IT Myths: Who's analysing our trans-Atlantic phone calls?

"Osama... Bush... dirty bomb..." - and the sirens sound

Who's listening to your phone calls? One of the most commonly heard IT myths has it that governments and large telcos are in cahoots, tapping calls, especially those between the US and other countries, listening for key incriminating phrases. The idea has been made popular by certain groups and conspiracy theorists. In the 1998 film Enemy of the State one key character, Gene Hackman's 'Brill', talks of a secret server farm owned by the CIA/FBI/NSA that crunches through millions of calls for just that reason. "It's a myth that all such calls are monitored," a UK Home Office spokeswoman told silicon.com. "Surveillance can only be conducted under very, very strict circumstances, agreed to by the Home Secretary." Indeed, the relevant legislation in the UK is part 2 of the infamous RIPA 2000 Act. A Home Office written explanation said "the grounds under the Act are tightly defined and are: for national security; to prevent or detect serious crime; to safeguard the well-being of the UK or to give effect to any international mutual assistance agreement (international treaties)." They also involve the authority looking to carry out surveillance going through the appropriate channels. For surveillance of phones and emails an authority needs an Interception of Communications Warrant. Typically police apply to NCIS who then apply to the Home Secretary. (For what's known as 'intrusive surveillance', in a house or prison cell for example, applying to the relevant Chief Constable and a Surveillance Commissioner is necessary.) So the idea of blanket monitoring of thousands of calls in real time, coupled to real time analysis of what's being said, isn't likely. It is far more likely a suspected wrong-doer is the subject to someone 'listening in', in classic spy story style. So why is it that telcos and others who would need to be involved in such activity are so quiet? A spokesman for BT said: "This is not the kind of thing we'd discuss in any event." Other communications and computing companies were also reticent to be associated with this story. One technology expert who has worked with the security forces in the past told silicon.com: "Start by working out how many [trans-Atlantic] calls are made every day, every minute, every second. Then work out what kind of computing power you would need to analyse each call and work out what you'd need from there." The implication is that at least a degree of real time monitoring does go on. However, Simon Davies, director of Privacy International, an organisation that campaigns for civil rights, doesn't believe the Enemy of the State scenario. "I've yet to be convinced there are vast databases that store information on an entire population," he said. "It is quite likely communications information is stored but not necessarily on the basis of key words, and almost certainly targeted on certain individuals and groups." For one thing, Davies reckons an automated system would "create more work, sifting through all the errors". There have been past accounts of UK and US computer systems - some capturing voice, others data or both - that can analyse conversations but these aren't thought to be accurate enough for effective use. Instead, spooks are far more likely to establish patterns associated with key individuals which are used to tip off tappers, Davies said. And if you do think your voice calls are being tapped? There's one simple piece of advice. Davies added: "Don't pay your phone bill and see what happens. No agency is going to blow thousands and thousands in surveillance for the sake of a £30 phone bill. You'll stay connected." For more guidance on interception – * Interception of Communications under RIP Act 2000 * Code of practice * Copy of the Act