The Telecommunications Carriers’ Forum (TCF) has delivered a new interception code to guide telcos and ISPs, when responding to requests for interceptions by law enforcement agencies.
TCF chairman Richard Westlake says the code will provide confidence among providers about how to go about complying with interception requests and also boost the consistency of their responses.
The Telecommunications (Interception Capability) Act 2004 requires network operators to ensure their telecommunications and, as of April, data networks have interception capability.
However, the Act does not outline how operators should deliver such interception. The document’s stated aim is to provide appropriate standards, processes and platforms to meet the legislative requirements.
The guidelines strongly recommend the adoption of the European Telecommunications Standards Institute’s international standards developed for lawful interception and used in the European and the Asia Pacific regions.
The guidelines also require, where feasible, that all intercepted data be encrypted when communicated to law enforcement agencies “as agreed with the those agencies”.
Internal communications concerning interception must also be secured and encrypted where possible, the guidelines say.
“All access to lawful interception administrative functions must be restricted to the appropriate administrative personnel,” they add.
The document further outlines lawful interception network architectures that can be used to meet interception requests.
It defines two forms of interception: internal and external. Internal interceptions are software-based and sit on routers or gateways in telecommunication providers’ networks. These can be remotely configured to capture specific information.
External interceptions involve the use of probes that are physically separate from but co-located with network elements and pass captured data to law enforcement agencies.
Fixed probes are deployed permanently at strategic points in network infrastructure, while itinerant probes are installed on an “as required” basis and may be owned by the law enforcement agencies.
These are connected to a network provider’s network at an interception access point, which can be passive splitters or active network ports. They may be either deployed on demand or permanently provided.
The guidelines are the result of discussions between providers and agencies as part of a TCF working party on interception.
The working party was established in 2008 and the guidelines were endorsed by the TCF board in June, with an update endorsed in August.