionally the FBI wants built-in back doors into existing networks (ISP and VoIP services). When you add these things up (and the NSA’s recent admission that they have found a way to crack complex encryption much faster) along with a recent rumor that the NDCAC already has a DS3 connection to at least one major wireless provider it looks like they are building a central surveillance point that will allow them to monitor traffic at will. It is important to remember that the US government does not have jurisdiction over foreign communications. As such they cannot readily get them to comply with any of these laws or requirements. To get at that data they need the whole network under their observation. This way of the traffic passes through someone like AT&T’s hardware they can still get at it. Unfortunately it will mean that they will also have everyone else’s data and communications as well.



Again we are seeing another push for something that will only make people recoil from using the service or find another way of protecting their information. As we mentioned privately developed encryption software is available out there, much of it for free. You can encrypt almost any kind of VoIP or Messenger traffic with these applications so that the information is more difficult to read (not impossible though). We expect to see a rise in this area of the market as well as an increase in anonymizing services and technology. So in a way the move by the federal government to establish greater controls over the Internet will only drive innovation and help to strengthen a new area of the market. It will also help to educate people on the dangers of open communication and, believe it or not, Cloud Services. Remember Cloud Services provide not only a single point of attack, but also a single point for monitoring and if CISPA passes… well anything you store on those servers could be passed over to… well just about any other company of government agency.





Discuss this in our Forum