So semi-related question: Feel free to shut me down if we're treading too close to illegal.
I haven't read CALEA, But my understanding is the jist of it is the .gov can listen to your calls. The hardware will let them in.
How would one circumvent this? VPN between terminals, then VOIP? Root phones and set up your own encryption?
Somebody has got to have gone around this, if only just because it's there.
I'm just going to make some one time pads and text everyone from now on.
Considering CALEA compliance is a multi hundred million dollar industry, it's not illegal to ask questions. CALEA mandates that any telecom service be wiretap friendly, no more, no less. Bigger companies have it very automated. The hardware, 99 times out of a 100, does NOT let them in. It's not out of the goodness of their heart. CALEA requests are billed back to the government. LEO, which can be locals as well as feds, sends a warrant (or national security letter) to telecom. Telecom complies with warrant, which is damn near a rubber stamped checkbox situation. "We want all call logs", "We want locational data", "We want voice recordings", "We want live stream" or "All the Above". Damn near no one wants live stream of calls, real life isn't an episode of 24. If the person is important enough for live audio stream, there's a surveillance team on the person. Different agencies get their data delivered different ways. Faxed, emailed, uploaded to FTP account, or connected through DCSnet.
It can get a bit more tricky if they want the provider to upload malware. I haven't dealt with that as much, but I do know it's getting more popular for cell phones. Only way to get around it is decentralized tech. CALEA only applies to providers, not all software. If a provider doesn't HAVE the data, they can't provide it and legally aren't required to provide it. See RIM and BES encryption keys.
To give a real world example. Everyone remember the PRISM slides proclaiming that Google was handing over the keys of kingdom to the NSA? Good. Care to guess who was the MOST surprised? Google. As far as they knew, they provided all warrant/NSL requests via sFTP. They didn't lie when they said the NSA didn't have direct hardware access, because as far as they knew they didn't. They were wrong, of course.
You can imagine how shocked Google was when they found out the NSA legally illegal wiretapped the fiber lines going in, out and between their data centers. (No, that's not a typo in that sentence.)