Lawful interception
From Wikipedia, the free encyclopedia
It has been suggested that this article or section be merged with Telephone tapping . (Discuss) |
Lawful interception (aka wiretapping) is the interception of telecommunications by law enforcement agencies (LEA's) and intelligence services, in accordance with local law and after following due process and receiving proper authorization from competent authorities.
With the existing Public Switched Telephone Network (PSTN), Wireless, and Cable Systems, Lawful Interception (LI) is generally performed by accessing the digital switches supporting the target's calls in response to a warrant from a Law Enforcement Agency (LEA). However, mobile phone and Voice over IP (VoIP) technologies have enabled the mobility of the end-user, which have introduced new challenges.
Whilst the detailed requirements for LI differ from one jurisdiction to another, the general requirements are the same. The LI system must provide transparent interception of specified traffic only, and the subject must not be aware of the interception. The service provided to other users must not be affected during interception.
Contents |
[edit] Technical description
Almost all countries have LI requirements and have adopted global LI requirements and standards developed by the European Telecommunications Standards Institute (ETSI) organization. In the USA, the requirements are governed by the Communications Assistance for Law Enforcement Act (CALEA). For an overview of laws and standards, see the Global LI Industry Forum site.
In order to prevent investigations being compromised, LI systems may be designed in a manner that hides the interception from the telecommunications operator concerned. This is a requirement in some jurisdictions.
To ensure systematic procedures for carrying out interception, while also lowering the costs of interception solutions, industry groups and government agencies worldwide have attempted to standardize the technical processes behind lawful interception. One organization, ETSI, has been a major driver in lawful interception standards not only for Europe, but worldwide. The following figure provides a generalized view of the lawful interception architecture as proposed by ETSI:
This architecture attempts to define a systematic and extensible means by which network operators and law enforcement agents (LEAs) can interact, especially as networks grow in sophistication and scope of services. Note this architecture applies to not only “traditional” wireline and wireless voice calls, but to IP-based services such as Voice over IP, email, instant messaging, etc. The architecture is now applied worldwide (in some cases with slight variations in terminology), including in the United States in the context of CALEA conformance. Three stages are called for in the architecture: 1) collection where target-related “call” data and content are extracted from the network; 2) mediation where the data is formatted to conform to specific standards; and 3) delivery of the data and content to the law enforcement agency (LEA).
The call data (known as Intercept Related Information or IRI in Europe and Call Data or CD in the US) consists of information about the targeted communications, including destination of a voice call (e.g., called party’s telephone number), source of a call (caller’s phone number), time of the call, duration, etc. Call content is namely the stream of data carrying the call. Included in the architecture is the lawful interception management function, which covers interception session set-up and tear down, scheduling, target identification, etc. Communications between the network operator and LEA are via the Handover Interfaces (designated HI). Communications data and content are typically delivered from the network operator to the LEA in an encrypted format over an IP-based VPN. The interception of traditional voice calls still often relies on the establishment of an ISDN channel that is set up at the time of the interception.
As stated above, the ETSI architecture is equally applicable to IP-based services where IRI (or CD) is dependent on parameters associated with the traffic from a given application to be intercepted. For example, in the case of email IRI would be similar to the header information on an email message (e.g., destination email address, source email address, time email was transmitted) as well as pertinent header information within the IP packets conveying the message (e.g., source IP address of email server originating the email message). Of course, more in-depth information would be obtained by the interception system so as to avoid the usual email address spoofing that often takes place (e.g., spoofing of source address). Voice-over-IP likewise has its own IRI, including data derived from Session Initiation Protocol (SIP) messages that are used to set up and tear down a VOIP call.
USA interception standards that help network operators and service providers conform to CALEA are mainly those specified by the CableLabs, the Alliance for Telecommunications Industry Solutions (ATIS), and the TIA. TIA's standards include J-STD-025B which updates the earlier J-STD-025A to include packetized voice and CDMA wireless interception, although it has recently been challenged as "deficient" by the U.S. Dept of Justice. Generic global standards have also been developed by the [http://www.ietf.org Internet Engineering Task Force (IETF) that provide a front-end means of supporting most LI handover standards. Although the terms are different, the concepts behind the interception architecture resemble those formulated under ETSI. More recent standards address packetized voice and data (e.g., ETSI TS102232 et seq, ATIS T1.678, T1.IAS) and interception for PacketCable. Interception standardization efforts for wireless networks are primarily overseen by the Third Generation Partnership Project (3GPP).
