[House Hearing, 108 Congress]
[From the U.S. Government Publishing Office]



   LAW ENFORCEMENT ACCESS TO COMMUNICATION SYSTEMS IN THE DIGITAL AGE

=======================================================================

                                HEARING

                               before the

          SUBCOMMITTEE ON TELECOMMUNICATIONS AND THE INTERNET

                                 of the

                    COMMITTEE ON ENERGY AND COMMERCE
                        HOUSE OF REPRESENTATIVES

                      ONE HUNDRED EIGHTH CONGRESS

                             SECOND SESSION

                               __________

                           SEPTEMBER 8, 2004

                               __________

                           Serial No. 108-115

                               __________

       Printed for the use of the Committee on Energy and Commerce


 Available via the World Wide Web: http://www.access.gpo.gov/congress/
                                 house

                               __________

                    U.S. GOVERNMENT PRINTING OFFICE
96-092                      WASHINGTON : 2004
____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512ï¿½091800  
Fax: (202) 512ï¿½092250 Mail: Stop SSOP, Washington, DC 20402ï¿½090001

                    ------------------------------  

                    COMMITTEE ON ENERGY AND COMMERCE

                      JOE BARTON, Texas, Chairman

W.J. ``BILLY'' TAUZIN, Louisiana     JOHN D. DINGELL, Michigan
RALPH M. HALL, Texas                   Ranking Member
MICHAEL BILIRAKIS, Florida           HENRY A. WAXMAN, California
FRED UPTON, Michigan                 EDWARD J. MARKEY, Massachusetts
CLIFF STEARNS, Florida               RICK BOUCHER, Virginia
PAUL E. GILLMOR, Ohio                EDOLPHUS TOWNS, New York
JAMES C. GREENWOOD, Pennsylvania     FRANK PALLONE, Jr., New Jersey
CHRISTOPHER COX, California          SHERROD BROWN, Ohio
NATHAN DEAL, Georgia                 BART GORDON, Tennessee
RICHARD BURR, North Carolina         PETER DEUTSCH, Florida
ED WHITFIELD, Kentucky               BOBBY L. RUSH, Illinois
CHARLIE NORWOOD, Georgia             ANNA G. ESHOO, California
BARBARA CUBIN, Wyoming               BART STUPAK, Michigan
JOHN SHIMKUS, Illinois               ELIOT L. ENGEL, New York
HEATHER WILSON, New Mexico           ALBERT R. WYNN, Maryland
JOHN B. SHADEGG, Arizona             GENE GREEN, Texas
CHARLES W. ``CHIP'' PICKERING,       KAREN McCARTHY, Missouri
Mississippi, Vice Chairman           TED STRICKLAND, Ohio
VITO FOSSELLA, New York              DIANA DeGETTE, Colorado
STEVE BUYER, Indiana                 LOIS CAPPS, California
GEORGE RADANOVICH, California        MICHAEL F. DOYLE, Pennsylvania
CHARLES F. BASS, New Hampshire       CHRISTOPHER JOHN, Louisiana
JOSEPH R. PITTS, Pennsylvania        TOM ALLEN, Maine
MARY BONO, California                JIM DAVIS, Florida
GREG WALDEN, Oregon                  JANICE D. SCHAKOWSKY, Illinois
LEE TERRY, Nebraska                  HILDA L. SOLIS, California
MIKE FERGUSON, New Jersey            CHARLES A. GONZALEZ, Texas
MIKE ROGERS, Michigan
DARRELL E. ISSA, California
C.L. ``BUTCH'' OTTER, Idaho
JOHN SULLIVAN, Oklahoma

                      Bud Albright, Staff Director

                   James D. Barnette, General Counsel

      Reid P.F. Stuntz, Minority Staff Director and Chief Counsel

                                 ______

          Subcommittee on Telecommunications and the Internet

                     FRED UPTON, Michigan, Chairman

MICHAEL BILIRAKIS, Florida           EDWARD J. MARKEY, Massachusetts
CLIFF STEARNS, Florida                 Ranking Member
  Vice Chairman                      ALBERT R. WYNN, Maryland
PAUL E. GILLMOR, Ohio                KAREN McCARTHY, Missouri
CHRISTOPHER COX, California          MICHAEL F. DOYLE, Pennsylvania
NATHAN DEAL, Georgia                 JIM DAVIS, Florida
ED WHITFIELD, Kentucky               CHARLES A. GONZALEZ, Texas
BARBARA CUBIN, Wyoming               RICK BOUCHER, Virginia
JOHN SHIMKUS, Illinois               EDOLPHUS TOWNS, New York
HEATHER WILSON, New Mexico           BART GORDON, Tennessee
CHARLES W. ``CHIP'' PICKERING,       PETER DEUTSCH, Florida
Mississippi                          BOBBY L. RUSH, Illinois
VITO FOSSELLA, New York              ANNA G. ESHOO, California
STEVE BUYER, Indiana                 BART STUPAK, Michigan
CHARLES F. BASS, New Hampshire       ELIOT L. ENGEL, New York
MARY BONO, California                JOHN D. DINGELL, Michigan,
GREG WALDEN, Oregon                    (Ex Officio)
LEE TERRY, Nebraska
JOE BARTON, Texas,
  (Ex Officio)

                                  (ii)




                            C O N T E N T S

                               __________
                                                                   Page

Testimony of:
    Baker, Stewart A., Steptoe & Johnson.........................    27
    Dempsey, James X., Executive Director, Center for Democracy 
      and Technology.............................................    37
    Green, Richard R., President and Chief Executive Officer, 
      Cable Television Laboratories, Inc.........................    31
    Knapp, Julius P., Deputy Chief, Office of Engineering and 
      Technology, Federal Communications Commission..............    21
    Parsky, Laura H., Deputy Assistant Attorney General, Criminal 
      Division, U.S. Department of Justice.......................     4
    Thomas, Marcus C., Deputy Assistant Director, Federal Bureau 
      of Investigation...........................................    15

                                 (iii)

  

 
   LAW ENFORCEMENT ACCESS TO COMMUNICATION SYSTEMS IN THE DIGITAL AGE

                              ----------                              


                      WEDNESDAY, SEPTEMBER 8, 2004

              House of Representatives,    
              Committee on Energy and Commerce,    
                     Subcommittee on Telecommunications    
                                          and the Internet,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, at 10 a.m., in 
room 2322, Rayburn House Office Building, Hon. Fred Upton 
(chairman) presiding.
    Members present: Representatives Upton, Stearns, Cox, 
Shimkus, Pickering, Buyer, Walden, Terry, Barton (ex officio), 
Wynn, McCarthy, Rush, and Stupak.
    Staff present: Howard Waltzman, majority counsel; Will 
Norwind, majority policy coordinator; William Carty, 
legislative clerk; and Peter Filon, minority counsel.
    Mr. Upton. Good morning. We have a lot of hearings today, 
and a number of our colleagues are allegedly on the way, and I 
will just make a motion for unanimous consent that all members' 
statements on the subcommittee will be put into the record in 
their entirety, if by some chance they do not get here by the 
time our opening statements are concluded.
    Today's hearing is entitled ``Law Enforcement Access to 
Communication Systems in a Digital Age.'' I want to put today's 
hearing into context.
    In order to realize their full potential, I believe that 
broadband and VoIP services should be free from unwarranted 
economic regulation. However, there are other types of 
regulation which promote important policy objectives. For 
example, today we will be examining law enforcement access to 
communication systems, which is facilitated through CALEA.
    More specifically, we will examine whether and how such 
access should be provided in the digital age. Unfortunately 
when it comes to telecommunications technology, many terrorists 
are not as primitive as their evil and demented world view.
    In fact, law enforcement raises the specter of terrorists 
exploiting perceived technological gaps with respect to certain 
services for which telecommunications carriers are unable to 
provide or are unable to provide in a usable form the content 
of communications or related information as required by a court 
order.
    According to law enforcement, certain services will become 
the preferred means of communications for terrorists precisely 
because of such perceived technological gaps in the ability of 
law enforcement to get access.
    In our post 9/11 world, we ignore this specter at our own 
peril. That is why we must insure that law enforcement has 
adequate access to digital communications like broadband and 
VoIP.
    Having said that, we must work carefully with 
telecommunications carriers and manufacturers to insure that 
the technological standards for providing such access are 
driven by industry which is in a better position than the 
government to find workable ways to build the proverbial 
mousetrap without stifling innovation in this relatively 
nascent and dynamic marketplace.
    While there may be an inherent and understandable tension 
between law enforcement and industry, this has to be a 
partnership if we are to put our best foot forward in the name 
of Homeland Security.
    I look forward to hearing from today's witnesses, and I 
want to thank them in advance for their testimony which we 
received last night.
    And I will recognize for an opening statement my colleague 
from Oregon, Mr. Walden.
    Mr. Walden. Thank you, Mr. Chairman, for holding this 
hearing. I am going to waive an opening statement in lieu of 
time for questions.
    Mr. Upton. Mr. Buyer.
    Mr. Buyer. Reserve my time.
    Mr. Upton. Mr. Shimkus.
    Mr. Shimkus. The same.
    Mr. Upton. Okay. Well, that is terrific.
    [Additional statements submitted for the record follow:]

    Prepared Statement of Hon. Paul E. Gillmor, a Representative in 
                    Congress from the State of Ohio

    Thank you Mr. Chairman, for yet another opportunity to lay the 
groundwork for addressing the insurgence of new technologies under 
current telecommunications rules.
    Today, where we will learn more about the critical needs of law 
enforcement agencies to easily access information from emerging 
technologies such as Voice over Internet Protocol (VoIP) and broadband 
services for crime-fighting purposes, we must also keep in mind the 
importance of further developing these new modes communication in order 
to continue to create more competition and meet customers' demands.
    I welcome the well-balanced panel of witnesses and again, look 
forward to hearing about how our panel can contribute to striking this 
delicate balance, one of protecting our homeland and spurring 
technological innovation.
    Again, I thank the Chairman and yield back the remainder of my 
time.
                                 ______
                                 
Prepared Statement of Statement of Hon. Barbara Cubin, a Representative 
                 in Congress from the State of Wyoming

    Thank you, Mr. Chairman.
    Just a few years ago Voice over Internet Protocol (VoIP) seemed to 
be a technology for a future telecommunications generation. But it's 
here now, and is making us all wrestle with where VoIP fits in the 
framework of our communications infrastructure. On one hand, it 
provides the promise of true competition that promises to benefit 
consumers across America. On the other, it calls into question a host 
of legacy regulations that make up the telecom landscape today.
    Part of the VoIP debate is where social obligation regulations fit 
into the picture. One that is of particular concern, and is important 
to the safety of our homeland, is the Communications Assistance for Law 
Enforcement Act (CALEA). This act gives our law enforcement 
organizations tools they need to catch the bad guys. It used to be that 
these bad guys were just your garden variety criminals. Now they are 
terrorists who work to plot their next attack on America with whispered 
voices in shadowy places around the world--and here at home.
    That's why it is important to me that we not allow a means of 
communication that would skirt the law, and invite terrorists to 
communicate with impunity. I am interested to hear from our witnesses 
on this matter and to determine the proper role for this Committee and 
this Congress regarding VoIP and CALEA.
    Thank you again, Mr. Chairman for opening this dialog and look 
forward to hearing from our witnesses. I yield back the balance of my 
time.
                                 ______
                                 
 Prepared Statement of Hon. Joe Barton, Chairman, Committee on Energy 
                              and Commerce

    Mr. Chairman, thank you for calling this hearing today. As this 
committee examines the rules that should apply to broadband services 
and networks, it is critical that we understand the implications of any 
changes in the rules for law enforcement access to communications 
systems.
    There are three primary goals we need to keep in mind in 
approaching this issue. First, we must not permit broadband or VoIP 
services to become the communications-medium-of-choice for terrorists 
because of the absence of electronic surveillance capabilities for law 
enforcement. Second, however, we must not stifle new technologies by 
burdening them with unachievable rules. And, third, we must protect 
consumer privacy. While lawfully executed court orders must enable law 
enforcement to have access to certain call content and call-identifying 
information, this must not lead to a wanton invasion of consumer 
privacy.
    I believe that these three goals are achievable and do not have to 
be mutually exclusive. And I believe that the FCC has started down a 
path that will enable us to achieve these goals.
    Lawfully conducted electronic surveillance is a critical component 
of effective law enforcement. New, broadband technologies have 
tremendous promise for our society. We need to make sure that these 
technologies are used for the benefit of society and are not used by 
terrorists to evade detection.
    Mr. Chairman, thank you for holding this hearing. I look forward to 
the testimony of our witnesses.

                                 ______
                                 
    Prepared Statement of Hon. John D. Dingell, a Representative in 
                  Congress from the State of Michigan

    Mr. Chairman, thank you for holding this hearing today on the 
Communications Assistance for Law Enforcement Act, known as CALEA. 
CALEA is a critical tool for law enforcement agencies in maintaining 
the access communications of terrorists, drug traffickers, organized 
crime syndicates, and other criminals. CALEA is vital to our nation's 
security.
    Although CALEA was written ten years ago in a mostly analog world, 
Congress understood that new digital communications technologies were 
on the horizon. Accordingly, CALEA was written with sufficient 
flexibility to preserve the government's ability to access many 
communications among users of advanced digital networks.
    Both the world and technology have changed significantly since 
1994. The spread of terrorism has in many respects made the world a 
much more dangerous place. Moreover, new technologies have spread--new 
digital broadband networks have come on line and new digital 
applications, such as Voice over Internet Protocol telephone service, 
are riding over these networks.
    While providing tremendous opportunities for consumers, these 
technologies may unintentionally provide terrorists, drug traffickers, 
and other criminals new ways to evade detection by law enforcement. Not 
only are criminals adept at exploiting new technologies for illegal 
purposes, but the uncertainty surrounding CALEA's application to new 
technologies is only exacerbating the situation. In fact, it has gotten 
to the point where Deputy Assistant Attorney General John G. Malcolm 
was quoted earlier this year in a New York Times article as saying that 
he was ``aware of instances in which law enforcement authorities have 
not been able to execute intercept orders because of this 
uncertainty.'' It is imperative that the Bush Administration and the 
Federal Communications Commission (FCC) fully implement CALEA.
    Under CALEA, law enforcement agencies have the authority to gain 
access to communications information being transmitted by 
telecommunications carriers, the definition of which is much broader 
than the definition of such carriers in the Communications Act. 
Moreover, CALEA provides the Commission authority to bring within the 
scope of CALEA new services that act as a replacement for a substantial 
portion of local exchange service. The CALEA statute is clear.
    Last month the FCC finally issued a notice of proposed rulemaking 
that made several tentative conclusions, including that both 
facilities-based providers of broadband service and ``managed'' VoIP 
services are subject to CALEA. I would note, however, that it has been 
ten years since CALEA became law and three years since terrorists 
attacked the World Trade Center and Pentagon. Lives are at stake. Why 
has it taken the Commission so long to act on such an important issue?
    Similarly, since September 11th, neither the Commission nor the 
Bush Administration has developed a comprehensive nationwide plan to 
ensure the reliability, redundancy and interoperability for 
communications systems, especially those of public safety.
    Despite the delay in issuing its proposed rule, I am pleased that 
the Commission has been mindful of Congress' three underlying goals in 
CALEA: First, that government maintains the ability to intercept 
communications involving new technologies; second, that the privacy of 
individuals is protected; and third, that unnecessary burdens on the 
development of new technologies and services are avoided. In this 
dangerous new world, it is important that undue delays also be avoided 
in the implementation of CALEA so that the government maintains the 
ability to protect its people from those who seek to do them harm.

    Mr. Upton. We are joined by a very distinguished panel. We 
are actually going to be starting with Ms. Laura Parsky, Deputy 
Assistant Attorney General for Criminal Division, U.S. 
Department of Justice; followed by Mr. Marcus Thomas, Deputy 
Assistant Director of the Federal Bureau of Investigation; Mr. 
Julius Knapp, Deputy Chief of the Office of Engineering and 
Technology, FCC; Mr. Stewart Baker, Steptoe & Johnson; Dr. 
Richard Green, President and Chief Executive Officer of Cable 
Television Labs; and Mr. James Dempsey, Executive Director of 
the Center for Democracy and Technology.
    Ladies and gentlemen, your testimony will be made part of 
the record in its entirety. We would like you to summarize it 
if you can in the time of about 5 minutes on the clock.
    We will start with you, Ms. Parsky. Thank you for being 
with us today.

   STATEMENTS OF LAURA H. PARSKY, DEPUTY ASSISTANT ATTORNEY 
GENERAL, CRIMINAL DIVISION, U.S. DEPARTMENT OF JUSTICE; MARCUS 
    C. THOMAS, DEPUTY ASSISTANT DIRECTOR, FEDERAL BUREAU OF 
    INVESTIGATION; JULIUS P. KNAPP, DEPUTY CHIEF, OFFICE OF 
ENGINEERING AND TECHNOLOGY, FEDERAL COMMUNICATIONS COMMISSION; 
    STEWART A. BAKER, STEPTOE & JOHNSON; RICHARD R. GREEN, 
    PRESIDENT AND CHIEF EXECUTIVE OFFICER, CABLE TELEVISION 
 LABORATORIES, INC.; AND JAMES X. DEMPSEY, EXECUTIVE DIRECTOR, 
              CENTER FOR DEMOCRACY AND TECHNOLOGY

    Ms. Parsky. Good morning Chairman Upton and members of the 
subcommittee. I appreciate the opportunity to speak with you 
today as you are considering the appropriate regulatory 
framework for new communications technologies. These advanced 
technologies, including high-speed broadband Internet access 
and telephone service that uses Voice over Internet Protocol, 
or VoIP, promise to contribute to increased American 
productivity and to offer consumers the convenience of 
reasonably priced, high-quality service.
    One report indicates that a majority of U.S. households now 
use some means of high-speed Internet access. In addition, 
Internet telephony is attracting more and more customers every 
day.
    The administration fully supports the rapid and widespread 
deployment of such new services. We also welcome and applaud 
your efforts and the efforts of others in Congress as you 
carefully debate the proper regulatory environment for them. To 
automatically apply old-fashioned and likely outdated 
principles to a new way of doing business is sure to hamper the 
development of these promising and potent technologies.
    However, in devising new principles for governing these new 
technologies, we must preserve those safeguards that are 
critical to our national security and public safety.
    The core issue here is responsibility: responsible 
government and responsible citizenship. By reevaluating 
traditional regulation of communications systems, the 
government is acting responsibly. Likewise, those who develop 
and provide such communications services must also assume 
responsibility.
    The Communications Assistance for Law Enforcement Act, 
CALEA, was drafted 10 years ago when Congress could not have 
anticipated the details of today's communications revolution. 
However, Congress did have the foresight to predict that such a 
communications revolution would take place.
    CALEA requires that, as new technologies are developed, 
providers act responsibly by engineering their systems in a way 
that allows law enforcement to execute court-ordered electronic 
surveillance. As communications technology has progressed, some 
carriers have never questioned their legal obligations under 
CALEA or their corporate obligations to act responsibly where 
public safety and national security are at risk. For each and 
every carrier in this category, we recognize and applaud their 
leadership and responsibility.
    Unfortunately, however, there are also some carriers who 
have deployed their technologies without regard to law 
enforcement's ability to execute court-ordered electronic 
surveillance and without regard to their corporate 
responsibility where public safety and national security are at 
risk.
    Because of the existence of carriers in this latter 
category, we have been forced to petition the Federal 
Communications Commission to affirm the legal obligations of 
carriers to comply with CALEA, and for the Federal 
Communications Commission to meet noncompliance with robust 
enforcement actions.
    CALEA's obligations are even more important today than they 
were when the statute was enacted 10 years ago. While many 
carriers act responsibly and in the public interest without the 
need for compulsory process, there will always be some 
businesses that will choose to operate without regard to such 
concerns. Because savvy criminals and terrorists seek out those 
businesses, we must take steps to eliminate the vulnerability 
in our national security and public safety created by those 
businesses.
    CALEA and the robust enforcement of CALEA will help 
accomplish this critical goal. It is important to recognize 
that CALEA itself does not authorize any electronic 
surveillance. When enacting CALEA, Congress recognized that law 
enforcement has had the authority to conduct wire taps pursuant 
to a court order since 1968.
    Well prior to CALEA, the authority extended to intercepts 
of voice, data, fax, E-mail and any other form of electronic 
communications, and Congress expressly stated that CALEA would 
not expand that authority.
    What CALEA does is to help ensure that as new 
communications technologies are developed, carriers using those 
technologies are capable of isolating and providing to the 
government, in real time, communications and related 
information as required by court orders. Electronic 
surveillance itself is a law enforcement tool of last resort 
and, to use it, Federal and State governments must meet 
numerous constitutional, statutory, and regulatory 
requirements.
    Electronic surveillance is, however, usually critical to 
those investigations where it is used successfully. Such 
wiretaps are used to identify participants in organized crime 
and obtain evidence about their specific criminal activities, 
to identify participants in major drug offenses and seize 
significant quantities of contraband drugs and currency, to 
solve or prevent murder and other violent crimes attendant to 
organized crime and drug trafficking, to solve or prevent 
crimes involving the sexual exploitation of children, and, 
increasingly, to solve or prevent terrorist offenses.
    In a recent child sexual exploitation investigation in 
Oklahoma, for example, investigators obtained judicial 
authorization to intercept all wire communications of a pimp 
who traveled interstate in order to sell children for sexual 
activity. The pimp was recorded talking about grooming children 
to become prostitutes, physically beating his victims into 
compliance, and marketing the children as prostitutes in 
numerous States.
    Further, the electronic surveillance helped identify a 
national child prostitution network and generated 
investigations in other States. To date, the U.S. Attorney's 
Office in Oklahoma City has federally charged nine defendants 
for sexually exploiting children and more indictments are 
pending. Significant State charges have also been filed against 
ten perpetrators of these horrible crimes. Already three 
children, one from Las Vegas, one from New Mexico, and one from 
Oklahoma, have been rescued by law enforcement thanks to the 
electronic surveillance.
    Moreover, probably thousands of physical and sexual 
assaults upon children have been prevented as a result of these 
prosecutions that were dependent on electronic surveillance.
    Electronic surveillance is also critical to the 
Department's highest priority, fighting the war on terrorism. 
The cell structure and worldwide scope of modern terrorist 
groups makes surveillance essential to uncovering these lethal 
networks before they strike us in ever more devastating ways.
    In one recent terrorism investigation, three defendants 
were charged with providing material support to terrorists as 
well as solicitation of terrorist crimes of violence, including 
kidnapping and murder. Literally all of the evidence against 
these three defendants consists of audio recordings and fax 
transmissions obtained through wiretaps and listening devices.
    As critical as electronic surveillance is to the 
investigation of many serious crimes, it is becoming 
technologically more difficult to carry out wiretap orders and, 
for some State and local authorities, sometimes impossible to 
do so. There have been occasions where, because of 
technological gaps with respect to certain services, 
telecommunications carriers were unable to provide, or were 
unable to provide in usable form, the content of communications 
or related information as required by court orders.
    Moreover, criminals and terrorists certainly do not want to 
be caught. They know that electronic surveillance is an 
extremely effective law enforcement tool, and they are known to 
use particular technologies that they suspect law enforcement 
will have difficulty intercepting.
    CALEA's provisions thus are critical to ensuring public 
safety and national security. CALEA applies to all 
telecommunications carriers, a term that is specifically 
defined in the CALEA statute and that is distinct from, and 
more expansive than, the term ``telecommunications carrier'' 
used in the Communications Act of 1934.
    [Pause in proceedings.]
    Mr. Upton. Is your sound back now?
    The Reporter. Yes, it is.
    Mr. Upton. Okay. Go ahead.
    Ms. Parsky. CALEA requires telecommunications carriers to 
be able to execute court-ordered wiretaps by isolating and 
providing to the government, in real time, the pertinent 
communications.
    Carriers also must have the ability to isolate and provide 
reasonably available call-identifying information, such as 
numbers dialed, that is the subject of a pen register or other 
court order.
    CALEA does not allow the government to dictate the design 
of telecommunications systems, but it does require 
manufacturers and providers to consult and plan, so that new 
services that they deploy are CALEA compliant. This approach is 
appropriate, because any amount of time that a terrorist or 
other dangerous criminal can use a communications service 
without a capability for court-ordered interception is too 
long.
    Furthermore, it is important to make clear that CALEA 
itself actually provides critical protection of privacy rights. 
The argument that full implementation of CALEA will threaten 
individual privacy rights is simply misguided. CALEA strikes a 
delicate balance among three sometimes competing goals:
    One, to preserve a narrowly focused capability for law 
enforcement agencies to carry out properly authorized 
intercepts; two, to protect privacy in the face of increasingly 
powerful and personally revealing technologies; and three, to 
avoid impeding the development of new communications services 
and technologies.
    As the House of Representatives explained in the report, 
``the bill further protects privacy by requiring the systems of 
telecommunications carriers to protect communications not 
authorized to be intercepted.''
    CALEA addresses privacy concerns in two ways. First, it 
requires that providers be able to separate out the 
communications involving the equipment, facilities, or services 
of the particular subscriber whose communications law 
enforcement has an order to intercept. This provision promotes 
both efficiency and privacy.
    Second, CALEA requires that a service provider be able to 
separate out call-identifying information from the content of 
communications. This protects the call content from law 
enforcement access where law enforcement only has legal grounds 
to obtain the call-identifying information. A carrier's 
compliance with CALEA when implementing a court-ordered wiretap 
or a pen register order thus protects individuals' privacy 
rights.
    As I have mentioned, the Department of Justice has 
petitioned the FCC to issue a rulemaking with respect to the 
application of CALEA to advanced communications technologies, 
such as broadband Internet access and certain forms of 
broadband telephony.
    It is important to make clear that through this petition to 
the FCC, the Department is not asking for expansion of CALEA; 
that is something only Congress is empowered to do.
    Rather, we have asked the Commission, pursuant to its 
mandate, to interpret and implement CALEA in light of emerging 
telecommunications technologies and an apparent confusion among 
some service providers and sectors of the telecommunications 
industry concerning their CALEA obligations.
    Mr. Upton. Ms. Parsky, the clock is not working at the 
desk, but you have exceeded your time by a considerable amount. 
I just wonder if you could just summarize, and I will be a 
little more careful with the clock.
    Ms. Parsky. Certainly. My apologies.
    Mr. Upton. All right.
    Ms. Parsky. Last month the FCC unanimously issued a Notice 
of Proposed Rulemaking and Declaratory Ruling concerning the 
issues raised in our petition. Although this is a lengthy 
document and very complex, we are in the process of fully 
evaluating it and we will be submitting our formal comments to 
the FCC soon.
    And finally, I would just like to thank you for this 
opportunity to speak about an issue that is very important to 
the Department of Justice and important to our efforts to 
protect national security and public safety.
    [The prepared statement of Laura H. Parsky follows:]

