The friendly skies just became friendlier. At least if you’re a government agency seeking to snoop on airline travelers. Not so friendly if you’re a user of electronic devices on airplanes. The federal government is putting the arm on airline Wi-FI providers to provide it with access to fliers information. Just how far are electronic aviation providers willing to go to placate the Federal Communications Commission (FCC)? The answer is pretty far. And what is more worrisome is that, at least in the case of one company, they are jumping the gun to be ahead of the game. Rather than be ambushed by federal subpoena, some are voluntarily providing the government’s surveillance to intrude on the privacy of air travelers.
Gogo is a preeminent inflight Wi-Fi provider. They are used by millions of airline passengers each year to stay connected while flying. Gogo provides inflight WI-FI and digital entertainment to Delta, American Airlines , Alaska Airlines, Virgin America, US Airways and others. It uses a special air-to-ground network that it claims it designed in consultation with law enforcement. Moreover, when ordered by US law enforcement or the NSA, Gogo and others that provide Wi-Fi aboard aircraft must follow the same wiretap provisions as telecoms and terrestrial ISP’s do. This is routine for tracking. But they now may be doing more than is currently required by law.
By its own admission, in a letter to the FCC, Gogo admitted voluntarily exceeded the requirements of the Communications Assistance for Law Enforcement Act (CALEA) by adding capabilities to its system at the behest of law enforcement. This has alarmed civil liberties groups which contend that companies should not be cooperating with the government with deals that may aid them in monitoring or tracking users. According to Peter Eckersley of the Electronics Frontier Foundation, ’ CALEA itself is a massive infringement on users’ rights. Having ISP’s (now) that say that CALEA isn’t enough. We’re going to be even more intrusive in what we collect on people is, honestly, scandalous.”
In its letter to the FCC Gogo disclosed that it voluntarily exceeded the requirements of CALEA. In 2012 the company wrote, ’In designing its existing network, Gogo worked closely with law enforcement to incorporate functionalities and protections that would serve public safety and national security interests.” So said Gogo’s attorney, Karis Hastings. Hastings expanded , ’…Gogo worked with federal agencies to reach agreement regarding a set of additional capabilities to accommodate law enforcement interests.” These capabilities went beyond what FCC rules require and CALEA outlines.
It should be noted that when CALEA became law in 1994, it applied only to telecom. It charged them with providing wiretap capabilities for phone calls. It was in 2007 that the FCC demanded CALEA compliance from broadband and VoIP providers, too. This was carried out under pressure from the Justice Department and the FBI. Specifically, under CALEA, communications providers must be able to isolate all wire and electronic communications to and from any account targeted by law enforcement. It also must identify the numbers or accounts with which the target communicated.
The FCC has thought about applying special rules to in-flight Wi-Fi providers. Gogo contends in its 2012 letter that such special rules were unnecessary as providers were more than accommodative when complying with law enforcement agencies. Indeed Gogo went further adding capabilities not yet demanded by law enforcement.
But Gogo is not alone in bowing before the agencies. Panasonic Avionics recently negotiated with law enforcement regarding lawful interception and network security to be deployed in its eXConnect system. This provides Wi-Fi to American Airlines and United Airlines. While providing this, Panasonic also implemented additional capabilities to anticipate the requests of law enforcement. According to industry experts, law enforcement often piggy-backs on FCC threats of further rules to pressure companies into making concessions. In this regard the FCC acts as the enforcer for the surveillance community, according to Chris Soghoian of the American Civil Liberties Union. And judging by the Gogo and Panasonic behaviors, it works and gets results.
Everyone is in agreement that bad guys must be monitored and their communications intercepted. It’s just that, according to industry insiders, the deck is stacked against the ordinary members of the flying public. It is their rights which are infringed upon by the all-pervasive snooping of governmental agencies. The rights of the flying public are further trampled when companies such as Gogo and Panasonic fall all over themselves in providing yet unrequired surveillance capabilities to law enforcement.
Fortunately, because VPN creates an encrypted tunnel between a device and a VPN server, it is an effective way of securing communications against this kind of unwanted snooping (and we’re pretty sure the bad guys know this too, which kind of makes spying on all the innocent travelers more than a little pointless…)