Lawful interception is officially strictly controlled in many countries to safeguard privacy; this is the case in all developed democracies. In theory, telephone tapping often needs to be authorized by a court, and is, again in theory, normally only approved when evidence shows it is not possible to detect criminal or subversive activity in less intrusive ways; often the law and regulations require that the crime investigated must be at least of a certain severity. Illegal or unauthorized telephone tapping is often a criminal offense. However, in certain jurisdictions such as Germany and France, courts will accept illegally recorded phone calls without the other party's consent as evidence, but the unauthorized telephone tapping will still be prosecuted.
In the United States, under the Foreign Intelligence Surveillance Act, federal intelligence agencies can get approval for wiretaps from the United States Foreign Intelligence Surveillance Court, a court with secret proceedings, or in certain circumstances from the Attorney General without a court order.
Under the law of the United States and most state laws, there is nothing illegal about one of the parties to a telephone call recording the conversation, or giving permission for calls to be recorded, or permitting their telephone line to be tapped. However, the telephone recording laws in most U.S. states require only one party to be aware of the recording, while 12 states require both parties to be aware. In Nevada, the state legislature enacted a law making it legal for a party to record a conversation if one party to the conversation consented, but the Nevada Supreme Court issued two judicial opinions changing the law and requiring all parties to consent to the recording of a private conversation for it to be legal. It is considered better practice to announce at the beginning of a call that the conversation is being recorded.
In Canadian law, police are allowed to wiretap without the authorization from a court when there is the risk for imminent harm, such as kidnapping or a bomb threat. They must believe that the interception is immediately necessary to prevent an unlawful act that could cause serious harm to any person or to property. This was introduced by Rob Nicholson on February 11, 2013, and is also known as Bill C-55. The Supreme Court gave Parliament twelve months to rewrite a new law. Bill C-51 was then released, which transformed the Canadian Security Intelligence Agency from an intelligence gathering agency, to an agency actively engaged in countering national security threats.
Legal protection extends to 'private communications' where the participants would not expect unintended persons to learn the content of the communication. A single participant can legally, and covertly record a conversation. Otherwise police normally need a judicial warrant based upon probable grounds to record a conversation they are not a part of. In order to be valid wiretap authorization must state: 1) the offences being investigated by the wiretap, 2) the type of communication, 3) the identity of the people or places targeted, 4) the period of validity (60 days from issue).
In India, the lawful interception of communication by authorized law enforcement agencies (LEAs) is carried out in accordance with Section 5(2) of the Indian Telegraph Act, 1885 read with Rule 419A of Indian Telegraph (Amendment) Rules, 2007. Directions for interception of any message or class of messages under sub-section (2) of Section 5 of the Indian Telegraph Act, 1885 shall not be issued except by an order made by the Secretary to the Government of India in the Ministry of Home Affairs in the case of Government of India and by the Secretary to the State Government in-charge of the Home Department in the case of a state government. The government has set up the Centralized Monitoring System (CMS) to automate the process of lawful interception and monitoring of telecommunications technology. The government of India on 2015 December 2 in a reply to parliament question no. 595 on scope, objectives and framework of the CMS has struck a balance between national security, online privacy and free speech informed that to take care of the privacy of citizens, lawful interception and monitoring is governed by the Section 5(2) of Indian Telegraph Act, 1885 read with Rule 419A of Indian Telegraph (Amendment) Rules, 2007 wherein oversight mechanism exists in form of review committee under chairmanship of the Cabinet Secretary at Central Government level and Chief Secretary of the State at the state government level.
The contracts or licenses by which the state controls telephone companies often require that the companies must provide access to tapping lines to law enforcement. In the U.S., telecommunications carriers are required by law to cooperate in the interception of communications for law enforcement purposes under the terms of Communications Assistance for Law Enforcement Act (CALEA).
When telephone exchanges were mechanical, a tap had to be installed by technicians, linking circuits together to route the audio signal from the call. Now that many exchanges have been converted to digital technology, tapping is far simpler and can be ordered remotely by computer. This central office switch wiretapping technology using the Advanced Intelligent Network (AIN) was invented by Wayne Howe and Dale Malik at BellSouth's Advanced Technology R&D group in 1995 and was issued as US Patent #5,590,171. Telephone services provided by cable TV companies also use digital switching technology. If the tap is implemented at a digital switch, the switching computer simply copies the digitized bits that represent the phone conversation to a second line and it is impossible to tell whether a line is being tapped. A well-designed tap installed on a phone wire can be difficult to detect. In some instances some law enforcement may be able to even access a mobile phone's internal microphone even while it isn't actively being used on a phone call (unless the battery is removed or drained). The noises that some people believe to be telephone taps are simply crosstalk created by the coupling of signals from other phone lines.
