FBI Director Robert Mueller has argued that the bureau's ability to carry out court-approved eavesdropping on suspects is "going dark" as communications technology evolves.
Since 2010 he has pushed for a legal mandate requiring companies like Facebook and Google to build into their instant-messaging and other such systems a capacity to comply with wiretap orders. That proposal, however, bogged down inside the administration amid concerns by other agencies, like the Commerce Department, about quashing Silicon Valley innovation.
While the FBI's original proposal would have required Internet communications services to build in a wiretapping capacity, the revised one, which must now be reviewed by White House officials, focuses on fining companies that do not comply with a wiretap order. The difference, officials say, means startups with few users would be freer to experiment without worrying about wiretapping issues unless they become popular enough to come to the Justice Department's attention.
Still, the plan is likely to set off a debate over the future of the Internet if the White House submits it to Congress, according to lawyers for technology companies and advocates of Internet privacy and freedom.
"I think the FBI's proposal would render Internet communications less secure and more vulnerable to hackers and identity thieves," said Gregory Nojeim of the Center for Democracy and Technology. "It would also mean that innovators who want to avoid new and expensive mandates will take their innovations abroad and develop them there, where there aren't the same mandates."
Andrew Weissmann, the general counsel of the FBI, said in a statement that the proposal was aimed only at preserving law enforcement officials' long-standing ability to investigate suspected criminals, spies, and terrorists subject to a court's permission.
"This doesn't create any new legal surveillance authority," he said. "This always requires a court order. None of the 'going dark' solutions would do anything except update the law given means of modern communications."
A central element of the FBI's 2010 proposal was to expand the Communications Assistance for Law Enforcement Act - a 1994 law that already requires phone and network carriers to build interception capabilities into their systems - so that it would also cover Internet-based services that allow people to converse. However, the bureau has now largely moved away from that one-size-fits-all mandate.
Instead, the new proposal focuses on strengthening wiretap orders issued by judges. Currently such orders instruct recipients to provide technical assistance to law enforcement agencies, leaving wiggle room for firms to say they tried but couldn't make the technology work. Under the new proposal, providers could be ordered to comply and judges could impose fines if they do not.
The shift in thinking toward the judicial fines was first reported by The Washington Post, and additional details were described to The New York Times by several officials who spoke on the condition of anonymity.
Under the proposal, officials said, for a company to be eligible for the strictest deadlines and fines - starting at $25,000 a day - it must first have been put on notice that it needed surveillance capabilities, triggering a 30-day period to consult with the government on any technical problems.
Such notice could be the receipt of its first wiretap order or a warning from the attorney general that it might receive a surveillance request in the future, officials said, arguing that most small startups would never receive either.
Michael Sussman, a former Justice Department lawyer who advises communications providers, said that aspect of the plan appeared to be modeled on a British law, the Regulation of Investigatory Powers Act of 2000.
Foreign-based communications services that do business in the United States would be subject to the same procedures, and would also be required to have a point of contact on domestic soil who could be served with a wiretap order, officials said.
Albert Gidari Jr., who represents technology companies on law enforcement matters, criticized that proposed procedure. He argued that if the U.S. starts imposing fines on foreign Internet firms, it would encourage other countries, some of which may be looking for political dissidents, to penalize U.S. companies if they refuse to turn over users' information.
"We'll look a lot more like China than America after this," Gidari said.
The expanded fines would also apply to phone and network carriers, like Verizon and AT&T, which are separately subject to the 1994 wiretapping capacity law. The FBI has argued that such companies sometimes roll out upgrades to their systems without making sure that their existing wiretap capabilities will keep working.
The 1994 law would continue to cover phone and network companies, and it would be expanded to cover peer-to-peer Voice over Internet Protocol, or VoIP, calls between computers that do not connect to the regular phone network. Such services typically do not route data packets through any central hub, making them difficult to intercept.
The FBI has abandoned a component of its original proposal that would have required companies that facilitate the encryption of users' messages to always have a key to unscramble them if presented with a court order. Critics had charged that such a law would create back doors for hackers. The current proposal would allow services that fully encrypt messages between users to keep operating, officials said.
In the fall of 2010, Mueller toured several Silicon Valley firms to brief them on the proposal as it then existed and urged them not to lobby against it, but the firms have adopted a cautious stance. And in February 2011, the FBI's top lawyer at the time testified about the broad strokes of the idea at a House Judiciary Committee hearing, emphasizing that there was no administration proposal yet.
Still, several top lawmakers at the hearing expressed skepticism, raising fears about innovation and security.
© 2013, The New York Times News Service