CALEA is an 18-year-old wiretapping law that’s meant to give law enforcement access to communications. Of course, in 1994, most of us weren’t on the net yet, and Congress had just discovered that their secretaries were talking into the telegraph machines. Tapping was a simple affair. All the calls came into one centralized point: the telephone company. The FBI could present the telephone company with a warrant and listen in.
Calea mostly left the Internet alone, but then in 2004, the FBI requested it be expanded to cover services like VoIP and broadband. They got their wish. But of course, there’s a problem, and it’s not just when random FBI agents decide to ruin the careers of promiscuous generals who haven’t committed any crimes. With a service like VoIP and other Internet tools, there’s no central office to show up to, no one to install your taps. Insisting on making decentralized Internet software easy to wiretap means only one thing: installing backdoors in software—intentional security vulnerabilities that allow a remote attacker to get your data.
Here’s the funny thing about doors, back or otherwise. People go in them. Different kinds of people. Software can’t tell if you have a warrant or not. It can’t eye your badge suspiciously and call into an office. It can’t even tell if you’re a human or a piece of exploitation software fuzzing it. Because of this, making the Internet Calea-compliant is one giant insecurity measure. It is American law enforcement demanding the world not only give up a great deal of its potential privacy, but become inherently insecure. And forget about open source, where you could just find backdoors. After all, open source communication tools don’t make any sense to American law enforcement; their backdoors are supposed to be their nasty little secrets.