Data on the calling and called number, time of call and duration, will generally be collected automatically on all calls and stored for later use by the billing department of the phone company. These data can be accessed by security services, often with fewer legal restrictions than for a tap. This information used to be collected using special equipment known as pen registers and trap and trace devices and U.S. law still refers to it under those names. Today, a list of all calls to a specific number can be obtained by sorting billing records. A telephone tap during which only the call information is recorded but not the contents of the phone calls themselves, is called a pen register tap.
For telephone services via digital exchanges, the information collected may additionally include a log of the type of communications media being used (some services treat data and voice communications differently, in order to conserve bandwidth).
Conversations can be recorded or monitored unofficially, either by tapping by a third party without the knowledge of the parties to the conversation, or recorded by one of the parties. This may or may not be illegal, according to the circumstances and the jurisdiction.
There are a number of ways to monitor telephone conversations. One of the parties may record the conversation, either on a tape or solid-state recording device, or on a computer running call recording software. The recording, whether overt or covert, may be started manually, automatically by detecting sound on the line (VOX), or automatically whenever the phone is off the hook.using an inductive coil tap (telephone pickup coil) attached to the handset or near the base of the telephone;
fitting an in-line tap, as discussed below, with a recording output;
using an in-ear microphone while holding the telephone to the ear normally; this picks up both ends of the conversation without too much disparity between the volumes
more crudely and with lower quality, simply using a speakerphone and recording with a normal microphone
The conversation may be monitored (listened to or recorded) covertly by a third party by using an induction coil or a direct electrical connection to the line using a beige box. An induction coil is usually placed underneath the base of a telephone or on the back of a telephone handset to pick up the signal inductively. An electrical connection can be made anywhere in the telephone system, and need not be in the same premises as the telephone. Some apparatus may require occasional access to replace batteries or tapes. Poorly designed tapping or transmitting equipment can cause interference audible to users of the telephone.
The tapped signal may either be recorded at the site of the tap or transmitted by radio or over the telephone wires. As of 2007 state-of-the-art equipment operates in the 30–300 GHz range to keep up with telephone technology compared to the 772 kHz systems used in the past. The transmitter may be powered from the line to be maintenance-free, and only transmits when a call is in progress. These devices are low-powered as not much power can be drawn from the line, but a state-of-the-art receiver could be located as far away as ten kilometers under ideal conditions, though usually located much closer. Research has shown that a satellite can be used to receive terrestrial transmissions with a power of a few milliwatts. Any sort of radio transmitter whose presence is suspected is detectable with suitable equipment.
Conversation on many early cordless telephones could be picked up with a simple radio scanner or sometimes even a domestic radio. Widespread digital spread spectrum technology and encryption has made eavesdropping increasingly difficult.
A problem with recording a telephone conversation is that the recorded volume of the two speakers may be very different. A simple tap will have this problem. An in-ear microphone, while involving an additional distorting step by converting the electrical signal to sound and back again, in practice gives better-matched volume. Dedicated, and relatively expensive, telephone recording equipment equalizes the sound at both ends from a direct tap much better.
Mobile phones are, in surveillance terms, a major liability. This liability will only increase as the new third-generation (3G), LTE, WiMAX, and fourth-generation (4G) phones are introduced, as the base stations will be located closer together. For mobile phones the major threat is the collection of communications data. This data does not only include information about the time, duration, originator and recipient of the call, but also the identification of the base station where the call was made from, which equals its approximate geographical location. This data is stored with the details of the call and has utmost importance for traffic analysis.
It is also possible to get greater resolution of a phone's location by combining information from a number of cells surrounding the location, which cells routinely communicate (to agree on the next handoff—for a moving phone) and measuring the timing advance, a correction for the speed of light in the GSM standard. This additional precision must be specifically enabled by the telephone company—it is not part of the network's ordinary operation.
In 1995, Peter Garza, a Special Agent with the Naval Criminal Investigative Service, conducted the first court-ordered Internet wiretap in the United States while investigating Julio Cesar Ardita ("El Griton").
