BN.com Gift Guide

Privacy on the Line: The Politics of Wiretapping and Encryption / Edition 2

Paperback (Print)
Used and New from Other Sellers
Used and New from Other Sellers
from $1.99
Usually ships in 1-2 business days
(Save 87%)
Other sellers (Paperback)
  • All (12) from $1.99   
  • New (6) from $8.98   
  • Used (6) from $1.99   

Overview

Telecommunication has never been perfectly secure. The Cold War culture of recording devices in telephone receivers and bugged embassy offices has been succeeded by a post-9/11 world of NSA wiretaps and demands for data retention.

Although the 1990s battle for individual and commercial freedom to use cryptography was won, growth in the use of cryptography has been slow. Meanwhile, regulations requiring that the computer and communication industries build spying into their systems for government convenience have increased rapidly. The application of the 1994 Communications Assistance for Law Enforcement Act has expanded beyond the intent of Congress to apply to voice over Internet Protocol (VoIP) and other modern data services; attempts are being made to require ISPs to retain their data for years in case the government wants it; and data mining techniques developed for commercial marketing applications are being applied to widespread surveillance of the population.

In Privacy on the Line,Whitfield Diffie and Susan Landau strip away the hype surrounding the policy debate over privacy to examine the national security, law enforcement, commercial, and civil liberties issues. They discuss the social function of privacy, how it underlies a democratic society, and what happens when it is lost. This updated and expanded edition revises their original — and prescient — discussions of both policy and technology in light of recent controversies over NSA spying and other government threats to communications privacy.

Read More Show Less

Editorial Reviews

From the Publisher
"[A] wise, meticulously researched guide..." London Review ofBooks

"Should be required reading for any computing student at any level." Harold ThimblebyNew Scientist

"The book details numerous privacy issues, from personal privacy to national security.... A welcome surprise is that the book often reads like a Tom Clancy novel, interwoven as it is with episodes of domestic and international intrigue... A timely and important book." BenRothke Security Management

Law and Politics Review - Lawrence Rothstein
A well-researched and fascinating study.
London Review of Books
[A] wise, meticulously researched guide...
Security Management - G. Ernest Govea
An incredibly comprehensive insight into the world of encryption and wiretaps, its political machinations, legal aspects, technologies, vulnerabilities,costs, limitations, and near-ubiquity.
The American Prospect - Aziz Huq
Diffie and Landau deserve a large audience. Their lucid exposition adds valuable context to debates that for too long have been abstract.
New Scientist - Harold Thimbleby
Should be required reading for any computing student at any level.
Security Management - Ben Rothke
The book details numerous privacy issues, from personal privacy to national security.... A welcome surprise is that the book often reads like a Tom Clancy novel, interwoven as it is with episodes of domestic and international intrigue.... A timely and important book.
The Sciences - Laurence A. Marschall
A compact and intelligible guide to both the technical and the political issues.
Choice

A superb and timely introduction to a subject of enormous importance for scholars and citizens alike.