   Prepared Statement of Laura H. Parsky, Deputy Assistant Attorney 
         General, Criminal Division, U.S. Department of Justice

                            I. INTRODUCTION

    Good morning, Chairman Upton, Ranking member Markey, and Members of 
the Subcommittee. The Department of Justice appreciates the opportunity 
to address you today on this important subject. As we all are aware, 
the ``Digital Age'' in which we now live is offering and will continue 
to offer tremendous opportunities in telecommunications for both 
consumers and businesses. The use of high-speed Internet access 
services is growing rapidly in the United States. In fact, at least one 
recent report indicates that, for the first time, more U.S. households 
now connect to the Internet through cable, DSL, and other means of 
broadband access than through traditional dial-up service. Also, more 
and more traditional telephone companies, cable companies, and others 
are offering some means of broadband telephony using Voice over 
Internet Protocol (VoIP), attracting more and more consumers every day. 
It is widely believed that such services will essentially replace 
traditional telephone service in the United States in the not-so-
distant future.
    The Administration fully supports the rapid and widespread 
deployment of these communications technologies, understanding that 
they promise to contribute to increased American productivity and to 
offer the convenience of reasonably-priced, high-quality service with a 
variety of useful new features for consumers. Moreover, we welcome and 
applaud your efforts and the efforts of others in Congress as you 
carefully debate the proper regulatory environment for new 
communications technologies. We recognize that we are rapidly expanding 
into a new and promising world of communications. To automatically 
apply old-fashioned and likely outdated principles to a new way of 
doing business is sure to hamper the development of these promising and 
potent technologies. However, in devising new principles for governing 
new technologies, we must preserve those safeguards that are critical 
to our national security and public safety.
    The core issue here is responsibility--responsible government and 
responsible citizenship. By re-evaluating traditional regulation of 
communications systems, the government is acting responsibly. Likewise, 
those who develop and provide such communications services must also 
assume responsibility. The Communications Assistance for Law 
Enforcement Act (CALEA), 47 U.S.C. 1001, et. seq., was drafted ten 
years ago when Congress could not have anticipated the details of 
today's communications revolution. However, Congress did have the 
foresight to predict that such a communications revolution would take 
place. CALEA requires that, as new technologies are developed, 
providers act responsibly by engineering their systems in a way that 
allows law enforcement to execute court-ordered electronic 
surveillance.
    As communications technology has progressed, some carriers have 
never questioned their legal obligations under CALEA or their corporate 
obligations to act responsibly where public safety and national 
security are at risk. For each and every carrier in this category, we 
recognize and applaud their leadership and responsibility. 
Unfortunately, however, there are also some carriers who have deployed 
their technologies without regard to law enforcement's ability to 
execute court-ordered electronic surveillance and without regard to 
their corporate responsibility where public safety and national 
security are at risk. Because of the existence of carriers in this 
latter category, we have been forced to petition the Federal 
Communications Commission (FCC) to affirm the legal obligations of 
carriers to comply with CALEA and to meet non-compliance with robust 
enforcement actions.
    CALEA's obligations are even more important today than they were 
when the statute was enacted ten years ago. While many carriers act 
responsibly and in the public interest without the need for compulsory 
process, there will always be some businesses that will choose to 
operate without regard to such concerns. Because savvy criminals and 
terrorists seek out those businesses, we must take steps to eliminate 
the vulnerability in our national security and public safety created by 
those businesses. CALEA and the robust enforcement of CALEA will help 
accomplish this critical goal.

   II. CALEA IS CRITICAL TO ENSURING THAT FEDERAL, STATE, AND LOCAL 
  AUTHORITIES CAN CARRY OUT THE COURT-ORDERED ELECTRONIC SURVEILLANCE 
 THAT IS ESSENTIAL TO THWARTING THE ACTIVITIES OF TERRORISTS AND OTHER 
                         SIGNIFICANT CRIMINALS.

    CALEA applies to all telecommunications carriers, a term that is 
specifically defined in the CALEA statute and that is distinct from and 
more expansive than the term ``telecommunications carrier'' used in the 
Communications Act of 1934, 47 U.S.C. 151 et seq. CALEA requires 
telecommunications carriers to be able to execute court-ordered 
wiretaps by isolating and providing to the government, in real-time, 
the pertinent communications. Carriers also must have the ability to 
isolate and provide reasonably available call-identifying information, 
such as numbers dialed, that is the subject of a pen register or other 
court order. New systems and services thus should be developed and 
deployed, not in a vacuum, but with recognition of law enforcement's 
legitimate electronic surveillance needs.
    CALEA itself does not authorize wiretaps or pen registers. That 
authority and the requirements for obtaining the relevant court orders 
are set forth in other statutes. What CALEA does is to help ensure 
that, as new telecommunications technologies are developed, carriers 
using those technologies are capable of isolating and providing to the 
government communications and related information as required by court 
orders.
    When enacting CALEA in 1994, Congress ``concluded that there is 
sufficient evidence justifying legislative action that new and emerging 
telecommunications technologies pose problems for law enforcement.'' 
H.R. Rep. No. 103-827, at. 14. At that time, Congress was especially 
cognizant of intercept problems associated with the burgeoning wireless 
industry and the development of custom calling features. Congress, 
however, anticipated that future technologies would pose similar 
problems and thus stated that the purpose of the statute ``is to 
preserve the government's ability, pursuant to court order or other 
lawful authorization, to intercept communications involving advanced 
technologies . . . or features and services . . . while protecting the 
privacy of communications and without impeding the introduction of new 
technologies, features and services.'' Id. at 13.

    III. ELECTRONIC SURVEILLANCE IS A CRITICAL LAW ENFORCEMENT TOOL.

    It is, of course, no secret that today's criminals use ordinary 
telephones, cellular telephones, pagers, and the Internet, among other 
communications devices, in order to coordinate their illicit 
activities. In investigating terrorism, espionage, and other serious 
crimes, electronic surveillance is not only one of the most effective 
tools government has, but often it is the only effective tool. Often 
criminal organizers and kingpins keep their distance from the criminal 
conduct they direct through the use of modern communication tools.
    There can be no doubt that electronic surveillance takes dangerous 
criminals off the streets by providing evidence that law enforcement 
could not have obtained any other way. In fact, one of the requirements 
for obtaining a federal wiretap order is demonstrating that normal 
investigative techniques have been or are likely to be inadequate or 
are too dangerous. Last year alone, 3,674 people were arrested based on 
evidence obtained through federal and state law enforcement wiretaps. 
Over the past ten years, over 54,000 people have been arrested based on 
wiretap evidence. That is as many as 54,000 criminals that might have 
escaped justice had it not been technologically possible to carry out 
court-ordered electronic surveillance.
    For instance, in a 2002 investigation into members of the Lucchese 
crime family in New York, wiretaps on cellular telephones and pagers 
were instrumental in identifying and obtaining convictions of 
approximately 35 defendants, including three members of the Bonanno 
crime family. The types of crimes discussed over the wiretapped phones 
included witness tampering, cocaine distribution, extortion and 
violence in aid of racketeering, loansharking, and illegal gambling.
    In a recent investigation of a marijuana distribution network 
operating in New York, an intercepted call over a wiretapped phone 
alerted police to a robbery and double homicide which had just occurred 
in the Bronx. That valuable evidence allowed authorities to arrest 
three individuals within hours of the homicides. Investigators later 
established that several individuals had attempted to rob the targeted 
marijuana sellers. During the attempted robbery, two individuals were 
killed by gunshot wounds and a third was shot in the chest and 
survived. The wiretap evidence helped police piece together the events 
that had occurred and also helped establish narcotics trafficking 
charges against additional defendants.
    Electronic surveillance is also critical to identifying and 
ultimately dismantling organized criminal networks, including major 
national and international drug cartels. Last year, a wiretap in 
Georgia led to seizures of tons of illegal drugs and millions of 
dollars. Another wiretap investigation led to over one hundred arrests 
in the United States and abroad and numerous U.S. prosecutions, as law 
enforcement dismantled an international drug distribution ring 
responsible for bringing large quantities of heroin and cocaine into 
the United States from Colombia. Electronic surveillance has allowed us 
to take cocaine, heroin, methamphetamine, and many other dangerous 
drugs off our streets and away from our children.
    While electronic surveillance remains vital to investigating 
scourges such as organized crime and drug trafficking, against which we 
continue to fight, it is even more important to the Department's 
highest priority--fighting the war on terrorism. The cell structure and 
worldwide scope of modern terrorist groups make electronic surveillance 
essential to uncovering these lethal networks before they strike us in 
ever more devastating ways. In one recent terrorism investigation, 
three defendants were charged with providing material support to 
terrorists as well as solicitation of terrorist crimes of violence, 
including kidnapping and murder. Virtually all of the evidence against 
these three defendants consists of audio recordings and fax 
transmissions obtained through wiretaps and listening devices.
    Electronic surveillance consistently helps authorities prevent 
crimes and save lives. In a recent child sexual exploitation 
investigation in Oklahoma, investigators obtained judicial 
authorization to intercept all wire communications of a pimp who 
traveled interstate in order to sell children for sexual activity. The 
pimp was recorded talking about grooming children to become 
prostitutes, physically beating his victims into compliance, and 
marketing the children as prostitutes in numerous states. Further, the 
electronic surveillance helped identify a national child prostitution 
network and generated investigations in other states. To date, the 
United States Attorney's Office in Oklahoma City has federally charged 
nine defendants for sexually exploiting children, and more indictments 
are pending. Significant state charges have also been filed against ten 
perpetrators of these horrible crimes. Already, three children (one 
from Las Vegas, one from New Mexico, and one from Oklahoma) have been 
rescued by law enforcement thanks to the electronic surveillance. 
Moreover, probably thousands of physical and sexual assaults upon 
children have been prevented as a result of these prosecutions that 
were dependent upon electronic surveillance.
    In a narcotics-related wiretap investigation in the New Orleans 
area, the target of the investigation discussed arrangements for a 
heroin transaction with traffickers from New York. In subsequent 
intercepted conversations, the target told his narcotics associate that 
he intended to kill the New York suppliers after they delivered the 
heroin. Based upon this information, law enforcement quickly arrested 
the New York suppliers and thwarted their intended murder. The New 
Orleans target was then arrested, pleaded guilty, and was ultimately 
sentenced to life in prison.
    In another case, wiretaps used to investigate a violent Russian 
brigade helped to develop evidence of the organization's involvement in 
armed robberies, extortion, and arson, among other crimes. Calls 
intercepted during the investigation uncovered plans for a violent 
kidnapping-for-ransom scheme. The wiretap evidence allowed law 
enforcement to quickly make the arrests necessary to prevent the 
kidnapping.

IV. IN THE ABSENCE OF COMPLIANCE WITH CALEA, TECHNOLOGICAL CONSTRAINTS 
CAN PREVENT OR HINDER WIRETAPS, ALLOWING CRIMINALS TO EXPLOIT PERCEIVED 
               TECHNOLOGICAL GAPS TO AVOID INTERCEPTION.

    As critical as electronic surveillance is to the investigation of 
many serious crimes, it is becoming technologically more difficult to 
carry out wiretap orders and, for some state and local authorities, 
sometimes impossible to do so. There have been occasions where, because 
of technological gaps with respect to certain services, 
telecommunications carriers were unable to provide, or were unable to 
provide in usable form, the content of communications or related 
information as required by court orders.
    Simply put, the equipment needed to carry out an intercept order or 
pen register has become more sophisticated as telecommunications 
technology has advanced. Today's digitized communications are provided 
by many different companies who use many different protocols and 
transmit communications over many different wires and cables and over a 
myriad of frequencies through the air-- even during a single call. 
CALEA therefore requires that telecommunications carriers and their 
equipment vendors work together in designing new technology so that 
court-ordered interception is technologically possible.
    CALEA's provisions are critical to ensuring public safety and 
national security. Criminals know that electronic surveillance is an 
extremely effective law enforcement tool, and they have always gone to 
great lengths to avoid it. Their tactics have included the use of 
numerous communication devices in order to isolate the damage done if a 
particular device is compromised and, most relevant to CALEA, the quick 
migration to particular technologies that they suspect law enforcement 
will have difficulty intercepting. Criminals and terrorists certainly 
do not want to be caught, and they are quick to take advantage of any 
perceived gap in our ability to detect and disrupt their criminal 
activities.

    V. THE FCC IS CAREFULLY CONSIDERING THE APPLICATION OF CALEA TO 
               ADVANCED TELECOMMUNICATIONS TECHNOLOGIES.

    In the face of the real and growing threat to public safety and 
national security posed by the misuse of VoIP and other new 
telecommunications technologies, the Department of Justice has 
petitioned the FCC to issue a rulemaking with respect to the 
application of CALEA to advanced communications technologies such as 
broadband Internet access and certain forms of broadband telephony. 
This subcommittee hearing comes in the midst of the FCC's consideration 
of the Department's petition and the resulting, vibrant discourse 
involving the Department, other law enforcement entities, industry, and 
special interest groups.
    In our petition for expedited rulemaking, filed last March, we 
requested that the Commission rule that CALEA applies to broadband 
internet access services and certain forms of broadband telephony 
services; reaffirm that the push-to-talk services now offered by many 
cellular telephone companies are subject to CALEA; identify the packet-
mode services covered by a CALEA implementation Order issued in 1999 
and establish compliance deadlines with respect to that Order; adopt 
rules for expeditiously determining whether a new technology is subject 
to CALEA and for establishing compliance deadlines and administrative 
enforcement procedures for non-compliance; and resolve cost recovery 
issues.
    It is important to make clear that through this petition to the 
FCC, the Department is not asking for expansion of CALEA; that is 
something only Congress is empowered to do. Rather, we have asked the 
Commission, pursuant to its mandate, to interpret and implement CALEA 
in light of emerging telecommunications technologies and an apparent 
confusion among some service providers and sectors of the 
telecommunications industry concerning their CALEA obligations.
    In crafting CALEA, Congress wisely did not limit its scope to one 
particular technology, service, or suite of features, but rather set in 
place a structure that anticipated and provided for a vast array of 
technological advances. As the then Director of the FBI testified in 
support of the legislation, CALEA was
        intended to stand the test of time . . . . It is specifically 
        designed to deal intelligently and comprehensively with current 
        and emerging telecommunications technologies and to preclude 
        the need for much more restrictive and more costly legislation 
        in five or ten years when court-authorized interceptions would 
        no longer be possible due to further technology advances.
Hearing on Police Access to Advanced Communications Systems Before the 
Senate Subcommittee on Technology and the Law of the Committee on the 
Judiciary and the House Subcommittee on Civil and Constitutional Rights 
of the Committee on the Judiciary (statement of Louis J. Freeh, 
Director of the Federal Bureau of Investigation). Thus, Congress has 
already recognized the importance of ensuring that, as advanced 
communications technologies develop, industry develops the technical 
means to implement court orders.
    In response to the Department's petition, dozens of state and local 
law enforcement entities and associations filed comments with the FCC 
emphasizing the critical need to preserve CALEA. State and local 
entities conduct annually almost three-fifths of all wiretaps in the 
United States. As articulately expressed by the National Association of 
District Attorneys:
        For over a decade we have been pleading for the tools and the 
        laws we need to protect the people in our communities. We will 
        never know whether we could have prevented the tragic 
        consequences of September 11th had we had the investigative 
        tools we have been asking for since 1992. We only know that we 
        will need every advantage to prevent such a tragedy from ever 
        occurring again.
Comments of the National Association of District Attorneys, In the 
Matter of Joint Petition for Rulemaking to Resolve Various Outstanding 
Issues Concerning the Implementation of the Communications Assistance 
for Law Enforcement Act, FCC 04-187, at 2.
    Moreover, many of the responsible members of the communications 
industry have agreed with law enforcement, through comments filed in 
other related proceedings, that carriers play an important role in 
protecting public safety and national security. One industry 
association put it simply: ``American citizens should be assured that 
communications companies are providing appropriate help to law 
enforcement.'' Comments of the United States Telecommunications 
Association, In the Matter of IP-Enabled Services: Notice of Proposed 
Rulemaking, FCC 04-28, at 36-37.

VI. IN ITS RECENT NPRM, THE FCC HAS RECOGNIZED THE IMPORTANCE OF CALEA 
           IN THE CONTEXT OF EMERGING ADVANCED TECHNOLOGIES.

    Last month, after receiving extensive comments on the Department's 
petition, the FCC unanimously issued a Notice of Proposed Rulemaking 
and Declaratory Ruling concerning a wide variety of CALEA issues 
(``CALEA NPRM''). The CALEA NPRM states unequivocally that ``it is the 
Commission's primary policy goal to ensure that [law enforcement 
agencies] have all of the resources that CALEA authorizes to combat 
crime and support Homeland Security,'' and it recognizes the need to 
balance that interest with the competing privacy and technology 
development interests. CALEA NPRM at  4. While the Department is still 
analyzing this lengthy issuance and will soon provide formal comments 
to the FCC, a few things are important to highlight. The CALEA NPRM 
tentatively concludes that CALEA applies to such services as 
facilities-based broadband Internet services and managed VoIP telephone 
services, seeking comment on the FCC's legal reasoning to support such 
conclusions. In addition, the Commission issued a declaratory ruling 
that wireless push-to-talk services are subject to CALEA. Although the 
Commission did not agree with the Department on every point raised in 
our petition, we are pleased with the seriousness with which the 
Commission is approaching these critical issues.
    Further, in the CALEA NPRM, the FCC recognized that law enforcement 
does not seek the power to dictate how the Internet should be 
engineered or the power to veto the deployment of new 
telecommunications services. Law enforcement cannot--nor do we seek 
to--dictate to any carrier how best to design its service or what 
services it can or cannot offer. We only ask that any service comply 
with the law in order not to imperil public safety and national 
security. In light of the fact that CALEA solutions can be just as 
innovative as the services themselves, the FCC appropriately committed 
itself to ``finding solutions that will allow carriers and 
manufacturers to find innovative ways to meet the needs of the law 
enforcement community without adversely affecting the dynamic 
telecommunications industry.'' CALEA NPRM at  31.
    It is worth noting that nothing in the CALEA NPRM precludes the FCC 
from making an independent assessment of whether a carrier is subject 
to other economic regulation under the Communications Act of 1934, as 
amended. In confining its analysis to CALEA, the Commission explicitly 
stressed that the CALEA NPRM ``in no way predispose[s] how the 
Commission may proceed with respect to adopting a regulatory framework 
for Internet Protocol (``IP'')-enabled or broadband services or 
determining their legal classification under the Communications Act.'' 
CALEA NPRM at  1, n. 1.

VII. SEVERAL MISCONCEPTIONS ABOUT CALEA AND THE DEPARTMENT'S EFFORTS TO 
            SECURE ITS IMPLEMENTATION WARRANT CLARIFICATION.

    I'd like to take a few moments to address several misconceptions 
about CALEA and about the Department's implementation efforts.
A. The Department's Petition Does Not Seek to Erode the Strict 
        Constitutional, Statutory and Regulatory Limitations Imposed on 
        Electronic Surveillance.
    While electronic surveillance is a necessary tool, we are mindful 
that it is also a very powerful tool--one that has serious implications 
for the privacy of citizens. Accordingly, law enforcement only uses 
electronic surveillance as a method of last resort, and even then we 
adhere to strict limitations on its use.
    As I briefly mentioned before, CALEA itself does not authorize 
electronic surveillance. In presenting our views to the FCC concerning 
the interpretation of CALEA, the Department is not seeking expanded 
authority to conduct wiretaps. As Congress said when enacting CALEA, 
``[s]ince 1968, the law of this nation has authorized law enforcement 
agencies to conduct wiretaps pursuant to court order. That authority 
extends to voice, data, fax, e-mail and any other form of electronic 
communication. The bill will not expand that authority.'' H.R. Rep. No. 
103-827, at 17.
    The limitations on law enforcement's use of wiretaps are imposed by 
the Constitution, statutes, and internal Department procedures. First, 
the U.S. Constitution obviously places important parameters on our use 
of electronic surveillance. Under the Fourth Amendment, the government 
must demonstrate probable cause to a neutral magistrate before 
obtaining a warrant for a search, arrest, or other significant 
intrusion on privacy.
    Congress and the courts have also provided statutory limits beyond 
those required by the Constitution. For instance, law enforcement must 
obtain a ``trap and trace'' or ``pen register'' court order to obtain 
information identifying who is receiving or sending communications to 
or from a particular suspect, even though not required under the 
Constitution. See 18 U.S.C. 3121 et. seq.
    The statutory authorization for law enforcement wiretaps, 18 U.S.C. 
2510-22 (commonly known as ``Title III''), as amended by the 
Electronic Communications Privacy Act (ECPA) in 1986, creates an even 
higher burden for obtaining the real-time interception of the content 
of communications. The Senate Report on Title III stated explicitly 
that the legislation ``has as its dual purpose (1) protecting the 
privacy of wire and oral communications and (2) delineating on a 
uniform basis the circumstances and conditions under which the 
interception of wire and oral communications may be authorized.'' 
Senate Committee on the Judiciary, Omnibus Crime Control and Safe 
Streets Act of 1967, S. Rep. No. 1097, 90th Cong., 2d Sess. (1968) at 
66. When Title III was updated in 1986 to include provisions regarding 
electronic communications, the Senate Report stated that ECPA 
represented ``a fair balance between the privacy expectations of 
American citizens and the legitimate needs of law enforcement 
agencies.'' Senate Committee on the Judiciary, Electronic 
Communications Privacy Act of 1986, S. Rep. No. 541, 99th Cong., 2d 
Sess. (1986) at 5. Accordingly, under Title III, in order to obtain a 
court order to capture the contents of communications as they occur, 
the government must show that normal investigative techniques for 
obtaining information about a serious felony offense have been or are 
likely to be inadequate or are too dangerous, and that any interception 
will be conducted so as to ensure that the intrusion is minimized.
    Even beyond the limits placed by the Constitution and the Congress, 
the Department of Justice has its own internal procedures to provide 
still more safeguards. For example, the Office of Enforcement 
Operations (OEO) in the Criminal Division of the Department reviews 
proposed Title III applications to ensure that the request for 
interception satisfies the protections of the Fourth Amendment and 
complies with applicable statutes and regulations. Even if OEO 
recommends authorizing a request, the application cannot go to a court 
without approval by a Deputy Assistant Attorney General or higher-level 
official in the Department. The fact that not a single application for 
electronic surveillance under Title III was rejected by a federal court 
in all of 2003 is a testament to the vigilance and care the Department 
takes when asking for this authority.
    If the Department of Justice approves a federal Title III request, 
it still must, of course, be submitted to and approved by a court of 
proper jurisdiction. The court will evaluate the application under the 
Fourth Amendment and using the familiar standards of Title III. By 
statute, for example, the application to the court must show, through 
sworn affidavit, why the intercept is necessary as opposed to other 
less-intrusive investigative techniques. The application must also 
provide additional detail, including whether there have been previous 
interceptions of communications of the target, the identity of the 
target (if known), the nature and location of the communications 
facilities, and a description of the type of communications sought and 
the offenses to which the communications relate. By statute and 
internal Department regulation, the interception may last no longer 
than 30 days without an extension by the court. All intercepted 
communications are sealed by the court, further protecting privacy.
    Often courts also impose their own safeguards. For example, many 
federal courts require that the investigators provide periodic reports 
to the court setting forth information such as the number of 
communications intercepted, the steps taken to minimize irrelevant 
traffic, and whether the interceptions have provided information 
relevant to the criminal investigation. The court may, of course, 
terminate the interception at any time.
    It is only after we have complied with these comprehensive 
regulatory, statutory, and Constitutional protections that CALEA comes 
into play and ensures that a court order can be implemented. Our recent 
filings with the FCC do not seek to change any part of this carefully 
calibrated system.
B. Implementation of CALEA Will Help Protect Privacy.
    It is important to make clear that CALEA, itself, actually provides 
critical protection of privacy rights. The argument that full 
implementation of CALEA will threaten individual privacy rights is 
simply misguided. CALEA strikes a delicate balance among three 
sometimes competing goals: ``(1) to preserve a narrowly focused 
capability for law enforcement agencies to carry out properly 
authorized intercepts; (2) to protect privacy in the face of 
increasingly powerful and personally revealing technologies; and (3) to 
avoid impeding the development of new communications services and 
technologies.'' H.R. Rep. No. 103-827, at 13. As the House of 
Representatives explained in the report, ``the bill further protects 
privacy by requiring the systems of telecommunications carriers to 
protect communications not authorized to be intercepted.'' Id. at 10.
    CALEA addresses privacy concerns in two ways. First, it requires 
that providers be able to separate out the communications involving the 
equipment, facilities, or services of the particular subscriber whose 
communications law enforcement has an order to intercept. This 
provision promotes both efficiency and privacy. Second, CALEA requires 
that a service provider be able to separate out call-identifying 
information from the content of communications. This protects the call 
content from law enforcement access where law enforcement only has 
legal grounds to obtain the call-identifying information. CALEA Section 
103; 47 U.S.C. 1002. A carrier's compliance with CALEA when 
implementing a court-ordered wiretap or a pen register order thus 
protects individuals' privacy rights.
C. In Keeping with the Provisions of CALEA, the Department of Justice 
        Does not Seek to Dictate the Design of Telecommunications 
        Systems.
    It is also important to stress that the Department does not seek to 
dictate the design of new telecommunications systems. In fact, CALEA 
explicitly prohibits any such undertaking by providing that it ``does 
not authorize any law enforcement agency or officer . . . to require 
any specific design . . . to be adopted by any provider [or] 
manufacturer . . . ,'' and it does not authorize any law enforcement 
agency or officer ``to prohibit the adoption of any equipment, 
facility, service, or feature by any provider . . . [or] 
manufacturer.'' CALEA Section 103, 47 U.S.C. 1002(b)(1).
    What the Department does seek is to ensure that new communications 
services and features to which CALEA applies are deployed with CALEA 
solutions in place whenever feasible. Indeed, Section 106 of CALEA 
mandates that carriers consult with manufacturers ``as necessary, in a 
timely fashion'' to ensure ``that current and planned equipment, 
facilities, and services comply with [CALEA] capability 
requirements[.]'' 47 U.S.C. 1005 (emphasis added). CALEA solutions may 
be developed by individual service providers or by industry, but they 
must be developed. Any amount of time that a terrorist or other 
dangerous criminal can use a communications service without a 
capability for court-ordered interception is too long.
D. The Department is Not Seeking to Re-allocate the Costs of CALEA 
        Implementation.
    Finally, the Department is not seeking to re-allocate the costs of 
CALEA implementation to industry or consumers. It is CALEA itself that 
places any cost burden on telecommunications carriers in the first 
instance, rather than on the government, for equipment, facilities, and 
services installed or deployed after January 1, 1995. CALEA Section 
109(b); 47 U.S.C. 1008(b). This same provision, however, also allows 
carriers to seek a determination of whether implementation of a CALEA 
solution is ``reasonably achievable'' in light of costs and other 
issues and allows carriers to seek compensation for costs or reprieve 
in some circumstances. CALEA recognizes that the greatest cost 
efficiency can usually be achieved by building intercept solutions into 
a system's initial design prior to deployment, rather than as a 
retrofit.

