Passive wiretapping attempts only to observe the flow and gain knowledge of the information it contains. Active wiretapping attempts to alter the data or otherwise affect the flow of data.
Telephone tapping is officially strictly controlled in many countries to safeguard an individual's privacy; this is the case in all developed democracies. In theory, telephone tapping often needs to be authorized by a court, and is, again in theory, normally only approved when evidence shows it is not possible to detect criminal or subversive activity in less intrusive ways; often the law and regulations require that the crime investigated must be at least of a certain severity. In many jurisdictions however, permission for telephone tapping is easily obtained on a routine basis without further investigation by the court or other entity granting such permission. Illegal or unauthorised telephone tapping is often a criminal offense. However, in certain jurisdictions such as Germany, courts will accept illegally recorded phone calls without the other party's consent as evidence .
In the United States, federal agencies may be authorized to engage in wiretaps by the United States Foreign Intelligence Surveillance Court, a court with secret proceedings, in certain circumstances.
Under United States federal law and most state laws there is nothing illegal about one of the parties to a telephone call recording the conversation, or giving permission for calls to be recorded or permitting their telephone line to be tapped. However the Telephone recording laws in some U.S. states require only one party to be aware of the recording, while other states require both parties to be aware. It is considered better practice to announce at the beginning of a call that the conversation is being recorded.
When telephone exchanges were mechanical, a tap had to be installed by technicians, linking circuits together to route the audio signal from the call. Now that many exchanges have been converted to digital technology tapping is far simpler and can be ordered remotely by computer. Telephone services provided by cable TV companies also use digital switching technology. If the tap is implemented at a digital switch, the switching computer simply copies the digitized bits that represent the phone conversation to a second line and it is impossible to tell whether a line is being tapped. A well-designed tap installed on a phone wire can be difficult to detect. The noises that some people believe to be telephone taps are simply crosstalk created by the coupling of signals from other phone lines.
Data on the calling and called number, time of call and duration, will generally be collected automatically on all calls and stored for later use by the billing department of the phone company. These data can be accessed by security services, often with fewer legal restrictions than for a tap. This information used to be collected using special equipment known as pen registers and trap and trace devices and U.S. law still refers to it under those names. Today, a list of all calls to a specific number can be obtained by sorting billing records. A telephone tap during which only the call information is recorded but not the contents of the phone calls themselves, is called a pen register tap.
For telephone services via digital exchanges, the information collected may additionally include a log of the type of communications media being used (some services treat data and voice communications differently to conserve bandwidth).
It is also possible to tap conversations unofficially. There are a number of ways to monitor telephone conversations:
It is also possible to get greater resolution of a phone's location by combining information from a number of cells surrounding the location, which cells routinely communicate (to agree on the next handoff—for a moving phone) and measuring the timing advance, a correction for the speed of light in the GSM standard. This additional precision must be specifically enabled by the telephone company - it is not part of ordinary operation.
The second generation mobile phones (circa 1978 through 1990) could be easily monitored by anyone with a 'scanning all-band receiver' because the system used an analog transmission system-like an ordinary radio transmitter. The third generation digital phones are harder to monitor because they use digitally-encoded and compressed transmission. However the government can tap mobile phones with the cooperation of the phone company. It is also possible for organizations with the correct technical equipment to monitor mobile phone communications and decrypt the audio. A device called an "IMSI-catcher" pretends to the mobile phones in its vicinity to be a legitimate base station of the mobile phone network, subjecting the communication between the phone and the network to a man in the middle attack. This is possible because while the mobile phone has to authenticate itself to the mobile telephone network, the network does not authenticate itself to the phone. Once the mobile phone has accepted the IMSI-catcher as its base station the IMSI-catcher can deactivate GSM encryption using a special flag. All calls made from the tapped mobile phone go through the IMSI-catcher and are then passed on to the mobile network. Some phones include a special monitor mode (activated with secret codes or special software) which displays GSM operating parameters such as encryption while a call is being made. There is no defense against IMSI-catcher based eavesdropping, except using end-to-end call encryption; products offering this feature, secure telephones, are already beginning to appear on the market, though they tend to be expensive and incompatible with each other, which limits their proliferation.