Choice
A superb and timely introduction to a subject of enormous importance for scholars and citizens alike.
Publishers Weekly - Publisher's Weekly
Comsec, sigint, NSA, NIST, DES, Clipper chip, key escrowsuch technobabble related to intelligence-gathering can baffle the uninitiated. This authoritative treatise helps unveil some of the mystery and puts contemporary freedom, privacy and security issues in perspective. After explaining basic concepts of cryptography, the authors cover the history of 20th-century intelligence gathering, then recount the long, discouraging saga of the U.S. government's invasions of its citizens' privacy. In World War II, census data were used illegally to round up Japanese Americans. In the 1950s and '60s, the CIA read private mail, and in the 1970s, it monitored research requests in public libraries. The electronic spying of our security agencies is not even a law-enforcement bargainwiretapping is costly and produces arguably modest results. Issues of the 1990s include the 1992 Digital Telephone Proposal, the legal vicissitudes of "Pretty Good Privacy," and the government's attempts to require key escrow (storage of keys so that the government can crack coded messages). As in earlier times, we still see competition between the various security bureaucracies. Diffie is a distinguished engineer at Sun Microsystems and the inventor of public-key cryptography (software that encodes a document with one key and deciphers it with another); Landau is a research associate professor in the department of computer science at the University of Massachusetts, Amherst. Together, they bring formidable expertise to bear on complex topics. (Feb.)
Library Journal
Respected cryptographer Diffie and noted computer scientist Landau here examine a range of telecommunication issues ranging from individual privacy to national security. They begin with a chapter on the basics of cryptography, a system of writing messages in secured form using codes and ciphers and then move on to discuss issues of public policy, law enforcement, and civil liberties as they relate to modern communications systems. Following an enlightening discussion on wiretapping practices that describes how messages are intercepted and how agencies use the information they intercept, Diffie and Landau show why intelligence and law-enforcement agencies view cryptography in communications as a threat to their existence. They analyze the sociology of privacy, how it forms the underpinnings of a democratic society, and what happens when it is lost. The authors conclude by arguing that if we are to retain privacy in communicating with each other, we must build the means of protecting that privacy into our present communication systems. A call to arms for removing restrictions to such secure communications systems, this is an important and timely work for most libraries.Joe J. Accardi, Northeastern Illinois Univ. Lib., Chicago
Kenneth W. Dam
A remarkable blend of technical expertise, historical analysis, and provocative policy argument. This is an indispensable book for anyone hoping to get to the bottom of the disputes over cryptography, computer security, privacy, and wiretapping that currently divide the law enforcement, civil liberties, and high tech communities. -- Kenneth W. Dam, University of Chicago
Lawrence E. Rothstein
The wealth of information provided, both in the text and the notes, on the regulations, laws and jurisprudence dealing with encryption, wiretapping and privacy make this an important reference book....I found many enlightening anecdotes and behind-the-scenes references with which I was not familiar....Overall this is a well-researched and fascinating study.
The Law and Politics Book Review
Read More Show Less

Product Details

  • ISBN-13: 9780262514002
  • Publisher: MIT Press
  • Publication date: 4/15/2010
  • Edition description: updated and expanded edition
  • Edition number: 2
  • Pages: 496
  • Sales rank: 1,210,824
  • Product dimensions: 6.00 (w) x 8.90 (h) x 1.30 (d)

Meet the Author

Whitfield Diffie, the inventor of public-key cryptography, is Visiting Professor at Royal Holloway College at the Universityof London.

Susan Landau is a privacy analyst at Google. She was previously a Distinguished Engineer at Sun Microsystems, and has been a faculty member at the University of Massachusetts at Amherst and at Wesleyan University. Landau has been a Guggenheim fellow, a fellow at the Radcliffe Institute for Advanced Study, and is a fellow of the American Association for the advancement of Science and the Association for Computing Machinery.

Read More Show Less

Read an Excerpt


Chapter One

Introduction

In the early nineteenth century it took six weeks for the British government to send a message from London to its representative in Delhi. In the late nineteenth century, the telegraph cut this time--first to days, then to hours. Today, on the eve of the twenty-first century, the time has been cut to a fraction of a second and the service is available not just to the government but to most of the citizens. In a century and a half, we have gone from a world in which people separated by distance could communicate only through the slow process of sending letters to one in which they can communicate quickly, directly, and interactively--almost as though they were standing face to face.

    The result is that we now conduct more and more of our communications, whether personal, business, or civic, via electronic channels. The availability of telecommunication has transformed government, giving administrators real-time access to their employees and representatives in remote parts of the world. It has transformed commerce, facilitating worldwide enterprises and beginning the internationalization of business that is the byword of the present decade. It has transformed warfare, giving generals the ability to operate from the safety of rear areas and admirals the capacity to control fleets scattered across oceans. It has transformed personal relationships, allowing friends and family to converse daily even though they live thousands of miles apart.

    These developments in technology have also had a profound impact on privacy. To attempt to function in modern society without employing telecommunication is to be eccentric. Most people use the telephone daily, and many make equally frequent use of fax machines and electronic mail. These communications are by their essential nature interceptable. A typical telephone call travels over many miles of wire, of which only a few feet are under the control of the people talking. For most of its journey the signal is in the hands of one or more telephone companies, who will give it a reasonable degree of protection, but who can readily listen to it or record it and will from time to time do so. Many a call travels by radio for some part of its journey. The radio link may be at an end, in the form of a cordless, or cellular telephone, or it may be in the middle, in the form of a microwave link or a satellite hop. In either case, the call's vulnerability to interception is increased, and many people, using many kinds of radio equipment, will have the ability to listen in.

