Risking communications security: Potential hazards of the Protect America Act

Steven M. Bellovin; Matt Blaze; Whitfield Diffie; Susan Landau; Peter G. Neumann; Jennifer L. Rexford

doi:10.1109/MSP.2008.17

Risking communications security: Potential hazards of the Protect America Act

Steven M. Bellovin, Matt Blaze, Whitfield Diffie, Susan Landau, Peter G. Neumann, Jennifer L. Rexford

Research output: Contribution to journal › Article › peer-review

12 Scopus citations

Abstract

The new Protect America Act permits warrantless foreign-intelligence wire-trapping whenever one end of the communication is believed to be outside the US. The US systems for foreign intelligence surveillance located outside the US minimize access to the traffic of US persons on the grounds of their location. The new act can lead to surveillance on an unprecedented scale that will inevitably intercept some purely domestic communications. It can lead to some serious security risks including the risk of exploitation of the system by unauthorized users, danger of criminal misuse by trusted insiders, and risk of misuse by government agents. The new systems is likely to operate differently from earlier wiretrapping regimes and will use new technologies for purposes of targeting wiretraps. It requires an appropriate oversight by publicly accountable bodies and while the details might remain closed, there should be a publicly known system for handling situations when mistakes are made.

Original language	English (US)
Pages (from-to)	24-33
Number of pages	10
Journal	IEEE Security and Privacy
Volume	6
Issue number	1
DOIs	https://doi.org/10.1109/MSP.2008.17
State	Published - Jan 2008

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Electrical and Electronic Engineering
Law

Access to Document

10.1109/MSP.2008.17

Cite this

@article{7f11990889384c97b458c7cf48518ff9,

title = "Risking communications security: Potential hazards of the Protect America Act",

abstract = "The new Protect America Act permits warrantless foreign-intelligence wire-trapping whenever one end of the communication is believed to be outside the US. The US systems for foreign intelligence surveillance located outside the US minimize access to the traffic of US persons on the grounds of their location. The new act can lead to surveillance on an unprecedented scale that will inevitably intercept some purely domestic communications. It can lead to some serious security risks including the risk of exploitation of the system by unauthorized users, danger of criminal misuse by trusted insiders, and risk of misuse by government agents. The new systems is likely to operate differently from earlier wiretrapping regimes and will use new technologies for purposes of targeting wiretraps. It requires an appropriate oversight by publicly accountable bodies and while the details might remain closed, there should be a publicly known system for handling situations when mistakes are made.",

author = "Bellovin, {Steven M.} and Matt Blaze and Whitfield Diffie and Susan Landau and Neumann, {Peter G.} and Rexford, {Jennifer L.}",

year = "2008",

month = jan,

doi = "10.1109/MSP.2008.17",

language = "English (US)",

volume = "6",

pages = "24--33",

journal = "IEEE Security and Privacy",

issn = "1540-7993",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

number = "1",

}

TY - JOUR

T1 - Risking communications security

T2 - Potential hazards of the Protect America Act

AU - Bellovin, Steven M.

AU - Blaze, Matt

AU - Diffie, Whitfield

AU - Landau, Susan

AU - Neumann, Peter G.

AU - Rexford, Jennifer L.

PY - 2008/1

Y1 - 2008/1

N2 - The new Protect America Act permits warrantless foreign-intelligence wire-trapping whenever one end of the communication is believed to be outside the US. The US systems for foreign intelligence surveillance located outside the US minimize access to the traffic of US persons on the grounds of their location. The new act can lead to surveillance on an unprecedented scale that will inevitably intercept some purely domestic communications. It can lead to some serious security risks including the risk of exploitation of the system by unauthorized users, danger of criminal misuse by trusted insiders, and risk of misuse by government agents. The new systems is likely to operate differently from earlier wiretrapping regimes and will use new technologies for purposes of targeting wiretraps. It requires an appropriate oversight by publicly accountable bodies and while the details might remain closed, there should be a publicly known system for handling situations when mistakes are made.

AB - The new Protect America Act permits warrantless foreign-intelligence wire-trapping whenever one end of the communication is believed to be outside the US. The US systems for foreign intelligence surveillance located outside the US minimize access to the traffic of US persons on the grounds of their location. The new act can lead to surveillance on an unprecedented scale that will inevitably intercept some purely domestic communications. It can lead to some serious security risks including the risk of exploitation of the system by unauthorized users, danger of criminal misuse by trusted insiders, and risk of misuse by government agents. The new systems is likely to operate differently from earlier wiretrapping regimes and will use new technologies for purposes of targeting wiretraps. It requires an appropriate oversight by publicly accountable bodies and while the details might remain closed, there should be a publicly known system for handling situations when mistakes are made.

UR - http://www.scopus.com/inward/record.url?scp=38949177002&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=38949177002&partnerID=8YFLogxK

U2 - 10.1109/MSP.2008.17

DO - 10.1109/MSP.2008.17

M3 - Article

AN - SCOPUS:38949177002

SN - 1540-7993

VL - 6

SP - 24

EP - 33

JO - IEEE Security and Privacy

JF - IEEE Security and Privacy

IS - 1

ER -

Risking communications security: Potential hazards of the Protect America Act

Abstract

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this