An important report from the Dutch governmental judicial organization ‘WODC’ (Research and Documentation Centre) about wiretapping was published yesterday. For this report I wrote about ‘the possibilities and limitations of wiretapping internet communications' (.pdf (in Dutch)). In this blog post I will give a brief overview of my research findings. Some readers might be surprised that Internet communications can be legitimately wiretapped, but what might surprise even more is that this relatively new investigatory technique is rapidly getting less effective with regard to the interception of the contents of data sent over the Internet.
Workings of an internet wiretap
More and more people are communicating with each other by using the Internet. Not only are most telephones connected over the Internet, many people use alternative ways to communicate via the Internet. Think of modern services like Skype, Whatsapp, e-mail and the sending of private messages through chat programs and other services. It is important for investigative authorities to be able to wiretap the content of certain information or messages that is sent over the Internet during criminal investigations. The intercepted internet traffic can hold important (mostly indirect) evidence. Intercepting the content of this data is however more of a challenge than intercepting telephone conversations.
In practice, internet traffic data is usually intercepted at the Internet Service Provider, more specifically at the ‘access provider’. Access providers provide internet connections for their clients. All incoming and outgoing traffic of a certain IP address is intercepted and this can be analyzed and made visible by law enforcement authorities. This means that for example search terms in Google are visible to the investigative authorities and also chat conversations that are sent unencrypted over the Internet through programs (like MSN Messenger), or private messages send through certain apps (such as Whatsapp) or the communications through certain social media services (such as Hyves). The problem is that only unencrypted traffic can be made visible by law enforcement agencies.
Encryption and mobile devices
Lately, more and more online services began using certain encryption. Sometimes the use of encryption for internet services is an option for users (like with Facebook and Hotmail) and sometimes it is standard (when using Twitter or Gmail for instance). In this context, encryption scrambles data so that the content of the intercepted data from a certain IP address cannot be made visible by law enforcement. For example, it is suspected investigative authorities are unable to decrypt ‘telephone conversations’ that are send over Skype. Internet users can also make the conscious decision to use strong encryption in their communications, for example by using the e-mail program ‘Pretty Good Privacy’. In addition, the possibilities of wiretapping internet connections is undermined by mobile devices that connect to the Internet (using WiFi connections for example). Many people use different Internet connections in a single day and since wiretaps can only be placed at specific IP-addresses, it is often impossible to intercept all communications.
A solution would be to intercept traffic from internet communication service providers. However, it is unclear for many of these services if they fall under the broad definition of ‘public telecommunications service provider’ in our Telecommunications law. But even if they do, it’s often impossible to enforce our laws, because their main offices are situated in territories outside of the Netherlands. The Dutch government could take action and provide more clarity about which services fall under the definition of a ‘public telecommunications provider’ and force them to facilitate in wiretapping (at least with regard to services within the Dutch territories). An obligation to wiretap involves costs and privacy implications. Some internet communication services might not be able to comply with the obligation or it might create too much of a burden which impedes on innovation.
Not all is lost for law enforcement authorities however. Besides the availability of many other investigative powers to collect useful information about suspects and their internet communications, law enforcement can still deduce important data from so called ‘traffic data’ of wiretaps. This information shows for example at which time (and place to a certain extent) a suspect connects to computers. A wiretap might show a suspect using an anomization service or connecting to a service such as Gmail in the United States. This information may provide important leads for law enforcement.
In short, the effectiveness of internet wiretaps deteriorated over the last decade due the increased use of encryption and mobile internet. At the same time the necessity of wiretapping Internet communications increased, because many people started using different means of communication besides telephones. Before amendments are made to wiretapping laws in order to wiretap on more services, it must be considered whether those amendments are absolutely necessary and what consequences it might have for privacy en innovation.