Next year, Congress will begin the difficult process of rewriting the Telecommunications Act of 1996. As a Member of the House Energy and Commerce Committee (as well as the Judiciary Committee), I see this exercise as an enormously valuable opportunity to fashion new federal guidelines for the era of Internet-based communications.
In anticipation of this debate, I have joined with Representative Cliff Stearns of Florida in drafting H.R. 4757, the Advanced Internet Communications Services Act. The legislation would stimulate investment in, and encourage the rapid deployment of, Voice over Internet Protocol (VoIP) and other Advanced Internet Communcations Services. We begin from the premise that VoIP is neither a pure telecommunications service nor a pure information service, as defined under current law. We would write new rules for it.
With its packet-switched architecture, VoIP offers a far more convenient and less costly means of making telephone calls than the currently used circuit-switched technology. Internet-based telephone calling will bring digital clarity, greater flexibility of service offerings and substantial consumer savings over the analog circuit-switched technology now widely in use.
We believe that Internet-based communications should be treated with a light regulatory touch. Traditional rules that have applied to wired local exchanges will not apply. However, in view of the fact that virtually all voice communications will migrate to VoIP over several years, we believe it is useful to preserve E911, properly warranted law enforcement access, access for the hearing impaired and universal service funding for those who still have and need financial help in keeping wired telephones. More information on the bill is available at my website.
It is our intent to apply the new light regulatory touch to all Internet-based communications, not just to VoIP. I would appreciate thoughts on whether we have undertaken the right approach to drafing a new framework for the era of Internet-based communications, and what kinds of new Internet-based services and technologies lie over the horizon but be shaping our thinking now.
God and the Devil is in the details. Particularly phrases such as:
“properly warranted law enforcement access.”
Without being too much of a futurist, I suggest there are some upcoming issues where increased ability to “connect” among people, will affect security-related trade-offs, in the same way that increased ability to copy information has provided copyright-related challenges.
As an “early adaptor” of a VOIP service, I’m glad to see some thought going into how VOIP will be regulated and legislated.
One thing that has troubled me is the lack of 911 coverage available to VOIP customers. Vonage, the service I use, does encourage users to sign up for it’s “version” of 911 dialing, but even after the signup process, it routes calls to non emergency numbers, not actual 911 switchboards. To see some sort of legislation allowing VOIP service providers access to 911 emergency numbers would be a welcome development.
As a side note…I hope the “digital clarity” part really does come true. At this point, I still have some quality of service issues, even with a T1 line at my residence.
I’m curious to see if Congress will address the recent federal court ruling which struck down the regulation line rates the Bells charge 3rd parties. This was probably the center piece of the ’96 Act, *the* plan to introduce competition. Now the Bells have access to the long distance market and don’t have to give anything in return, breaking Congress’ intent in the ’96 Act.
I too am uncomfortable with “properly warranted law enforcement access” being uniquely defined for VoIP services, mostly because I believe VoIP is in fact a pure information service (though perhaps not as defined under current law).
It seems to me that for law enforcement access to be effective and therefore justified, they would have to access your entire pipe of data transmission, otherwise you could always switch to another mode of communication. If it becomes easier for law enforcement to get authorization to tap VoIP packets than to tap email packets (leaving aside how they would discriminate between them), then why would criminals not use email to communicate sensitive information?
Regarding law enforcement access, what will be permitted is exactly what is allowed today for wireline voice calls, ie, a wiretap after a warrant is issued following a showing of probable cause. If this access is not allowed, law enforcement will lose wiretap ability for phone calls almost competely as most of the country migrates from wireline voice calls to VOIP.
Congress is unlikely to become involved , at least in the near term , in the debate over access by competitors to the local telephone platform. Specifically, what the FCC disallowed was the assembling of seperate network elements into an “unbundled network platform ” or UNE-P , at foreward looking rates, otherwise known as TELRIC pricing. The local phone companies complained with some justifucation that Congress never intended the use of UNE_Ps and that the TELRIC rates are so low that the local carriers were in effect subsidizing their competitors. Interconnection rights for competitors are not affected by the FCC’s order.
The matter will probably at least be discussed next year when the 1996 Telecom Act is opened for revision, but my guess is that the FCC decision will not be overturned in Congress.
I know next to nothing about VoIP so this may be a bit naive; but how can we guarantee “properly warranted law enforcement access” if the VoIP conversation is encrypted? Doesn’t that bring us back to the long-running fight over encrypted e-mails, which is no closer to a resolution now than when it started (as every proposal has died under a firestorm of outrage over violation of privacy concerns)? It seems to me a simple idea to simply invent a device that encrypts the conversations, and then so much for LE’s access.
I’m not in a big rush to convert to VoIP anyway. I want phone service that doesn’t go away when the main grid power goes out (line-powered), because you never know what emergency is going to crop up where you need to make a call with the power out (lightning strikes my house and starts a fire, maybe). If my cable modem is down with the power out, I’m SOL.
