Eavesdropping in Computer Security: Definition & Laws

Instructor: Lyna Griffin

Lyna has tutored undergraduate Information Management Systems and Database Development. She has a Bachelor's degree in Electrical Engineering and a Masters degree in Information Technology.

In this lesson we will be examining the term eavesdropping with respect to computer security and the activities that constitute the crime by examining the laws that are in place.

What is Eavesdropping?

Eavesdropping as we know it in layman terms is the act of secretly listening to a conversation, private or otherwise, of which we are not actively a part. In computer security, the definition carries the same meaning in digital terms. Eavesdropping in computer security is defined as the unauthorized interception of a conversation, communication or digital transmission in real time. The various forms of communication include phone calls, emails, instant messages or any other internet service.

The activities of eavesdropping normally do not cause disruptions on the normal operation of the systems being eavesdropped on. In reality, if one is eavesdropping on a conversation you hardly want there to be any form of disruption that can cause that conversation to cease. As such both parties of the communication - the sender and receiver - are completely unaware that their communication is being intercepted and data is being stolen.

The Electronic Communications Privacy Act

The more closely guarded an asset is the more value it carries, and information in today's digital world is one of the most valuable assets. The amount invested in data security whether in transmission or at rest can equal the value of the data itself. As such governments, departments, organizations, businesses, and individuals, have all been known to be perpetrators as well as victims of this unscrupulous activity. In 1986, the Electronic Communications Privacy Act (ECPA) was passed in the United States. The Act prohibits any third party be it individual, department or government from any unauthorized access to electronic communications.

Governments and security institutions have found it necessary to carry out electronic eavesdropping to combat crime. Though there are many controversies surrounding this practice by law enforcement in the name of security, the fourth amendment of the US provides that people have a right to feel secure in their person's, houses and effects. Therefore, a substantial probable cause has to be established to permit any communication interception. The government of the United States itself cannot be sued under the ECPA but any evidence proved to be gathered illegally is impermissible in court.

Laws: Eavesdropping In Computer Communications

We will look at the US laws on digital eavesdropping in summary. They stipulate the different forms and conditions that constitute prohibited communication interceptions:

1. Some people commit eavesdropping offenses either by using someone else or planting a device and dissociating themselves from it or knowing of a planted device. The law prohibits any person who seeks to or intentionally intercepts another person's communication or the communication of a device, or has knowledge of such a device, be it electronic, audio or wire or otherwise, or seek to use or solicits someone to do the same. (Asking or paying someone to unlawfully source information or position a device makes you equally guilty under the law) This stands true irrespective of the type of device used or its location. As long as it is a medium of transmission, it is prohibited under the law.

This means that if the device used is attached to, or transmits signals through hardware, wire communications, or similar device, it is prohibited. Knowledge of such a perpetrator, or device known to be used and is transmitted interstate or abroad is also punishable by law. The law prohibits the use of such eavesdropping devices on the premises of any business, organization or private property under this section.

2. The law prohibits anyone who obtains or seek to obtain illegally-sourced information from a business or organization, or person whether it is local or foreign, and intentionally, discloses such contents in general or to another person. So, for example, a disgruntled employee may seek someone to broadcast damaging information he has laid his hands on. He may try to sell it to a competitor of the broadcasting house, or journalist. In this case, both the employee and the recipient accomplice will be held liable.

To unlock this lesson you must be a Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use

Become a member and start learning now.
Become a Member  Back
What teachers are saying about
Try it now
Create an account to start this course today
Used by over 30 million students worldwide
Create an account