Re: CALEA Requirements
The FBI CALEA folks have always had a somewhat expansive interpretation of their authorities. For example, "dialed digit extraction." The court cases supporting pen registers are based on business record exception, i.e. Smith v. Maryland says dial numbers are disclosed to the telephone company so the phone company can connect and bill the call do not have a reasonable expectation of privacy. The FBI expanded its pen-register authority to include all numbers dialed *DURING* the call because in the 1970's pen-register technology didn't stop recording digits (i.e. the "clicks") after a call was answered. Although modern pen-register technology can distinguish between numbers dialed for the purpose of connecting the call, and numbers dialed during the call (i.e. your online banking PIN), and dialed digit extraction during VOIP calls is an extreme pain in the ass. In the 1990's, the FBI convinced the FCC to order carriers under CALEA to do dialed digit extraction because "that's what they've always done," not because its what the law and court cases required. Even the FCC says in its CALEA order, the FBI's justification was flimsy but the FCC wasn't willing to oppose the FBI. As several folks have pointed out, talk to your own legal counsel. The FBI CALEA website is the FBI's interpretation of its authority, not necessarily what your own counsel would advise.
Re: CALEA Requirements
If you are a wireline ISP, start with the ATIS-113* docs, you will see from the FBI link below, different services and carrier types (e.g. voice or cable) have additional needs on top of this. As Scott said, your legal/regulatory team needs to guide you to exactly which in the listMAY apply in your situation, but from a technical point of view you can at least get an idea about what you might have to do by starting with the ATIS specs: https://askcalea.fbi.gov/standards.html Rob On 14 March 2016 at 13:57, Scott Weekswrote: > > > --- lor...@hathcock.org wrote: > From: "Lorell Hathcock" > > Can someone point me to the current CALEA requirements? > > As an ISP, should I be recording all internet traffic that passes my > routers? Or do I only have to record when and if I receive a court order? > > I'm not under any court order now, I just want to be sure that I am > compliant going forward in my capabilities. > - > > > This is something your company's lawyers should hash out. > That said, you shouldn't record anything unless forced to > do so. It'll just make pervasive surveillance easier. > > scott >
Re: CALEA Requirements
Thanks for the tips. All good info. Sent from my iPhone > On Mar 18, 2016, at 3:31 PM, Kraig Beahnwrote: > > I believe Scott, just hit the nail on the head... > "but keep in mind that it's normal for people who have > had to fulfill a request *to be disallowed from talking about it* which > makes > them seem even more rare than they actually are." > >> On Fri, Mar 18, 2016 at 4:28 PM, Scott Helms wrote: >> >> Kevin, >> >> That's largely true, but keep in mind that it's normal for people who have >> had to fulfill a request to be disallowed from talking about it which makes >> them seem even more rare than they actually are. I'm also not familiar >> with any laws that prevent state or local agencies from leveraging CALEA >> and I've certainly seen it used on the voice side by state level law >> enforcement. >> >> >> Scott Helms >> Chief Technology Officer >> ZCorum >> (678) 507-5000 >> >> http://twitter.com/kscotthelms >> >> >> On Fri, Mar 18, 2016 at 4:19 PM, Kevin Burke > wrote: >> >>> Ignore it until you get the paperwork. The local law enforcement can not >>> get a warrant for the real time, full data capture. Only FBI or other >>> national agencies can get those subpeona's. We went through this with >> our >>> local police department. They wanted to make sure we were prepared and >>> wanted a test for the real time number capture on phone calls. They >> didn't >>> mention they don't have any equipment on their side to connect the T1. >>> >>> Ask your local neighbors. Some area's have a number of local federal >>> investigations. If you get the deer in the headlights look from your >>> competition then you may never get one of these. >>> >>> The full data captures are rare. >>> >>> Kevin Burke >>> 802-540-0979 >>> Burlington Telecom - City of Burlington >>> 200 Church St, Burlington, VT 05401 >>> >>> -Original Message- >>> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Lorell >> Hathcock >>> Sent: Monday, March 14, 2016 4:47 PM >>> To: 'NANOG list' >>> Subject: CALEA Requirements >>> >>> NANOG: >>> >>> >>> >>> Can someone point me to the current CALEA requirements? >>> >>> >>> >>> As an ISP, should I be recording all internet traffic that passes my >>> routers? Or do I only have to record when and if I receive a court >> order? >>> >>> >>> >>> I'm not under any court order now, I just want to be sure that I am >>> compliant going forward in my capabilities. >>> >>> >>> >>> Thanks! >>> >>> >>> >>> Lorell Hathcock >>
Re: CALEA Requirements