                            VIII. CONCLUSION

    Now, ten years after the enactment of CALEA, we must not back away 
from the important principles behind CALEA. If anything, it is even 
more critical today than in 1994 that advances in communications 
technology not provide a haven for criminal and terrorist activity. 
While we recognize the desirability of and need for the development and 
deployment of advanced telecommunications technologies, we must at the 
same time act responsibly to preserve the national security and public 
safety mandates of CALEA. The Department of Justice appreciates this 
Subcommittee's leadership in seeking to promote new telecommunications 
technologies in a manner that addresses these national security 
interests, and we thank you for your continuing support.

    Mr. Upton. Thank you. Thank you very much.
    Mr. Thomas.

                  STATEMENT OF MARCUS C. THOMAS

    Mr. Thomas. Thank you.
    Good morning, Chairman Upton, members of the subcommittee. 
I am grateful for this opportunity to discuss this important 
national security and public safety issue, law enforcement's 
access to communication systems in the digital age.
    Let me say up front that I believe it's important to state 
that the FBI and the law enforcement community recognize the 
importance of the continued development and adoption of 
innovative technologies to insure that the United States 
remains a leader in today's competitive global marketplace. I 
believe that public safety, national security, and technology 
innovation can all be served by good policy.
    I also do not think anyone seriously challenges the need 
for law enforcement and national security communities to be 
able to conduct court authorized electronic surveillance. There 
is no doubt that wiretaps produce powerful intelligence and 
evidence against the most dangerous criminals and terrorists. 
When police cannot use other investigative techniques to safely 
and successfully collect evidence and intelligence, they often 
use wiretaps to catch criminals with words uttered from their 
own mouths.
    Concerns regarding the serious threat to our capabilities 
are not limited to the United States law enforcement and 
national security communities. Worldwide new laws are being 
implemented that are intended to require network providers to 
furnish communications interception services to government 
agencies.
    The technical assistance of communications service 
providers in helping law enforcement agencies to execute an 
electronic surveillance order is always important, and in many 
cases it's absolutely essential. This circumstance has proven 
to be the case increasingly with the advent over the past 10 
years or so of complex new systems, services and features.
    In the House report accompanying CALEA when it was passed 
in 1994, the purpose of the legislation was clearly set out to 
make clear telecommunications carriers' duty to cooperate in 
the interception of communications for law enforcement 
purposes.
    In short, CALEA's intent was to mandate through service 
provider cooperation access where advancing technology would 
otherwise preclude it.
    Despite the fact that since the enactment of CALEA there 
have been technological advancements that few of us could have 
foreseen, the implementation of CALEA has been successful. 
Referring to the most recent wiretap report published annually 
by the Administrative Office of the United States Courts, more 
than 70 percent of all criminal wiretap authorizations listed 
were through CALEA compliant capabilities.
    In recent years, the FBI has found that there are greater 
and more diverse challenges in effectuating the electronic 
surveillance orders within modern networks than with 
conventional telephony networks operated by traditional 
telecommunications carriers.
    In order to implement electronic surveillance orders in 
these diverse networks, the FBI has relied on elaborate and 
costly technical approaches to insure that only messages for 
which there's probable cause to intercept are, in fact, 
intercepted, and that all such authorized messages are 
intercepted.
    As a result, it has become increasingly common for the FBI 
to seek and for judges to issue orders for Title III or FISA 
interceptions which are much more complex and detailed and much 
more likely to be directed to multiple network operators and 
service providers than earlier orders which are ordinarily 
directed against a single plain, old telephone service 
provider.
    The issue that I have described may be too complex for one 
remedy to solve. Like so many issues we try to deal with today, 
the future success of law enforcement electronic surveillance 
will depend upon a multi-pronged approach. In response to the 
challenges presented by rapid technological advances, the FBI 
and law enforcement community have been using all available 
means to implement their mission, to protect national security 
and public safety.
    In my written testimony, I included a list of significant 
issues which we are addressing, including technology 
advancements, industry cooperation, third party services, 
industry standards and specifications, law enforcement 
coordination and costs. I would encourage the subcommittee and 
the rest of the members discussing these issues to keep in mind 
the need for continued access by U.S. law enforcement to our 
Nation's communications infrastructures.
    Experience has proven that statutorily imposed 
responsibilities must necessarily be one element of the 
solution, but not the only element. As such, we must continue 
to have statutory mandates such as CALEA and build upon them 
using varied tools, including incentives.
    In conclusion, I'd like to say over the past 10 years or 
more, we have witnessed continued steady growth in computer and 
Internet related crimes, including extremely serious acts in 
furtherance of terrorism, espionage, infrastructure attack, as 
well as more conventional serious and violent crimes.
    These activities, which even now are being planned and 
carried out, in part using the Internet and other complex 
networks and services, pose challenges to the national security 
and law enforcement communities that we dare not fail to meet.
    In turn, the ability of the FBI and law enforcement 
community to effectively investigate and prevent these serious 
crimes is, in part, dependent upon our ability to lawfully and 
effectively intercept and acquire vital intelligence and 
evidence of crimes and our ability to promptly respond to these 
threats to the American public. As the networks become more 
complex so does the challenge placed upon us to keep pace.
    I look forward to working with the subcommittee staff to 
provide more information and welcome your suggestions to this 
important national security and public safety issue. Thank you 
for including my written testimony in the record, and I'll be 
happy to answer questions.
    Thank you.
    [The prepared statement of Marcus C. Thomas follows:]

  Prepared Statement of Marcus C. Thomas, Deputy Assistant Director, 
   Investigative Technology Division, Federal Bureau of Investigation

    Good morning, Chairman Upton, Ranking Member Markey, and Members of 
the Subcommittee, I am grateful for this opportunity to discuss this 
important national security and public safety issue: law enforcement's 
access to communications systems in the digital age. I would like to 
start by briefly outlining a historical framework of court-authorized 
electronic surveillance in highly-complex communications networks, then 
discussing the situation in which the law enforcement community 
currently finds itself, and some of the problems with which we are 
currently dealing. Lastly, I would like to briefly discuss some of our 
ongoing efforts intended to address a number of these problems.

                               BACKGROUND

    Prior to delving into the subject of electronic surveillance, I 
believe it is important to state that the FBI and the law enforcement 
community recognize the importance of the continued development and 
consumer adoption of innovative technologies to ensure the United 
States remains a leader in today's competitive, global marketplace. One 
of the fundamental requirements for preserving national security, the 
privacy of our citizens, and public safety is ensuring that United 
States national security and law enforcement agencies are able to 
securely and effectively use lawful process to gather evidence and 
intelligence during investigations. We remain extremely concerned about 
the very serious, public safety and national security threat posed by 
the misuse of technologies that hamper lawfully-authorized electronic 
surveillance of communications occurring over their systems. I believe 
that public safety, national security, and technological innovations 
can be served by good policy. .
    I do not think anyone seriously challenges the need for the law 
enforcement and national security communities to be able to conduct 
court-authorized electronic surveillance. There is no doubt wiretaps 
produce powerful intelligence and evidence against the most dangerous 
criminals and terrorists. When police cannot use other investigative 
techniques to safely and successfully collect evidence and 
intelligence, they often use wiretaps to catch and convict criminals 
with words uttered from their own mouths. Concerns regarding this 
serious threat are not limited to the United States law enforcement and 
national security communities. Worldwide, new laws are being 
implemented that are intended to require network providers to furnish 
communications interception services to government agencies.
    The issue I have just described may be too complex for one remedy 
to solve. Like so many issues we try to deal with today, the future 
success of lawful electronic surveillance will depend on a multi-
pronged approach. In some instances, responsibilities mandated of a 
service provider are the appropriate course of action. In others, to 
meet the exigent needs of law enforcement, industry cooperation can be 
the most constructive avenue of pursuit. Finally, any approach would be 
incomplete without considering law enforcement's own abilities. I am 
here today, mere days before the third anniversary of September 11th, 
to stress the importance of the outcome of our discussion: law 
enforcement's continued ability to conduct lawful electronic 
surveillance to ensure national security and public safety.

                   TECHNICAL ASSISTANCE REQUIREMENTS

    As the Subcommittee is aware, there are two federal statutory 
regimens pertaining to electronic surveillance one regarding criminal 
investigations; the other regarding foreign intelligence, 
counterintelligence, and terrorism investigations. The former is 
derived from Title III of the Omnibus Crime Control and Safe Streets 
Act of 1968 (commonly referred to as ``Title III''), as amended, and 
portions of the Electronic Communications Privacy Act of 1986 (ECPA), 
as amended. The latter is derived from the Foreign Intelligence 
Surveillance Act of 1978 (FISA), as amended. Regardless of the 
statutory regimen, Congress took action in 1994 to mandate 
telecommunications carriers, and others as identified by the FCC, to 
ensure their networks were capable of conducting electronic 
surveillance.
    The technical assistance of communications service providers in 
helping a law enforcement agency execute an electronic surveillance 
order is always important, and in many cases it is absolutely 
essential. This circumstance has proven to be the case increasingly 
with the advent, over the past ten years or so, of advanced 
communications services and features. Accordingly, Title III and FISA, 
as well as most state electronic surveillance laws, mandate service 
provider assistance incidental to law enforcement's execution of 
electronic surveillance orders.
    Title III specifies that a ``service provider, landlord, custodian, 
or other person shall furnish the applicant forthwith all information, 
facilities, and technical assistance necessary to accomplish the 
interception unobtrusively and with a minimum of interference . . .'' 
upon the request of the applicant (specifically, law enforcement). In 
practice, judges sign two orders: one order authorizing the law 
enforcement agency to conduct the electronic surveillance, and a second 
(abbreviated) assistance order directed to the service provider 
specifying, for example, the telephone number(s) of the subject that 
are the object of the order and directing the provision of necessary 
assistance.
    Historically, assistance sought by law enforcement agencies was 
rather straightforward and basic. For example, law enforcement agencies 
sought and received service provider assistance to identify line 
appearance information (i.e., locating the physical appearance of a 
subject's line) and to establish leased lines running from the point of 
interception to a monitoring facility of the law enforcement agency. 
This model was very effective prior to the advent of advanced calling 
features and the introduction of mobile communications. Likewise, law 
enforcement agencies have historically paid reasonable expenses for 
such administrative assistance.
    In 1994, as a result of the emergence of an ever increasing array 
of new services and features, many of which would have impeded, if not 
precluded, normal electronic surveillance efforts by obstructing lawful 
access, Congress passed, and the President signed into law, the 
aforementioned CALEA legislation. In the House Report accompanying 
CALEA, the purpose of the legislation was clearly identified: ``to make 
clear a telecommunications carrier's duty to cooperate in the 
interception of communications for law enforcement purposes . . .''. 
That is to say that a primary purpose of CALEA was to clarify and 
strengthen the statutory requirement that service providers furnish 
``all'' technical assistance necessary to accomplish the interception--
meaning to design and build into their networks the capability and 
capacity requirements needed by law enforcement. It is not enough just 
to be willing to assist; rather, service providers must actually be 
capable of making that assistance possible in a rapidly changing 
technological world. In short, CALEA's intent was to mandate access 
where advancing technology would otherwise preclude it.
    Despite the fact that in the years since the enactment of CALEA 
there have been technological advancements few of us could have 
foreseen, CALEA has proven essential to law enforcement successes. In 
the most recent Wiretap Report (published annually by the 
Administrative Office of the United States Courts), 80 percent of 
wiretap authorizations were for cellular or mobile telephones. Of that 
number, I am pleased to tell you approximately 90 percent were 
conducted using technical solutions developed specifically in response 
to the assistance capability requirements identified in CALEA. In other 
words, more than 70 percent of all criminal wiretap authorizations were 
``CALEA-compliant.'' Looking to the future, our success with CALEA's 
application to cellular telephones can be seen as a model. Prior to the 
passage of CALEA the 1991 Wiretap Report identified that cellular 
phones accounted for approximately one percent of wiretap 
authorizations. CALEA provided a framework to ensure law enforcement's 
lawful access as criminals migrated to the new technology. I believe we 
are at the point with Voice over Internet Protocol (VoIP) today that we 
were with cellular telephones in the early 1990s--with one significant 
difference: all service providers, both wireline and wireless, have an 
incentive to migrate their networks to an IP platform. What that means 
is the transition to a VoIP infrastructure is occurring very quickly. 
In recognition of this rapid change, we have petitioned the Federal 
Communications Commission to make clear that CALEA applies to certain 
forms of I.P. telephony services. We feel this is critical to 
protecting law enforcement interests.
    It is important to note that the requirement for service provider 
assistance under 18 U.S.C. 2518(4) remains in full force and effect, 
notwithstanding the applicability of CALEA, and requires service 
providers to do whatever reasonably can be done to comply with 
assistance court orders issued by judges. In other words, even when 
CALEA does not apply, the service provider (or ``landlord, custodian, 
or other person'') served with a court order for surveillance is 
legally required to do whatever can reasonably be done to implement the 
order.

                  CURRENT TECHNOLOGY AND POLICY ISSUES

    Perhaps the most significant technological challenges in the area 
of electronic surveillance faced by the law enforcement and national 
security communities have been those challenges brought on by 
convergence. Convergence refers to the blurring of lines among 
traditionally distinct communications products, services, and 
regulatory structures and can be thought of as the ability (technically 
and legally) of different network platforms to carry essentially the 
same kinds of services (so-called network-independence) as well as the 
ability of a single network platform to carry many different kinds of 
services (so-called service-independence). Such network/service 
independence is perhaps most evident in the blurring of wireless and 
wireline network services, but also in the blurring of data and voice 
services. The most relevant instrument of change with regard to such 
convergence has been the emergence of IP networks.
    In recent years, the FBI has found that there are greater and more 
diverse challenges in effectuating electronic surveillance orders 
within modern networks than with ``conventional'' telephony networks 
operated by traditional telecommunications carriers. In order to 
implement electronic surveillance orders in these diverse networks, the 
FBI has relied on elaborate and costly technical approaches to ensure 
that only messages for which there is probable cause to intercept are, 
in fact, intercepted and that all such authorized messages are 
intercepted. As a result, it has become increasingly common for the FBI 
to seek, and for judges to issue, orders for Title III or FISA 
interceptions which are much more complex and detailed, and much more 
likely to be directed to multiple network operators and service 
providers, than earlier orders, which were ordinarily directed against 
a single ``plain old telephone services'' provider.
    It is important to point out that, when CALEA was passed in 1994, 
the Internet was a nascent consumer technology, the World Wide Web was 
only really coming into existence in the laboratory, and wireless 
telephones were largely voice-only devices and not the web-enabled 
devices we see today. Nevertheless, the Congress, with CALEA, was 
attempting to address the complex and varied communications services 
that we now see.

                        LAW ENFORCEMENT RESPONSE

    In response to the challenges presented by rapid technological 
advances, law enforcement has been using all available means to 
implement its mission to protect national security and public safety. 
First, law enforcement has sought to ensure compliance with CALEA. In 
keeping with the spirit of Congress's intent when enacting CALEA, the 
FBI has not sought to apply its requirements either recklessly or 
broadly to those to whom it should not apply. Because neither CALEA, 
nor any other single approach, is viewed as the absolute solution for 
law enforcement's electronic surveillance problems, the FBI and other 
law enforcement agencies have worked continually to augment CALEA 
requirements with government capabilities. In this regard, we have 
worked to develop close liaison relationships with the Information 
Technology industry as a means of addressing the public safety and 
national security issues associated with electronic surveillance and 
the use of technologies which tend to hamper our legitimate 
interception efforts. Over the past several years, we have been 
aggressively pursuing an industry outreach strategy to inform the 
Information Technology industry of law enforcement's needs in the area 
of electronic surveillance, to continue to encourage the development of 
interception capabilities that meet law enforcement's needs, and to 
seek industry's assistance regarding the development of law enforcement 
tools and capabilities when complex technologies are encountered during 
the course of lawful investigation. As a result of this strategy, we 
have seen a number of significant advancements which should be further 
pursued and emulated.
    First, we have seen a number of technological developments which 
have led to the marketing of comprehensive technical tools designed, in 
part, to perform electronic surveillance within the complex environment 
of the Internet. These tools, which are designed to be implemented and 
operated by a service provider, have greatly extended the capability to 
effectuate lawful electronic surveillance on ISP networks. Several 
companies have aggressively developed and marketed such tools.
    Second, the FBI and the law enforcement community have always, as a 
first instinct, sought to work cooperatively and closely with computer 
network service providers and their software and equipment 
manufacturers to develop lawful interception capabilities, especially 
where legal, evidentiary, and investigative imperatives require special 
purpose tools. As a result, a number of network operators and service 
providers have acquired and implemented lawful interception 
capabilities.
    Third, we have seen the emergence of so-called ``third-party 
services''--companies, largely utilizing the tools mentioned above, 
marketing electronic surveillance services to both the network operator 
community and the law enforcement community. One such third party 
service provider provides telecommunications network operators, cable 
operators, and ISPs with a streamlined service to help meet 
requirements for assisting government agencies with lawful interception 
and subpoena requests for subscriber records. With respect to third-
party service providers, law enforcement sees them as one potential 
avenue for telecommunications network operators, cable operators, and 
ISPs to meet their obligations under Title III and/or FISA. Employing a 
third party may, for example, make a service provider's processes more 
efficient, but in no way should be seen as relieving the service 
provider of its electronic surveillance obligations. I liken third-
party services to other out-sourced services such as payroll 
administration, where the third party handles the paperwork, but the 
buck stops with the company that pays the bill.
    Fourth, we have seen a truly commendable effort on the part of 
CableLabs, an industry trade consortium representing many cable 
companies, along with Time-Warner, Comcast, CableVision and Cox 
Communications, to develop and publish a set of technical standards 
which, on their face, meet law enforcement needs with regard to 
electronic surveillance capabilities. This standard was developed in a 
spirit of cooperation which began by recognizing the legitimacy of law 
enforcement's needs and duties and the unique position industry is in 
to ensure that our public safety and national security missions are 
fulfilled.
    Fifth, as always, we have seen the law enforcement community pull 
together in the face of this issue. Speaking for the FBI, I can say 
that many of our technologies, systems, and processes developed for our 
own use have been made available, to the extent possible, to the 
greater law enforcement community, including other federal law 
enforcement agencies as well as state and local agencies. Nonetheless, 
the challenges are daunting, and the federal government cannot shoulder 
this burden alone. Even with federal assistance, state and local law 
enforcement are currently having significant problems effectuating 
their interception orders, and the situation will only grow worse.
    Finally, another important issue regarding lawful interception 
which must be addressed is that of cost. One inescapable fact is that 
lawful electronic surveillance in this modern ``digital age'' is 
increasingly complex and rapidly changing. Both of these circumstances 
have the effect of increasing the overall cost of electronic 
surveillance. Unfortunately, on this issue, there is no returning to 
the ``days of old'' where policemen hunkered down in panel vans on the 
street corner recording wiretaps on reel-to-reel tape. For now, and for 
evermore, there is a new baseline for costs associated with this work.
    I will leave you with a last thought regarding the capability of 
law enforcement agencies to lawfully access communications in a 
``digital age,'' and that is this: without the ``high tech'' industry 
assisting the government in this effort, our challenge will be greater. 
Law enforcement must have the continued ability to cost-effectively 
conduct lawful electronic surveillance to ensure national security and 
public safety. As I mentioned earlier, this is a complex issue that 
needs a multi-pronged solution. Industry must be engaged and must 
involve itself in that solution. I would encourage this Subcommittee 
and the rest of Congress, when discussing the issue, to keep in mind 
the need for continued access by U.S. law enforcement to our nation's 
communications infrastructures. Experience has proven that statutorily-
imposed responsibilities must necessarily be one element of the 
solution but not the only element. As such, we must continue to have 
statutory mandates such as CALEA and build on them, using varied tools, 
including incentives.
    In conclusion, I would like to say that over the last ten years or 
more, we have witnessed continuing, steady growth in computer and 
Internet-related crimes, including extremely serious acts in 
furtherance of terrorism, espionage, infrastructure attack, as well as 
more conventional serious and violent crimes. These activities which 
even now are being planned or carried out, in part using the Internet 
and other complex networks and services, pose challenges to the 
national security and law enforcement communities that we dare not fail 
to meet. In turn, the ability of the FBI and the law enforcement 
community to effectively investigate and prevent these serious crimes 
is, in part, dependent upon our ability to lawfully and effectively 
intercept and acquire vital intelligence and evidence of crimes and our 
ability to promptly respond to these threats to the American public. As 
the networks become more complex, so too does the challenge placed upon 
us to keep pace.
    I look forward to working with the Subcommittee staff to provide 
more information and welcome your suggestions on this important 
national security and public safety issue: law enforcement's access to 
communications systems in the digital age. I will be happy to answer 
any questions that you may have. Thank you.

    Mr. Upton. Thank you.
    Mr. Knapp.