Rep. Boucher:
I am sorry to rain in your parade, but “wiretap ability” is gone once calls make the transition to VOIP, and do not let anyone tell you otherwise. Let me put on my terrorist thinkcap. If I know that it is likely that the FBI will tap my VOIP phone, then It is trivial for me and my cell to setup an alternate voice network. I could take any Open Source VOIP software and alter the IP ports it will be connecting to. Furthermore, if I want to further muddle it, I could use the Kazaa ports and structure it to disguise the phone call as a P2P interaction (is he downloading music or talking on the phone? )
To defeat that, the FBI will need to set a Carnivore machine (although I think that would be more like a Carnivore-lite to make sure it does not stand out too much on the street) right in between my broadband conection and my ISP and even so, if I were paying attention, I would notice when they set that up because of the extra hop that the carnivore machine is likely to introduce. An if I were a sneaky terrorist, I would have not only that one ADSL connection, but two additional WiFi connections attached to some neighbor’s PC (not that he would mind, assuming he finds out), so that the traffic will be divided up. The FBI would have to make sure that they catch all connections to make sure that they will listen to the full message, assuming they can crack the encryption (For this operation I could very much setup a one-time pad for encrypted communication).
I know that crossing our arms is not a solution, but I am afraid of how much privacy and anonymity rights will have to suffer to allow this leaky kind of surveillance.
It seems to me there are two ways to do VOIP at this time–one is through a provider who specifically offers phone-like services. The second is through the existing myriad ways to do real-time voice over the internet–such as chat and conferencing systems, even video-games.
The second strikes me as unenforcible. How would you tap a point-to-point connection? What about over VPN? Plus, a lot of this software comes from underground sources–and it’s relatively simple to build such a system.
The first can be taxed and can alter the infrastructures to allow surveillance. They don’t have a large installed based to complain, so it seems this could happen. But since the second method exists, those who wish to opt-out will have a relatively easy time doing so.
Mr. Congressman, I count it a privilege to get your, uh – ears(?).
I wish people would understand that VoIP is, as a presentation-layer protocol, NOT something that should be saddled with the requirement to provide 911 service. The point of the 911 network is to provide access to an appropriate service based on the physical location of the user, which is something that you can’t shoehorn into any service above the IP layer, which has neither knowledge of nor control over the physical layer. The providers of the physical-layer services are the only ones who are even capable of providing this service.
As to all the other regulations, there are two glaring problems with applying them to VoIP: first, the market needs them to go away from the old technology, not to be cloned onto the new; second, it’s impossible! VoIP ISN’T an “information service” but a protocol, implemented in software. The only thing that can be regulated about it is the adapter equipment to the PSTN, which is being obsoleted. It will certainly be around for a while, but the more the market takes up IP telephony the faster the PSTN will shrink. Ironically, adding these regulations – particularly the CALEA ones – will accelerate the migration, as the value proposition is weakened by extra cost and lack of freedom.
As for UNE-P, I realize that many people dispute whether the rates are really so low as to lose money for the incumbents. As an ILEC employee myself, I am naturally biased, but aware of the fact, having also worked for AT&T after the divestiture.
But “follow the money”: no one ever lies with his checkbook. Neither the ILECs nor their competition have been building out networks. If the ILECs are not losing money, then they’re making money, right? And if so, they’re making much smaller margins but much greater volume at lower cost (no marketing involved). So even if we didn’t like it, and complained loudly, we’d still be building more, because we’d know we could sell them. Likewise, if the CLECs were getting overcharged, wouldn’t they be building competitive networks to compete with ours?
In other words, wouldn’t BOTH sides be spending on backhoes and bulldozers instead of lawyers and lobbyists? And now, with the rules changed, the ILECs are building again.
Oh yeah: about “getting into long distance, without giving anything back”…
The FIRST thing VoIP did is to derail the LD gravy train. The only truly competitive price a local provider can charge for LD is zero.
Despite being both an ASIC designer in the telecom industry, and a software programmer (hobby) I find this to be a difficult topic. I think that when dealing with large companies setting up a commercial VoIP network, regulation is possible. When dealing with an open, and quite possibly free, VoIP solution this might become a lot harder, especially if such a service is created outside the US. After all: VoIP can be just another protocol, just like P2P. They may come and go as easily as people switching from one P2P program to the next, or from one instant messenger to the next, depending on how they like the service.
Certain things in your proposal sound good: services to the customer will probably be happily implemented in an open environment. Wiretapping however will probably be met with less enthusiasm. Also: wiretapping wouldn’t work anyway, since anyone who’d have to be worried about being wiretapped would never use a service that can be wiretapped. They’d just create their own way of communicating over the internet, by slightly altering any protocol available.
So I guess it comes down to the question: what would you like to regulate? Services to the customer or government control? For commercial entities, regulation for customer services may be needed. Government control however will never work, neither for commercial nor for free networks.
