ELECTRONIC COMMUNICATIONS PRIVACY ACT

THURSDAY, JANUARY 30, 1986

HOUSE OF REPRESENTATIVES,

SUBCOMMITTEE ON COURTS, CIVIL LIBERTIES,

AND THE ADMINISTRATION OF JUSTICE,

COMMITTEE ON THE JUDICIARY,

Washington, DC. The subcommittee met, pursuant to call, at 10:10 a.m., in room 2226, Rayburn House Office Building, Hon. Robert W. Kastenmeier (chairman of the subcommittee) presiding.

Present: Representatives Kastenmeier, Berman, Boucher, Moorhead, Swindall, and Coble.

Staff present: Deborah Leavy and David Beier, assistant counsel; Joseph V. Wolfe, associate counsel, and Audrey K. Marcus, clerk. Mr. KASTENMEIER. The committee will come to order.

This morning the subcommittee is conducting the third day of hearings on the Electronic Communications Privacy Act of 1986.

During today's hearing we will be hearing from representatives of telephone companies, radio users and hobbyists and a manufacturer of radio scanner equipment. It is my hope that through these hearings the committee will obtain greater insights into the strengths and the weaknesses of this legislation.

As the testimony of the witnesses will demonstrate, the subject matters that are covered in the legislation are as diverse as they are complex. During the course of our deliberations we have learned a great deal about the array of new communication technologies. The very complexity of these communications techniques may mean that inevitably there will be conflict among stakeholders in the communications process.

For example, it is clear that the users of cellular telephones desire that their communications be protected against interception. On the other hand, hobbyists and others who use and operate radio systems want to be able to freely use the radio spectrum. These radio operators claim that the use of scanners and other devices inevitably result in interceptions, for example, of cellular phone calls.

These two groups of people have differing and conflicting interests. It is our task to reconcile these conflicts. One way of accomplishing this task would be to make inadvertent interceptions lawful. Another approach would be to require a minimum level of encryption before cellular telephone calls are afforded statutory protection against interception.

So, these conflicting interests are important and deserve our attention. I wish to assure those with an interest in this bill that

before this bill reaches the end of the legislative road the views of all affected constituencies will be heard. It is possible-perhaps likely that some interested parties will differ with the policy judgments that this committee makes. These differences of opinion will nonetheless inform our deliberations.

This morning I would like to begin with a panel of two witnesses. First, Mr. Neal J. Amick of American Telephone & Telegraph. Mr. Amick is a specialist in corporate security for AT&T. He also has a background in law enforcment.

Also on our first panel is John Kelly, an attorney with Southwestern Bell, a regional Bell operating company. Although Mr. Kelly does not represent all seven regional Bell operating companies, let me say that all seven have submitted their comments to the committee and, without objection, they will be made part of the record.

Also, without objection, consent will be granted that the meeting today may be covered in whole or in part by television, radio broadcast, and/or still photography, pursuant to rule V of the committee rules.

Gentlemen, Mr. Amick and Mr. Kelly, if you would come forward. Mr. Amick, we will call on you first. I know that you have extensive statements together with appendices. Without objection, your statement in its entirety together with the appendixes, will be received and made part of the record, and you may proceed as you wish from your own statement or you may summarize your views if you wish.

TESTIMONY OF NEAL J. AMICK, DIVISION MANAGER FOR CORPORATE SECURITY, AMERICAN TELEPHONE & TELEGRAPH CO., AND JOHN W. KELLY, JR., ATTORNEY, SOUTHWESTERN BELL TELEPHONE CO.

Mr. AMICK. Thank you, Mr. Chairman, distinguished members of the committee.

My name is Neal Amick, division manager-corporate security for the American Telephone & Telegraph Co.

My organization's responsibilities include the protection of the privacy of AT&T's own communications and those of its customers. In this capacity we interface with local, State, and Federal law enforcement officials seeking access to AT&T's records and facilities, and we regularly deal with the provisions of title III of the Omnibus Crime Control and Safe Streets Act of 1968, which would be amended by H.R. 3378.

It is an engrained principle of AT&T's corporate culture that our customers are entitled to use our facilities with the same degree of privacy that they would enjoy in face-to-face discussions, and that any deviation from this principle would seriously impair the usefulness and integrity of our services.