As technologies emerge, including VoIP, new questions are raised about law enforcement access to communications (see VoIP recording). In 2004, the Federal Communications Commission was asked to clarify how the Communications Assistance for Law Enforcement Act (CALEA) related to Internet service providers. The FCC stated that “providers of broadband Internet access and voice over Internet protocol (“VoIP”) services are regulable as “telecommunications carriers” under the Act.” Those affected by the Act will have to provide access to law enforcement officers who need to monitor or intercept communications transmitted through their networks. As of 2009, warrantless surveillance of internet activity has consistently been upheld in FISA court.
The Internet Engineering Task Force has decided not to consider requirements for wiretapping as part of the process for creating and maintaining IETF standards.
Typically, illegal Internet wiretapping will be conducted via Wi-Fi connection to someone's internet by cracking the WEP or WPA key, using a tool such as Aircrack-ng or Kismet. Once in, the intruder will rely on a number of potential tactics, for example an ARP spoofing attack which will allow the intruder to view packets in a tool such as Wireshark or Ettercap.
One issue that Internet wiretapping is yet to overcome is that of steganography, whereby a user encodes, or “hides”, one file inside another (usually a larger, dense file like a MP3 or JPEG image). With modern advancements in encoding technologies, the resulting combined file is essentially indistinguishable to anyone attempting to view it, unless they have the necessary protocol to extract the hidden file. US News reported that this technique was commonly used by Osama bin Laden as a way to communicate with his terrorist cells.
Mobile phones have numerous privacy issues. Governments, law enforcement and intelligence services use mobiles to perform surveillance in the UK and the US. They possess technology to activate the microphones in cell phones remotely in order to listen to conversations that take place near to the person who holds the phone.
Mobile phones are also commonly used to collect location data. While the phone is turned on, the geographical location of a mobile phone can be determined easily (whether it is being used or not), using a technique known as multilateration to calculate the differences in time for a signal to travel from the cell phone to each of several cell towers near the owner of the phone.
The second generation mobile phones (circa 1978 through 1990) could be easily monitored by anyone with a 'scanning all-band receiver' because the system used an analog transmission system-like an ordinary radio transmitter. The third generation digital phones are harder to monitor because they use digitally encoded and compressed transmission. However the government can tap mobile phones with the cooperation of the phone company. It is also possible for organizations with the correct technical equipment to monitor mobile phone communications and decrypt the audio.
To the mobile phones in its vicinity, a device called an "IMSI-catcher" pretends to be a legitimate base station of the mobile phone network, thus subjecting the communication between the phone and the network to a man-in-the-middle attack. This is possible because, while the mobile phone has to authenticate itself to the mobile telephone network, the network does not authenticate itself to the phone. There is no defense against IMSI-catcher based eavesdropping, except using end-to-end call encryption; products offering this feature, secure telephones, are already beginning to appear on the market, though they tend to be expensive and incompatible with each other, which limits their proliferation.
Logging the IP addresses of users that access certain websites is commonly called "webtapping".
Webtapping is used to monitor websites that presumably contain dangerous or sensitive materials, and the people that access them. Though it is allowed by the USA PATRIOT Act, it is considered a questionable practice by many citizens, if not an all-out violation of civil liberties.
In Canada, anyone is legally allowed to record a conversation, as long as they are involved in the conversation. Canadians are not allowed to record a conversation legally that they are not a part of. The police must apply for a warrant beforehand to legally eavesdrop on the conversation. It must be expected that it will reveal evidence to a crime. State agents are lawfully allowed to record conversations but, to reveal the evidence in court, they must obtain a warrant.
Many state legislatures in the United States enacted statutes that prohibited anybody from listening in on telegraph communication. Telephone wiretapping began in the 1890s, following the invention of the telephone recorder, and its constitutionality was established in the Prohibition-Era conviction of bootlegger Roy Olmstead. Wiretapping has also been carried out under most Presidents, sometimes with a lawful warrant since the Supreme Court ruled it constitutional in 1928. On October 19, 1963, U.S. Attorney General Robert F. Kennedy, who served under John F. Kennedy and Lyndon B. Johnson, authorized the FBI to begin wiretapping the communications of Rev. Martin Luther King, Jr. The wiretaps remained in place until April 1965 at his home and June 1966 at his office.
The history of voice communication technology begins in 1876 with the invention of Alexander Graham Bell’s telephone. In the 1890s, “law enforcement agencies begin tapping wires on early telephone networks”. Remote voice communications “were carried almost exclusively by circuit-switched systems,” where telephone switches would connect wires to form a continuous circuit and disconnect the wires when the call ended). All other telephone services, such as call forwarding and message taking, were handled by human operators. However, the first computerized telephone switch was developed by Bell Labs in 1965. This got rid of standard wiretapping techniques.