                  STATEMENT OF JULIUS P. KNAPP

    Mr. Knapp. Chairman Upton, members of the subcommittee, 
good morning. I welcome this opportunity to discuss the FCC's 
activities to implement the Communications Assistance for Law 
Enforcement Act, or CALEA, for short.
    The FCC is strongly committed to insuring the 
telecommunications carriers provide law enforcement agencies 
with the surveillance capabilities that are required under 
CALEA. We recognize the vital importance of lawfully authorized 
surveillance in combatting crime and insuring homeland 
security.
    The FCC also recognizes that in providing these 
capabilities, we must not compromise other important 
objectives, such as avoiding impediments to new technologies 
and services, protecting personal privacy, and minimizing the 
impact on consumers.
    The CALEA statute was passed in 1994 with the purpose of 
preserving the government's ability pursuant to court order or 
other lawful authorization to intercept communications 
involving advanced technologies, such as digital or wireless 
transmission modes. Great changes in technology have occurred 
over the past 10 years which have challenged the ability of law 
enforcement to conduct lawfully authorized surveillance.
    Most notably, there has been a rapid shift from circuit 
mode to packet mode technologies with an array of new services, 
such as broadband Internet access and Voice Over Internet 
Protocol, or VoIP, now offered to businesses and consumers.
    The FCC has been proud to facilitate this communications 
revolution by minimally regulating these new services to 
promote increased competition in the introduction of new 
services for businesses and consumers. These changes from a 
circuit based to a packet based world will have a profound 
effect on the way we communicate.
    However, in the midst of this communications revolution, 
there has been an upsurge in dangerous criminal activity, 
including terrorism. Accordingly, the FCC must insure that 
CALEA's intent is carried out and that lawfully authorized 
electronic surveillance is not compromised by new technologies.
    On August 4, 2004, the FCC adopted a notice of proposed 
rulemaking and declaratory ruling to launch a thorough 
examination of the appropriate legal and policy framework for 
implementing CALEA. This proceeding was initiated in response 
to a joint petition filed by the Department of Justice, Federal 
Bureau of Investigation, and Drug Enforcement Administration in 
March 2004.
    These parties state that several issues require immediate 
attention and resolution by the FCC so that industry and law 
enforcement have clear guidance as CALEA implementation moves 
forward.
    The notice of proposed rulemaking, or ``notice'' for short, 
addresses a number of areas, including the applicability of 
CALEA to broadband Internet access and VoIP, capability 
requirements and solutions, compliance extensions, and cost and 
cost recovery issues.
    The notice tentatively concludes that CALEA's provisions 
apply to facilitates based providers of any type of broadband 
Internet access service, including wire line, cable modem, 
satellite wireless, and power line, and to managed or mediated 
voice over Internet protocol service. The notice finds that 
these services fall under CALEA as a replacement for a 
substantial portion of the local telephone exchange service.
    The notice also solicits comment on what would be a 
reasonable amount of time for entities that heretofore have not 
been subject to CALEA to comply with its requirements.
    The companion declaratory ruling clarifies that commercial 
wireless push-to-talk services are subject to CALEA regardless 
of the technologies that providers choose to use in offering 
them.
    As Chairman Powell noted in his statement on the CALEA 
notice, our support for law enforcement is unwavering. The FCC 
looks forward to developing a complete and comprehensive record 
before determining how to best proceed. We will devote the 
necessary resources to expeditiously and responsibly complete 
this task.
    I would like to thank you, Mr. Chairman, for the 
opportunity to appear before you today. This concludes my 
testimony, and I would be pleased to answer any questions you 
or this committee may have.
    Thank you.
    [The prepared statement of Julius P. Knapp follows:]

    Prepared Statement of Julius P. Knapp, Deputy Chief, Office of 
     Engineering and Technology, Federal Communications Commission

    Mr. Chairman, Ranking Member, and Members of the Subcommittee: Good 
morning. I am Julius Knapp, Deputy Chief of the Office of Engineering 
and Technology at the Federal Communications Commission (FCC or 
Commission). I welcome this opportunity to discuss the FCC's activities 
to implement the Communications Assistance for Law Enforcement Act 
(CALEA).
    The FCC, under Chairman Powell's leadership, is absolutely 
committed to ensuring that telecommunications carriers provide law 
enforcement agencies (LEAs) with the surveillance capabilities that are 
required under CALEA. The Commission recognizes the vital importance of 
lawfully authorized surveillance in combating crime and ensuring 
Homeland Security and intends for our recently initiated proceeding to 
continue this ability. The FCC also recognizes that in providing these 
capabilities we cannot compromise other important objectives, such as 
avoiding impediments to new technologies and services, protecting 
personal privacy, and minimizing the impact on consumers.

                              INTRODUCTION

    Since 1970, telecommunications carriers have been required to 
cooperate with LEAs to assist their conduct of electronic surveillance. 
The CALEA statute was passed in 1994 with the purpose of preserving the 
government's ability, pursuant to court order or other lawful 
authorization, to intercept communications involving advanced 
technologies such as digital or wireless transmission modes, while 
protecting the privacy of communications and without impeding the 
introduction of new technologies, features and services. Jurisdiction 
to implement CALEA's provisions is shared by the Attorney General of 
the United States, who consults with state and local LEAs, and the FCC. 
Effective implementation of CALEA's provisions relies to a large extent 
on shared responsibility among these governmental agencies and the 
service providers and manufacturers subject to the law's requirements.
    Great changes in technology have occurred over the past ten years, 
which have challenged the ability of LEAs to conduct lawful 
surveillance. Most notably, there has been a rapid shift from circuit-
mode to packet-mode technologies, with an array of new services such as 
broadband Internet access and Voice over Internet Protocol (VoIP) now 
offered to consumers and businesses. The FCC has been proud to 
facilitate this communications revolution by minimally regulating these 
new services to promote increased competition and the introduction of 
new services for consumers and businesses.
    These changes from a circuit-based world to a packet-based world 
will have a profound effect on the way we communicate. As my colleague 
Jeff Carlisle, now Chief of the FCC's Wireline Competition Bureau, 
noted just two months ago in testimony before this Subcommittee, voice 
is gradually becoming nothing more than one application of many over a 
multiuse digital network, where users may obtain a wide variety of 
services from multiple sources. For example, VoIP accelerates the 
migration to digital multiuse broadband infrastructures and 
internationalizes voice communications, allowing customers to buy voice 
applications from providers around the world. From the outset of this 
sea change, the Commission has stressed that important law enforcement 
obligations must be a part of any regulatory regime. And indeed, the 
very real threat of terrorism coupled with day-to-day criminal activity 
will not permit anything short of full CALEA compliance.
    Against the backdrop of the advancing digital migration and facing 
these new challenges, the FCC is moving forward to ensure that CALEA's 
intent is fully carried out and that lawfully-authorized electronic 
surveillance is not compromised by new technologies--while at the same 
time not compromising the new technologies themselves.

                          PAST FCC RULEMAKINGS

    In 1997, the FCC initiated a rulemaking proceeding to begin the 
implementation of CALEA, and over the next several years took a number 
of significant actions in that proceeding, focusing largely on circuit-
switched technologies. Specifically, in an August 1999 Second Report 
and Order, the FCC concluded that the language and legislative history 
of CALEA provided sufficient guidance as to what the term 
``telecommunications carrier'' means, such that the statute could be 
applied to particular carriers, their offerings and facilities. The 
Second Report and Order also stated that CALEA does not apply to 
certain entities and services, including information services and 
private network services. In a companion Third Report and Order, the 
FCC required that wireline, cellular, and broadband Personal 
Communications Services carriers implement all electronic surveillance 
capabilities of an industry-developed standard, as well as some 
additional capabilities requested by the Department of Justice and the 
Federal Bureau of Investigation.

                         CURRENT FCC RULEMAKING

    In March 2004, the Department of Justice, Federal Bureau of 
Investigation, and Drug Enforcement Administration (collectively, Law 
Enforcement) filed a joint petition requesting that the FCC initiate a 
new rulemaking proceeding to resolve, on an expedited basis, issues 
associated with the implementation of CALEA. In its Petition, Law 
Enforcement maintains that outstanding implementation issues require 
immediate attention and resolution by the FCC, so that industry and 
federal, state, and local LEAs have clear guidance as CALEA 
implementation moves forward, particularly as communications technology 
changes. The Petition was placed on Public Notice on March 12, 2004; 
comments were due by April 12, 2004 and reply comments were due by 
April 27, 2004. The Commission received comments from LEAs, cable 
organizations, Internet and broadband companies/organizations, privacy 
and public interest groups, standards and technology groups, wireless 
companies/ organizations, and wireline companies/organizations.
    On August 4, 2004, the FCC adopted a Notice of Proposed Rule Making 
and Declaratory Ruling (Notice) to launch a thorough examination of the 
appropriate legal and policy framework for implementing CALEA. In the 
item, the FCC states that it will be guided by several policy goals as 
it updates its CALEA policies: First, the FCC wishes to ensure that 
LEAs have all of the resources that CALEA authorizes to combat crime 
and support Homeland Security. Second, the FCC recognizes that LEAs' 
needs must be balanced with the competing policies of avoiding impeding 
the development of new communications services and technologies and 
protecting customer privacy. Third, the FCC intends to remove to the 
extent possible any uncertainty that is impeding CALEA compliance, 
particularly for packet-mode technologies.
    The Notice addresses a number of areas, including the applicability 
of CALEA to broadband Internet access and VoIP, capability requirements 
and solutions, compliance extensions, and cost and cost recovery 
issues. Each of these topics is discussed below.
Applicability of CALEA to Broadband Internet Access and VoIP
    The Notice observes that CALEA applies to ``telecommunications 
carriers'' and exempts persons or entities insofar as they are engaged 
in providing ``information services.'' The CALEA statute contains its 
own unique definition of the term ``telecommunications carrier.'' 
Specifically, for purposes of CALEA, a ``telecommunications carrier'' 
is a person or entity engaged in the transmission or switching of wire 
or electronic communications as a common carrier for hire, but also 
includes entities that provide a replacement for a substantial portion 
of the local telephone exchange service if the FCC deems those entities 
to be ``telecommunications carriers'' as well. The Notice refers to 
this latter clause of the definition as the ``Substantial Replacement 
Provision.''
    The Notice tentatively concludes that, where a service provider is 
found to fall within the Substantial Replacement Provision, it should 
be deemed a ``telecommunications carrier'' for purposes of CALEA, to 
which CALEA obligations would apply. If, at the same time, the FCC 
interpreted CALEA's information services exclusion to apply, it would 
present an irreconcilable tension; that is, particular service 
providers would find themselves at the same time subject to CALEA under 
the Substantial Replacement Provision and exempted from it by virtue of 
the information services exclusion. The Notice tentatively concludes 
that the better reading of the statute is to recognize and give full 
effect to CALEA's broader definition of ``telecommunications carrier'' 
and to interpret the statute to mean that where a service provider is 
determined to fall within the Substantial Replacement Provision, by 
definition it cannot be providing an information service for purposes 
of CALEA.
    The Notice also tentatively concludes that facilities-based 
providers of any type of broadband Internet access, including but not 
limited to wireline, cable modem, satellite, wireless, and broadband 
access via powerline, are subject to CALEA because they provide 
replacement for a substantial portion of the local telephone exchange 
service used for dial-up Internet access service and such treatment is 
in the public interest. This tentative conclusion is based on the 
premise that broadband Internet access includes switching and 
transmission functionality and it replaces a substantial portion of the 
local exchange service used for narrowband Internet access.
    The Notice observes that, at the time CALEA was enacted, Internet 
services were generally provided on a dial-up basis by two separate 
entities providing two different capabilities--a local exchange 
telephone company carrying the calls between an end user and its chosen 
Internet Service Provider (ISP), and the ISP providing e-mail, content, 
web hosting and other Internet services. In its Report on the CALEA 
statute, the House of Representatives was quite clear as to the status 
of these different entities under CALEA: The local exchange carrier 
providing the local exchange transmission service that enabled the call 
to that dial-up ISP--``the transmission of an E-mail message''--was 
covered as a telecommunications carrier providing a ``plain old 
telephone service'' or ``POTS'' functionality (a ``phone call''). By 
contrast, the separate ISP was not subject to CALEA because the 
functions it provided--such as the storage of a message in an E-mail 
`box' ''--were ``information services.'' The Notice's tentative 
conclusion respects the House's understanding and does not propose 
attaching CALEA obligations to services or applications that ``ride 
over'' the underlying broadband transmission, such as e-mail storage, 
web browsing capabilities and Internet gaming.
    The Notice also tentatively concludes that providers of ``managed'' 
VoIP services, in which the provider acts as mediator to manage the 
communication between its end points and offers the service to the 
general public as a means of communicating with any telephone 
subscriber, including parties reachable only through the public 
switched telephone network (PSTN) are subject to CALEA. Such VoIP 
service providers offer an electronic communications switching or 
transmission service that replaces a substantial portion of local 
exchange service for their customers in a manner functionally the same 
as POTS service. The FCC believes that there is an overriding public 
interest in maintaining LEAs' ability to conduct wiretaps of on-going 
voice communications that are taking place over networks that are 
rapidly replacing the traditional circuit-switched network, yet 
providing consumers essentially the same calling capability that exists 
with legacy POTS service.
    Further, the Notice observes that it appears that basic 
capabilities essential to LEAs' surveillance efforts, such as access to 
call management information (e.g., call forwarding, conference call 
features such as party join and drop) and call set up information 
(e.g., real time speed dialing information, post-dial digit extraction 
information) may not be reasonably available to the broadband access 
provider. Consequently, subjecting only the broadband access provider 
to CALEA without including managed VoIP service providers could 
undermine LEAs' surveillance efforts.
Capability requirements and solutions
    The Notice seeks comment on telecommunications carriers' capability 
obligations under section 103 of CALEA. Section 103 requires 
telecommunications carriers to enable LEAs, pursuant to a court order 
or other lawful authorization, (1) to intercept, to the exclusion of 
other communications, wire and electronic communications carried by the 
carrier to or from a subject, and (2) to access call-identifying 
information that is reasonably available to the carrier, subject to 
certain conditions. Further, the interception of communications or 
access to call-identifying information is to be delivered to LEAs in a 
format that may be transmitted over the equipment, facilities or 
services procured by LEAs, to a location other than the provider's 
premises and in a way that protects the privacy and security of 
communications and information not authorized to be intercepted or 
accessed.
    The Notice observes that CALEA defines call-identifying information 
as dialing or signaling information that identifies the origin, 
direction, destination, or termination of each communication generated 
or received by a subscriber by means of any equipment, facility, or 
service of a telecommunications carrier. The exact application of that 
term is not always clear in the context of broadband access and VoIP 
services. Call-identifying information may be found within several 
encapsulated layers of protocols, some of which may be considered 
packet content. The Notice invites comment as to how the FCC should 
apply that term for broadband and VoIP services. The Notice also 
invites comment on who may be in the best position to provide this 
information.
    The Notice observes that telecommunications carriers may use 
whatever method they choose to satisfy CALEA's requirements. CALEA 
requires that LEAs and industry work cooperatively to develop standards 
that would serve as ``safe harbors.'' In other words, if a 
telecommunications carrier employs an industry-developed standard, it 
would be deemed compliant with CALEA.
    Under CALEA, any party may petition the FCC to address deficiencies 
in industry ``safe-harbor'' standards. While Law Enforcement has 
criticized certain of the industry standards, no petitions have been 
filed asking the FCC to intervene. The Notice invites comment as to 
whether standards for packet-mode technologies are deficient and thus 
preclude carriers from relying on them as safe harbors for complying 
with CALEA.
    The Notice also invites comment on the feasibility of carriers 
relying on a trusted third party to manage their CALEA obligations. The 
trusted third party effectively acts as a surveillance service provider 
by collecting the packets from the carrier's network, extracting the 
information to which a LEA is entitled, and conveying it in an 
acceptable format to that LEA. Such an approach is already being used 
in both the United States and other parts of the world.
Compliance extensions
    The Notice proposes several steps to ensure that telecommunications 
carriers comply with CALEA. CALEA section 107(c) provides that 
telecommunications carriers may request, and the FCC, after 
consultation with the Attorney General, may grant, extensions of time 
for CALEA compliance. The Notice proposes to restrict the availability 
of compliance extensions under CALEA section 107(c). The Notice also 
proposes to clarify the role and scope of CALEA section 109(b), under 
which carriers may be reimbursed by the Department of Justice for their 
CALEA compliance costs. The Notice specifies the information that would 
be required to be filed with Section 107(c) and 109(b) petitions. The 
Notice asks whether there are special concerns regarding small and 
rural carriers seeking additional compliance extensions, and, 
generally, proposes to afford all carriers with pending petitions a 
reasonable period of time (e.g., 90 days) in which to comply with, or 
seek relief from, any determinations that the FCC eventually adopts in 
the rulemaking proceeding. Additionally, the Notice considers whether, 
in addition to the enforcement remedies through the courts available to 
LEAs under CALEA section 108, the FCC may take separate enforcement 
action against carriers that fail to comply with CALEA. The Notice 
tentatively finds that the FCC has general authority under the 
Communications Act to promulgate and enforce CALEA rules against 
carriers and non-common carriers.
Cost and cost recovery issues
    In its Petition, Law Enforcement contends that CALEA places the 
financial burden of post-January 1, 1995 implementation on carriers and 
not LEAs. Law Enforcement requests that the FCC establish rules 
confirming that carriers bear the sole financial responsibility for 
post-January 1, 1995 CALEA implementation, unless otherwise specified 
by the FCC, recognizing that a specific carrier could have its costs 
reimbursed by the Department of Justice in the context of a CALEA 
section 109(b) petition. Related to this request, Law Enforcement asks 
the FCC to eliminate the issues of compliance costs as a basis for 
delayed compliance or non-compliance by establishing rules permitting 
carriers to recover CALEA implementation costs from their customers.
    The Notice tentatively concludes that carriers are responsible for 
CALEA development and implementation costs for post-January 1, 1995 
equipment and facilities. The Notice also seeks comment on cost 
recovery options that could reduce CALEA-related burdens otherwise 
imposed on carriers and their customers, particularly in rural areas. 
The Notice also asks for comment on how to assess the scope of CALEA-
related costs in this proceeding. Commenters are requested to submit 
cost calculations and analysis, and to identify any conditions or 
factors that may affect the FCC's ability to determine the true scope 
of CALEA-related costs. The Notice refers to the Federal-State 
Separations Joint Board cost recovery issues for carriers subject to 
Title II of the Communications Act.

              DECLARATORY RULING ON PUSH-TO-TALK SERVICES

    The companion Declaratory Ruling grants Law Enforcement's request 
in the Petition and clarifies that commercial wireless ``push-to-talk'' 
services are subject to CALEA, regardless of the technologies that 
Commercial Mobile Radio Service providers choose to apply in offering 
them. In a prior decision, the FCC ruled that push-to-talk ``dispatch'' 
services that are interconnected to the PSTN are subject to CALEA. In 
effect, such push-to-talk service is a switched service that is 
functionally equivalent to a combination of speed dialing and 
conference calling. If push-to-talk ``dispatch'' service otherwise does 
not interconnect to the PSTN, the FCC found that it is not subject to 
CALEA.
    Commercial mobile radio service providers are developing push-to-
talk services based on use of packet technologies. Some parties 
asserted that such push-to-talk service is offered over a closed 
network and therefore should not be subject to CALEA. The Declaratory 
Ruling notes that CALEA is technology neutral; therefore, the choice of 
technology that a carrier makes when offering common carrier services 
does not change its obligations under CALEA.

                               CONCLUSION

    As Chairman Powell noted in his statement on the CALEA Notice of 
Proposed Rulemaking and Declaratory Ruling: ``[The Commission's] 
support for law enforcement is unwavering.'' As the Chairman also 
noted, the FCC's tentative conclusions in the Notice with respect to 
new packet-mode services such as VoIP is expressly limited to the 
requirements of the CALEA statute and does not indicate a willingness 
on the FCC's part to regulate those services as traditional 
telecommunications services. CALEA and other important social 
obligations can and will be continued without imparting upon carriers 
the full litany of analog, monopoly regulation. Similarly, the FCC is 
not proposing to regulate under the CALEA statute ``non-managed'' VoIP 
services, such as Instant Messaging, in which the service provider has 
minimal or no involvement in the flow of packets during the 
communication.
    However, it is the FCC's unmistakable intent to ensure that LEAs 
have all of the electronic surveillance capabilities that CALEA 
authorizes to combat crime and terrorism and support Homeland Security. 
The FCC looks forward to developing a complete and comprehensive record 
before determining how best to proceed. The FCC will devote the 
necessary resources to expeditiously and responsibly complete this 
task.
    The FCC is also cognizant that the Congress is currently 
contemplating legislation that may address CALEA. The FCC would welcome 
Congressional guidance in this area that would bring added certainty to 
the industry and lessen the risk of litigation. The Commission stands 
ready to provide whatever technical assistance that the Congress would 
find helpful in this regard.
    I would like to thank you, Mr. Chairman, for the opportunity to 
appear before you today. This concludes my testimony and I would be 
pleased to answer any questions you or the other members may have.

    Mr. Upton. Thank you very much.
    At this point we are going to take a brief adjournment as 
we have a series of votes on the floor. My sense is that we 
will be back about 12 o'clock. So we will take a 30 minute 
recess. We will come back at 12, and we will start with Mr. 
Baker when we come back.
    Thank you.
    [Brief recess.]
    Mr. Upton. We will resume.
    I do not know. I guess the clock is still not working there 
at the table, but we'll resume. Is it working for them? There 
is a light on this side, and the light is out. So maybe that is 
the problem.
    Mr. Baker, welcome.