In response to Javier Perez —
There is a huge gulf in technical knowledge between you and the average bank robber. Few people have any idea how to “setup an alternate voice network… or Open Source VOIP software and alter [its] IP ports.”
This has been said a million times, but law enforcement does not need to be perfect to be effective. The fact that an good IT guy can get around wiretaps says little about what the guy who holds up a 7-11 can do.
In response to Brian: Why does the fact that VoIP in a layer-seven app. say anything about whether it should be regulated federally? The point of 911 and wiretapping is to serve the public interest, wherever it may be found on a protocol stack.
Tim
To professor Wu:
I don’t believe that it does. What it says is that it can’t be responsible for information that is only available to the physical layer. And as I and others have said, it doesn’t make any difference whether the government regulates it or not; there is no effective enforcement available – at least not without intrusions into everyone’s privacy and freedoms that no one will (yet) tolerate.
Also, just as you and I don’t have to know the intricacies of fuel mixtures and suspension tuning to drive on the highway, neither does your “average bank robber” have to know how a network works to misuse it effectively, any more than a terrorist has to know how to forge credentials – he can simply rely on someone else to do it for him, and if there’s a buck to be made, someone will do it.
And with the disrespect for law that is now being bred by many current regulatory and law-enforcement trends, it is likely to be commonplace for ordinary “honest” citizens to flout any such laws, even without a criminal profit motive.
�If this access is not allowed, law enforcement will lose wiretap ability for phone calls almost completely as most of the country migrates from wireline voice calls to VOIP.�
The power of the police to wiretap wireline voice calls was created when wireline technology came into existence. As such it is only natural that such power to wiretap may be lost when wireline technology is replaced by technology that is incapable of being tapped. Otherwise we will just be attempting to curtail progress and evolution for the sole benefit of the old, entrenched interests. Who by the way can develop other technologies to keep up, but do not care to, because they are fat and lazy.
Technology should not be forced to limit its architecture for the sole purpose of allowing law enforcement the ability to snoop. When wire taps were first allowed, they were allowed in the context of the pre-existing architecture. The police should be able to look where they can look, with judicial oversight, probable cause, no reasonable expectation of privacy etc. However, if the police do not have the capability to insert wiretaps because of their own technological limitations, then we should not have to create access for them. Let law enforcement create their own technology.
It is against the laws of nature to force the rest of us to limit our abilities and choices just so the old guard can hold on to old power without having to evolve and adapt like the rest of us.
Apologies for the delay in participating. I am back in DC after 9 hours of what should have been a 3 hour airplane flight–cancelled flights, ect. Anyway, I’m reading your coments and will have a reply shortly. Thanks for participating and for your patience.
I have to admit some surprise that the phrase ” properly warranted law enforcement access” seems to have been the principle focus of the discussion today. On that matter I would note that will be technical issues will obviously be a challenge , and there will be ways that the technically informed can avoid the law enforcement observation , but as Professor Wu noted, the typical criminal will probably not have that expertise. Some considerable amount of law enforcement access is perhaps technically achievable in a way that will be effective and respectful of privacy rights. In any event the price of achieving the deregulation we are seeking for VOIP will be providing the legal avenue for law enforcement access.
Absent from today’s conversation was what will happen if we do not act to liberate VOIP and other advanced Internet based communications from the current ability of both the states and the federal government to apply the regulations now applicable to wireline phone calls to Internet based calls. Several states have already attempted to do so. The major reason for our legislative effort is to declare the services to be interstate in nature and subject to exclusive federal jusirdiction and then to instruct the FCC to impose only the minimal regulations I described. If Congress does not act, VOIP may drown in a sea of regulatory excess.
The price for liberating advanced IP services in this fashion will be the continuation of the social obligations identified in the posting. It seems a small price to pay. I believe that a consensus will be achieved on this balance. You can expect a form of this measure to achieve passage in the next Congress.
As the debate heats up next year, weigh in again. I will welcome your views.
Again, apologies for my absence today—I really had the best of intentions.
I’m glad you are working to provide the means for emergency access on the newer technologies, but as far as the wire tap issue, there is an should easier way(legally, not technically). I heard somewhere that there was a proposal to change the current wire tap laws to enable authorities to tap the person. By that, meaning the court would authorize the warranted officer(s) to tap phones, internet, and so on. I would much rather see a simple solution such as that, than to see multiple legislation that deals with the various communication methods differently.
I also hate giving the power of regulation to offices or entities in the government, but that’s a different problem.
I would disagree with definition 1. It’s great up to the “and services and applications that enable an end user to send or receive a communication in Internet protocol format”, nothing is sent or received in IP, it’s merely an addressing scheme. I think the first 2 parts of the definition cover TCP and any other communication that uses IP. Also, if I remember correctly, some of the larger network pipes do not use IP as a addressing scheme, and therefore wouldn’t be covered under that definition.
I’m not a lawyer though.
Just remember, every time a law is passed, someone lost some rights.