[edit] Laws
Various countries have different rules with regards to lawful interception. In the United Kingdom the law is known as RIPA (Regulation of Investigatory Powers Act), in United States there is an array of federal and state criminal law, in Commonwealth of Independent States countries as SORM. A subset of LI law deals with the ability of communication providers to support interception handovers.
[edit] United States of America
In the United States, two laws cover most of the governance of lawful interception. The 1968 Omnibus Crime Control and Safe Streets Act, Title III pertains mainly to lawful interception criminal investigations. The second law, the 1978 Foreign Intelligence Surveillance Act, or FISA, governs wiretapping for intelligence purposes where the subject of the investigation must be a foreign (non-US) national or a person working as an agent on behalf of a foreign country. Most of the congressionally mandated wiretap records indicate that the cases are related to illegal drug distribution, with cell phones as the dominant form of intercepted communication.
During the 1990s, to help law enforcement and the FBI more effectively carry out wiretap operations, especially in view of the emerging digital voice and wireless networks at the time, the US Congress passed CALEA in 1994 [1]. This act provides broad guidelines to network operators on how to assist the LEAs in setting up interceptions and the types of data to be delivered. CALEA does not, as many believe, provide specific implementation directives on interception. More recently, the US Federal Communications Commission (FCC) mandated that CALEA be extended to include interception of publicly-available broadband networks and Voice over IP services that are interconnected to the Public Switched Telephone Network (PSTN).
As a response to the terrorist events of 9/11, the US Congress incorporated various provisions related to enhanced electronic surveillance in the “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism” Act (USA Patriot Act). These wiretap provisions are mainly updates to those expressed under the FISA law.
[edit] Europe
In the European Union, the European Council Resolution of 17 January 1995 on the Lawful Interception of Telecommunications (Official Journal C 329) mandated similar measures to CALEA on a pan-European basis.[2] Although some EU member countries reluctantly accepted this resolution out of privacy concerns (which are more pronounced in Europe than the US), there appears now to be general agreement with the resolution. Interestingly enough, interception mandates in Europe are generally more rigorous than those of the US; for example, both voice and ISP public network operators in the Netherlands have been required to support interception capabilities for years.
[edit] Elsewhere
Most countries worldwide maintain LI requirements similar to those in the US and Europe, and have moved to the ETSI handover standards. The, for example, collaboration through the numerous ISS World forums.
[edit] Illegal Use
As with many law enforcement tools, LI systems may be subverted for illicit purposes. This occurred in Greece during the 2004 Olympics. The telephone operator concerned was fined US$1,000,000 in 2006[3] for failing to secure its systems against unlawful access.
[edit] References
- Handover Interface for the Lawful Interception of Telecommunications Traffic, ETSI ES-201-671, under Lawful Interception, Telecommunications Security, version 3.1.1, May 2007.
- Handover Specification for IP delivery, ETSI TS-102-232-1, under Lawful Interception, Telecommunications Security, version 2.1.1, December 2006.
- Lawfully Authorized Electronic Surveillance, T1P1/T1S1 joint standard, document number J-STD-025B, December 2003.
- 3rd Generation Partnership Project, Technical Specification 3GPP TS 33.106 V5.1.0 (2002-09), “Lawful Interception Requirements (Release 5),” September 2003.
- 3rd Generation Partnership Project, Technical Specification 3GPP TS 33.107 V6.0.0 (2003-09), “Lawful interception architecture and functions (Release 6),” September 2003.
- 3rd Generation Partnership Project, Technical Specification 3GPP TS 33.108 V6.3.0 (2003-09), “Handover interface for Lawful Interception (Release 6),” September 2003.
- PacketCable Electronic Surveillance Specification, PKT-SP-ESP-I03-040113, Cable Television Laboratories Inc., 13 January 2004.
- T1.678, Lawfully Authorized Electronic Surveillance (LAES) for Voice over Packet Technologies in Wireline Telecommunications Networks.
[edit] See also
- Secrecy of correspondence
- Telecommunications data retention
- Network Monitoring Interface Card
- SS7 probe
- SIGINT
[edit] External links
- An Overview Paper on the Lawful Interception architecture for Voice over IP calls
- Application of the US PATRIOT Act in wiretapping
- White Paper on Interception of IP Networks
- Cisco Architecture for Lawful Intercept in IP Networks
- White Paper on Interception of 3G Wireless Networks
- 3GPP Lawful Interception requirements for GSM
- Guide to lawful intercept legislation around the world
- Guide to the one party consent exception to the rule against interception of private communications in Canada