                  STATEMENT OF STEWART A. BAKER

    Mr. Baker. Thank you, Mr. Chairman, members. I am Stewart 
Baker here on behalf of the Telecommunications Industry 
Association.
    I am not here to suggest that wiretaps are not important or 
are not extraordinarily valuable for law enforcement. I used to 
be the General Counsel of the National Security Agency, and so 
I have some idea just how important it is to have good wiretap 
capability.
    What I am here to suggest though is that saying that it is 
important for law enforcement to have wiretap capability is 
just the beginning of the inquiry. Preventing highway deaths is 
an important thing as well, and we could prevent highway deaths 
if we had a 30 mile per hour interstate speed limit. We have 
not done that even though preventing highway deaths is really 
important. The reason is because the costs are simply too high 
of implementing such a stringent regulation, and I think our 
concern is that looking over what the FCC has proposed, they 
proposed the equivalent of a 30 mile per hour speed limit on 
the ability of industry to innovate.
    Ms. Parsky said all we want is for people to come in and 
consult with us, and the FCC has drafted a proposal that would 
create a vast regulatory machinery, enforcement machinery, that 
would enforce the requirement that people come in and consult.
    But if you consult and you don't have an answer that the 
FBI likes, we know that the next step will be to go to 
enforcement, and so at the end of the day, this is a permission 
slip process. You need permission to innovate, and if you don't 
have the permission of the government when you want to roll out 
a new product, you can expect a law enforcement lawsuit and 
perhaps a cease and desist order.
    That kind of tax on innovation is the biggest worry about 
the latest regulatory effort that law enforcement has launched 
here, and what I would suggest to the committee is that they 
take a look again at the way CALEA was written in the first 
place.
    CALEA said we are going to set a standard, a performance 
standard. You have to be able to provide access to 
communications, and you have to provide reasonably available 
call identifying information. It is up to industry to figure 
out how to get there, and if they do not get there, then the 
Justice Department can take the company to court as soon as it 
can show that it has actually lost capability in an important 
case where they could not find some other way to get the 
information.
    If they do that, then they will be able to impose penalties 
on the particular manufacturer and carrier that has not carried 
out its obligations. They have not brought any of those 
lawsuits, and instead they are proposing something that is a 
permission slip system.
    In fact, I think if we just implemented CALEA as it is 
written, law enforcement would achieve its needs without 
imposing a tax on innovation.
    I should say denying U.S. companies the ability to innovate 
without the permission of the Justice Department and the FBI 
does not mean innovation is going to stop. It just means it is 
going to happen someplace else, and in that regard, I would ask 
you to take a look at today's Wall Street Journal. The front 
page says, ``China's telecom forays squeeze struggling 
rivals,'' and if you look at the chart that goes with that, you 
will see that the telecom manufacturers in China, the largest 
one there, 5 years ago was one-fiftieth the size of Lucent or 
Nortel. Today it is half the size, and the quotes suggest that 
what people are really worried about is what they will be doing 
3 and 4 years from today in terms of their ability to penetrate 
this market.
    They will develop products. They will test them. They will 
decide which ones are going to succeed in the market and which 
ones will not. They will do it in China. They will do it in 
Europe. They will do it in Southeast Asia.
    And when they are ready, when they think, yes, this one 
will work, then they will bring those products to the United 
States, and they will sit down with the FCC and the FBI and the 
Justice Department and work out their CALEA obligations. U.S. 
companies though will not be able to do that unless they want 
to do their innovation abroad because they will not be able to 
try anything in a market until they have had the permission 
granted by the Justice Department and the FBI.
    That strikes me as a fundamentally inappropriate way to 
approach this problem.
    Thank you.
    [The prepared statement of Stewart A. Baker follows:]

        Prepared Statement of Stewart A. Baker on behalf of the 
                Telecommunications Industry Association

    Good morning. My name is Stewart Baker. Thank you for inviting me 
to testify today on behalf of the Telecommunications Industry 
Association (TIA). I am grateful for the opportunity to speak to you 
about the current status of law enforcement's ability to access new and 
ever-evolving communications systems, including broadband and Voice 
over Internet Protocol (VoIP) networks. TIA is a national trade 
association of 700 small, medium and large companies that provide 
communications and information technology products, materials, systems, 
distribution services, and professional services in the United States 
and around the world. In addition to representing its members on global 
policy matters, TIA is accredited by the American National Standards 
Institute, (ANSI), to develop American National Standards used by the 
industry. TIA also produces and co-owns SUPERCOMM, the largest annual 
communications industry conference and exhibition.
    Let me begin by stressing that all of us on this panel want the 
government to have the tools that it needs to fight crime and 
terrorism. As a former General Counsel of the National Security Agency, 
I recognize that it is crucial to give law enforcement those tools. In 
fact, several months ago, I testified before the 9/11 Commission on the 
need for more aggressive use of government authorities to gather anti-
terror information, and I cautioned about the risks of putting an undue 
emphasis on privacy concerns when pursuing terrorists. TIA also 
believes strongly that law enforcement needs to have the ability to 
conduct lawful surveillance of communications and to have lawful access 
to communications systems.
    So we all can agree that ensuring lawful law enforcement access to 
evidence is an important goal--as important as preventing highway 
deaths or ensuring clean air or workplace safety. But if we've learned 
anything in the last twenty-five years of regulatory history, it's that 
we can't turn off our brains once we are told that a new regulation 
will serve an important social goal. No matter how important the goals 
they serve, some regulations make sense and some don't. Some go beyond 
statutory mandates. Some impose burdens that are nowhere near being 
cost-effective, stifling new industries and sending jobs overseas. 
This, unfortunately, is the kind of regulation that the Justice 
Department and the FBI support imposing today.
    Of course law enforcement access is a good thing, at least when 
done within the law. But preventing highway deaths is also a good 
thing, and there's no doubt that we'd have fewer fatal accidents if the 
speed limit on interstate highways was lowered to 30 miles an hour. We 
won't do that, though, because the costs of such a regulation simply 
are not worth the added benefit. The same is true for wiretaps--except 
that today, there's a real risk that we will impose the wiretap 
equivalent of a 30 MPH speed limit on some of our most innovative and 
lucrative new industries.
    The risk of over-regulating and stifling innovation is a risk that 
was well recognized ten years ago when Congress drafted the 
Communications Assistance for Law Enforcement Act (CALEA). I was in 
government when much of this drafting was done. CALEA was the result of 
a compromise that gave law enforcement a very carefully limited role in 
influencing the course of future technologies. Congress rejected the 
idea that the federal government should design or even have a veto over 
the design of new technologies. Instead, it set forth a very limited 
performance standard for wiretap access that would apply to a limited 
portion of the telecommunications industry. The law left lots of room 
for innovation and initiative. Industry was free to decide how to meet 
the wiretap requirement--industry had the right to set its own 
standards, which would provide a presumptively valid safe harbor for 
compliance, and individual companies that didn't like the standard 
remained free to try something else if they thought they had a better 
idea. Telecommunications technologies could be freely deployed without 
government interference, even if they did not have a perfect wiretap 
solution. Law enforcement could sue a carrier that deployed such 
technologies, but the carrier could defend itself by showing that full 
wiretap capability was not reasonably achievable in its system, or by 
showing that law enforcement could get the same information elsewhere.
    TIA and its member companies rose to that challenge. TIA has led 
industry standards development efforts under CALEA, working jointly 
with the Alliance for Telecommunications Industry Solutions' Committee 
T1 to issue the leading CALEA compliance standard, J-STD-025, and the 
recent revision for packet-mode services, J-STD-025B. In fact, TIA 
member companies have gone well beyond what CALEA requires. For 
example, many companies that manufacture cable and Internet telephony 
hardware have already voluntarily built in intercept capabilities, 
despite uncertainty about whether CALEA applies to those services.
    Despite this effort, disputes have arisen about what CALEA 
requires. Rather than continue to follow the dispute resolution 
processes established by Congress in CALEA, however, the Justice 
Department has asked the FCC to overturn key aspects of that carefully 
balanced statute. And in its proposed NPRM, the FCC seems ready to 
accept the Justice Department's invitation. The NPRM oversteps the 
Commission's regulatory authority in serious ways. First, the FCC 
proposes to write an entire new regulatory program to interpret and 
enforce CALEA, something that was not thought necessary when CALEA was 
enacted, or during the ten years thereafter. Second, the FCC seems 
willing to set aside CALEA's insight that industry knows more than 
government about how to design new telecommunications equipment. Rather 
than continue to encourage the development of common industry standards 
for giving law enforcement access to call information, the Commission 
seems poised to restrict the role of industry standards in CALEA. 
Third, the Commission is considering regulation that would cut off all 
avenues by which carriers can receive compensation for government-
mandated network modifications--even going so far as to suggest that it 
may cut off reimbursements under a statute that the FCC has not 
interpreted, enforced, or administered for thirty-five years. Finally, 
TIA is concerned that the FCC will not allow adequate timelines for 
CALEA implementation.
    On the first point, the FCC proposes that it should have a role in 
enforcing manufacturers' and providers' CALEA compliance, even though 
the statute clearly places enforcement in the hands of lawsuits to be 
brought by the Justice Department. But the FCC, citing its general 
enforcement authority under the Communications Act, tentatively 
concludes that it should promulgate CALEA rules that can be enforced 
against all entities deemed subject to CALEA.
    The FCC's proposal is an end-run around the enforcement limits 
established in CALEA. Congress constructed a regime that gave carefully 
circumscribed enforcement power to the federal courts, and the 
Communication Act's general grant of authority to the FCC does not 
allow it to ignore the enforcement regime Congress established. In 
particular, the FCC's approach to implementing new enforcement 
regulations ignores the statutory defenses available to providers in 
enforcement actions. For example, in the enforcement regime established 
in CALEA, a company cannot be sanctioned unless law enforcement has no 
alternative method of getting the information it seeks through the 
enforcement action. Equally important, by threatening to use fines and 
cease-and-desist orders against noncompliant companies, the FCC will 
force innovators to get permission from the FCC and the Justice 
Department before deploying any new technology that falls into the wide 
grey zone created by the FCC's vague proposed regulations. An inventor 
who must get a government permission slip before trying out his 
invention is not likely to be first to market. While American 
innovators are still cooling their heels in Quantico, waiting to 
explain a new technology to the FBI Lab, their competitors in 
Singapore, China, Japan, and Europe will be manufacturing already. The 
U.S. market will end up a laggard, getting technologies after they've 
been sufficiently proven in the rest of the world to justify the 
engineering and lobbying costs needed to get an assurance of CALEA 
compliance.
    At bottom, it is important that any enforcement framework allow for 
flexibility. Often, there is no simple answer to the question of how 
CALEA should be implemented. Instead, decisions in this area require a 
sophisticated balancing of the costs and benefits of various 
approaches. The CALEA framework is driven by industry standards and 
consultation between industry and law enforcement. And this 
negotiation-based approach is well-suited to the complex environment of 
CALEA compliance. To replace this framework with a top-down regulatory 
enforcement approach within the FCC would merely add another burdensome 
lawyer of regulatory pressure to an already complex CALEA-compliance 
process.
    Second, TIA is concerned that in implementing its proposed CALEA 
rules, the FCC calls into question the sufficiency of the existing 
standards process, which has served as the backbone for industry 
compliance with CALEA. Industry-led standards development efforts are 
critical to the cost-effective and successful implementation of CALEA. 
Congress recognized the integral role of the standards process when it 
enacted CALEA. For example, when Congress had to make a choice between 
innovation and law enforcement control over CALEA compliance, Congress 
choose innovation, with its eyes wide open. Congress knew that the FBI 
wanted authority to oversee and even dictate the technical details of 
equipment manufacturers' CALEA-compliant solutions. But Congress 
rejected that approach, and instead enacted CALEA with a provision that 
prohibited law enforcement from requiring ``any specific design of 
equipment, facilities, services, features, or system configurations.'' 
(47 U.S.C.  1002(b)(1).)
    At the same time, in Section 107(a) of CALEA, Congress explicitly 
noted the special role it gave to industry in creating standards to 
meet CALEA obligations. Section 107(a) ``establishes a mechanism for 
implementation of the [CALEA] capability requirements that defers, in 
the first instance, to industry standards organizations.'' (H.R. Rep. 
No. 103-827, 1994 U.S.C.C.A.N. 3489, 3506 (1994).) But in order for 
this standards process to work effectively to address law enforcement's 
needs, industry needs to have the support of regulators. And right now, 
that support appears to be lacking. The FCC in its CALEA NPRM questions 
whether existing standards are deficient and whether it should only 
recognize standards produced by certain organizations.
    Further, law enforcement has been uncomfortable with the fact that 
CALEA gives the lead standards role to industry. Since CALEA was 
enacted, law enforcement has wanted to guide, if not dictate, the 
detailed CALEA solutions that industry may implement. While this has 
created considerable tension between law enforcement agencies and 
industry throughout the standards process, there is no evidence to 
suggest that industry standards participants have acted in anything 
other than good faith.
    In fact, TIA, its member companies, and other participants in TIA's 
standards activities have worked diligently--and cooperatively with law 
enforcement--for nearly a decade to adopt and improve CALEA standards 
and to ensure that law enforcement has access to appropriate, lawfully 
authorized electronic surveillance capabilities consistent with CALEA's 
statutory requirements. TIA's efforts led to the development of the J-
STD-025 series of CALEA compliance standards, created at the expense of 
thousands of hours of industry experts' time and months of meetings.
    Instead of scuttling the standards process altogether, law 
enforcement should be required to identify with specificity what 
aspects of what standards it is challenging, and the particular ways in 
which it deems the standards to be deficient. Industry should be given 
the opportunity to respond to law enforcement's concerns. Industry has 
demonstrated its responsiveness and diligence in developing standards 
in the past, and there is no reason to doubt that this level of 
cooperation will continue.
    A leading role for industry in CALEA standards-setting is essential 
to further Congress's goal ``to avoid impeding the development of new 
communications services and technologies.'' (H.R. Rep. No. 103-827, 
1994 U.S.C.C.A.N. 3489, 3493 (1994).) Industry is by far best situated 
to design CALEA compliance standards in a complex, rapidly changing 
technology environment. An industry-led standards process permits U.S. 
companies to press forward with technological innovation, which is one 
of the key drivers of the U.S. economy in recent decades. At the same 
time, an industry-led standards process affords industry appropriate 
lawfully authorized electronic surveillance capabilities for evolving 
communications technologies.
    The FCC also has suggested that perhaps CALEA standards should be 
set only by ANSI-accredited bodies. That is not what CALEA requires, 
and for good reason. TIA is an ANSI-accredited body, and it has written 
CALEA standards, so you might expect us to be comfortable with such a 
proposed limitation. But we are not. ANSI procedures call for consensus 
standard-making, and, in some instances, law enforcement has tried to 
use this requirement to defeat standards that all of industry has 
supported--by asking hundreds of sheriffs and local police to join the 
standards process at the last minute, for example, for the purpose of 
voting against the industry standard. In addition, an ANSI-
accreditation requirement would encourage harsh tactics, such as the 
FBI's (now abandoned) effort to revoke TIA's accreditation after TIA 
adopted a standard that the FBI did not accept.
    Third, TIA is concerned that manufacturers and service providers 
will be required to undertake expensive and burdensome network 
modifications in order to comply with CALEA under the FCC's proposed 
rules. Because the beneficiary of these changes are law enforcement 
agencies in the first instance and the general public in the last, one 
would expect that the cost of the changes would be carried largely by 
those parties. But the FCC's proposed rule puts the burden on industry, 
and it seems determined to make sure that there is no possibility of 
relief from the costs of CALEA. Instead, the FCC should reaffirm its 
previous conclusion that service providers may recover a reasonable 
share of CALEA costs that intercept law allows them to charge when 
carrying out a wiretap order. The principal mechanism for recovering 
those costs, Title III of the Omnibus Safe Streets and Crime Control 
Act of 1968, is far from the FCC's jurisdiction, and there is no need 
for the FCC to reach out now to determine that CALEA costs cannot be 
recovered under that statute.
    Finally, TIA urges a reasonable timeline for requiring compliance 
with whatever rules the FCC eventually promulgates. Regulators and law 
enforcement must understand that industry needs a reasonable compliance 
deadline that creates enough space for equipment manufacturers, like 
the TIA members, to design and develop CALEA solutions well in advance 
of their actual deployment in the market.
    In conclusion, I stress that, despite the crisis atmosphere 
fostered by the government, the Justice Department and law enforcement 
have never once used the enforcement powers that CALEA gives them. The 
only logical conclusion is that there has never been a single case--not 
one, not anywhere in the country, and not at any time in the last 
decade--in which the Justice Department thought it could prove that a 
carrier had failed to meet its CALEA obligation and that important 
evidence was being lost. Before throwing out CALEA as a failure and 
substituting a new FCC regulatory program that will slow innovation and 
saddle industry with heavy costs, we suggest that the government try 
using the tools that Congress provided ten years ago.

    Mr. Upton. Dr. Green.

                  STATEMENT OF RICHARD R. GREEN

    Mr. Green. Thank you, Mr. Chairman and members of the 
committee.
    I am Richard Green, President and CEO of Cable Television 
Laboratories.
    This committee has been at the center of the technical 
revolution which has brought progressive enhancements to 
communication in the United States. It has been my privilege to 
testify before you on previous occasions on subjects related to 
emerging technology.
    Today I appreciate the opportunity to testify on cable's 
leadership role in helping to facilitate law enforcement's 
legitimate access to voice over Internet protocol services. I 
speak to you today as a scientist who has devoted most of my 
professional career to the application of emerging technology.
    In addition, Cable Labs conducts and funds research and 
development projects to help cable companies plan for the 
future and applies technologies to meet customers' needs. It is 
our purpose to foster and develop technologies which will 
support the United States in a leadership role and innovation.
    Cable Labs was incorporated under the Cooperative Research 
Act. The act, which this committee played a key role in 
developing, encourages research and development among companies 
within an industry like the cable industry. I believe that we 
have been able to realize the potential of that act by, among 
other things, contributing to the development of a burgeoning 
broadband industry.
    Turning to that issue which is before you today, the 
PacketCable project at Cable Labs has issued specifications, no 
worldwide standards, supporting among other services telephone 
services using advanced voice over Internet technologies. These 
specifications not only provide compliance with CALEA, but also 
introduce innovative Internet protocol technologies to insure 
that the United States remains a leader in the competitive 
marketplace of the future.
    The cable industry has a history of cooperation with law 
enforcement. This was exemplified in the development of Cable 
Labs' PacketCable electronics surveillance specification 
developed during the period 1999 to 2004.
    In 1999, at the request of cable operators and with the 
assistance of cable equipment manufacturers, Cable Labs 
published the first VoIP lawful electronic surveillance 
specification. This initiative was a volunteer effort by the 
cable industry to address requirements outlined in CALEA.
    Law enforcement through the FBI and its contractors 
participated in the development of subsequent versions of that 
specification. These revisions reflect cable's willingness to 
work with law enforcement and to meet their needs even to the 
extent of adding additional capabilities and attendant costs to 
equipment.
    The most recent version of the PacketCable electronic 
specification was published this year on July 23. Mr. Chairman, 
this development means that in spite of the numerous 
technological differences and complexities of VoIP, law 
enforcement will receive the same type of information and call 
content for voice services placed over PacketCable networks as 
in calls made with traditional wire line telephones.
    Cable Labs has developed this technology not only to meet 
law enforcement's needs as addressed in CALEA, but also to 
address the public's privacy and security needs as mandated in 
the law. The devices and procedures in our specification are 
only activated pursuant to valid court orders and only gather 
information on the specific individual named in the court 
order.
    We take great pride in a recent FBI press release 
commending the cable industry for its work in addressing the 
electronic surveillance requirement of Federal, state, and 
local law enforcement agencies.
    In conclusion, Cable Labs and its member companies will 
continue our efforts to contribute innovative technologies to 
insure U.S. leadership in the world marketplace. We also look 
forward to continued cooperation with this subcommittee, the 
FCC, the FBI, the Department of Justice, and other Federal 
authorities in providing technical solutions to safeguarding 
our national security and the public's privacy and security 
needs.
    Thank you very much, and I'll be pleased to answer any 
questions you might have.
    [The prepared statement of Richard R. Green follows:]

 Prepared Statement of Richard R. Green, President and Chief Executive 
              Officer, Cable Television Laboratories, Inc.

                              INTRODUCTION

    Mr. Chairman, Mr. Markey, members of the subcommittee, I am Richard 
Green, President and CEO of Cable Television Laboratories, Inc. 
(CableLabs). It has been my privilege to testify before this 
subcommittee on previous occasions on subjects related to emerging 
technology. These topics have included High Definition Television in 
the 1980s, digital television, and broadband technologies in subsequent 
years. Today, I appreciate the opportunity to testify on cable's 
leadership role in helping law enforcement officials apply CALEA to 
modern digital telecommunications technologies. I am especially pleased 
to describe the industry's efforts--through CableLabs--to facilitate 
law enforcement's legitimate access to cable's Voice over Internet 
Protocol (VoIP) services.
    I speak to you today as a scientist who has devoted a great deal of 
his professional career to questions involving the application of 
digital technology. The experience I gained during four years as 
Director of the CBS Advanced Television Technology Laboratory, five 
years as Senior Vice President of Operations and Engineering of PBS, 
and fifteen years as CEO of CableLabs gives me a special appreciation 
for the technical perspectives of manufacturers, cable operators, cable 
equipment manufacturers, and the need to be responsive to law 
enforcement's requests.

                               CABLELABS

    CableLabs is a research and development consortium of cable 
television system operators serving North and South America. CableLabs 
conducts and funds research and development projects to help cable 
companies plan for the future and apply technology to meet consumers' 
needs. CableLabs was incorporated under the Cooperative Research Act. 
The Act, which this committee played a key role in developing, 
encourages research and development among companies within industries 
like the cable industry. I believe that we have been able to realize 
the potential of that Act by, among other things, contributing to the 
development of a burgeoning broadband industry, helping to spur the 
transition to digital TV, and facilitating the deployment of new 
digital services like VoIP.
    For example, 29 million American homes now enjoy high-speed 
Internet access connections, and 18 million of those homes are served 
by cable's high-speed data service. The specifications for 
substantially all the cable modems used in those homes were developed 
at CableLabs. In the past, computer users knew that they could buy a 
modem that would work on any phone line. Cable industry leaders wanted 
their customers to be able to buy their own cable modem at retail and 
be confident that it would work on any cable system in North America. 
Through CableLabs' DOCSIS ' (Data over Cable Service 
Interface Specification) project, that goal has been achieved. Cable's 
broadband service is providing an important new--and competitive--high-
speed data highway into American homes.
    The CableLabs process is open, cooperative, and as efficient as 
possible. We work to keep equipment development time to a minimum. We 
have pursued an approach similar to that used with cable modems to 
remove technical barriers for the deployment of telephone services over 
cable networks. The PacketCable project at CableLabs has issued 
specifications--now worldwide standards--supporting, among other 
services, telephone services using advanced voice over the Internet 
technologies. These standards go beyond compliance with CALEA but also 
introduce innovative Internet Protocol technologies to ensure that the 
United States remains a leader in the competitive marketplace of the 
future.

 CABLE HAS COOPERATED WITH LAW ENFORCEMENT ON CALEA AND VOIP SINCE 1999

    The cable industry has a history of providing law enforcement with 
the assistance it needs. This was exemplified in the development of 
CableLabs' PacketCable Electronic Surveillance Specification between 
1999 and the summer of 2004. PacketCable is a cable network 
architecture that allows a cable operator to provide guaranteed-quality 
VoIP as well as other services such as video games. In 1999, CableLabs' 
PacketCable project, at the request of cable operators and with the 
assistance of cable equipment manufacturers, published the first VoIP 
lawful surveillance specification.
    This specification was a voluntary effort by the cable industry to 
address CALEA in the event a cable operator's PacketCable service was 
deemed to be subject to CALEA. Law enforcement, through the FBI and its 
contractors, became involved in the development of subsequent versions 
of the PacketCable Electronic Surveillance Specification in 2001 with 
revisions to the specification published in 2003 and 2004. Each of 
these revisions reflects cable's willingness to work with law 
enforcement to meet law enforcement's needs--even to the extent of 
adding additional capabilities and attendant costs to equipment. The 
last version of the PacketCable Electronic Surveillance Specification 
was published on July 23, 2004, and provides solutions to all of the 
issues the FBI has identified with the previous versions of the 
specification. This now means that, in spite of technological 
differences and complexities, law enforcement will receive the same 
types of call identification and call content for calls placed over a 
PacketCable-compliant VoIP service as in calls made with traditional 
wireline telephones. (See Appendix I for a summary of the steps taken 
by CableLabs to develop the PacketCable specifications, 1999-2004.)
    CableLabs developed its lawful surveillance specification not only 
to meet law enforcement's needs as are addressed in CALEA but also to 
meet obligations regarding the public's privacy and security needs as 
required by the law. CALEA expressly states that a telecommunications 
provider must ensure that subscriber privacy and security are protected 
for telecommunications and call-identifying information not authorized 
to be intercepted. The devices and procedures in CableLabs' 
specification are only activated pursuant to a valid court order and 
only gather information on the specific individual named in the court 
order.
    The cable industry has met all of the FBI's needs with regard to 
VoIP. Specifically, CableLabs succeeded by July 2004 in resolving every 
issue on the FBI's ``wish list'' for CALEA compliance by cable's VoIP 
services, including:

 Subject-initiated conference calls--provides law enforcement with the 
        content of subject-initiated conference calls.
 Timing Information--allows law enforcement to correlate call 
        identifying information with call content.
 Subject-initiated dialing and signaling--provides law enforcement 
        with access to all subject dialing and signaling information 
        such as use of flash hook (call waiting) and feature keys.
 In band/out-of-band signaling--notifies law enforcement whenever 
        subject's service sends a tone or other network message such as 
        if a line is ringing or busy.
 Party Hold/Join/Drop--allows law enforcement to identify the active 
        parties to a subject-initiated call.
 Dialed Digit Extraction--provides law enforcement those digits dialed 
        by a subject during a call.
    Testing of cable equipment built to these specifications will begin 
in February 2005, and products that do not meet the latest version of 
the PacketCable Electronic Surveillance Specification will not be 
CableLabs' certified--nor are they likely to be purchased by cable 
operators.
    The success of the PacketCable Electronic Surveillance 
Specification is demonstrated in: (1) its being the only VoIP CALEA 
``Safe Harbor'' specification listed on the FBI's AskCALEA website; (2) 
its consideration by other VoIP-related organizations; (3) the FCC's 
public commentary noting cable's contribution to the lawful electronic 
surveillance of VoIP calls; and (4) the FBI's cooperation in, and 
contribution to, the specification's development and its subsequent 
positive comments on the specification and the CableLabs' process.
    The cable industry, through CableLabs, continues to provide 
technical assistance to law enforcement and has worked with the FBI on 
how law enforcement may collect the information it lawfully needs from 
subjects using PacketCable-based VoIP services. We take great pride in 
comments from a recent FBI press release in which Kerry Haynes, FBI 
Assistant Director for the Investigative Technology Division, states:
        [The latest version of the PacketCable Electronic Surveillance 
        Specification] is an extremely positive development for the 
        cable industry that ultimately will empower federal, state and 
        local law enforcement agencies with the technical capability to 
        continue to protect the public by effectuating court-authorized 
        electronic surveillance investigations. We look forward to 
        working with the industry in its development of technical 
        solutions based on this standard and with companies as they 
        implement those solutions into their IP networks.

