Download - Impact of CALEA on Network Operators

Transcript
Page 1: Impact of CALEA on Network Operators

1© 2000, Cisco Systems, Inc. CALEA_NANOG_2000_0611.ppt

Impact of CALEA on Impact of CALEA on Network OperatorsNetwork Operators

What it is and what it ain’tWhat it is and what it ain’tChip Sharp

Cisco System, [email protected]

Disclaimer: The views expressed herein may not reflect the views of my employer or anyone else associated with me. :-)

Page 2: Impact of CALEA on Network Operators

2CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

What is it?What is it?

• CALEA: Communications Assistance for Law Enforcement Agencies Act (1994)

47 USC §1001, CALEA §102

• Requirements for Carriers to Assist Law Enforcement in Carrying out Wiretaps

Page 3: Impact of CALEA on Network Operators

3CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

What is it not?What is it not?

• CALEA does not grant Law Enforcement new authority for wiretaps

Caveat: “new authority” is a matter of interpretation

Page 4: Impact of CALEA on Network Operators

4CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Congressional IntentCongressional Intent

"(1) to preserve a narrowly focused capability for law enforcement agencies to carry out properly authorized intercepts;

(2) to protect privacy in the face of increasingly powerful and personally revealing technologies; and

(3) to avoid impeding the development of new communications services and technologies.”

- H.R. Rep. No. 103-827, 103d Cong., 2d Sess. (1994)

Page 5: Impact of CALEA on Network Operators

5CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Surveillance LawsSurveillance Laws

• Title III of the Omnibus Crime Control and Safe Streets Act of 1968

• Electronic Communications Privacy Act of 1986

• The Foreign Intelligence Surveillance Act of 1978

Page 6: Impact of CALEA on Network Operators

6CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

TerminologyTerminology

• Telecommunications Carrier

• Telecommunications Service

• Information Service

• Call Identifying Information

• Electronic messaging

• Safe Harbor standard

Page 7: Impact of CALEA on Network Operators

7CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Information ServiceInformation Service

“(6) The term ‘information services’--

(A) means the offering of a capability for generating, acquiring, storing, transforming, processing, retrieving, utilizing, or making available information via telecommunications; and

(B) includes--

(i) a service that permits a customer to retrieve stored information from, or file information for storage in, information storage facilities;

(ii) electronic publishing; and

(iii) electronic messaging services; but

Page 8: Impact of CALEA on Network Operators

8CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Information Service (cont.)Information Service (cont.)

(C) does not include any capability for a telecommunications carrier's internal management, control, or operation of its telecommunications network.”

- from Communications Assistance for Law Enforcement Act

Page 9: Impact of CALEA on Network Operators

9CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Electronic MessagingElectronic Messaging

“(4) The term ‘electronic messaging services’ means software- based services that enable the sharing of data, images, sound, writing, or other information among computing devices controlled by the senders or recipients of the messages.”

- from Communications Assistance for Law Enforcement Act

Page 10: Impact of CALEA on Network Operators

10CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Telecommunications CarrierTelecommunications Carrier“(8) The term ‘telecommunications carrier’--

(A) means a person or entity engaged in the transmission or switching of wire or electronic communications as a common carrier for hire; and

(B) includes--

(i) a person or entity engaged in providing commercial mobile service (as defined in section 332(d) of this title); or

(ii) a person or entity engaged in providing wire or electronic communication switching or transmission service to the extent that the Commission finds that such service is a replacement for a substantial portion of the local telephone exchange service and that it is in the public interest to deem such a person or entity to be a telecommunications carrier for purposes of this chapter; but”

- from Communications Assistance for Law Enforcement Act

Page 11: Impact of CALEA on Network Operators

11CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Telecommunications Carrier Telecommunications Carrier (cont.)(cont.)

“(C) does not include--

(i) persons or entities insofar as they are engaged in providing information services; and

(ii) any class or category of telecommunications carriers that the Commission exempts by rule after consultation with the Attorney General.”

- from Communications Assistance for Law Enforcement Act

Page 12: Impact of CALEA on Network Operators

12CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Telecommunications ServiceTelecommunications Service

This page intentionally left blank

Page 13: Impact of CALEA on Network Operators

13CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Call Identifying InformationCall Identifying Information

“(2) The term ‘call-identifying information’ means dialing or signaling information that identifies the origin, direction, destination, or termination of each communication generated or received by a subscriber by means of any equipment, facility, or service of a telecommunications carrier.”

- from Communications Assistance for Law Enforcement Act

Page 14: Impact of CALEA on Network Operators

14CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Safe Harbor StandardsSafe Harbor Standards

“...publicly available technical requirements or standards adopted by an industry association or standard-setting organization, or by the Commission under subsection (b) of this section, to meet the requirements of section 1002 of this title.”

- from Communications Assistance for Law Enforcement Act

Page 15: Impact of CALEA on Network Operators

15CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Types of SurveillanceTypes of Surveillance

• Pen Register

Phone numbers of people that target is calling

• Trap and Trace

Phone numbers of people calling target

• Full content of call

Title III

FISA

Page 16: Impact of CALEA on Network Operators

16CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Requirements on Carrier Requirements on Carrier EquipmentEquipment

• Provide LEA access to intercept

All wire and electronic communications to/from target

Call Identifying information

Correlation

• Minimize Interference with service

• Protect privacy

Page 17: Impact of CALEA on Network Operators

17CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

LimitationsLimitations

• Do not deliver location information

• Information Services not included

• Private networks not included

• No decryption required

Unless Service Provider has keys

• Protect privacy of non-targets

Page 18: Impact of CALEA on Network Operators

18CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Current Standards EffortsCurrent Standards Efforts

• TIA: J-STD-025(a)

Telephony & Packet Data

• PacketCable(TM)

Cable Telephony (VoIP)

• PCIA: Paging

• IETF: Declined to play

Published RFC2804 (Raven)

Page 19: Impact of CALEA on Network Operators

19CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

J-STD-025 Packet Data J-STD-025 Packet Data • Two Methods for Delivery

Call Data Channel

Call Content Channel

• Only IP definition is for Wireless IP

However scope is vague.

• Current solution for Pen Register & Trap and Trace -> Send all packets and let LEA sort them out.

Page 20: Impact of CALEA on Network Operators

20CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

FCC Third Report & OrderFCC Third Report & Order

• Released by FCC August 31, 1999

• Responded to FBI requests

e.g., Location ID is required

• Invited TIA to provide report on packet data surveillance by September 30, 2000

• Compliance deadline for delivery of packet data using J-STD-025: 9/30/2001

Page 21: Impact of CALEA on Network Operators

21CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

USTA vs. FCCUSTA vs. FCC

• USTA, et. al. filed suit opposing third report and order

Punch list items (e.g., Location)

Packet Data solution in J-STD-025

Sending all data violates privacy protection provision in CALEA

• Initial arguments heard 5/18/2000

• Court will probably advise FCC to reconsider its position

Page 22: Impact of CALEA on Network Operators

22CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

TIA Joint Experts MeetingTIA Joint Experts Meeting

• Technical Fact-Finding Body

• Determine feasibility of delivering less than the full content of a packet to a law enforcement agency (LEA) in response to a pen register or trap and trace court order

• Provide input to TIA for report to FCC by Sept. 30, 2000

Page 23: Impact of CALEA on Network Operators

23CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Scope of JEMScope of JEM

• Many packet technologies: TDMA/CDMA/PCS/GSM/CDPD/X.25/ ISDN/ATM/Frame Relay/IP/others

• Does not include

legal issues

interpretation of FCC orders

impacts of encryption other than how it affects ability to deliver less than full content of packet

Page 24: Impact of CALEA on Network Operators

24CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Status of JEMStatus of JEM

• First JEM held 5/3-5Most participants from Wireless industry

Not much input from ISPs

Meeting Report: http://www.tiaonline.org/standards/CALEA_JEM/45053125.pdf

Current Draft JEM Report http://www.tiaonline.org/standards/CALEA_JEM/45053126.pdf

• Second JEM scheduled 6/27-29http://www.tiaonline.org/standards/CALEA_JEM/

Page 25: Impact of CALEA on Network Operators

25CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Status of JEM - Main PointsStatus of JEM - Main Points

• Separating “Information Service” from “Telecommunications Service” impossible unless carrier is providing the service

• Two scenarios identified

Service Provider offering Call Management Services (e.g., SIP server)

Service Provider offering IP transport

• Technology dependent appendices

Page 26: Impact of CALEA on Network Operators

26CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Personal ConclusionsPersonal Conclusions

• Separating IP header info from content is technically feasible

• Reliably identifying application in packet as telecom or information service is not technically feasible

• Increasing line speed & encryption aggravate (or improve) the situation

• New operating procedures to reply to warrants

Page 27: Impact of CALEA on Network Operators

27CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

Other Personal ConclusionsOther Personal Conclusions

• Tradeoff between protecting privacy and burden on ISP

• Seizing stored communications vs. communications in transit (wiretap)

• Who will be the test case?

• Nobody really knows what the end result will be.

Page 28: Impact of CALEA on Network Operators

28CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

ReferencesReferences

• How wiretaps are done: http://www.cpsr.org/cpsr/privacy/communications/wiretap/denning_wiretap_procedure_paper.txt

• Overview of Wiretap law: http://www.nap.edu/readingroom/books/crisis/D.txt

• CALEA text: http://techlawjournal.com/agencies/calea/47usc1001.htm

• TIA CALEA page: http://www.tiaonline.org/standards/CALEA_JEM/

• FCC CALEA Page: http://www.fcc.gov/wtb/csinfo/calea.html

• FBI CALEA page: http://www.fbi.gov/programs/calea/overview.htm

• ETSI Lawful Intercept: http://www.etsi.org/technicalactiv/li.htm

• EPIC Wiretap pages: http://www.epic.org/privacy/wiretap/

• CTIA Comments on FCC Third Report and Order: http://www.wow-com.com/lawpol/filing/Body.cfm?Reg_ID=196

• CDT Wiretap page: http://www.cdt.org/digi_tele/

• CDT Privacy page: http//www.cdt.org/privacy/plif.shtml

• USTA/CDT brief on CALEA challenge:

• Brief of EPIC, ACLU, and EFF: http://techlawjournal.com/courts/ustavfcc/20000120.htm

• IETF RAVEN RFC: ftp://ftp.isi.edu/in-notes/rfc2804.txt

Page 29: Impact of CALEA on Network Operators

29CALEA_NANOG_2000_0611.ppt © 2000, Cisco Systems, Inc.

AcknowledgmentsAcknowledgments

• The following people either provided comments or I used their presentations for material:

Al Gidari: g-savvy.com

Terri Brooks: Nokia

Peter Musgrove: AT&T