    The vulnerability of long-distance communication is nothing new; remote communication has always been subject to interception. Couriers have been waylaid, seals have been broken, and letters have been read. But before the electronic era conversing in complete privacy required neither special equipment nor advanced planning. Walking a short distance away from other people and looking around to be sure that no one was hiding nearby was sufficient. Before tape recorders, parabolic microphones, and laser interferometers, it was not possible to intercept a conversation held out of sight and earshot of other people. No matter how much George III might have wanted to learn the contents of Hancock's private conversations with Adams, he had no hope of doing so unless he could induce one or the other to defect to the Crown.

    Achieving comparable assurance of privacy in today's world--a world in which many of the most personal and sensitive conversations are carried on by people thousands of miles apart--requires both advanced planning and complex equipment. Most important, privacy in long-distance communication is not something the conversants can achieve on their own. A secure telephone is a complicated device combining a voice digitizer, cryptography, and a modem. Building one is as much beyond the abilities of most potential users as building a television set is beyond the abilities of most viewers. In general, secure communication facilities are complex and require numerous people, many of whom must be trusted, for their construction and maintenance.

    The vulnerability of telephone calls is the vulnerability of something that did not exist before the late 1800s. Unfortunately, holding a conversation face to face is not the guarantee of privacy it once was. The same electronic technologies that have made telecommunication possible have also given us a wide range of listening devices that make finding a private place to talk difficult indeed. Technology has changed the rules for the old game as well as for the new.

    Telecommunication and to a lesser extent face-to-face communication suffer from another vulnerability that did not exist when the United States was founded: the possibility that one party to a conversation is recording it without the consent of the others. Before the development of sound recording, even one of the parties to a conversation had limited ability to reveal what had been said. Notes, an outline, or even a transcript would typically be only one person's word against another's. Audio recordings and video tapes have changed the standards of evidence and opened the way for the repetition--sometimes to a very broad audience--of remarks that the utterer did not expect to be repeated.

    The result is that privacy of conversation is no longer, as it was 200 years ago, a fact of life. It is now something over which society has a large and ever-increasing measure of control--a privilege that governments can grant or deny rather than a rule of nature over which they have no influence.

    Society's response to these developments has been both to exploit them for various ends and to regulate them. It has tried to replace the fact of inviolably private communications with a "right to communicate privately." In the process, however, society has stopped short of creating an absolute right comparable to the reality of a former day. Society has placed controls on the use of technology to violate privacy by either the government or the citizens, but has also allowed it under many circumstances. Police employ wiretapping in criminal investigations, and intelligence agencies intercept foreign, and occasionally domestic, communications on a grand scale. Both regard their activities as a natural prerogative of the state, necessary for an orderly society. Many who are not spies or police have a different perception of electronic surveillance. They see wiretapping not as a tool for law and order but as an instrument of the police state.

    The ill ease that many people (including a number who were members of Congress at the time the federal wiretapping law was passed) feel when contemplating police use of wiretaps is rooted in awareness of the abuses to which wiretapping can be put. Unlike a search, the fact of whose occurrence is usually obvious, a wiretap is intrusive precisely because its invisibility to its victim undermines accountability. Totalitarian regimes have given us abundant evidence that the use of wiretaps and even the fear of their use can stifle free speech. Nor is the political use of electronic surveillance a particularly remote problem--the Watergate scandal is only the most recent example in contemporary American history for its use by the party in power in its attempts to stay in power.

    The fundamental similarity between the government's power to intercept communications and its ability to search physical premises has long been recognized. The Fourth Amendment to the US Constitution takes this ability for granted and places controls on the government's power of search. Similar controls have subsequently been placed by law on the use of wiretaps. There is, however, no suggestion in the Fourth Amendment to the US Constitution of a guarantee that government searchers will find what they seek. Just as people have always been free to protect the things they consider private by hiding them or storing them with friends, they have been free to protect their conversations from being overheard.

    Today, a new development in communication technology promises--or threatens, depending on your point of view--to restore some of the privacy lost to earlier technical advances. This development is electronic cryptography, a collection of practical and inexpensive techniques for encoding communications so that they can be understood only by their intended recipients. Technology rarely exists in a vacuum, however. The rise of cryptography has been accompanied, and often driven, by a host of other phenomena.

