Cisco Systems has a more efficient way for police and intelligence agencies to snoop on you if your Internet service provider uses Cisco routers: let the ISP turn over any encrypted communications to police in descrambled form, if they use encryption to protect privacy and have access to the encryption keys, CNET News has reported.
"Cisco's decision to begin offering 'lawful interception' capability as an option to its customers could turn out to be either good or bad news for privacy," wrote CNET columnist Declan McCullagh, noted particularly for his attention to cyberprivacy issues. "Because Cisco's routers currently aren't designed to target an individual, it's easy for an Internet service provider (ISP) to comply with a police request today by turning over all the traffic that flows through a router or switch. Cisco's 'lawful interception' capability thus might help limit the amount of data that gets scooped up in the process."
But the argument that this "lawful interception" idea would hamper privacy, McCullagh continued, is that making wiretapping more efficient means Cisco allowing foreign governments - with less court oversight of government snooping - to snoop on a lot more communications than they might otherwise be able to do.
"I don't see why the technical community should hardwire surveillance standards and not also hardwire accountability standards like audit logs and public reporting," Electronic Privacy Information Center director Marc Rotenberg told McCullagh. "The laws that permit 'lawful interception' typically incorporate both components--the (interception) authority and the means of oversight--but the (Cisco) implementation seems to have only the surveillance component. That is no guarantee that the authority will be used in a 'lawful' manner."
But don't blame Cisco, McCullagh continued - they answered customer requests and if they don't, others will. And Cisco fellow Fred Baker admitted to McCullagh that the "lawful interception" concept doesn't entirely sit right with him. "I have some moral and ethical issues," Baker said, "but I think quite frankly that the place to argue this is in Congress and in the courtroom, not a service provider's machine room when he's staring down the barrel of a subpoena. There are two sides. One is that Cisco as a company needs to let its customers abide by the law. The other is the moral and ethical issues. There are two very separate questions."
McCullagh said you might consider blaming Attorney General John Ashcroft, for one. "(He) asked for and received sweeping surveillance powers in the USA Patriot Act, along with your elected representatives in Congress, who gave those powers to him with virtually no debate."
