|
|
By Tim Young
Every single day, countless terabytes
of information are transmitted across
voice and data networks worldwide. The
vast majority of that data concerns business
meetings, banking transactions, basketball
scores, graduation pictures, and other
such vital and not-so-vital information.
However, sprinkled here and there are
bits of information about terror, murder,
fraud, and extortion: Bits of information
about crime. Serious crime.
What tools to law enforcement bodies
have at their collective disposal to
handle such situations? How can potentially
dangerous information be monitored and
controlled? The best people to turn to
for answers to such questions are probably
the professionals who handle the monitoring,
collection, and control of data every
day: the OSS industry. They are the best
resource for implementing a meaningful
and comprehensive Lawful Intercept program.
Let's be clear, however, about what
it is we are talking about. Lawful intercept
(LI) is wiretapping. In order to have
a discussion about the implementation
of LI, however, we have to put aside
issues of legality. The warrantless wiretapping
that has been all over the news in the
States is not really relevant, though
it's difficult to convince many of that
point. United States Attorney General
Alberto Gonzales wrote a letter in January
of this year to Senators Leahy and Specter
of the Judiciary Committee ensuring them
that, as the court had caught up with
the needs of the fight against terrorism,
wiretapping without judicial permission
is no longer necessary. The letter admitted
no wrongdoing for the previous warrantless
wiretaps, however. Instead, it made statements
like “Although... the Terrorist
Surveillance Program fully complies with
the law, the orders the Government has
obtained will allow the necessary speed
and agility while providing substantial
advantages.” As a result, the
opponents of the previous program consider
the letter, as well as other moves made
by the administration and Gonzales alike,
to be cryptic and unapologetic.
Still, regardless of how such correspondence
would be or should be received, warrantless
wiretapping is irrelevant. LI is, by
virtue of its name, lawful. It is the
process by which communications, whether
circuit or packet-based, are monitored
for illegal activity, subject to judicial
or administrative approval and oversight.
In the days of the PSTN, wiretapping
was a relatively straight-forward process.
The physical line connecting one party
to another could be tapped, providing
all the insight one could need into the
calls being made and the
|
|
What
tools do law enforcement bodies
have at their collective disposal
to handle such situations? |
|
legality or illegality of the
issues being discussed. However,
VoIP and mobile users greatly
complicate the situation by removing
the handy feature of a physical
line between the two parties.
There
are laws that have been passed
and are in the process of being
enacted worldwide to deal with
this issue. In the US, the law
is the Communications Assistance
for Law Enforcement Agencies
Act (CALEA) of 1994. In Russia
and the other members of the
Commonwealth of Independent States,
the law is known as SORM (Sistema
Operativno-Rozysknykh Meropriyatii,
literally "System of Ensuring
Investigative Activity").
Likewise, there is the Regulation
of Investigatory Powers Act (RIPA)
of 2000 in the UK, the Telecommuncatiewet
of 1998 in the Netherlands, and
Section 88 of Germany's Telekommunikationsgesetz.
These laws vary in scope and
detail, but essentially all provide
for the same thing: access.
The deadline for the implementation
of the US law, CALEA, is fast
approaching. In 2004, the US
Department of Justice, along
with the FBI and DEA, filed the “Joint
Petition for Expedited Rulemaking”.
In this document, they pushed
for the acceleration of CALEA
compliance. This expanded CALEA
to cover communications made
over IP networks. Based on these
recommendations, the FCC enacted
a push to ensure that CALEA applies
to facilities-based broadband
providers and interconnected
VoIP providers. By May 14, 2007,
all SPs in the US must have a
plan for CALEA in place. The
SPs must eat the cost of implementation,
and can't charge a national surcharge
to do so.
The requirements for LI for
the SPs are several: The SPs
must have mechanisms in place
to turn on monitor communications
and “turn on” LI
capability when appropriate.
They must also have a means to
monitor communications and deliver
their findings to law enforcement
bodies.
|
|
|
|
|
|