 CABLE WAS THE FIRST BROADBAND PROVIDER IN 2004 TO COOPERATE WITH THE 
  FEDERAL COMMUNICATIONS COMMISSION ON APPLYING CALEA TO VOIP SERVICES

    The cable industry has long recognized that certain IP telephony 
services may become a replacement for some of the uses of traditional 
telephony, and that--at some point--providers of such services could 
reasonably be expected to provide efficient and effective means to 
allow law enforcement access to telecommunications over such 
services.1 For this reason, the cable industry, led by 
CableLabs and the member companies of NCTA, has voluntarily sought to 
comply with the substance of CALEA's requirements in developing its 
PacketCable architecture for VoIP. In particular, as I mentioned above, 
the industry has devoted substantial resources to developing several 
PacketCable Electronic Surveillance Specifications for use as ``safe 
harbors'' under 47 U.S.C.  1006(a)(2).2
---------------------------------------------------------------------------
    \1\ See H.R. Rep. No. 103-827, at 9 (1994) (``House Report'') 
(purpose of CALEA is ``to preserve the government's ability. . . to 
intercept communications involving advanced technologies'').
    \2\ The most recent version of the PacketCable Electronic 
Surveillance Specification is available at http://www.packetcable.com/
downloads/specs/PKT-SP-ESP-I03-040113.pdf. Prior versions, which 
provide safe-harbor protection to providers that have already installed 
equipment that is compliant with those versions, are available at 
http://www.cablelabs.com/specifications/archives/
---------------------------------------------------------------------------
    In 2004, the Department of Justice (DOJ) and Federal Bureau of 
Investigation (FBI) asked the Federal Communications Commission (FCC) 
to issue a declaratory ruling determining immediately--i.e., without 
awaiting the outcome of the Commission's rulemaking on IP-Enabled 
Services 3--that CALEA applies to various kinds of IP 
telephony (``Broadband Telephony'') as well as to cable modem service 
and other forms of high-speed Internet access (``Broadband Access''). 
In their submissions to the FCC, most communications industries urged 
the Commission to reject the Administration's requests--except for the 
cable industry.
---------------------------------------------------------------------------
    \3\ IP-Enabled Services, Notice of Proposed Rulemaking, WC Docket 
No. 04-36, FCC 04-28 (rel. Mar. 10, 2004) (``IP-Enabled Services 
NPRM'').
---------------------------------------------------------------------------
    Cable companies--through their trade association, NCTA--took a 
different position. They supported the issuance of a declaratory ruling 
by the FCC that providers of Broadband Telephony are properly viewed as 
``telecommunications carriers'' for purposes of CALEA, subject to two 
qualifications. First, the FCC should include within the scope of its 
ruling all similarly-situated providers of Broadband Telephony, 
including services like Vonage and AT&T's CallVantage. Second, the 
Commission should make clear that, when services like Vonage and AT&T's 
CallVantage are provided over the facilities of cable operators or 
other companies, the responsibility for complying with CALEA lies with 
the Broadband Telephony provider, not the facilities owner.
    In addition, NCTA supported the issuance of a Notice of Proposed 
Rulemaking (NPRM) addressing whether Broadband Access should be made 
subject to CALEA in due course. The ultimate decision on the merits 
here, however, raises more complex issues. Until now, there has never 
been substantial reason to expect that cable modem service might ever 
be subjected to CALEA. Thus, there has been little investigation or 
debate concerning the public policy and law enforcement objectives in 
developing of CALEA-related technical requirements for the equipment 
that cable operators use to provide the service. However, the cable 
industry and CableLabs will continue to work with the United States 
Government to ensure that law enforcement is able to access lawfully 
the information needed to safeguard our national security.
    In response to the joint DOJ/FBI petition, the FCC recently 
commenced a rulemaking on CALEA compliance issues. It tentatively 
concluded that most VoIP services would be subject to CALEA--
essentially echoing the cable industry's legal rationale. It also 
tentatively concluded that Broadband Access should be subject to CALEA. 
Cable companies and the NCTA will submit their own individual comments 
on the specifics of such a proposal to the FCC.

                               CONCLUSION

    CableLabs and its member companies--who also belong to NCTA--look 
forward to continued cooperation with this subcommittee and other 
Federal authorities in safeguarding our national security. I would be 
pleased to answer any questions you might have.

                               Appendix I

     SUMMARY OF THE DEVELOPMENT OF CABLELABS' LAWFUL SURVEILLANCE 
       ARCHITECTURE WITHIN THE PACKETCABLE SPECIFICATION FOR VOIP

I. First Version Published December 29, 1999
  a. Drafted at CableLabs members' request in the event VoIP (using 
        cable's PacketCable architecture) was deemed to be subject to 
        CALEA.
  b. Developed by MSOs, cable equipment manufacturers pooling their 
        intellectual property and MSO legal community.
  c. Established basic surveillance needs:
    i. Demarcation point between MSO and law enforcement (delivery of 
            call content and call identification from the MSO to law 
            enforcement).
    ii. Delivery Function (in which the copied packets are delivered to 
            law enforcement's Collection Function).
    iii. Intercept Access Points within the PacketCable Architecture.
    iv. Basic capabilities for delivery of VoIP call information and 
            VoIP call content to law enforcement.
II. Second Version Published August 15, 2003
  a. June 2001--The FBI became involved and submitted engineering 
        changes to the PacketCable Lawful Surveillance Specification.
  
  b. November 2001--CableLabs forms a focus team of cable equipment 
        manufacturers to address the FBI's requested changes and 
        resolve technical issues with the first version of the 
        specification.
  c. New capabilities added:
    i. Law enforcement receives information on subject initiated 
            signaling (signals such as number dialed, flash hook, 
            feature keys).
    ii. Law enforcement receives information on network initiated 
            signaling (such as call connection and hang up).
III. Third Version Published January 13, 2004
  a. Addressed additional FBI engineering change requests submitted 
        just prior to the publication of the second version of the 
        specification.
  b. Addressed minor technical issues within the second version of the 
        specification.
  c. Coordinated specifications information for the Delivery Function--
        Collection Function Interface.
  d. New capabilities added:
    i. Report of IP specific ``call data'' to law enforcement for trap 
            and trace and pen register.
    ii. Three-way calling information.
    iii. All relevant punch list items met save some conference call 
            information and dialed digit extraction (collection of 
            numbers called after call was initiated, such as PIN 
            numbers).
IV. Fourth Version Published July 23, 2004
  a. MSO push to support solutions to collection of all FBI requested 
        conference call information and collection of digits dialed 
        after call is initiated (dialed digit extraction).
  b. FBI provided a list of specific comments to the current 
        specification in May, 2004.
  c. Dialed Digit Extraction solution reached by adding additional 
        capabilities, at additional cable operator cost, to the 
        Delivery Function.
  d. New Capabilities:
    i. Dialed Digit Extraction.
    ii. Party Hold/Join/Drop (knowing when someone joins a conference 
            call, leaves a conference call or goes on hold).
    iii. Transcoding between the Delivery Function and the Collection 
            Function.
                1. Translation of the many codecs (means of translating 
                packets into voice) that cable operators use or may be 
                used to just a few codecs.
                2. Lessens the number of codecs law enforcement needs 
                to support (helpful for rural law enforcement with 
                small budgets).
                3. FBI originally wanted to limit the number of codecs 
                cable operators may use. This CableLabs' solution 
                allows for future growth and technological change while 
                meeting law enforcement's needs.
  e. Punch List Items are now all addressed:
    i. Subject-initiated conference calls--provides law enforcement 
            with the content of subject-initiated conference calls.
    ii. Timing Information--allows law enforcement to correlate call 
            identifying information with call content.
    iii. Subject-initiated dialing and signaling--provides law 
            enforcement with access to all subject dialing and 
            signaling information such as use of flash hook (call 
            waiting) and feature keys.
    iv. In band/out-of-band signaling--notifies law enforcement 
            whenever subject's service sends a tone or other network 
            message such as if a line is ringing or busy.
    v. Party Hold/Join/Drop--allows law enforcement to identify the 
            active parties to a subject-initiated call.
    vi. Dialed Digit Extraction--provides law enforcement those digits 
            dialed by a subject during a call.
  f. Testing of equipment to begin February 2005:
    i. Products that do not meet the latest version of the PacketCable 
            Electronic Surveillance Specification will not be CableLabs 
            certified.
    ii. Cable operators prefer to buy CableLabs-certified equipment.

    Mr. Upton. Thank you.
    Mr. Dempsey.

                  STATEMENT OF JAMES X. DEMPSEY

    Mr. Dempsey. Mr. Chairman, members of the subcommittee, 
good afternoon. Thank you for this opportunity to testify.
    Mr. Chairman, nobody denies the interests of the government 
in being able to intercept terrorist communications. These are 
obviously extremely important. Let us even assume that they are 
paramount. Let us assume that they trump all other public 
policy interests. Forget about privacy; forget about cost, 
innovation, competition, network security.
    Even if we assume that law enforcement and national 
security interests are the only interests at stake, if you look 
at the record, you would have to conclude that CALEA is not the 
right statute for addressing law enforcement interests in 
accessing the Internet and that the FBI is not the right agency 
to be regulating the design of information and services and 
Internet access.
    Now, I am happy to discuss at length the language and 
intent of CALEA. Congress was as clear as it could be in CALEA 
that it did not apply to the Internet, that it was intended for 
the circuit switched world of the PSTN. Congress used not only 
a belt in saying that CALEA applied only to telecommunications 
common carriers, but it used suspenders as well and said that 
information services and Internet services were exempt from 
CALEA.
    It then used some safety pins and said that even if 
Internet services became a replacement for a substantial 
portion of the traditional telephone network, it was still 
excluded from CALEA.
    The FCC issued an NPRM last month and was so results 
oriented because it was so focused on this compelling interest 
of fighting terrorism that it decided to ignore the statutory 
language. Three of the five Commissioners filed separate 
statements indicating doubts about whether the Commission's 
rationale would withstand scrutiny.
    But let's leave aside even the question of statutory 
interpretation. Let's focus on the record of CALEA 
implementation in the plain, old telephone network, which was 
supposed to be the easy part.
    The Department of Justice's own Inspector General found in 
a report issued in April this year, ``deployment of CALEA 
technical solutions for electronic surveillance remains 
significantly delayed. Most of the authorized funds have been 
depleted. Even by the FBI's own estimate, hundreds of millions 
of dollars more are needed.''
    Most troubling, the IG said, ``CALEA compliance software 
has been activated on only 10 to 20 percent of wire line 
equipment,'' and the IG found the FBI was unable to demonstrate 
the extent to which lawful electronic surveillance has been 
adversely impacted by the lack of CALEA implementation. In 
other words, they could not show whether this delay in 
enforcement or implementation of CALEA made any differences.
    What went wrong? CALEA, when it was enacted in 1994, was 
filled with checks and balances. It was a very nuanced statute, 
but it has become a straightjacket. The way it has been 
interpreted by the FCC, it has given the FBI the ability to 
design and dictate very specific capabilities, very specific 
features to be built into the public switched network in ways 
that Congress never contemplated.
    Stewart Baker is the one who coined the phrase ``because of 
CALEA the FBI has become a telecom regulatory agency.'' FBI 
Director Freeh in 1994 came before Congress and said that CALEA 
was not intended to create a location tracking capability for 
cell phones. As soon as that legislation was passed, the FBI 
came to the industry and said, ``We want you to build in a 
location tracking capability.'' And they got it. The FCC gave 
it to them.
    The Director said we only want to get dialed number 
information on pen registers. After the legislation was 
enacted, the FBI came back and said, ``No, we want to know 
every time a party goes on hold. We want to know whether the 
phone rang or had a busy signal.'' The FCC ordered that those 
features be built in.
    The FBI said they only wanted to preserve their traditional 
surveillance capabilities. After the legislation was enacted, 
they came back and said, ``We want to have the ability on a 
conference call to identify every separate party,'' even though 
they admitted that that was not a capability that they had had 
in the traditional telecom environment.
    Now, how do we go forward? The first step has to be to 
create a factual record, to identify what are the specific 
problems. The 101 page NPRM of the FCC has absolutely no 
factual discussion of what are the problems. The FBI's petition 
has three conclusory sentences. Somebody needs, and I think it 
has to be on the public record; I think this committee has a 
role in it; needs to dig in on those facts and find out what 
the problems are.
    Second, the solution has to be consistent with the 
decentralized and innovative architecture of the Internet. 
There may be some very simple solutions out there. The so-
called trusted third party model has been put forward. There 
are actually companies now who have the ability to analyze 
Internet communications and deliver them to law enforcement. 
Why can't law enforcement simply acquire that capability 
itself?
    Mr. Chairman, you alluded in your opening statement to 
partnership. CALEA was intended as a partnership. It has not 
worked out that way. Here we have the cable industry currently 
not subject to CALEA out there developing a standard and 
cooperating with industry. I think there is a pretty good bet 
that if they were brought under the requirements of CALEA, the 
FBI would find something wrong with that standard and would ask 
for even more and would constantly go back.
    That is what delayed implementation of CALEA. The FBI could 
have had 90 percent of the capability they were seeking 4 or 5 
years ago, but instead they kept driving for this 100 percent 
concept every little additional piece, and we are left now with 
CALEA not even fully implemented for the traditional telephone 
network.
    My organization, the Center for Democracy and Technology, 
is happy to work with the committee to work through these 
issues, to try to build this factual record, to try to drill 
down and to develop solutions that are appropriate to the 
Internet.
    Thank you, Mr. Chairman.
    [The prepared statement of James X. Dempsey follows:]

Prepared Statement of James X. Dempsey, Executive Director, Center for 
                  Democracy & Technology 1
---------------------------------------------------------------------------
    \1\ The Center for Democracy and Technology is a non-profit, public 
interest organization dedicated to promoting civil liberties and 
democratic values for the new digital communications media. Our core 
goals include enhancing privacy protections and preserving the open 
architecture of the Internet. Among other activities, CDT coordinates 
the Digital Privacy and Security Working Group (DPSWG), a forum for 
computer, communications, and public interest organizations, companies 
and associations interested in communications privacy and security 
issues.
---------------------------------------------------------------------------
    Chairman Upton, Congressman Markey, and Members of the 
Subcommittee, thank you for the opportunity to testify today.
    Especially in the face of terrorism, the question of law 
enforcement access to communications systems is vitally important. 
However, the Justice Department and the Federal Communications 
Commission are trying to force the Internet into a 20th century mold. 
In terms of innovation, cost, privacy, network security, and national 
security, this is the wrong approach. Instead of making the Internet 
look like the telephone system of the past, the FBI and other law 
enforcement agencies need to acquire in-house capabilities to analyze 
digital communications. They should use the Internet, not try to 
control it. Keeping pace with technology should not require slowing it 
down.

Law Enforcement Mandates Designed for the Telephone Network Are Not 
        Suited--Nor Are They Needed--for the Internet
    To understand why the Justice Department's approach is unnecessary, 
unwise and unlikely to be effective, think of the ways in which the 
Internet is different from the traditional telephone network of the 
past. In the old days, when law enforcement agencies first started 
lawfully wiretapping telephones, the Ma Bell monopoly owned and 
controlled the entire network, right down to the phone on your desk. 
Such a centralized system was reliable, but it was limited. Innovation 
was discouraged. Competition was essentially non-existent. Prices were 
regulated but relatively high, and usage was cautious.
    Now consider the Internet. It is open, competitive, decentralized. 
It supports a multiplicity of applications, not only voice, but also 
photography, data, and video. It supports one to one, many to one, and 
one to many communication. It pushes control to the edges, giving users 
far more choices then they ever had. It has no gatekeepers. It 
intermeshes wireline, wireless, cable and satellite. It is innovative, 
inexpensive, and global. Education, commerce, medicine and government 
have reaped the benefits.
    In the context of today's hearing, the Department of Justice 
complains about the Internet's diversity, but in many ways the digital 
age is the age of surveillance. More personal information than ever 
before is transmitted, collected and stored in electronic form. In many 
ways, law enforcement has embraced the digital revolution. Every year, 
the number of wiretaps goes up. Undercover agents lurk in Internet 
chats. Police track suspects through cell phones and reconstruct past 
movements from EZ Pass logs. The FBI can plant on your computer a 
keystroke monitor to copy letters you never send. Agents seize computer 
disks holding information that would fill truckloads if printed out. 
Voluminous dialing records are analyzed by computer. Conversations 
intercepted in New York are shipped across country for translation. A 
computer in Russia can be searched from the US.
    So despite some of the dire rhetoric you may hear, the Internet is 
already tappable today, both legally and from a technical standpoint. 
The government has full legal authority to tap broadband Internet 
access and Internet communications of all kinds. The government also 
has all the legal authority it needs to compel broadband access 
providers and Voice over Internet Protocol (``VoIP'') service providers 
to cooperate with court orders for interception. 18 U.S.C.  2518(4). 
And from a practical standpoint, law enforcement agencies currently 
have and in the foreseeable future will continue to have the capability 
to intercept communications over broadband. In some ways, interception 
may be less convenient, in that law enforcement may have to go to 
different entities to obtain content and routing information. And given 
the diversity of services, the information will come in different 
formats and law enforcement will have to work harder to determine what 
it is intercepting. In other ways, however, Internet surveillance will 
be easier, in that the digital nature of communications makes them 
easier to analyze, store, and retrieve. Last year, for example, 
according to the government's official Wiretap Report, out of 1,442 
authorized wiretaps nationwide, the ``most active'' was the 
interception of a broadband Internet line.2
---------------------------------------------------------------------------
    \2\ ``Report of the Director of the Administrative Office of the 
United States Courts on Applications for Orders Authorizing or 
Approving the Interception of Wire, Oral, or Electronic 
Communications,'' issued April 30, 2004, available at http://
www.uscourts.gov/wiretap03/contents.html.
---------------------------------------------------------------------------
    The only question--and it is a big question--is whether additional 
authority is needed for the government to insert certain features into 
Internet services to make them easier to tap. Answering that question 
requires, first, a detailed, technical inquiry into whether there are 
any problems associated with Internet surveillance. It then requires a 
detailed, technical exploration of how those problems can be solved, 
with consideration of the various costs and risks of different 
solutions. Throughout, it is important to keep in mind the ways in 
which the architecture of the Internet is different from the 
traditional telephone network.

CALEA Was Designed for the Traditional Public Switched Telephone 
        Network
    In the 1990s, Congress conducted such an inquiry with respect to 
the public switched telephone network. It found that there were some 
problems posed by then relatively new technology in the PSTN, and it 
concluded that the solutions lay in redesign of the central office 
switches of the telephone companies. The result was the Communications 
Assistance for Law Enforcement Act (``CALEA'').
    CALEA is a 20th century statute for 20th century technology. CALEA 
was designed for the centralized, relatively monopolized, and circuit 
switched world of the traditional telephone common carriage--entities 
already subject to a range of regulatory burdens. The proposed solution 
focused on central office switches. That is where the documented 
problems were. The carriers operating those switches used for routing 
and billing purposes the information they thought the government 
wanted. The switch manufacturers thought it would be relatively easy to 
build in the ability to meet the government's requests as they were 
described in the legislative hearings.
    CALEA has not worked all that well even for the PSTN--the 
government ended up demanding a lot more functionality, including 
features not available with the traditional wiretaps--but the Internet 
is fundamentally different from the PSTN and requires a different 
approach.
    Congress was crystal clear--CALEA was not intended for the 
Internet. To make this point, Congress took not merely a belt and 
suspenders approach, but added safety pins as well. It said that CALEA 
applied only to common carriers, and only to the extent that they are 
providing telecommunications services. It excluded information 
services, and it said that even if an information service became a 
substantial replacement for the PSTN in a particular region, it would 
still be excluded from the requirements of CALEA.
    At the time, the term ``information services'' was shorthand for 
the Internet and the applications running over it (among other 
services). The term ``information services'' was broadly defined to 
cover current and future advanced software and software-based 
electronic messaging services, including email, text, voice and video 
services. Narrowband Internet access and Internet applications like 
email fit squarely within the definition. As the broadband Internet has 
evolved, it continues to be outside the scope of telecommunications 
common carriage, and Internet-based telephony services, like all other 
Internet applications, fit squarely within the definition of 
information services.
    The legislative history confirms the plain meaning of the statute. 
The Committee Report states that CALEA obligations ``do not apply to 
information services, such as electronic mail services, or on-line 
services, such as CompuServe, Prodigy, America On-line or Mead Data, or 
Internet service providers.'' Telecommunications Carrier Assistance to 
the Government, H.R. Rep. 103-827(I), at 23 (Oct. 4, 1994) (``House 
Report''). As the FBI Director testified, CALEA was ``narrowly focused 
on where the vast majority of our problems exist--the networks of 
common carriers, a segment of the industry which historically has been 
subject to regulation.'' 3
---------------------------------------------------------------------------
    \3\ Testimony of Louis Freeh before the Joint Hearing of the 
Technology and Law Subcommittee of the Senate Judiciary Committee and 
the Civil and Constitutional Rights Subcommittee of the House Judiciary 
Committee, Mar. 18, 1994, available at http://www.eff.org/Privacy/
Surveillance/CALEA/freeh_031894_hearing.testimony.
---------------------------------------------------------------------------
    Reading the statute and legislative history, both the FCC itself 
and the D.C. Circuit in the past held that CALEA does not apply to the 
Internet. In 1999, the FCC concluded that information services ``such 
as electronic mail providers and on-line service providers'' are exempt 
from CALEA. In the Matter of Communications Assistance for Law 
Enforcement Act, Second Report and Order, 15 FCC Rcd 7105, at  26 
(1999). The D.C Court of Appeals stated, ``CALEA does not cover 
`information services' such as email and internet access.'' United 
States Telecom Ass'n v. FCC, 227 F.3d 450, 455 (D.C. Cir. 2000).
    The FCC has recently issued a Notice of Proposed Rulemaking, 
tentatively concluding that CALEA should apply to broadband Internet 
access and ``managed'' Voice over Internet Protocol (``VoIP'') 
services. The NPRM is purely results-oriented. The Commission looked at 
the urgency of the terrorist threat, and jumped straight to the 
conclusion that CALEA should be extended to the Internet. To do so, it 
admitted that it was ignoring the language of the Act and contradicting 
its own earlier decisions about the regulatory status of broadband 
access. Three Commissioners hinted in separate statements that the 
Commission's rationale would not withstand judicial scrutiny.
Congress Needs to Conduct a Factual Inquiry
    The first step in responding to the arguments of the Department of 
Justice must be a clear showing of need: what are the problems that law 
enforcement is encountering? In the early 1990s, during the George H.W. 
Bush Administration and then in the Clinton Administration, when the 
FBI began complaining that technological changes in the PSTN were 
interfering with law enforcement's ability to carry out wiretaps, 
Congress refused to adopt a sweeping regulatory mandate. Instead, 
Congress insisted first and foremost on a factual inquiry into what 
exactly were the problems being encountered by law enforcement. 
Hearings were held. The General Accounting Office conducted two 
studies. The FBI surveyed its field offices twice. Industry and law 
enforcement convened action teams to study the concerns of law 
enforcement and possible solutions. At the end of the process, industry 
representatives agreed that new technologies were defeating law 
enforcement surveillance. Some of the problems had to do with features 
such as call forwarding and speed dialing. Others had to do with the 
transition to multiplexed lines and fiber optic cables. Most had to do 
with the lack of sufficient capacity on switches to simultaneously 
accommodate a large number of intercepts.4
---------------------------------------------------------------------------
    \4\ Telecommunications Carrier Assistance to the Government, H.R. 
Rep. 103-827(I) at 14-16 (Oct. 4, 1994).
---------------------------------------------------------------------------
    In 2004, the DOJ/FBI petition and the FCC's 101 page NPRM are 
devoid of any factual discussion of problems justifying extension of 
CALEA. In the 1990s, when arguing for CALEA, the FBI Director talked 
about a de facto repeal of the wiretap laws. The lack of capacity to 
accommodate multiple intercepts on wireless switches, which accounted 
for the majority of problems documented in the 1990s, represented a 
complete shutout for law enforcement. But in the Internet context, the 
FCC's recent NPRM refers to problems such not getting exactly the same 
information on broadband communications that is available in the PSTN, 
or not having the information delivered in a familiar format. These are 
not the magnitude of problem that justified Congress adopting CALEA for 
the already well-regulated telecommunications common carriers--they 
surely do not justify a regulatory mandate for the Internet. Is there a 
problem of not having access at a single point to all features and 
services used by a surveillance target? Even with respect to the PSTN, 
CALEA was not intended to guarantee one-stop shopping for law 
enforcement. Are there difficulties in determining which service 
provider or which kinds of services a particular suspect is using? If 
so, that seems to be an unavoidable byproduct of the diversity of 
services that our telecommunications policy has wisely fostered, not a 
problem requiring design mandates.
    The second step should be a showing of what would a design mandate 
for the Internet look like. In this regard, Congress would have to be 
very careful and insist on more specificity than it did in 1994. In 
applying CALEA to the PSTN, the FCC adopted an elastic interpretation 
of CALEA's definitions, requiring carriers to build into their systems 
surveillance features that went beyond what had been available to law 
enforcement in traditional systems. For example, the FCC gave five 
different meanings to the word ``origin'' in the definition of ``call-
identifying information.'' 5 Such flexibility applied to the 
Internet could produce endless demands.
---------------------------------------------------------------------------
    \5\ ``Origin'' refers, of course, to the phone number of the party 
initiating a call. The FCC ruled, however, that ``origin'' also means 
the signal indicating that a call is waiting, Third Report and Order, 
In the Matter of Communications Assistance for Law Enforcement Act, 14 
FCC Rcd 16794 (1999)  82; use of the flash key on the telephone to 
switch back and forth between two established calls, id.; putting a 
party on hold, id.  74; and the location of a wireless phone caller at 
the beginning and end of a call, id.  44.
---------------------------------------------------------------------------
    In some ways, the debate today is reminiscent of the encryption 
debate of 10 years ago. Law enforcement agencies felt threatened by 
encryption. They thought it meant terrorists and drug dealers could 
communicate in perfect confidentiality. The government argued that 
encryption had to be ``dumbed down'' or built with backdoors for easy 
government access. After a long debate, Congress and the Administration 
decided that the technology should not be controlled. Law enforcement 
and intelligence agencies adjusted. Beginning with the 2000 Wiretap 
Report, the government has been required to report on whether 
encryption was preventing law enforcement officials from obtaining the 
plain text of communications intercepted pursuant to the court orders. 
So far, the government has not reported a single wiretap frustrated by 
encryption. In 2003, no federal agencies conducting wiretaps reported 
that encryption was encountered. For state and local jurisdictions, 
encryption was reported to have been encountered in one wiretap in 
2003; however, the encryption was not reported to have prevented law 
enforcement officials from obtaining the plain text of communications 
intercepted.

