Cisco is building cop spyware into its new routers, due to customer (government) demand. This interview with Cisco Fellow Fred Baker is scary as hell.
Q: Do you have any moral problems with helping to make surveillance technology more efficient?
A: I have some moral and ethical issues, but I think quite frankly that the place to argue this is in Congress and in the courtroom, not a service provider’s machine room when he’s staring down the barrel of a subpoena.
There are two sides. One is that Cisco as a company needs to let its customers abide by the law. The other is the moral and ethical issues. There are two very separate questions.
Q. The current draft does not include an audit trail. Could you do that by having your equipment digitally sign a file that says who’s been intercepted and for how long? That could be turned over to a judge. It could indicate whether the cops were or weren’t staying within the bounds of the law.
I’m not entirely sure that the machine we’re looking at could make that assurance… In fact, the way lawful interception works, a warrant comes out saying, “We want to look at a person.” That’s the way it works in Europe, the United States, Australia and in other western countries. The quest then becomes figuring out which equipment a person is reasonably likely to use, and it becomes law enforcement’s responsibility to discard any information that’s irrelevant to the warrant. That kind of a thing would probably be maintained on the mediation device…
Q. A few years ago (in RFC 2804) the IETF rejected the idea of building eavesdropping capability into Internet protocols. The FBI supported the idea, but the IETF said, no way. You were chair of the IETF at the time. How do you reconcile your proposal with the decision made then?
A. I thought that what the IETF decided to do was actually the right thing to decide. What it said is that the IETF would not modify protocols that were designed for some other purpose in order to support lawful interception.
(via Dan Gillmor)