I have a question though you may or may be able to answer it. In point 1, you said you gave the LEA information on how to
word their subpoena? Was this knowledge based on an attorneys consult? I'll assume it may have been unless you are an
attorney yourself.
Secondly, why would an attorney or anyone provide "legal" consult to the LEA? The DOJ has all the required information any
LEA needs to obtain the information they need in an investigation. Most of it is basically fill in the blank and the forms
have multiple Q&A to write up the subpoena.
Having gone through enough of this over the past couple years, I have doubts that helping an LEA is in your best interest.
How do you warrant or have legal standing on telling an LEA that their subpoena does not have the correct information for the
request?
It is up to the LEA to get the proper legal consult they need when writing up a subpoena and or warrant to present to the
court.
Frank Muto
President
FSM Marketing Group, Inc
----- Original Message -----
From: "Butch Evans" <[EMAIL PROTECTED]>
To: "Wispa List" <[email protected]>
Sent: Friday, November 30, 2007 3:57 AM
Subject: [WISPA] CALEA
I just wanted to make a brief post relating a few experiences relating to the CALEA "scare" that was recently the "talk of
the town" (so to speak). I should preface this post with a bit of information that will give some insight into how common
(or not) law enforcement will or will not use CALEA to get information from you/us. I have about 225 customers in my
database. I work on a regular basis for about 15-20 of those each week. Since April, I have worked 4 cases with my
customers (actually, it was 6, but 3 were related) that were filed as CALEA actions.
Of these cases, 3 of my customers were using Mikrotik and 1 was using ImageStream. I can't reveal anything related to the
cases, but I wanted to help people understand what kind of information we are being asked for under CALEA, and what that
translates to in terms of capability requirements.
1. The first subpeona wanted to know who had a specific IP at a certain time and date. That was all that was requested.
This particular WISP has about 450 customers, and about 225 of those are using private IPs that are natted at the border.
It so happened that the IP we were requested information about was the NAT IP. I called the officer who had requested the
data and explained the situation to him. After an hour or so, he understood that there is nothing we could do without more
information. The case was an ongoing thing, and he was tracking contact to a specific website, so we were able to
determine a specific customer who was using that website. We did not tell the officer who it was, but we DID explain how
he needed to word his subpoena so that we COULD get him what he wanted. After he got the legal jargon to match the
technical requirements of our capabilities, we were able to capture and provide him with the communications he was needing.
2. The next 3 were related to one another (sort of). In this case, the subpeona asked for customer billing records and
login information for the past year for 3 IP addresses. We had part of this information (this WISP used public IP
addresses for all his customers). Since the subpeona requested historical information, we were somewhat limited in what we
could provide, but we did get the required information and LEA was happy.
3. The other 2 were not related but were similar. They asked for telephone information that the targets made between a
couple of dates in the past. Since the WISPs in both cases were not the provider of the VoIP (they were just the
transport) service, we explained to the LEA that the information they are seeking would not be available at the WISP,
eventually they went elsewhere for their information (I guess), but the WISPs, in the end, did not provide ANY customer
data to the LEA.
The point I am making here is that all of the information requested in all 3 cases, was easily obtainable using equipment
available within the WISP networks already. We used information that the Mikrotik and/or Imagestream enabled us to gather,
log files and RADIUS logs to gather login information and capturing of data along with their business records to answer all
6 subpeonas (7 if you count the one that had to be re-done).
In all cases, the law enforcement officer who was our first contact was not technically capable of understanding what they
wanted/needed, but without fail, there WERE people at the agencies involved who were. Of these subpeonas, 3 were from the
FBI, 2 were local LE and 1 was homeland security.
Incidentally, none of these WISPs spent any extra money to be compliant (other than some legal work that had to be done).
Billing for my time cost less than $350 (much less in some cases) to help gather necessary information. All of these (I
think) ended up billing these costs to the LEA and as far as I know, they got their direct expenses back.
I got another call today to assist with a subpoena and it got me thinking about the others. I just thought this
information may be useful/educational to some on this list.
--
Butch Evans
--------------------------------------------------------------------------------
WISPA Wants You! Join today!
http://signup.wispa.org/
--------------------------------------------------------------------------------
WISPA Wireless List: [email protected]
Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless
Archives: http://lists.wispa.org/pipermail/wireless/
