Inside Cisco's eavesdropping apparatus

privacy       2003-04-21 
Cisco Systems has created a more efficient and targeted way for police and intelligence agencies to eavesdrop on people whose Internet service provider uses their company's routers.
The company recently published a proposal that describes how it plans to embed "lawful interception" capability into its products. Among the highlights: Eavesdropping "must be undetectable," and multiple police agencies conducting simultaneous wiretaps must not learn of one another. If an Internet provider uses encryption to preserve its customers' privacy and has access to the encryption keys, it must turn over the intercepted communications to police in a descrambled form.
Cisco's decision to begin offering "lawful interception" capability as an option to its customers could turn out to be either good or bad news for privacy.
Because Cisco's routers currently aren't designed to target an individual, it's easy for an Internet service provider (ISP) to comply with a police request today by turning over all the traffic that flows through a router or switch. Cisco's "lawful interception" capability thus might help limit the amount of data that gets scooped up in the process.