Kevin, That's largely true, but keep in mind that it's normal for people who have had to fulfill a request to be disallowed from talking about it which makes them seem even more rare than they actually are. I'm also not familiar with any laws that prevent state or local agencies from leveraging CALEA and I've certainly seen it used on the voice side by state level law enforcement. Scott Helms Chief Technology Officer ZCorum (678) 507-5000 http://twitter.com/kscotthelms On Fri, Mar 18, 2016 at 4:19 PM, Kevin Burkewrote: > Ignore it until you get the paperwork. The local law enforcement can not > get a warrant for the real time, full data capture. Only FBI or other > national agencies can get those subpeona's. We went through this with our > local police department. They wanted to make sure we were prepared and > wanted a test for the real time number capture on phone calls. They didn't > mention they don't have any equipment on their side to connect the T1. > > Ask your local neighbors. Some area's have a number of local federal > investigations. If you get the deer in the headlights look from your > competition then you may never get one of these. > > The full data captures are rare. > > Kevin Burke > 802-540-0979 > Burlington Telecom - City of Burlington > 200 Church St, Burlington, VT 05401 > > -Original Message- > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Lorell Hathcock > Sent: Monday, March 14, 2016 4:47 PM > To: 'NANOG list' > Subject: CALEA Requirements > > NANOG: > > > > Can someone point me to the current CALEA requirements? > > > > As an ISP, should I be recording all internet traffic that passes my > routers? Or do I only have to record when and if I receive a court order? > > > > I'm not under any court order now, I just want to be sure that I am > compliant going forward in my capabilities. > > > > Thanks! > > > > Lorell Hathcock > >
Re: CALEA Requirements
I believe Scott, just hit the nail on the head... "but keep in mind that it's normal for people who have had to fulfill a request *to be disallowed from talking about it* which makes them seem even more rare than they actually are." On Fri, Mar 18, 2016 at 4:28 PM, Scott Helmswrote: > Kevin, > > That's largely true, but keep in mind that it's normal for people who have > had to fulfill a request to be disallowed from talking about it which makes > them seem even more rare than they actually are. I'm also not familiar > with any laws that prevent state or local agencies from leveraging CALEA > and I've certainly seen it used on the voice side by state level law > enforcement. > > > Scott Helms > Chief Technology Officer > ZCorum > (678) 507-5000 > > http://twitter.com/kscotthelms > > > On Fri, Mar 18, 2016 at 4:19 PM, Kevin Burke > > wrote: > > > Ignore it until you get the paperwork. The local law enforcement can not > > get a warrant for the real time, full data capture. Only FBI or other > > national agencies can get those subpeona's. We went through this with > our > > local police department. They wanted to make sure we were prepared and > > wanted a test for the real time number capture on phone calls. They > didn't > > mention they don't have any equipment on their side to connect the T1. > > > > Ask your local neighbors. Some area's have a number of local federal > > investigations. If you get the deer in the headlights look from your > > competition then you may never get one of these. > > > > The full data captures are rare. > > > > Kevin Burke > > 802-540-0979 > > Burlington Telecom - City of Burlington > > 200 Church St, Burlington, VT 05401 > > > > -Original Message- > > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Lorell > Hathcock > > Sent: Monday, March 14, 2016 4:47 PM > > To: 'NANOG list' > > Subject: CALEA Requirements > > > > NANOG: > > > > > > > > Can someone point me to the current CALEA requirements? > > > > > > > > As an ISP, should I be recording all internet traffic that passes my > > routers? Or do I only have to record when and if I receive a court > order? > > > > > > > > I'm not under any court order now, I just want to be sure that I am > > compliant going forward in my capabilities. > > > > > > > > Thanks! > > > > > > > > Lorell Hathcock > > > > >
RE: CALEA Requirements
Ignore it until you get the paperwork. The local law enforcement can not get a warrant for the real time, full data capture. Only FBI or other national agencies can get those subpeona's. We went through this with our local police department. They wanted to make sure we were prepared and wanted a test for the real time number capture on phone calls. They didn't mention they don't have any equipment on their side to connect the T1. Ask your local neighbors. Some area's have a number of local federal investigations. If you get the deer in the headlights look from your competition then you may never get one of these. The full data captures are rare. Kevin Burke 802-540-0979 Burlington Telecom - City of Burlington 200 Church St, Burlington, VT 05401 -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Lorell Hathcock Sent: Monday, March 14, 2016 4:47 PM To: 'NANOG list'Subject: CALEA Requirements NANOG: Can someone point me to the current CALEA requirements? As an ISP, should I be recording all internet traffic that passes my routers? Or do I only have to record when and if I receive a court order? I'm not under any court order now, I just want to be sure that I am compliant going forward in my capabilities. Thanks! Lorell Hathcock
Re: CALEA Requirements
--- lor...@hathcock.org wrote: From: "Lorell Hathcock"Can someone point me to the current CALEA requirements? As an ISP, should I be recording all internet traffic that passes my routers? Or do I only have to record when and if I receive a court order? I'm not under any court order now, I just want to be sure that I am compliant going forward in my capabilities. - This is something your company's lawyers should hash out. That said, you shouldn't record anything unless forced to do so. It'll just make pervasive surveillance easier. scott