In the 1970s, optical fibers become a medium for telecommunications. These fiber lines, which are “long, thin strands of glass that carry signals via laser light”, are more secure than radio, and have become very cheap. From the 1990s to the present, the majority of communications between fixed locations is achieved by fiber. Because these fiber communications are wired, they're given greater protection under U.S. law.
The earliest wiretaps were extra wires —physically inserted to the line between the switchboard and the subscriber— that carried the signal to a pair of earphones and a recorder. Later on wiretaps were installed at the central office on the frames that held the incoming wires.”
Before the attack on Pearl Harbor and the subsequent entry of the United States into World War II, the U.S. House of Representatives held hearings on the legality of wiretapping for national defense. Significant legislation and judicial decisions on the legality and constitutionality of wiretapping had taken place years before World War II. However, it took on new urgency at that time of national crisis. The actions of the government regarding wiretapping for the purpose of national defense in the current war on terror have drawn considerable attention and criticism. In the World War II era, the public was also aware of the controversy over the question of the constitutionality and legality of wiretapping. Furthermore, the public was concerned with the decisions that the legislative and judicial branches of the government were making regarding wiretapping.
In 1967 the U.S. Supreme Court ruled that wiretapping (or “intercepting communications”) requires a warrant in Katz v. United States. In 1968 Congress passed a law that provided warrants for wiretapping in criminal investigations. In 1978 the Foreign Intelligence Surveillance Act (FISA) created a "secret federal court" for issuing wiretap warrants in national security cases. This was in response to findings from the Watergate break-in, which allegedly uncovered a history of presidential operations that had used surveillance on domestic and foreign political organizations.
In 1994, Congress approved the Communications Assistance for Law Enforcement Act (CALEA), which “requires telephone companies to be able to install more effective wiretaps. In 2004, the Federal Bureau of Investigation (FBI), United States Department of Justice (DOJ), Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF), and Drug Enforcement Administration (DEA) wanted to expand CALEA requirements to VoIP service.”
The Federal Communications Commission (FCC) ruled in August 2005 that “broadband-service providers and interconnected VoIP providers fall within CALEA’s scope. Currently, instant messaging, web boards and site visits are not included in CALEA’s jurisdiction. In 2007 Congress amended FISA to “allow the government to monitor more communications without a warrant”. In 2008 President George W. Bush expanded the surveillance of internet traffic to and from the U.S. government by signing a national security directive.
In the Greek telephone tapping case 2004–2005 more than 100 mobile phone numbers belonging mostly to members of the Greek government, including the Prime Minister of Greece, and top-ranking civil servants were found to have been illegally tapped for a period of at least one year. The Greek government concluded this had been done by a foreign intelligence agency, for security reasons related to the 2004 Olympic Games, by unlawfully activating the lawful interception subsystem of the Vodafone Greece mobile network. An Italian tapping case which surfaced in November 2007 revealed significant manipulation of the news at the national television company RAI.
In 2008, Wired and other media reported a lamplighter disclosed a "Quantico Circuit", a 45-megabit/second DS-3 line linking a carrier's most sensitive network in an affidavit that was the basis for a lawsuit against Verizon Wireless. The circuit provides direct access to all content and all information concerning the origin and termination of telephone calls placed on the Verizon Wireless network as well as the actual content of calls, according to the filing.
The most recent case of U.S. wiretapping was the NSA warrantless surveillance controversy discovered in December 2005. It aroused much controversy after then President George W. Bush admitted to violating a specific federal statute (FISA) and the warrant requirement of the Fourth Amendment to the United States Constitution. The President claimed his authorization was consistent with other federal statutes (AUMF) and other provisions of the Constitution, it was necessary to keep America safe from terrorism and could lead to the capture of notorious terrorists responsible for the September 11 attacks in 2001.
One difference between foreign wiretapping and domestic wiretapping is that, when operating in other countries, “American intelligence services could not place wiretaps on phone lines as easily as they could in the U.S.” Also, domestically, wiretapping is regarded as an extreme investigative technique, whereas outside of the country, the interception of communications is huge. The National Security Agency (NSA) “spends billions of dollars every year intercepting foreign communications from ground bases, ships, airplanes and satellites”.
FISA distinguishes between U.S. persons and foreigners, between communications inside and outside the U.S., and between wired and wireless communications. Wired communications within the United States are protected, since intercepting them requires a warrant.