Internet privacy not as private as some might think

Internet surfers can take extra precautions, such as installing a firewall, to increase safety.

JP Leider

In today’s world it’s a technical reality that Internet communication rarely is secure and not necessarily private.

Whether it’s caused by hackers, law enforcement agencies or the University, chances are the average student or staff member does not have absolute privacy online.

While users can do much to generally protect their private information – like ensuring their computer is protected with a firewall, carefully monitoring Internet URLs and being critical of the promise of millions of dollars from a Nigerian businessman – certain areas of Internet communication are beyond control, namely when using University-hosted e-mail and surfing the Internet over the University’s connection.

Steve Cawley, the University’s chief information officer and associate vice president, said although the University has the capability to track Internet traffic to a user, they do not.

The University highly values an individual’s privacy, Cawley said.

“It’s a fact with today’s technology, you can tap a communication line, including the Internet, but we don’t do it,” he said.

The University only releases identifying online information when required to do so under a subpoena from a judge, “just like ordering a telephone wiretap,” Cawley said.

Not only does the University have broad authority to monitor e-mail or Internet traffic at its discretion, it might be required to have the capability to do so under law.

In June, the District of Columbia appellate court upheld an interpretation of the Communications Assistance for Law Enforcement Act.

CALEA, passed in 1994, requires telecommunications companies and service providers to have the ability to efficiently intercept a person’s communication. Until recent years, the act generally manifested itself as wiretapping telephone calls.

However, last year the Federal Communications Commission extended CALEA to voice-over Internet protocol and broadband Internet providers.

Jim Dempsey, a policy director with the Center for Democracy and Technology who argued in the case against the Federal Communication Commission’s extension of CALEA, said its application to the Internet is unnecessary.

His organization argued against the extension, he said, because it’s “against the law passed by Congress, which specifically excluded the Internet” and because it would “likely harm innovation, security and privacy.”

Dempsey and others have filed a brief in the hopes of receiving a rehearing on the decision.

It is important to recognize that the Internet and Internet services are not immune from wiretapping even without CALEA, he said.

“Under the law, the government already has the legal power to intercept any type of communication,” he said. “The question posed by CALEA is whether technologies need to be designed to make government wiretapping easier.”

The decision in June to uphold the FCC’s extension leaves higher education in an awkward situation; it’s unclear whether provisions of CALEA apply to college networks.

According to Cawley, the University is still working toward an interpretation of how or if CALEA applies to the University’s network.

University General Counsel Mark Rotenberg said the University considers the protection of individual’s identity on the Internet to be a high priority.

Rotenberg said before possible adjustments to policy and practice can be discussed, the University must make the legal determination of whether it falls under CALEA.

“If and only if we make that determination, we’ll go to the next step and say what procedural and policy changes we need to make,” he said.

Media ethics and law professor Jane Kirtley said CALEA is “ancient history.”

“What has become much more pervasive is the Patriot Act and renewal of those provisions,” she said. “The issue is not so much monitoring per se as whether the government has the requirement to get a judge’s approval.”

The reality is that after the Patriot Act, Kirtley said, the government was given a lot more authority.

“The big battle that’s been going on for the last few months is whether the wiretapping and surveillance that’s been going on exceeds constitutional limits,” she said.

“What we’re seeing in this post-9/11 environment is that law enforcement agencies have been extremely aggressive in arguing the broadest interpretation of these laws from their perspective – and for the most part courts have upheld that.”

When online, Kirtley said, students and staff should assume their communication is probably not secret.

“The working assumption for most of us ought to be that our digital transactions are subject to monitoring,” she said.