CALEA Has Not Been Very Successful Even as Applied to the PSTN
    Even as applied to the relatively centralized PSTN, CALEA has not 
worked well. The FBI and DOJ admitted as much in their petition to the 
FCC. Indeed, their petition was almost schizophrenic: the first half 
argued that the Internet should be brought within the regulatory scheme 
of CALEA while the second half laid out a litany of delays, confusion 
and controversy under CALEA as applied to the PSTN.6 The DOJ 
and FBI stated that the CALEA implementation process ``is not 
working.'' Petition, at 38. They cited ``problems and delays,'' id. at 
53; a ``seemingly endless cycle of extensions that have consistently 
plagued the CALEA compliance process,'' id. at 55; and more ``problems 
and delays,'' id.
---------------------------------------------------------------------------
    \6\ Joint Petition for Rulemaking to Resolve Various Outstanding 
Issues Concerning the Implementation of the Communications Assistance 
for Law Enforcement Act, FCC RM-10865 (filed Mar. 10, 2004).
---------------------------------------------------------------------------
    This record of disfunctionality is confirmed by a report by the 
Office of the Inspector General (OIG) of the U.S. Department of 
Justice, issued on April 7, 2004. The OIG's biannual audit, mandated by 
CALEA, evaluates the progress of CALEA compliance, and finds broad 
problems. The report notes that costs of CALEA for the PSTN have been 
much higher than Congress anticipated. ``Most troubling, according to 
FBI estimates, CALEA compliant software has been activated on only 10 
to 20 percent of wireline equipment.'' The report also shows that the 
FBI's insistence on it ``punchlist'' has caused enormous problems 
within the CALEA standards setting efforts of industry. Most 
remarkably, the report finds that the FBI ``was unable to demonstrate 
the extent to which lawful surveillance has been adversely impacted by 
the lack of CALEA implementation.'' 7
---------------------------------------------------------------------------
    \7\ ``Implementation of the Communications Assistance for Law 
Enforcement Act by the Federal Bureau of Investigation,'' available at 
http://www.usdoj.gov/oig/audit/FBI/0419/final.pdf.
---------------------------------------------------------------------------
    Simply put, CALEA has proven to be a flawed statute. As to why, 
there is probably enough blame to go around. One key factor is that, 
contrary to Congress' intent, the FBI exercised de facto power to 
impose specific design mandates on the PSTN, and it used this power to 
impose on industry surveillance features that not only went beyond the 
capabilities of the traditional telephone system but that could have 
been procured by law enforcement itself for less expense. For example, 
the FCC imposed at least $120 million in costs on industry to obtain 
one feature known as ``dialed digit extraction,'' which requires local 
exchange carriers, after call set-up, to reach into the content of the 
communications and extract additional dialed numbers, such as the 
numbers called on a long distance calling card. The FBI could have 
obtained the information it wanted by going to the providers of long 
distance services, but it wanted to obtain the information more 
conveniently through the local phone system. Indeed, the FBI could have 
purchased the extraction devices itself and attached them as necessary, 
a solution that the FBI itself estimated would cost no more than $20 
million a year, but instead the FBI insisted that all carriers install 
them on all switches.

Going Forward: Meeting Law Enforcement Needs in a Way Suited to the 
        Decentralized, Innovative Internet
    Clearly, a different approach is needed for the Internet. As we 
suggested at the outset, that solution must take into account the 
decentralized, innovative, user-controlled nature of the Internet.
    There are three possible approaches: One is the internal approach 
of CALEA, which DOJ is proposing to impose on the Internet, requiring 
extensive standards processes, detailed specifications, and FCC 
enforcement to require access providers and service providers to build 
capabilities into their equipment and software. The second is what the 
FCC refers to as the ``trusted third party'' approach, in which a 
service bureau sits between the service provider and the law 
enforcement agency, analyzing packets, extracting signaling 
information, and formatting it for the convenience of law enforcement.
    There is a third approach, which is suggested by the service bureau 
model: Instead of forcing industry to redesign its products and 
services to meet government specifications, law enforcement should 
itself develop (or acquire from the service bureaus) the capabilities 
to analyze packet communications. In other words, law enforcement 
should develop the capability to extract call-identifying information 
from packet streams. Even CALEA only requires carriers to deliver call-
identifying information to law enforcement--it imposes no formatting 
requirements on service providers. Moreover, the government will have 
to develop the capability to analyze packets in-house anyhow, because 
it will have to be able to deal with sophisticated criminals who can 
entirely avoid service providers and communicate directly and with 
custom-built protocols. Perhaps Congress should appropriate additional 
funds to the FBI to keep pace with technology in this way and to 
support state and local law enforcement efforts to do the same.
    This third approach--a fundamentally non-regulatory approach--
illustrates how the assumptions that applied to CALEA in the PSTN are 
probably inapplicable to the Internet. The Internet may not need a 
detailed technical standard the way the circuit switched environment 
does. The call processing technology that once existed solely in the 
control of the monopolistic telephone company is now available from 
third parties. This approach also has the advantage of being consistent 
with the ``layered'' nature of the Internet's architecture. Arguably, 
the focus of interception should be at the transport layer, not at the 
application layer, and the provider of transport services should be 
obligated only to isolate and deliver to law enforcement the data 
stream associated with a particular subscriber. This could be coupled 
with technical and legal audits to ensure that the government is only 
recording what it is legally authorized to intercept.

Conclusion
    Congress has taken a relatively non-regulatory approach to the 
Internet and has refrained from applying to the Internet common 
carriage status and other regulatory burdens applied to telephone 
companies. The Internet's rapid growth and innovation attest to the 
wisdom of this policy. We are now in a time of transition from the 
narrowband, dial-up Internet of the past to the broadband Internet. The 
high speed Internet access available via cable modem and digital 
subscriber lines (DSL) is capable of carrying voice communications of 
high quality, as well as numerous other applications. This is precisely 
the wrong time to shoe-horn the Internet into the telecommunications 
regulatory structure.
    The Internet and applications like Voice over Internet Protocol 
(VoIP) services are different from traditional telecommunications 
services, so significantly different that they have not been and should 
not be regulated under the traditional regulatory framework for 
telecommunications. For reasons that are still valid today, the 
Internet and Internet applications were not included in the regulatory 
mandates of CALEA. After an in-depth factual inquiry in the early 
1990s, Congress focused on specific problems law enforcement agencies 
were encountering in carrying out surveillance in the PSTN. With CALEA, 
Congress imposed design obligations on already heavily regulated 
telecommunications common carriers. Congress expressly excluded the 
Internet from those design mandates, not only because it was committed 
to the non-regulatory approach, but also because it found no problems 
on the Internet, and because it was uncertain of how surveillance 
mandates would translate to the Internet.
    The regulatory framework of CALEA is not suitable for the Internet 
and Internet applications. The FBI and the Justice Department are 
absolutely correct when they say that the world of communications has 
changed dramatically since CALEA was enacted. That is exactly why 
applying a 10-year-old law to this rapidly evolving technology would be 
a mistake. CALEA-type mandates would drive up costs, impair and delay 
innovation, threaten privacy, jeopardize Internet security, and force 
development of the latest Internet innovations offshore.
    Most importantly, the centralized design mandates of CALEA are not 
necessary. The government itself can acquire the technology it needs to 
interpret Internet communications. It will have to do so in case, 
because there will always be custom-built services and applications 
outside its reach. The sooner it abandons its efforts to dictate 
surveillance features to industry, the sooner it can get on with the 
task of keeping pace with technology.