    Ease of communication, electronic as well as physical, has ushered in an era of international markets and multinational corporations. Today's business is characterized by an unprecedented freedom of movement for both people and goods. More than one-fourth of the gross national product of the United States, for example, comes from either foreign trade or return on foreign investment (Dam and Lin 1996, p. 28). When foreign sales rival or exceed domestic ones, corporations open new divisions in proximity to markets, materials, or labor.

    Security of electronic communication is as essential in this environment as security of transportation and storage have been to businesses throughout history. The communication system must ensure that orders for goods and services are genuine, guarantee that payments are credited to the proper accounts, and protect the privacy of business plans and personal information. These needs are all the more pressing today because, as governments have come to view the economic battlefield as an extension of the military one, industry has become a direct target of foreign espionage (Dam and Lin 1996, p. 33; Schweizer 1993, pp. 15-20; Williams 1992).

    The rising importance of intellectual property has expanded the role of electronic communications in business. The communication systems with which we have been familiar all our lives--the telephone and the mail on one hand, ships, trains, trucks, and airplanes on the other--serve quite different sorts of business needs. The business function of the former has lain primarily in negotiation of commercial transactions, that of the latter in delivery of goods and services. Today these distinctions are blurring. A larger and larger fraction of our commerce is commerce in information, so delivery of goods and services by electronic media is becoming more and more common. To support this delivery, the media themselves are becoming more unified. These phenomena are commonly referred to as the development of a "Global Information Infrastructure."

    Both the negotiation and the delivery aspects of commercial communications have long required security. In the pre-electronic world, the validity of letters was established by seals, letterheads, and signatures; that of negotiators was established by personal recognition or letters of reference. Goods were typically protected by less subtle mechanisms. In past centuries, merchant ships carried cannon, and port cities were fortified. Today, warehouses are locked, airports are guarded, and roads are patrolled.

    The growth of an information economy merges the channels used for business negotiation with those used to deliver goods and services. Much of what is now bought and sold is information, such as computer programs and surveys of consumers' buying habits. The security of information has become an end in itself rather than just a means for ensuring the security of people and property.

    In parallel with the growth of a commerce in information, there is a development that makes security harder to achieve: the rising demand for mobility in communication. Traveling executives sit down at workstations they have never seen before and expect the same environment that is on the desks in their offices. They carry cellular telephones and communicate constantly by radio. They haul out laptop computers and dial their home computers from locations around the globe. With each such action they expose their information to threats of eavesdropping and falsification barely known a decade ago. It is the lack of security for these increasingly common activities that we encounter when we hear that most cellular telephone calls in major metropolitan areas are overheard or even recorded by eavesdroppers with scanners, that a new virus is destroying data on the disks of personal computers, or that industrial spies have broken into a database half a world away.

    The growing awareness of security, particularly in regard to Internet communications, has given rise to an explosion in the market for cryptography and in the development of products to satisfy that market. Software examples include Lotus Notes, the Netscape browser, and the seamless encryption interface in the popular Eudora email program. Hardware encryption is used in satellite TV decoders, in automatic teller machines, in point-of-sale terminals, and in smart cards. One researcher estimates that the commercial market for cryptography--still in its infancy--has already outstripped the military market.

    Cryptography's good fortune has not been to everybody's liking. Its detractors see its potential use by criminals, terrorists, and unfriendly foreign countries as outweighing its benefits to commerce and privacy. Two groups in particular have emerged in opposition to the easy availability of strong cryptography: the national-security community and the law-enforcement community.

    The Allies' ability to understand German and Japanese communications, even when they were encoded with the enemies' best cryptographic systems, is widely seen as having been crucial to the course of World War II. Since that time, the practice of communications intelligence has grown steadily. Today it accounts for one of the largest slices of the US intelligence budget.

    The availability of wiretaps--legal or otherwise--for more than a lifetime has given us generations of police who cannot imagine a world without them. Confronted with even the suggestion of losing this tool, they respond in the same way one would expect of a modern doctor faced with the prospect of returning to a world without x-rays, blood panels, and the numerous other diagnostic tests that characterize modern medicine.

    The US government's response has been a series of programs designed to maintain its eavesdropping capabilities. The centerpiece of these efforts, initially called key escrow and recently reincarnated as key recovery, is a scheme that provides the users of cryptographic equipment with protection against most intruders but guarantees that the government is always in possession of a set of "spare keys" with which it can read the communications if it wishes. The effect is very much like that of the little keyhole in the back of the combination locks used on the lockers of schoolchildren. The children open the locks with the combinations, which is supposed to keep the other children out, but the teachers can always look in the lockers by using the key.

