| Register/Subscribe Home |
|
|
ONLINE FEATURES
Book Reviews
BW Video
Columnists
Interactive Gallery
Newsletters
Past Covers
Philanthropy
Podcasts
Special Reports
BLOGS
Auto Beat
Bangalore Tigers
Blogspotting
Brand New Day
Byte of the Apple
Economics Unbound
Eye on Asia
Fine On Media
Green Biz
Hot Property
Investing Insights
Management IQ
NEXT: Innovation
NussbaumOnDesign
Tech Beat
Working Parents
TECHNOLOGY
J.D. Power Ratings
Product Reviews
Tech Stats
Wildstrom: Tech Maven
AUTOS
Home Page
Auto Reviews
Classic Cars
Car Care & Safety
Hybrids
INNOVATION
& DESIGN Home Page Architecture Brand Equity Auto Design Game Room SMALLBIZ Smart Answers Success Stories Today's Tip INVESTING Investing: Europe Annual Reports BW 50 S&P Picks & Pans Stock Screeners Free S&P Stock Report SCOREBOARDS Hot Growth 100 Mutual Funds Info Tech 100 S&P 500 B-SCHOOLS Undergrad Programs MBA Blogs MBA Profiles MBA Rankings Who's Hiring Grads | |
NOVEMBER 7, 2001 SECURITY FOCUS Lawyer: Business As Usual Under Surveillance Law Privacy issues aside, the USA Patriot Act is mostly harmless to ISPs and phone companies, says a former NSA attorney
"It seems to me that despite a remarkable amount of discussion about how important this bill is, it's been over-hyped in people's minds as to what it actually does," said Stewart Baker, a partner at the D.C.-based law firm Steptoe and Johnson, speaking on a panel at Microsoft's Trusted Computing Forum. One of the new law's most controversial provisions allows law enforcement agents to secretly monitor Internet user's email 'From' and 'To' lines without a wiretap warrant, simply by certifying that the information would be useful to a criminal investigation. But don't look for a dramatic increase in deployment of the FBI's "Carnivore" Internet surveillance tool, Baker said, because the Bureau was performing such surveillance years before the bill passed, without Congress' explicit approval. "For the most part, law enforcement was already doing that, and businesses weren't challenging it, or had lost those challenges," said Baker. Other provisions in USA Patriot, which passed late last month over objections from privacy and civil liberties groups, might help businesses combat computer crime, by clarifying what they're able to share with law enforcement, said Baker. "If you have a computer hacker in your system, it used to be problematic as to whether you could bring in the government to watch over your shoulder while they hack your system," said Baker. USA Patriot explicitly allows ISPs, universities and network administrators to consent to government monitoring of computer trespassers. But that silver lining for business was little consolation to the privacy advocates on the panel. Alan Davidson from the Center for Democracy and Technology accused Congress of "gutting privacy protections" for Internet users, and tearing down the wall between law enforcement investigations and intelligence gathering. "Taken together, they are going to provide for far more surveillance on many more Americans than we've seen in the past," said Davidson. LIABILITY RISK. Baker said one provision of the new law may open up Internet service providers and telecommunications companies to lawsuits, if they provide information to law enforcement too freely. At issue is the "roving wiretap" provision of USA Patriot, which lets the FBI obtain court orders that apply to any telephone or Internet connection used by a suspect, regardless of who owns it. The risk to a telecommunications provider, says Baker, is that law enforcement agents could show up with a warrant that names one person, while seeking surveillance assistance against another. Law enforcement could claim that they're entitled to monitor the innocent customer's account because the suspect named in the warrant is borrowing it. But if the provider doesn't document that assertion, the customer might sue them later. "From a business point of view it's going to be essential that businesses insist on a paper trail from government," said Baker. No stranger to electronic surveillance issues, Baker served as general counsel of the super-secret National Security Agency (NSA) in the early nineties, acting as the agency's public face in its efforts to block widespread adoption of unbreakable cryptography. Today, Baker represents phone companies working to comply with a federal law that mandates their networks be wiretap friendly. Sounding much like a privacy advocate himself, Baker complained about the legal structure surrounding law enforcement surveillance in the U.S., which includes no requirement that innocent targets of government surveillance be notified that they were ever watched. "The only people who find out they've been a victim of questionable search are people we indict, and that's nutty," said Baker. With the war on terrorism underway, "there are a lot of innocent people who are going to have their information gathered. They should be given notice," Baker said. Microsoft's Trusted Computing Forum 2001 gathered 150 representatives from government, business, academic and advocacy groups to discuss security and privacy matters. The forum continues through Thursday.  By Kevin Poulsen Get BusinessWeek directly on your desktop with our RSS feeds.  Add BusinessWeek news to your Web site with our headline feed. Click to buy an e-print or reprint of a BusinessWeek or BusinessWeek Online story or video. To subscribe online to BusinessWeek magazine, please click here. Learn more, go to the BusinessWeekOnline home page  | | NOVEMBER |
 Copyright 2001 , by The McGraw-Hill Companies Inc. All rights reserved.Terms of Use | Privacy Policy |
Printer-Friendly Version