Mr. Chairman, in summarizing H.R. 3378 at its introduction, identified seven major features. My remarks will address each of them in turn.

The first major feature is an extension of the protection against interception from voice transmission to virtually all electronic com

have, however, suggested to your staff some minor clarification and a broadening of the bill's definition of the word "intercept."

The second major feature of the bill is an extension of protection to private as well as common carriers. As a common carrier, a user of remote computer services, and a transmitter of our own proprietary data over internal corporate networks, AT&T supports this change as well.

The third major feature is the creation of both criminal and civil penalties for persons who, without authorization, obtain or alter a communication stored in an electronic communications system. AT&T believes that the language employed requires some expansion as the operations of a hacker or saboteur that may not amount to the obtaining or altering of a stored electronic communication can result in a costly interruption or denial of access to customers and service providers.

For example, by altering the service provider's software, access to the system can be partially or totally blocked.

We further believe that the provision would be much more effective if it were clear that access can be authorized only by users who are themselves authorized, and that the obtaining or altering even a portion of a stored communication would be unlawful.

The fourth major feature of the bill provides that an electronic communication service may not disclose to a governmental authority its records concerning a communication unless the governmental authority obtains a court order for such disclosure.

AT&T believes there must be exceptions to this prohibition for each of the following three situations:

First, with the consent of one party to a communication made in the furtherance of a criminal act, such as extortion, kidnaping, or a bomb threat.

Second, communications consisting of an abuse of service or other illegal act, including obscene calls, theft of communication service, and computer abuse.

Third, communications indicating a threat to life or propertywhen a missing child calls for assistance or an elderly person collapses while talking on the telephone to an operator.

The fifth of the bill's major features expands a list of crimes for which an interception order may be obtained.

AT&T supports these changes and suggests also including violations of 18 United States Code section 1030 on computer crimes, and section 2511 on interception of electronic and oral communications be added to the list of those crimes.

The sixth major feature involves updating the wiretap laws basic provisions and includes the addition of a provision that no order may require the participation of any electronic communication system employee in the physical entry into a suspect's premises in order to install a bug or tap.

AT&T wholeheartedly supports this portion of the bill.

As its seventh and last major feature, the bill would add new provisions prohibiting the use of pen registers and tracking devices without a court order.

We recommend that there be an exception permitting service providers to use pen registers in protecting themselves against

The new provisions also contain a requirement that common carriers afford technical assistance to accomplish the installation of pen registers or tracking devices when a law enforcement officer determines that an emergency exists. In this case, a carrier is required to act at its peril since there is no way to determine whether the officer's assessment is justified.

We urge that a provision be added to the bill making a good faith reliance on such an assessment a complete defense to any civil or criminal action brought against the carrier or any of its employees.

My comments today have necessarily been broad brush in nature. We have recommended other important changes to the bill and they are described in the appendix to my written statement. We appreciate the opportunity to participate in these early stages of the legislation. Mr. Chairman, that concludes my prepared statement. I would be happy to answer any questions as appropriate.

[The statement of Mr. Amick follows:]

PREPARED STATEMENT OF NEAL J. AMICK

Mr. Chairman and Distinguished Members of the Subcommittee:

My name is Neal Amick. I am Division Manager for Corporate Security at American Telephone and Telegraph Company, a leader in the provision of voice and data transmission products and services.

My Organization's responsibilities include the protection of the privacy of AT&T's own communications and those of its customers. In this capacity we interface with local, state and federal law enforcement officials seeking access to AT&T's records and facilities, and we regularly deal with the provisions of the wiretap law passed by Congress in 1968, which would be amended by H.R. 3378. Our communications protection efforts within AT&T have for many years involved a vigorous employee compliance program centered around a code of conduct that is republished and redistributed annually to all of our employees, of which there are currently over 350,000. result, it has become an ingrained principle of AT&T's corporate culture that customers are entitled to use our facilities with the same privacy that they enjoy in face to face discussions, and that any deviation from this principle would seriously impair the usefulness of our services.

As a

Title III of the Omnibus Crime Control and Safe Streets