    The first of these "spare keys" was the--Clipper program, which made the term Clipper virtually synonymous with key escrow. The program was made public on Friday, April 16, 1993, on the front page of the New York Times and in press releases from the White House and other organizations. The proposal was to adopt a new federal standard for protecting communications. It called for the use of a cryptographic system embodying a "back door" that would allow the government to decrypt messages for law-enforcement and national-security purposes. Subsequently adopted over virtually unanimous opposition, the "Escrowed Encryption Standard" has not proved popular; most of the equipment implementing it has been bought by the government in an unsuccessful attempt to seed the market.

    Business objected to the Clipper scheme on every possible ground. First of all, its workings were secret. This meant that the algorithm had to be implemented in tamper-resistant hardware, which was unappealing not only to the software industry but also to hardware manufacturers. Because of the secrecy and the tamper resistance, the Clipper chip's functions could not readily be integrated into other chips. And the scheme entailed the cost of adding a chip to each product--typically several times the cost of the chip itself.

    Perhaps most important was the fact that Clipper's back door was accessible to the US government and only to the US government. This made it unlikely that Clipper products would appeal to foreign customers and undercut one of its major selling points. The Clipper chip, unlike most cryptographic equipment, was supposed to be exportable.

    The White House saw the objections, which came from almost every quarter, as falling into two classes: those concerned with privacy and civil liberties and those concerned with business. In subsequent proposals, it has attempted to address the business objections while flatly rejecting the civil-liberties position and maintaining the view that the government has the right not only to intercept citizens' communications but also to ensure that it will be able to understand the intercepted material. In all these proposals the executive branch has attempted to use export controls--the only significant controls it has over cryptography under current law--to pressure industry to accommodate its desires.

    The explosion in cryptography and the US government's attempts to control it have given rise to a debate between those who hail the new technology's contribution to privacy, business, and security and those who fear both its interference with the work of police and its adverse effect on the collection of intelligence. Positions have often been extreme. The advocates of unfettered cryptography maintain that a free society depends on privacy to protect freedom of association, artistic creativity, and political discussion. The advocates of control hold that there will be no freedom at all unless we can protect ourselves from criminals, terrorists, and foreign threats. Many have tried to present themselves as seeking to maintain or restore the status quo. For the police, the status quo is the continued ability to wiretap. For civil libertarians, it is the ready availability of conversational privacy that prevailed at the time of the country's founding. The fact that if cryptography has the potential to interfere with police investigations it also has the potential to prevent crimes and thus make society more secure has often been overlooked.

    Had telecommunication merely given us a new option, the fact that the new medium lacked privacy would be at most regrettable--similar, perhaps, to the fact that telecommunication cannot provide physical contact, either friendly or hostile. The problem arises from the fact that telecommunication has transformed society. It has made possible long-distance relationships between people who rarely or never meet in person. Without secure telecommunication, these people are effectively denied the possibility of private conversation.

    The issues are not cut and dried, and no amount of calling a tail a leg will make telecommunication equivalent to face-to-face communication. Any attempt to force such an equivalence and establish an absolute right of private conversation is doomed to failure. The interceptability of communications is as much a fact of life in the electronic era as the inviolability of private conversation was in the pre-electronic. On the other hand, if we deny the fact that telecommunication, whatever its new properties, is rooted in face-to-face conversation and shares much of its social function, we will doom ourselves to a world in which truly private conversation is a rarity--a perquisite belonging exclusively to the well-traveled rich.

    Ultimately, to make good policy we must consider the sort of world in which we want to live and what effects our actions will, indeed can, have in bringing about such a world. Such consideration depends on awareness of many factors, including the technology of cryptography and electronic surveillance, the aims and practices of intelligence and law enforcement, and the history of society's attempts to deal with similar problems over more than a century.

Read More Show Less

Table of Contents

Preface
Acknowledgements
1 Introduction 1
2 Cryptography 11
3 Cryptography and Public Policy 49
4 National Security 77
5 Law Enforcement 109
6 Privacy: Protections and Threats 125
7 Wiretapping 151
8 Communications: The Current Scene 183
9 Cryptography: The Current Scene 205
10 Conclusion 225
Notes 247
Bibliography 287
Index 319
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)