    Mr. Upton. Thank you.
    At this point members will be able to ask questions for 5 
minutes.
    I just want to, Mr. Dempsey, go back to what you just said 
in terms of talking to the cable industry. The cable industry, 
and I think, Dr. Green, you will support, I mean, as you look 
at VoIP it is viewed as telecommunications, and therefore, you 
are subject to CALEA; is that not correct?
    Mr. Dempsey. Yes, Mr. Chairman, that is correct. I think 
the cable companies early on, when they viewed the possibility 
of offering voice services on their networks recognized that it 
was going to be necessary to comply with CALEA, and that is one 
of the reasons that they tasked us, Cable Labs, to develop the 
specifications or to make that a viable technical solution.
    Mr. Upton. And to underscore or reiterate your testimony, 
you indicated that all of the cable companies are compliant; is 
that not correct?
    Mr. Dempsey. As far as I am aware, all are compliant.
    Mr. Upton. Now, Ms. Parsky, you indicated in your statement 
and you said some carriers without regard to court ordered 
CALEA, some are and some are not complying; is that correct?
    Ms. Parsky. That is correct.
    Mr. Upton. Can you help us in terms of who is not being 
helpful? You did not name anyone by name. Obviously the cable 
companies appear to be based on Dr. Green's testimony.
    Ms. Parsky. Well, we have purposely not named people by 
name, because we recognize that it is important for us to try 
to work with the companies that are not compliant to try to get 
their cooperation. I can tell you that there are companies out 
there that when they have been served with interception orders 
have not had the capacity built into their networks to be able 
to comply with the court orders as required by CALEA.
    Mr. Upton. And how would you, Mr. Thomas and Mr. Knapp, 
respond to Mr. Baker's comment that it is up to you to figure 
it out versus the companies themselves to comply with CALEA?
    Mr. Knapp. CALEA provides that the carrier can select their 
method of complying with CALEA by either using a standard or 
whatever method satisfies law enforcement, and in many cases, 
these standards have not been fully developed or the carrier 
has argued that they needed more time to comply with the 
standard.
    Mr. Upton. And you have given them that time; is that not 
correct?
    Mr. Knapp. That is correct.
    Mr. Upton. Mr. Thomas?
    Mr. Thomas. Well, from our perspective I would say, first 
of all, our requirements or needs in terms of law enforcement 
interception were developed and are developed with an eye 
toward lawful interception. So what we set out as the elements 
out of a network are based on information that we need to make 
rational decisions over whether we are lawfully authorized to 
monitor that conversation or not. So that is where our needs 
develope from.
    There is no doubt that CALEA did not necessarily accomplish 
one of its main goals, and that was to create an atmosphere in 
which early on in design time carriers were able to reach out 
and grab a ready made standard and implement it so that when 
the new services were offered, there was no conflict and no 
problems. It hasn't created that atmosphere.
    Unfortunately, we do need that sort of an atmosphere, but 
we do have to also recognize that the law enforcement community 
has needs that are based upon the authorizing statutes for 
doing electronic surveillance, and that is what we are trying 
to implement, and we are trying to rely on the carriers who 
best know their technologies to do that.
    Mr. Upton. Ms. Parsky, do you want to comment?
    Ms. Parsky. Well, I think that Mr. Thomas has expressed 
this well. One thing that I think has been distorted is the 
fact that CALEA provides for the FCC to determine what 
standards need to be met in implementing CALEA. It is not the 
FBI, and to the extent that the industry and the private 
standards bodies are creating these standards, if they come to 
the FBI and say, ``Do these standards meet your needs, your 
needs that are determined by, you know, your authority to 
intercept these communications?'' and when the FBI relates that 
some things do and some things do not, if the industry wants to 
challenge that and wants to have the FCC step in and determine 
what is required, it is the FCC that makes that determination.
    Mr. Upton. Dr. Green, as you indicated the cable industry 
is 100 percent compliant, how do you respond to Mr. Baker's 
comment that, in fact, going back to the Wall Street Journal 
story that, in fact, it may drive that innovation overseas?
    I mean, has that happened in the cable industry? It did 
not, did it?
    Mr. Green. Well, Mr. Chairman, that has not been our 
experience. Obviously, these technologies are very competitive, 
and they are certainly competitive worldwide. So there are 
risks to technology development here. However, our experience 
has been in working with U.S. manufacturers and in working with 
the FBI, we were able to reach agreements which I think are in 
themselves innovative solutions.
    I believe that the technical details contained in our 
specification amount to new innovative approaches that were 
developed as a result of trying to work together to solve 
problems.
    Mr. Upton. Thank you.
    Mr. Wynn.
    Mr. Wynn. Thank you, Mr. Chairman.
    Just a couple of questions. If I heard him correctly, I 
believe Mr. Dempsey said that there was not an adequate factual 
record in terms of what the specific problems were. So I wanted 
to ask Mr. Thomas and also Ms. Parsky if you agreed with that 
statement, and if not, whether you believe it ought to be on 
the record or if you agree it ought to be added to the record. 
If you disagree, why do you disagree with that?
    Ms. Parsky. I think it is important to point out here that 
in terms of a factual record of where, exactly where, law 
enforcement is having trouble effectuating court orders and 
conducting intercepts is something that is extremely sensitive 
for law enforcement. To have to lay out a record of exactly 
which services are the places that criminals and terrorists 
should migrate to because that is where law enforcement is 
struggling is something that requires the appropriate setting 
to lay that out.
    I think the other thing that is important to recognize is 
that once there is a lengthy record of all the times that law 
enforcement has been unable to effectuate court orders for 
interception, that is too late. That is when all of those 
criminals have already had the opportunity to do harm to our 
society.
    Mr. Wynn. Let me interject then. If I am understanding you 
correctly, you are basically saying that this material would be 
classified. That record that Mr. Dempsey says ought to be 
established would be classified material, and perhaps not in 
this forum, but in an appropriate governmental forum you would 
be willing to provide that so that Members of Congress could 
evaluate the record and the extent of the problems. Is that a 
fair assessment of what you are saying?
    Ms. Parsky. I think that a fair statement is that a great 
deal of that record would be classified and we would not be 
able to share that in this forum.
    Mr. Wynn. Is there a forum within Congress that you believe 
would be appropriate?
    Ms. Parsky. In a classified forum.
    Mr. Wynn. A classified forum. Would you agree with that, 
sir?
    Mr. Thomas. Yes, I would agree with that.
    I would also just add it is important for us to establish a 
factual record, but the factual record is not only made up of 
specific cases where we have encountered problems, but also it 
is based upon a knowledge of electronic surveillance over many, 
many years and our understanding of where criminals are likely 
to move and terrorists are likely to move or have already 
moved.
    So I would support Ms. Parsky's statement that a part of 
this is also predictive.
    Mr. Wynn. Well, I think those two parts are classified and 
the predictive part ought to be presented to Members of 
Congress at an appropriate forum so that we can then, as Mr. 
Dempsey said, evaluate exactly what the problems are.
    Mr. Baker, you were suggesting that a system that would 
require prior FBI approval would be so burdensome as to drive 
innovation abroad with respect to market testing if I 
understood you correctly. What exactly is the nature of the 
burden? Is it the time to be consumed in getting the approval? 
Is it the demands of the standards that would be required prior 
to a market test in this country, particularly in light of the 
fact that Dr. Green seems to suggest that you would not have 
that effect using an FBI approval system?
    Mr. Baker. I think the biggest risks come in the Internet 
context where today if you have a good idea, you just put it 
out on the Web and see if people come and flock to it. Hotmail 
started as a guy with a good idea. He said, ``Gee, why don't we 
offer free E-mail accounts in exchange for people looking at 
ads?'' and that became a $400 million business in about 9 
months.
    He did not have to get anybody's permission. He just 
started the business. If, instead, he has to stop, say it is a 
voice version of Hotmail, he has to stop and say, ``Well, do 
you think the FBI would view that as covered by CALEA? What 
would have to give them exactly if they thought it was covered 
by CALEA? How would I design that into my system?'' you are 
adding months of design time, and then he has to hire a 
lobbyist. He has to come to Washington and hire somebody to 
deal with the FCC. All of that is a burden on his ability just 
to start a business.
    Mr. Wynn. Let me interject because it seems like it is 
somewhat speculative. Could he just go into the FBI and say, 
``This is my idea. It is patented or whatever, but what do you 
think? What do you need?''
    I guess I am wondering whether this is actually a month 
long problem, particularly if it is only a question of whether 
he can market test it anyway, whether or not that cannot be 
accomplished in a shorter, more reasonable period of time.
    Mr. Baker. That is a very good question. I think the answer 
is the FBI is not used to being a regulator. That is not what 
they do. They are not used to taking risks. I think what would 
go through the mind of the FBI office that was asked that 
question is, well, if I say yes and it turns out badly, am I 
going to get blamed. The answer is yes. If i say no and it 
turns out badly, am I going to get blamed? And the answer is, 
no, no one will care because they will not hear about it.
    So all of the incentives are to say no. We need more 
information. We cannot approve this yet. We want to see more 
specs., more design, more features.
    You know, I think John L. Lewis, when he led a wartime coal 
strike, was asked what do the miners want and he said, ``The 
miners want more.'' And in my experience in dealing with the 
FBI, that is often their position. They just want more. they 
want as much as you can do.
    Mr. Wynn. Could I get just a response from the FBI as to 
whether that is an accurate interpretation of how this process 
might work?
    Mr. Thomas. Well, I would not agree with all of it the way 
it was said, but I would say that the CALEA statute, the way it 
was written, basically puts everybody on equal footing if CALEA 
applies to them. So, it is essentially, you are in it or you 
are out of it, unless you can find a statutory exemption.
    So it really does not put the flexibility necessarily 
within the FBI's hands or the FCC's hands to say, you know, you 
are out but you are in because, in part, it laid a level 
playing field out for those types of carriers.
    Some other nations we have seen have applied laws in a 
different way that either had what you might call opt in or opt 
out policies where you have exactly that procedure. Unless a 
government agency tells you you must comply, you don't have to 
comply, or once a government agency tells you or you have to 
consult and somehow get a buyout, that is not the way CALEA as 
we understand it was implemented.
    Mr. Wynn. Thank you, Mr. Chairman.
    Mr. Upton. Mr. Walden.
    Mr. Walden. Thank you, Mr. Chairman.
    Mr. Thomas, how do you respond to the 2004 DOJ Inspector 
General's report finding that the FBI, and I quote, was unable 
to demonstrate the extent to which lawful surveillance has been 
adversely impacted by the lack of CALEA implementation?
    Mr. Thomas. Well, I think my response to that is that early 
on with CALEA we recognized that there would not be enough 
money in the fund set up for it to cover the Internet 100 
percent. We knew that before it was appropriated.
    We also knew that there had to be a process, and this was 
statutorily set out for deciding which technologies that were 
already in place we would pay for and which one we would not.
    So we had to make decisions, and that is the one procedural 
place where we had decisionmaking on who was in and who was 
out. Fairly early on, we made the decision to focus more 
intensely on areas where we would be completely shut out of any 
capability very rapidly if technology moved the way we 
expected.
    It turns out technology did move the way we expected, and 
it was the wireless world. We focused much more energy and much 
more cost from our perspective on making sure those 
capabilities were in place, and I quoted a number that roughly 
we can calculate from the wiretap report about 70 percent of 
authorizations were for CALEA covered, CALEA capable services, 
and that is a calculated number based on how many were wireless 
and how much wireless we have covered.
    But the point is, our goal was to apply the money we had 
and the level of effort that we had to try to get the best 
benefit, and I think that is what we have done.
    Mr. Walden. Well, perhaps a question for both you and Ms. 
Parsky. How do you respond to Mr. Baker's contention that, and 
I believe I am quoting correctly, despite the crisis atmosphere 
fostered by the government, the Justice Department law 
enforcement have never once used the enforcement powers that 
CALEA gives them?
    Did you just say 70 percent of the wiretaps are under 
CALEA?
    Ms. Parsky. Well, if I may, I think those are referring to 
two different things.
    Mr. Walden. All right.
    Ms. Parsky. I believe it is Mr. Dempsey who quotes the 
Inspector General's report with respect to software, CALEA 
compliant software only being activated on 10 to 20 percent of 
wire line technology, and Mr. Thomas was pointing out that that 
is a misleading quotation because where we focused our efforts 
was where we thought the technology was migrating, which was to 
the wireless technology, and for wireless, I think these are 
rough estimates, that about 90 percent of the FBI's intercepts 
are over wireless phones, and 80 percent of those 90 percent--
or the other way around: 80 percent of the wireless phones and 
90 percent of those wireless intercepts are CALEA compliant.
    Mr. Baker's reference to enforcement, I think, is to the 
extent that the Justice Department would go to court to enforce 
a company's failure to comply with CALEA. And in that regard, 
what we have done is we have tried to go to the companies and 
work with them; because we realize that in the long run, rather 
than going through a lengthy and expensive process for them, to 
the extent that we can work to show them that, in fact, their 
technology, their services fall under CALEA, the importance to 
national security and public safety that they be able to carry 
out the intercept orders, that we want to work with them to get 
them to do that.
    And it has been a slow process, and our filing the recent 
petition with the FCC was part of our having to take a step 
that is more forceful than just going and trying to work with 
the companies.
    Mr. Walden. All right. I represent a very, very rural 
district. It is sparsely populated, a lot of small exchange 
carriers, and one of them just installed a new switch, and they 
were looking, you know, at CALEA and some of the requirements 
for voice over Internet protocol and said, ``We have never had 
a wiretap in 30 years in this little town and now you are going 
to have this new requirement in on top of us.'' I would be 
curious from the panel. How do you respond to that? What do I 
go back and tell these folks out in very rural Piece of Heaven?
    Mr. Knapp. First of all, there are provisions in CALEA for 
requesting extensions of time, and beyond that, if they can 
make an argument for various reasons that the costs are not 
warranted, they have that opportunity to do that under CALEA.
    One of the things we tried to do in our rulemaking 
proceeding is identify not only a standards approach to comply, 
but also other solutions, such as use of a third party that 
might make sense for people who only get an occasional wiretap 
to engage the services of a company that could help them meet 
the requirements of the court order.
    Mr. Walden. And, Mr. Baker, do you have anything to add?
    Mr. Baker. Yes, if I could just add, I do think though that 
there is a problem here that shows why the FBI is just not 
suited to this regulatory role. It was too hard for the FBI to 
say, ``Yeah, we know. We will probably never need to do a 
wiretap in your district. So we will give you a pass.''
    Because from the point of view of the person who is asked 
to do that if that turns out to be the wrong decision they will 
be blamed, but if they make a decision that is too regulatory, 
it does not cost them anything, and I think you see that bias 
over and over again in the way the FBI has approached the bill.
    They do not ever want to be wrong in a way that might cost 
them one wiretap, and so they tend to over regulate even in 
circumstances where it just doesn't make economic sense.
    Mr. Walden. Mr. Knapp, maybe I can go back to you on the 
technology itself then when you talk about a third party 
provider. Is this a patch that they can come in and put in and 
take out?
    Mr. Knapp. In some cases it may involve implementing 
software in existing equipment that separates out the subject's 
data stream from everybody else's in part to protect privacy, 
then if necessary to convert the information so that you can 
pull out the call identifying information, and then prepare it 
in a format that is usable on law enforcement's equipment.
    Mr. Walden. But I guess the point is is it something they 
can come in and insert and then remove? Could you hire somebody 
to come do that with your equipment?
    Mr. Knapp. That would be an option.
    Mr. Walden. Okay. My colleague and I were talking. Given 
the international scope of all this, how do we regulate the 
Internet here and not have somebody else dump software out 
there that everybody could download and use and get around 
CALEA?
    Mr. Dempsey. That's an important question, again, about 
what price are we paying and then are we really getting the 
result that we desire. The FBI is always going to have to have 
the ability in house to try to deal with customized services 
peer to peer in the NPRM, and the Commission recognizes that 
peer to peer is not covered, that there are a range of other 
services not covered. Traditional dial-up Internet access would 
not be covered.
    And in all of those cases the FBI still has the legal 
authority to wiretap, and they have the technical capability to 
access that stream because the issue really here, Congressman, 
is not about content. All of the service providers are fully 
capable of providing the content. It has never been a dispute. 
The question is opening up those packets, breaking them apart, 
analyzing them, figuring out when you do an ordinary wiretap on 
a regular old fashioned phone line whether it is a fax or a 
phone conversation that is coming over the line.
    The FBI has always had that responsibility to bring it in 
and analyze it. A little bit of the debate here is trying to 
push some of that responsibility onto companies. But at the end 
of the day, the law enforcement agencies are still going to 
need that in-house capability for all of the other kinds of 
unique things out there and for all of these other services.
    I think that is a better place to look for a solution 
generally rather than taking this kind of very regulatory, very 
specific mandate forcing it on a few carriers when you're still 
going to need that in-house capability to deal with customized 
offshore, et cetera.
    Mr. Walden. All right. Thank you.
    Mr. Upton. Mr. Buyer.
    Mr. Buyer. I was here in Congress when we did CALEA, and I 
remember the balance tests that we were all struggling with. I 
have tried to be a good listener to two other opinions, Mr. 
Dempsey and Mr. Baker, and at the same time I am rather curious 
why the dispute resolutions that Congress had set out are not 
working.
    Why is it necessary for you to make this petition to the 
FCC? Because that is highlighting that perhaps the framework 
that we laid out back then isn't working well and why it isn't 
working well.
    So, Ms. Parsky, when you testified just a second ago, you 
said it is difficult in working with the companies. You have to 
articulate that better for the justification. So could you give 
us some idea? What do you mean it is just too difficult to work 
with the companies?
    Ms. Parsky. Well, I am not sure exactly which part of my 
responses you are referring to in terms of ``too difficult to 
work with the companies,'' but I believe what I was trying to 
portray was the fact that we are trying to work with the 
companies, and some companies are more difficult to work with 
than others.
    And what led to our filing the petition is the fact that we 
are 10 years out from the passage of CALEA, and technology has 
moved; and it is our argument that the direction it has moved 
has made it clear to us that these new technologies fall within 
the mandates of CALEA.
    I think one of the things, I mean, there are several things 
that were----
    Mr. Buyer. But industry recognizes that, too, that they 
have to be compliant.
    Ms. Parsky. Some do and some do not. Some have just 
deployed their technologies, presented them to the public, and 
then decided that they would argue it out, either wait for us 
to confront them on it and argue it out through the FCC, which 
would take a long time and then through the court system, and 
in the meantime they would be able to reap the benefits from 
having the technology out there. Where for us what that means 
is there is something out there that does not have the 
capabilities built in to comply with court orders.
    Mr. Buyer. So what did we do wrong with CALEA? What should 
Congress have done right?
    Ms. Parsky. Well, we are in the process of really trying to 
evaluate what it is that we would need as an updated version of 
CALEA going forward, because technology has changed so much.
    But I think one important thing has caused confusion in 
CALEA, and I think that is evidenced in Mr. Dempsey's statement 
when he says that CALEA was not intended for the Internet.
    And I think that there is an exemption in CALEA for 
information services. It is not an exemption for the Internet. 
It is not an exemption for Internet services. It is for 
information services as information services were defined. But 
those were information services that were storing E-mail, that 
were static Web sites, but not the transmission of information 
over the Internet.
    The transmission of information even back 10 years ago was 
recognized as something that was not included in the 
information services. At that time it was through dial-ups, so 
that the transmission would have been over wire lines, over 
telephone lines.
    Now that transmission is over cable lines. So I think it is 
the confusion over the sort of parsing out of information 
services and the changes in technology and how the Internet is 
being used today that has caused a lot of the confusion.
    Mr. Buyer. Well, I will concur with you that Congress did 
not give you any wiretaps authority, but what we really 
intended was for you to have access, and you know, we do not 
intend to be stifling the technologies out there. I mean, we 
look at at the Telecommunications Act, and it has been a 
success by getting regulation out of the way and letting 
innovation just really take over.
    But you are outpacing law enforcement. I mean, that is the 
reality. That is what our present struggle is.
    Mr. Baker and Dempsey were pretty tough on you. Do you have 
any comments that you would like to make in response to their 
testimony?
    Mr. Knapp. A couple of points because I think there are 
some misunderstandings of what the Commission actually 
proposed.
    We rejected the notion of a pre-approval process for 
technologies. We absolutely do not want whatever steps we are 
taking here to constrain technology. What we are trying to do 
is be very specific about what the capability requirements are 
so that everybody understands going in what they are required 
to do.
    Leave it to industry to develop the standards, but have 
certainty for the carriers so they can be assured that if they 
comply with the standard that it won't be challenged.
    So on the point that Mr. Dempsey raised, as we look back at 
the 1994 act, we see an irreconcilable tension where, on the 
one hand, its intention was to maintain law enforcement's 
capability to perform wiretaps and to exclude information 
services. It was not envisioned at that time that the Internet 
was going to become a means for making telephone calls, but the 
act provided for looking at advanced services as they unfold 
and for the Commission to make a public interest finding in 
those cases as to whether those services should be covered, and 
that is the purpose of our rulemaking.
    Mr. Buyer. So that I am not left with a bad impression, Mr. 
Knapp and Mr. Thomas and Ms. Parsky, maybe you could help me 
with this. Is it sort of the presumption by industry now to go 
ahead and deploy and litigate, or I have got my technology; 
let's try and work it out with law enforcement?
    Where do you think it stands right now within the 
community?
    Mr. Thomas. I think from my experience it is the latter, 
and that is, that for the most part, industry is moving forward 
with innovation. They already in many cases have people 
thinking about CALEA capabilities. Some companies just do not 
believe it applies to them. Others do, but for the most part it 
is not simply we are going to roll this out and see what the 
Justice Department will do.
    I think it is an idea of getting it out there, moving 
forward, and then coming behind that and trying to work with 
standard bodies, work with law enforcement. I do not think 
there is that much disingenuous effort out there. I think there 
is real effort.
    Mr. Buyer. You know, a lot of times here in Congress we 
make laws, but because of exceptions, and that is just what I 
am trying to figure out if there is a much larger problem or if 
we are trying to create something because of a smaller 
community giving you a hard time.
    Can you help me out here?
    Mr. Thomas. Well, I do not think that CALEA was a badly 
crafted law for the time. It did not have as much agility in 
it, I think, as we are going to need going forward in the 
Internet world. It is a different environment, very different, 
and I think there are going to have to be tweaks to create 
agility where it does not exist.
    Mr. Buyer. We thought the whole future back then was voice.
    Mr. Thomas. Right, and a lot of people still----
    Mr. Buyer. And everybody at that table if you were willing 
to admit to yourselves, we did, too, and we got it wrong. It is 
all about data. That is the power.
    Mr. Thomas. And a lot of people still to this day focus on 
voice when they talk about CALEA, but CALEA really did not 
focus on voice. It focused on wire and electronic 
communications, which was very broad, but it did not quite have 
the agility we need, and I do think going forward it is utterly 
impossible to do what we need to do without cooperation. It is 
utterly impossible.
    And if we do not have a legal structure that encourages or 
somehow causes or urges cooperation from industry with law 
enforcement and vice versa, it will not work.
    Mr. Buyer. All right. Thank you, Mr. Thomas.
    Thank you, Mr. Chairman.
    Mr. Upton. Thank you.
    Mr. Shimkus.
    Mr. Shimkus. Thank you, Mr. Chairman. I will be brief.
    I have a district where I have quite a large rural size, 
too, and so I echo some of the comments from Mr. Walden, and I 
would just make two points of observation. One is that I do 
believe in the market. So if a small, rural telephone company, 
family owned, which we still have them, or co-op, you know, 
have challenges, and I understand the law allows provisions to 
delay or that, you would think the market would also fill the 
void with specialists who come in.
    If there was one every 30 years that if I was a smart guy, 
I would be figuring out how to be that repairman or that 
specialist that would come in and help comply with a legal 
court order.
    But the second thing is understanding the threat. I would 
think that in the digital age crooks and criminals would go to 
the areas where there is less risk of being able to be tapped 
technologically. So a rural area might be a great place to set 
up your scam to take money from one Account A and transfer it 
electronically to Account B with the time lag of trying to put 
in the provisions the legal authorization, you know, to have 
access to those communication lines and then actually 
technologically have them in place to go after the crooks or 
criminals or in the world that we live in, terrorists.
    So this is a good hearing. I do concur with my colleagues 
that technology is moving quicker than our ability, and we will 
have to be in this together.
    Mr. Baker, I think.
    Mr. Baker. Yes. I thought I would add to a response to Mr. 
Walden's question and yours about the rural carriers. I will 
tell you what I would have said to them under CALEA, as I 
understood it before the FCC ruled. I would have said, and in 
fact, I have said, if the FBI comes to you and says, ``We have 
to do a wiretap. We have to hear what this guy is saying. Can 
you do that?'' the answer is almost always, ``Yes, we can do 
that.''
    We can find a way to plug the system so that we can give 
them the one wiretap they need every 30 years. What we cannot 
do is give them all of these party-hold, party-join, party-
drop, crazy stuff that is in the CALEA standards that the FCC 
and the FBI have approved. We just do not know how to get that 
information.
    And I would have said, well, if in 30 years you get one of 
these and you can provide them with the content, and they do 
not like that, which is unlikely, then their recourse is to sue 
you, and you will be able to defend on the ground that it is 
not reasonably achievable. You could not be expected to spend 
that kind of money for one wiretap after 30 years, and that 
there were other places that they could get the information 
that they needed.
    Those are all of the defenses that the statute creates for 
them, and it forces the FBI to actually justify what it is 
doing. Under the regulatory proposal that the FCC is putting 
forward and the FBI and the Justice Department are supporting, 
I would have to say to them, well, if you do not have that and 
the FBI walks in with or without a wiretap, they can ask for 
fines to be imposed on you tomorrow. So you have to go out and 
spend the money right now.
    And that is the difference between what CALEA intended and 
the regulatory proposals that we are seeing out of the agencies 
today.
    Mr. Shimkus. But the big concern, I think, those who were 
here when CALEA was initially passed was the ability of law 
enforcement to have access when there is presumed bad guys 
using the systems, and the threat, especially the international 
terrorist threat and al-Qaeda operatives. I don't know if we 
want to wait. That is the dilemma we are in.
    The law enforcement, the FBI and all of these folks who are 
trying to protect us, you are right. I mean, they do not want 
to be on the hook for being wrong one time, and do you know 
what? We do not either. We want them to have it right the first 
time to hopefully preclude what has gone on in the past.
    Mr. Chairman, that is all I have. I yield back.
    Mr. Upton. Mr. Cox.
    Mr. Cox. Thank you, Mr. Chairman.
    I wonder if I could drill down a little bit on the software 
side of this. I wonder if any of our witnesses feels 
comfortable telling us this morning what would be the process 
for a software developer to bring its product to market if it 
includes the voice capability.
    Are they going to have to go to the FCC, to the FBI, to the 
Department of Justice? What do they do?
    Mr. Knapp. It would be as simple as complying with an 
industry standard. They would not have to come to the FCC for 
approval to do that. So, for example----
    Mr. Cox. Well, wait a second. An industry standard can only 
exist for things that have been agreed upon in advance. What 
happens if I am an innovator?
    Mr. Knapp. The industry standard can be generic in terms of 
providing information about where is the starting point of the 
communication and the endpoint, without getting down into the 
applications itself.
    Mr. Cox. And is this something that has been included in 
the Justice Department petition? Have you specified exactly how 
that would work?
    Ms. Parsky. What we made clear in our petition is that 
CALEA does not give law enforcement, the FBI, the Department of 
Justice the ability, nor should it, to dictate what the 
standards are. Those who are in the best position to 
innovatively devise the best ways to meet law enforcement needs 
are industry themselves. So that to the extent you----
    Mr. Cox. So right now we are in a position where we do not 
have standards. We are hoping we can develop them. The 
standards themselves would have to encompass known 
technologies. They could not really credibly encompass things 
that had not yet been invented.
    And so anything new does what? Something that is not 
definitionally covered by the agreed upon standard that 
encompasses all existing technology?
    Ms. Parsky. Well, to the extent that there are new 
technologies and companies had questions and want to work with 
the FBI for their assistance, we are more than happy to do 
that.
    Mr. Cox. I want to work with the FBI. What do I do? Where 
do I go?
    Ms. Parsky. Mark, do you want to?
    Mr. Cox. Does the FBI have a private sector innovation 
office where I can go and meet with people who are happy to 
help me get my product to market?
    Mr. Thomas. Well, I mean, there are two different issues 
here. One, I think, is software developers who develop 
applications. We generally do not see those people with CALEA 
requirements on them. It is normally the people who offer 
services of some kind to the public, as CALEA states, as common 
carriers for hire essentially.
    For those types of organizations, we have----
    Mr. Cox. Well, hold on a second.
    Mr. Thomas. Yes.
    Mr. Cox. The Justice Department petition to the FCC asks 
that the FCC rule that broadband Internet access be covered by 
CALEA. That is at least according to your testimony, Ms. 
Parsky. And so if I am now the provider of broadband Internet 
access, I have got to begin worrying about all of the software 
that is going to be used on my system so that I can comply with 
my legal obligation, and it is not distinguishing at all, and I 
do not know how it could, between the things that are agreed 
upon under the standards and the things that are brand new.
    So I have got to make sure that the new things which I do 
not have any legal comfort on are bumped from my system and go 
through some queue, and then I am going to send them to the FBI 
or wherever, and then I want to know who is going to be in 
charge of that.
    Mr. Thomas. Well, I mean, I think the point there is for 
the broadband provider. What we are saying is the obligation on 
him is clear at least with regard to whether or not he has to 
isolate and provide to law enforcement as CALEA requires call 
content.
    With regard to the call identifying information, which is 
really what you more seem to be pointing at and who understands 
how to reach you and pick out that particular information, I do 
not think that is an issue that has actually matured yet. I do 
not think anyone has a complete vision of how that will be 
carried out.
    I think it is probably likely that there are some services 
in which the provider themselves, the access provider, say, a 
cable company, is in the best position to do that work. There 
are other services where they may not be in such a good 
position to do that work.
    There will be some applications for which no one really 
will be in a good position to do that work, and ad hoc 
solutions will continue to have to operate in those areas. I 
think that is a bit of a balancing act that we will expect to 
have to----
    Mr. Cox. Mr. Chairman, here is what I am concerned about. 
Congress and this committee, we in this committee, expressly 
excluded information services from CALEA because we did not 
want to have this collar on innovation in advance. As 
information services and telecommunications services morph into 
one another, we are going to have some tough calls to make, but 
we surely did not make them in the statute, and we also had a 
paradigm in mind in which the digital innovation that we were 
thinking of as information services was excluded expressly in 
the statute.
    If we are now going to finesse all of this in a regulation 
without amending the law, I have not any comfort that we will 
not--particularly if the petition from the Justice Department 
asks that the gateway for everybody's Internet service, the 
broadband access, you know, be covered by CALEA--I will not 
have any comfort that we will not be basically saying we are 
going to treat all information services, all your E-mail, all 
data transmissions, and so on the same way that we treat voice-
grade telephony for purposes of wiretap.
    When Alexander Graham Bell went out and strung some wire 
and began to exploit his invention of the telephone, there was 
not any wiretap scheme in place. The order was innovation 
first, regulation second.
    What we are talking about now is a fundamental shift. We 
are going to go to regulation first and innovation second, and 
virtually all of these innovators are going to have to queue up 
single file before a government agency in Washington before 
they can come to market, and that really does give us Mr. 
Baker's problem, which is that we push this stuff overseas.
    And incidentally, some of the people who want to create 
problems for us might well be developing software into which 
they imbed their own listening algorithms and then dump it onto 
our market in this way. People pick that up because it does not 
bear the stamp of, you know, the U.S. Government wiretap 
approved.
    I think we ought to be very cautious about entering this 
area, and certainly, Mr. Chairman, we ought to be very cautious 
about doing it with regulation.
    Mr. Dempsey, sorry.
    Mr. Dempsey. Mr. Cox, I think in your dialog with Mr. 
Marcus you have identified something very important here, which 
is the FBI, Department of Justice at this point cannot even 
identify who will bear what responsibility. So they are asking 
to regulate all broadband access and all managed VoIP services 
without even knowing who will have what responsibilities and 
what those responsibilities will look like.
    So we are putting the power of CALEA and the whole pressure 
of CALEA on top of entities that we have not even really 
identified yet, and we do not know what their responsibilities 
will look like.
    I think that one of the steps here should be, in addition 
to identifying the problems, the second half of it is what will 
the solutions look like, and if you regulate first and bring 
either by regulation, as the FCC is proposing, or by 
legislation, if you bring Internet services into the scope of 
CALEA, you had better know in advance what those obligations 
are going to look like and how they are going to translate 
rather than leaving that to the FBI and the FCC to work out.
    Mr. Cox. Well, I think my time has expired. I would just 
say, Mr. Chairman, that innovation is not necessarily the 
enemy. Technological innovation, which America leads in so many 
respects, is the best advantage we have going for us in law 
enforcement, and so we do not want to stifle it needlessly.
    I yield back.
    Mr. Upton. Thank you.
    Mr. Stearns.
    Mr. Stearns. Thank you, Mr. Chairman, and thank you for 
having this hearing.
    Mr. Knapp, the term ``telecommunications carrier'' appears 
in both the CALEA and the Communications Act, with CALEA's 
definition being much more broad and enveloping. If the FCC 
determines a certain company is a telecom carrier under CALEA, 
does that sentence the same company to the Title II designation 
under the Communication Act?
    If not, what conflicts would separate designations under 
these statutes, so to speak?
    Mr. Knapp. The short answer is no. A determination relative 
to CALEA would not necessarily have any implication relative to 
the Communications Act. Our decisions and the proposals that we 
made are based on the unique provisions of CALEA, which provide 
that the Commission may in the public interest include services 
that are a substitute for public switched telephone service.
    So we do not believe that the CALEA obligation carries with 
it any implication that the Commission may apply the legacy 
regulations that we have in the past under the Act.
    Mr. Stearns. How does the NRPM address peer-to-peer 
services that may offer VoIP be covered?
    Mr. Knapp. It suggests that this is an issue that we need 
to resolve. We propose to include managed services. These are 
services----
    Mr. Stearns. What are they?
    Mr. Knapp. They are services where there is a party in 
control of setting up the call and potentially controlling the 
quality of the call. We did not include peer-to-peer service 
which at the extreme end could be simply two people putting 
software on their PCs.
    Mr. Stearns. One of the goals that Mr. Boucher and I sought 
in the bill we developed and dropped was to redefine these new 
IP based services so that we might be able to address some of 
these same questions, and so we proposed a new definition in 
the context of a broad rewrite of the Telecom Act.
    Do you think that would be beneficial?
    And I would like to ask all of the witnesses if they think 
maybe a redefinition in the Telecom Act of 1996 to include this 
broader definition. I do not mind it if you do not agree with 
me. So go ahead.
    Mr. Knapp. I have no position on that.
    Mr. Stearns. No position? Even a personal?
    Mr. Knapp. No, not even a personal. Our focus here was 
solely on CALEA and the provisions of CALEA.
    Mr. Stearns. Okay. Why don't we just start? Would anyone 
else have a comment on this?
    The idea is to address some of the questions we might 
redefine this new IP based service. Yes.
    Ms. Parsky. Well, in terms of a broader definition of the 
services, yes, the Department of Justice does not have a formal 
position, but we would be happy to sit down and meet with you 
and discuss the definition with you.
    I think that the one concern we have with the bill that has 
been proposed is an exclusion for regulations such as CALEA and 
that, and I think we have addressed fully in our statements 
here.
    Mr. Stearns. I think we did that because of jurisdiction. 
So it is nothing intentional.
    Anyone else? Yes, Mr. Baker.
    Mr. Baker. Yes, TIA's view is that VoIP is an information 
service and ought to remain so. As for CALEA, we would really 
encourage the committee if there is something that needs to be 
fixed, instead of kind of schmoozing it fixed through the FCC, 
the Justice Department ought to come up here and propose 
regulations or legislation that would fix the problems that 
they see.
    And we would support having an examination of new 
technologies to see what more needs to be done. It is just that 
we do not think that trying to slip it in through the back door 
through the FCC regulations is the way to do it.
    Mr. Stearns. Good point. Okay. Mr. Dempsey or Mr. Green, 
anything?
    Mr. Dempsey. Well, Congressman, I would just say that we 
are winding up caught in a straightjacket of telecom services, 
on the one hand, information services, on the other hand. In 
all likelihood, those definitions do have to be reexamined, and 
along with them, the regulatory burdens that they carry or the 
public policy interests that are served both on the economic 
side and on the social policy side, and I think there the 
question for this committee is going to have to be what 
problems are there that need regulatory action in the first 
place.
    For most of the history of the telecommunications system, 
there was no problem with carrying out wiretaps. There was no 
regulation at all. It was an almost incidental byproduct of the 
design of the networks.
    In 1994, Congress concluded that with respect to 
traditional telephone services, there were identified problems. 
And now the question is with respect to new services, however 
you categorize them from a regulatory, whatever word you use to 
describe them, what is the problem, if any, and it has still 
not been shown that there is a problem, and then what does the 
solution look like.
    Mr. Stearns. Mr. Chairman, my time has expired. I ask 
unanimous consent to ask one more question.
    Thank you for your kindness.
    Mr. Green, can Cable Labs' compliance standards serve as a 
model for other industry participants, or is this standard you 
developed sort of unique just to cable?
    Mr. Green. Well, the answer to that is basically both. We 
believe it does serve as a model. Other industries have looked 
at it as a model framework, but it does have some unique 
features which could not--for example, this particular 
specification uses a cable modem.
    However, it is a multiple part standard, and various 
parties of the specification could be adopted and used by other 
industries. And although I am not aware of any specifically at 
this point that have announced anything publicly, we do know 
that people are reviewing it.
    Mr. Stearns. Fair enough. Thank you, Mr. Chairman.
    Mr. Upton. Mr. Pickering.
    Mr. Pickering. Mr. Knapp, I do not know if you have had had 
a chance to look at some of the pieces of legislation dealing 
with voice over Internet. In legislation that I introduced, I 
had a process that would call for the FCC to make 
determinations every 6 months as to when CALEA could be 
technically feasible, and at that point a collaborative process 
would begin between the State, law enforcement industry, and 
affected parties to then determine what is the best way to 
apply CALEA or to make that accessible.
    Is that something that you believe would work and is a good 
way to address this issue as we go forward?
    Mr. Knapp. We believe we have started the process with our 
rulemaking by outlining the ways we think that parties could 
comply with CALEA. At this juncture it does not appear that 
there is a technical problem in achieving CALEA compliance. I 
think you have heard that there are standards out there for 
compliance. We talked about third parties emerging to provide 
that.
    So that said, we are looking for public input on the 
proposals that we have made and the issues that we have raised 
before we reach final decisions.
    Mr. Pickering. Some would question whether under the 
definition that we have in the 1996 Act of information services 
and explicitly excluding that from CALEA. Do you believe that 
the FCC has the legislative authority to go forward in applying 
this to broadband or to information services?
    Mr. Knapp. Yes, we do believe we have the authority under 
the current statute to do so. Certainly there is some 
interpretation involved in the current law that, as you heard 
raised from some of the Commissioners, there are concerns about 
potential sustainability of that in the future legally.
    But we believe that we are making the right call.
    Mr. Pickering. You announced your NPRM 2 weeks ago?
    Mr. Knapp. August 4.
    Mr. Pickering. August 4. The Solicitor General last week 
agreed to appeal the California decision on how cable broadband 
would be defined this week?
    Mr. Knapp. End of last week.
    Mr. Pickering. Was there an agreement between Justice, the 
FBI, and the FCC to do so?
    Mr. Knapp. No, there was not.
    Mr. Pickering. Was there any discussion to do so?
    Mr. Knapp. No, there was not. Certainly we were aware that 
it was important to the Department of Justice and FBI as to the 
Commission's reaction to the petition that was submitted.
    Mr. Pickering. Mr. Thomas, Ms. Parsky, was there any 
communication between the FCC and the FBI and Justice 
Department concerning the Solicitor General's appeal of the 
Ninth Circuit Court of Appeals decision?
    Ms. Parsky. The Department of Justice has many components. 
The Solicitor General's office is in the Department of Justice, 
as are the Criminal Division and FBI. We in the Criminal 
Division and the FBI are concerned with CALEA and with the 
provisions of CALEA and with protecting law enforcement's 
equities in CALEA.
    So to the extent that our concerns could in any way come 
into play, that is something that we obviously would be 
consulting within the Department of Justice on, and we did. And 
so it was something that we weighed in on, but it was more to 
the extent that we were looking to make sure that if there were 
any possible implications on CALEA, that we looked at those.
    Mr. Pickering. Mr. Thomas?
    Mr. Thomas. Basically I think Laura said it properly. We 
expressed our concerns regarding any impact of either proposed 
legislation or a court ruling on our ability to implement 
CALEA, but there was no discussion about a quid pro quo or 
anything like that.
    Mr. Pickering. Do you find the timing just coincidental?
    Ms. Parsky. The timing was up to the FCC.
    Mr. Knapp. We have had the CALEA issue on the front burner 
for many months, from the time that the petition was filed, and 
we were committed to moving that forward as quickly as we 
could.
    Mr. Pickering. I am not saying that there is necessarily 
anything wrong with reaching an agreement between the Justice 
Department and the FBI and the FCC as to an appeal or not an 
appeal and how does that affect the legal position of the 
administration and telecom policy and trying to coordinate 
policy objectives to stimulate both innovation and investment 
while at the same time meeting public safety and enforcement 
needs.
    So I am not saying that this is anything inherently wrong, 
you know. I just think that we should be transparent about it.
    Mr. Chairman, with that I yield back.
    Mr. Cox [presiding]. The gentleman's time has expired, and 
the hearing is now at a merciful conclusion.
    Mr. Dempsey, Dr. Green, Mr. Baker, Mr. Knapp, Mr. Thomas, 
Ms. Parsky, thank you very much for your testimony, for your 
assistance in our deliberations on these issues.
    The hearing is adjourned.
    [Whereupon, at 1:17 p.m., the hearing was adjourned.]

                                 
