U.S. broadband and voice-over-IP (VoIP) providers on Monday hit a deadline to prove they could accommodate law-enforcement wiretaps. The Federal Communications Commission (FCC) in 2005 required broadband ISPs and VoIP carriers that connect to the public telephone network to comply with a wiretap access law. Under the Communications Assistance for Law Enforcement Act (CALEA), service providers have to prove they’re equipped for investigators to carry out the equivalent of a traditional wiretap.The broadband and VoIP providers had to send the FCC by March 12 a plan to comply with CALEA, and by Monday they had to either set up a system that allows monitoring or hire an outside company to make it possible. Those that don’t comply must make a good-faith effort to do so and may be referred for enforcement.Lawmakers have voiced concern, especially in the wake of the Sept. 11, 2001, terrorist attacks, about the potential for hidden communications among criminals over the Internet. The drive for surveillance is not limited to the United States and has raised concerns among privacy advocates, including the Electronic Frontier Foundation, which is suing AT&T over alleged participation in what EFF calls an illegal wiretapping program by the U.S. government. EFF also sued the government over the extension of CALEA, arguing it overstepped the law, but lost in appeals court last year. The rule has hit some smaller VoIP companies hard, according to IDC VoIP analyst Will Stofega. “The technical issues are for the most part solved, but getting people to comply and making sure everyone’s up and running is tough,” Stofega said. Vonage Holdings, the most prominent independent VoIP service provider, is testing its compliance system with the FBI, according to spokeswoman Brooke Schulz. The cost of compliance has also posed challenges for the country’s thousands of mostly small wireless ISPs, according to Michael Anderson, chairman of Part-15.org, a national WISP group. But all want to comply and the government has been flexible, he said. Having the government approve Internet infrastructure is bad news for innovation, said Lee Tien, a senior staff attorney at EFF.“If the Internet 15 years ago had been subject to CALEA, it probably wouldn’t have gotten off the ground,” Tien said.—Stephen Lawson, IDG News Service (San Francisco Bureau) Related content news Arm patches bugs in Mali GPUs that affect Android phones and Chromebooks The vulnerability with active exploitations allows local non-privileged users to access freed-up memory for staging new attacks. By Shweta Sharma Oct 03, 2023 3 mins Android Security Android Security Mobile Security news UK businesses face tightening cybersecurity budgets as incidents spike More than a quarter of UK organisations think their cybersecurity budget is inadequate to protect them from growing threats. By Michael Hill Oct 03, 2023 3 mins CSO and CISO Risk Management news Cybersecurity experts raise concerns over EU Cyber Resilience Act’s vulnerability disclosure requirements Open letter claims current provisions will create new threats that undermine the security of digital products and individuals. By Michael Hill Oct 03, 2023 4 mins Regulation Compliance Vulnerabilities feature The value of threat intelligence — and challenges CISOs face in using it effectively Knowing the who, what, when, and how of bad actors and their methods is a boon to security, but experts say many teams are not always using such intel to their best advantage. By Mary K. Pratt Oct 03, 2023 10 mins CSO and CISO Advanced Persistent Threats Threat and Vulnerability Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe