I'm not saying that I wouldn't cooperate. That's *my* government, mostly working on protecting me, and I won't be protecting actual criminal activity from actual justice. Which requires handing them data, because only the actual justice system can investigate and determine crime. But that doesn't mean that I want to be in the position for maximum legal abuse when that "inefficient" machine starts chewing me up to get its targets. Nor do I want a blind spot to where competition without that burden can operate. Especially when I'm connecting my infosystems to them and *their* government rules.
On Tue, 2007-03-06 at 10:20 -0500, Alexander Lopez wrote: > What I think is the general thought here and should not be sidelined is > that if a Government wants information and you do not give it to them, > even thought you may be 150% in the right but they will and can make > your life almost impossible. > > It is better to have a plan even if YOU feel that you are exempt. > (Non-US company, Users are elsewhere, media does not touch me, Etc.) It > is much better to give them something even if it not 100% of what they > ask for but it does the job. You have helped them and a happy Fed is a > Fed that goes away...... > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:asterisk-biz- > > [EMAIL PROTECTED] On Behalf Of Matthew Rubenstein > > Sent: Tuesday, March 06, 2007 9:38 AM > > To: Trixter aka Bret McDanel > > Cc: Asterisk-Biz > > Subject: Re: [asterisk-biz] CALEA > > > > If your business is, say, a NY corporation, but your servers are > in, > > say, Canada, are these CALEA requirements enforceable? What if your > > business is an Ontario corp, or Yukon, or Iranian? Is there some combo > > of foreign corp/servers that CALEA can't reach? > > > > > > On Tue, 2007-03-06 at 13:15 +0000, Trixter aka Bret McDanel wrote: > > > > > > > > > On 3/6/07, Matt <[EMAIL PROTECTED]> wrote: > > > > > > CALEA support is generally more than just log files, > > > thge government likes those log files in specific > > > formats, they like the recordings done such that > they > > > can tell which leg of the call > > > > > > To that I'd say touch noogies.. here's a comma delimited > > > version with headers :) > > > > > > that may work, however in my experience if you upset the government > > > they will spend years doing everything they can to 'get even'. > Often > > > spanning more than a decade. They also work it so that even if they > > > lose in court they still win. > > > > > > If its not a problem to convert it and play nice, why not - and its > > > unlikely that anyone on this list will ever receive a title III > > > warrant anyway given how few are issued. > > > > > > > > > > > > noise occured on (for background analysis), often > they > > > have a stereo recording where left channel is A leg, > > > right channel is B leg, I have seen mp3 as well as > > > regular CD audio for that. > > > > > > I still don't see why the system can't do this out of the > box? > > > > > > I never said it couldnt, I was addressing a specific persons > comments > > > with mine. > > > > > > > > > CALEA support also means being able to record > without > > > alerting the user, since there is a > > > > > > Again.. by DEFAULT Asterisk doesn't alert the user when > > > recording begins. > > > > > > reinviting the media off to the real provider (if you do that) > except > > > when recording is happening is a grey area, and that is what I was > > > addressing. It causes a change that can be observed by the person > > > being recorded and the government can argue that is notification, > > > whether or not its a valid interpretation. I know that when the > > > government decides something its generally very difficult to change > > > their mind, and generally by the time you do they already got what > > > they wanted. > > > > > > > > > > > > provision against notification. If you are a > > > "interconnected VoIP provider" as defined in the CFR > > > (ie 911, USF, etc apply to you) you have to be able > to > > > record all calls that go through you, not just the > > > pstn ones - this means pc->pc if its through you. I > > > want to clarify before > > > > > > Again.. Asterisk already acomplishes this. > > > > > > Again, I was addressing a specific persons comments, I never once > > > indicated whether or not asterisk was capable of anything in the > > > original post. Had you left those comments in it would have been > > > easier to reference, but you omitted them so it requires someone > going > > > to the archives to see that I really was only addressing the persons > > > comments who said 'here is a log file'. > > > > > > > > > > > > We have a call center and we record every single call that > > > comes through there.... granted the caller DOES know.. but > > > only because we tell them in a message. > > > > > > Many do, and with some of the mixing apps you can create a single > wav > > > with left/right channel representing the a/b legs of the calls. I > do > > > not know that a/b leg seperation is reqired but it is desirable, and > > > if you read transcripts of wiretaps (written by the agents typically > > > littered with opinions of the agents written as fact) you will see > > > that they do make notes of background voices that are audible > > > corelating it with which side of the call it came from. > > > > > > > > > > > > > > > On a side note..... am I expempt from CALEA if all I handle > > > are CDR records... and I issue re-invites for ALL traffic? > > > That is.. if someone from me makes an outbound call and I > > > terminate IP.. if I connect my terminator directly to my > > > client... does that absolve me? (I certainly don't intend to > > > do that.. but an interesting thought). > > > > > > that is a grey area which I tried to address earlier. Its unclear > > > what the governments position will be and any position statement you > > > get can change at will. Further, changing from reinviting > everything > > > to not for recorded calls is grey as to whether or not it qualifies > as > > > notification to the end user. The original laws were written in the > > > 80s (1984 iirc) and as a result they didnt take into account > anything > > > but traditional phone systems where you had to handle the media as > > > well as the signalling. > > > > > > The reason its grey on reinvites is that there is a provision in the > > > calea statutes that exempts entities where its not technically > > > feasable to record. If you dont have the capacity to handle > > > reinvites, or cant do it in a way that doesnt alert the customer you > > > might qualify. Then again the government can say you arent in > > > compliance and the fine is something like $10k/day/switch (which > they > > > would likely assess as per asterisk box). IIRC you dont have to be > > > served to be in violation and subject to the fine, although they > > > shouldnt be able to know until you are and cant comply. > > > > > > There is also a bit of time you have to enable a warrant, but that > is > > > measured in days not weeks. So if you are served, you dont want to > > > scramble to write a bunch of CALEA hooks in and all, you should have > a > > > plan ahead of time just in case. > > > > > > Also note, calea generally doesnt cover stuff that isnt covered by a > > > title III warrant (of which only about 3500 are issued annually > anyway > > > for 300M people and billions of minutes of calls). But the patriot > > > act changed it to allow for tapping a person not just a specific > line. > > > So 1 warrant can now cover multiple lines. title III warrants have > to > > > go for judicial review regularly, I believe every month, and > > > extensions have to be granted or it expires. Common grounds for > > > extensions are 'the suspect is aware of our tapping efforts', so > > > tipping your hand just gives cause to prolong your recording, which > if > > > you dont generally do that does have an impact on your capacity > since > > > it is extra cycles running on your system. > > > > > > Stuff calea doesnt cover, nor do title III warrants are things like > > > business records, which CDR data qualifies as. Business records > > > (according to the federal rules of criminal procedure as well as > civil > > > procedure) are generally anything the business uses in its day to > day > > > operations. Subpoenas are all that are required on that, unless the > > > company wants to voluntarially give them up, which it can do should > it > > > choose to. > > > > > > > > > > > > > > > > > > -- > > > Trixter http://www.0xdecafbad.com Bret McDanel > > > Belfast +44 28 9099 6461 US +1 516 687 5200 > > > http://www.trxtel.com the VoIP provider that pays you! > > > _______________________________________________ > > > --Bandwidth and Colocation provided by Easynews.com -- > > > > > > asterisk-biz mailing list > > > To UNSUBSCRIBE or update options visit: > > > http://lists.digium.com/mailman/listinfo/asterisk-biz > > -- > > > > (C) Matthew Rubenstein > > > > _______________________________________________ > > --Bandwidth and Colocation provided by Easynews.com -- > > > > asterisk-biz mailing list > > To UNSUBSCRIBE or update options visit: > > http://lists.digium.com/mailman/listinfo/asterisk-biz -- (C) Matthew Rubenstein _______________________________________________ --Bandwidth and Colocation provided by Easynews.com -- asterisk-biz mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-biz
