Two related events highlight the challenge of balancing telecom privacy with security.

On Sept. 29, a New York federal judge ruled unconstitutional Section 505 of the Patriot Act, which gives federal agents the ability to collect telephone and Internet records about customers without requiring judicial oversight and without telling the customers that their information is being disclosed.

In his ruling, Judge Victor Marrero found that Section 505 violates free speech rights under the First Amendment and the right to be free from unreasonable searches under the Fourth Amendment. On Sept 30, the Department of Justice said it would appeal the ruling, arguing that Section 505 is necessary to protect against terrorists.

The American Civil Liberties Union, which brought the original case, says it is not.

I'm with them. Effective counter-terrorism actions can coexist with respect for civil rights. The FBI was able to operate for decades within the constraints of current wiretap laws (which require judicial approval) and still succeeded at breaking the back of organized crime in the 1980s.

Even if Section 505 expires, as it's set to do next year unless the Patriot Act is renewed, it's worth keeping a close eye on this issue as it wends its way through the courts. How it's decided will determine the shape of some critical civil rights in the 21st century.

Now for the second issue: On Aug.9, the FCC issued a notice of proposed rule-making intimating that it plans to require ISPs and all facilities-based "broadband providers"- but not software-only services - that offer VoIP to implement wiretap-enabling technology under the 1994 Communications Assistance for Law Enforcement Act.

There are two big problems with this idea.

First is that the ruling - if it becomes final - would require facilities-based VoIP providers to offer built-in wiretapping capabilities, which can't feasibly be limited only to legal uses. Any mechanism that can be used by law enforcement can and will be used by hackers - there's simply no way to create an infrastructure that's hackable by X and not Y, as fellow Network World columnist Scott Bradner has pointed out numerous times. The net result is stripping VoIP users of any remaining vestige of privacy.