Demystifying Lawful Intercept and CALEA TMC

DoJ Files Deficiency Petition with FCC over J-STD-025B

June 7, 2007
On May 15th 2007, the Dept. of Justice (as represented by the FBI, DEA and National Security Division) filed a "Petition for Expedited Rulemaking to Establish Technical Requirements and Standards Pursuant to Section 107(b) of the Communications Assistance for Law Enforcement Act", specifically in regard to J-STD-025B where it covers CDMA2000 packet data wireless services.

So what does this mean? Section 107 of CALEA covers the "Technical Assistance" portion of the CALEA law and during 2003 when the TIA and ATIS standards bodies were developing the JSTD25B standard, Law Enforcement (represented by the FBI at those meetings), raised several concerns over what they felt were technical deficiencies in the standard. Those concerns were never adequately satisfied in their opinion but the standards bodies moved forward anyway and the standard became effective in January of 2004. In March 2004 the standard (which at that point was only a "Trial Use" standard) was submitted for ballot to become an ANSI standard. In August 2006, J-STD-025B was adopted as an ANSI standard. At that time Law Enforcement began formulating a response to articulate the deficiencies they felt were still part of the standard. On May 15th (coincidence that it was the day after the May 14th deadline for Broadband and VoIP compliance? Probably not) they filed their official request for rulemaking to address these technical concerns.

So what are they asking for? On the technical side they are asking for 4 things:

1. Addition of Packet Activity Reporting - this would provide, among other things, the protocol in use, the Originating and Terminating IP address, the IP version and the Port number. The same types of things that are available as Call Data (or CII) for circuit switch calls today

2. Timing Information (Time stamping) - currently J-STD025B does not require any time stamping and they would like it to match the guidelines set forth by the commission for circuit switch time stamps (time stamp within 200ms and delivery to the LEA within 8 seconds).

3. More granular Location Information - currently cell site and sector are available but with the proliferation of location based services, it seems that more granular location information would be "reasonably available" (the metric used to determine what LI information can be made available to law enforcement).

4. Increased Security, Performance and Reliability of Delivery - these are fairly wide ranging items but the bottom line is that they want established rules over the protection of sensitive information and processes (internal as well as technical), along with assurances that they are receiving all of the packets from a communication session

On the process side, they are looking for an expedited ruling from the FCC along with a compliance deadline of 12 months after the FCC makes its' ruling.

Last week's ISS World conference didn't shed any new light on the subject even though the FBI, FCC and DEA were all represented there. They continued to reference the filing and the information contained within it.

So what does the timeline and next steps for this look like? Well this process has been followed before with both the Report and Orders over Broadband and VoIP compliance and with the original J-STD-025 (which is why J-STD-025A now exists). There is a response/comment period that is now underway and that will lead to a review period by the FCC. There is also a possibility that a second round of response/comments and review will take place. At some point the FCC will make a ruling, this will probably be somewhere between 8 and 18 months away. When the ruling occurs the standards bodies can then address the content of the ruling and implement any necessary changes to the standard. I say "necessary changes" because remember, as I noted above, this has happened before and just because capabilities are requested doesn't mean they are automatically granted. The original request for additional capabilities for J-STD-025 was for 11 items but only 7 were actually granted in the "Punchlist".

So how long will the changes to the standard take? Again it depends on how the FCC rules, but most likely 8 - 12 months. Which then begs the question, if compliance needs to be achieved within 12 months of the ruling but the standards body may take up to 12 months to modify the standard, how will compliance be achieved on time? Sound familiar?

Till next time ...

Related Tags: , , , , ,

Listed below are links to sites that reference DoJ Files Deficiency Petition with FCC over J-STD-025B:

Trackback Pings

TrackBack URL for DoJ Files Deficiency Petition with FCC over J-STD-025B:

Comments to DoJ Files Deficiency Petition with FCC over J-STD-025B

  1. RE: DoJ Files Deficiency Petition with FCC over J-STD-025B
    Scott Coleman :

    Raindeer: I would agree that lawful intercept "isn't that hard", nor is provisioning, billing, network management and the myriad of other services and functions that a telecom provider needs to implement and support, it just takes the right expertise, focus and resources. One of the problems however is that the carriers aren't that motivated or interested in LI since it doesn't generate any revenue, increase customer satisfaction or reduce churn. Because of this, law enforcement pushes for what they want, the carriers push back and the vendors providing the equipment are stuck in the middle selling products to customers (the carriers) that don't really want it while trying to satisfy the needs and requirements of law enforcement. I'm sure there is a better way of getting law enforcement what they want without putting undue burden on the carriers, just need to figure out how.

  1. RE: DoJ Files Deficiency Petition with FCC over J-STD-025B
    Raindeer :

    Yikes, Seems to me the FBI is asking a bit too much. (or you might say, is being a little bit clueless) I can understand the timestamping, but the other stuff? If it's a proper intercept standard, than they will get the full IP-packet as it went over the air. (Or maybe even the full CDMA stream with the IP packet in it.) Item number one Packet Activity Reporting therefore should already be in the bits they are getting. If it's not than it's not a proper intercept standard, but I can't really see that to be happening. There is no reason to bother the telco to get something out of the stream that is already in there. It's redundant and before you know it, you break stuff.
    Item number three, location based services, seems to be based more upon the media hype than on reality. The telco often only knows cell-site and extrapolating more from that is not easy. One of the things that makes it hard is that often telco's will use weird reflection tricks to get their signal at the right places. It's not like you can triangulate the location well. This is not CSI Las Vegas.

    Number four is solved partly by signing and cyphering the info. Partly by getting processes in place, which should not be in a standard, because it should be the same for all situations regardless of network and standard, and knowing if you really get everything is a combination of telco quality control and LEA quality control. For that the FBI should analyze their data and should perform regular tests interceptions in controlled environments.

    Lawful Interception is not that hard.

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)