There were proposals for European mobile phones to use stronger encryption, but this was opposed by a number of European countries, including the Netherlands and Germany, which are among the world's most prolific telephone tappers (over 10,000+ phone numbers in both countries in 2003).
The Internet Engineering Task Force has decided not to consider requirements for wiretapping as part of the process for creating and maintaining IETF standards (RFC 2804).
Before the Japanese attack on Pearl Harbor and the subsequent entry of the United States into World War II, the U.S. House of Representatives held hearings on the legality of wiretapping for national defense. Significant legislation and judicial decisions on the legality and constitutionality of wiretapping had taken place years before World War II. However, it took on new urgency at that time of national crisis.The actions of the government regarding wiretapping for the purpose of national defense in the current war on terror have drawn considerable attention and criticism. In the World War II era, the public was also aware of the controversy over the question of the constitutionality and legality of wiretapping. Furthermore, the public was concerned with the decisions that the legislative and judicial branches of the government were making regarding wiretapping.
In the Greek telephone tapping case 2004-2005 more than 100 mobile phone numbers belonging mostly to members of the Greek government, including the Prime Minister of Greece, and top-ranking civil servants were found to have been illegally tapped for a period of at least one year. The Greek government concluded this had been done by a foreign intelligence agency, for security reasons related to the 2004 Olympic Games, by unlawfully activating the lawful interception subsystem of the Vodafone Greece mobile network.
The most recent case of U.S. wiretapping was the NSA warrantless surveillance controversy discovered in December 2005. It aroused much controversy, after President George W. Bush admitted to violating a specific federal statute (FISA) and the warrant requirement of the Fourth Amendment to the United States Constitution. The President claimed his authorization was consistent with other federal statutes (AUMF) and other provisions of the Constitution, was necessary to keep America safe from terrorism, and could lead to the capture of notorious terrorists responsible for 9/11.
Very active in this issue is The American Civil Liberties Union (ACLU). The ACLU has brought about many legal cases challenging the constitutionality of the bill, asserting that it violates Americans' right to free speech and privacy. They have filed lawsuits, motions, and complaints in over 27 states so far to oppose any legislation that encourages unchecked government surveillance. In response to the government arguments, Caroline Fredrickson, Director of the ACLU Washington Legislative Office has said of the bill: “Where will Congress go from here? More unfettered power for an administration that has no respect for the privacy of the citizenry that elected it?”
The stopgap that was hastily put in place by the Bush Administration expires in February 2008 but Congress and FISA are trying to reach a compromise on the details of the bill to be passed. To reach a compromise both sides are reaching a middle ground on determining when a warrant is or is not necessary. ACLU advocates are pushing to require NSA to provide individual warrants when Americans are involved and on the other hand, U.S. intelligence agencies and the Administration would like as few obstacles in their way of intercepting private information. Both sides have both shown the possibility for a compromise to accept a Bill that would require a FISA court to approve NSA’s procedures while intercepting foreign intelligence when it involves Americans.
However, a new addition to this bill, that was recently insisted on by President Bush and Mike McConnell, would grant immunity to telecommunications companies for any "intelligence activity involving communications" that was "designed to detect or prevent a terrorist attack" or attack preparations. The Bush Administration has acknowledged that intelligence agencies conducted warrantless eavesdropping on Americans with the help of Telecom companies such as Verizon, AT&T, and Qwest. All three of these Telecom companies face multiple civil lawsuits related to their handling of phone records and the passing of this bill would grant them immunity.
In favor of the bill, McConnell has said, such immunity is necessary to prevent the telecoms from being bankrupted and to encourage them to continue to cooperate with intelligence agencies. Bush has said that he will veto any intelligence bill passed that does not include immunity. Liz Rose, spokeswoman for the Washington office of the ACLU, says the language of the bill is a "blank check" that would cover not only the warrantless wiretapping program the Bush administration has acknowledged, but any unconfirmed or previously unknown program. Sen. Russ Feingold, D-Wis., promised to lead a filibuster to block approval of retroactive immunity. "Retroactive immunity set the terrible precedent that breaking the law is permissible and companies need not worry about the privacy of their customers," Feingold said.
The bill now goes to the Senate Judiciary Committee, and in the Senate, committees have split on how to handle immunity. With many senators outspoken about their reservations of the bill, more information is needed to continue the proceedings. For now, legislation is stalled in the House.