The ramifications of Project PRISM, the massive government eavesdropping program, are still being felt throughout not only much of the United States, but into the telecommunications industry as a whole. Already, many people are looking at current phone lines and phones and wondering, is there a better way? Or is there at least a way that won't end with the government knowing how your aunt's hip surgery went? Voice over Internet protocol (VoIP) calling may not be a complete hedge against eavesdropping, but according to reports it's quite a bit less prone to intrusion than other formats.
VoIP calls are, at least somewhat, safer from intrusion than the ordinary due to the format in which such calls are carried out. When a VoIP call is initiated, the voice traffic starts from the microphone and proceeds into the connection, where the voice signal is broken down into a series of data packets. The packets are then encrypted and transferred to the other side of the conversation, where the packets are decrypted, reassembled and turned into vocal sounds. The VoIP providers can thus break the encryption—necessary in order to do the reassembly in the first place—but outside entities have a much, much harder time doing the decryption necessary to access the contents of the data packets with the voice signals contained therein.
By way of comparison, a standard telephone uses an analog connection, unencrypted, from one point to another, so tapping that particular wire is much easier and much less obtrusive. Essentially it would be like adding a small branch circuit for the signal to flow through on its way to its target.
Another point in VoIP's favor as far as security goes is its sheer portability. Most users put VoIP in mobile devices—many VoIP apps are available that travel easily—and so it's difficult to pin down just where a user is when that they are constantly moving. Indeed, VoIP is sufficiently private that the military started using VoIP as a calling method earlier this year, and several hospitals—governed by a variety of laws designed to enforce privacy—as well as large corporations have turned to VoIP. Indeed, a full third of businesses, at last report, trust VoIP calling on some level sufficiently to bring it into current operations.
That's not to say the government isn't trying, of course. The FBI recent began advancing a set of enhancements for the Communications Assistance for Law Enforcement Act (CALEA) which would include Internet calling and put the burden on VoIP providers to give government officials a way to more readily access Internet calling. Naturally, the FBI is quick to assert that it only wants such powers in the pursuit of crime—Gen. Keith Alexander recently said likewise about PRISM, citing over 50 different terrorist attacks stopped since 2001 with extra surveillance—but many find the government protests weak.
While there is certainly room for all sides on this argument—it's hard to fault people who want the police of any level of government to have the tools needed to work, while also proving equally hard to fault people who would rather the government keep its nose out of those people's business—the ultimate course of action remains to be seen. For now, anyway, VoIP calling is mostly more secure than its analog telephone equivalent thanks to its differences in format. Mostly.
Edited by Jamie Epstein