Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lawful Access/Interception: Global Cooperation and Collaboration Anthony M Rutkowski.

Similar presentations


Presentation on theme: "Lawful Access/Interception: Global Cooperation and Collaboration Anthony M Rutkowski."— Presentation transcript:

1 Lawful Access/Interception: Global Cooperation and Collaboration Anthony M Rutkowski

2 Decision or Action Requested Adoption of a resolution: 1) recognizing the need for the timely exchange of information among forums concerning Lawful Interception standards, specifications and related legal requirements, similar to that portrayed in the Annex; 1) recognizing the need for the timely exchange of information among forums concerning Lawful Interception standards, specifications and related legal requirements, similar to that portrayed in the Annex; 2) concluding that there is a need for collaboration among these forums to enhance interoperability of the resulting specifications and maximize reuse of schema or protocols; and 2) concluding that there is a need for collaboration among these forums to enhance interoperability of the resulting specifications and maximize reuse of schema or protocols; and 3) resolving to promote such information exchange and collaboration 3) resolving to promote such information exchange and collaboration

3 Introduction LI: multilateral agreements and domestic law in most countries require the production of investigative or evidentiary information by telecommunication or information network providers.[1] LI: multilateral agreements and domestic law in most countries require the production of investigative or evidentiary information by telecommunication or information network providers.[1][1] LA: production requirements of real-time traffic data and content have resulted in extensive global standards activities in a multiplicity of forums, commonly referred to as Lawful Interception. LA: production requirements of real-time traffic data and content have resulted in extensive global standards activities in a multiplicity of forums, commonly referred to as Lawful Interception. term is synonymous with "legal interception" term is synonymous with "legal interception" phrase “Lawful Access” typically encompasses stored subscriber and traffic data phrase “Lawful Access” typically encompasses stored subscriber and traffic data The increasing importance of this activity resulted in GSC- 7/RAST10 identifying the subject as one of "high interest" for GSC-8 – particularly with respect to Next Generation Networks.[2] The increasing importance of this activity resulted in GSC- 7/RAST10 identifying the subject as one of "high interest" for GSC-8 – particularly with respect to Next Generation Networks.[2][2] [1] See, e.g., Convention on Cybercrime (Budapest, November 2001). 1] [2][2] See, Resolution GSC7/1 (Sydney, November 2001) [2]

4 Activity Communication service providers, Law Enforcement Authorities (LEAs) and LI industry product and service providers are working together worldwide to support LEA requirements Communication service providers, Law Enforcement Authorities (LEAs) and LI industry product and service providers are working together worldwide to support LEA requirements international conferences international conferences national legislatures national legislatures regulatory consultative and policy- making proceedings regulatory consultative and policy- making proceedings resulted in an array of standards-making forums and industry entrepreneurial initiatives that have delivered specifications and products resulted in an array of standards-making forums and industry entrepreneurial initiatives that have delivered specifications and products specifications include ASN.1 and XML schema and modules – facilitates interoperability and reusable code specifications include ASN.1 and XML schema and modules – facilitates interoperability and reusable code

5 Issues Impacts on service providers Impacts on service providers Introduction of new technology Introduction of new technology Global legal and regulatory requirements transparency Global legal and regulatory requirements transparency Multiple standards, schema, data elements, identifiers, and modules Multiple standards, schema, data elements, identifiers, and modules Interception Architectures Interception Architectures Stored subscriber information and traffic record access Stored subscriber information and traffic record access

6 Impacts on service providers Intercept solutions for telecommunication and computer network providers are potentially costly Intercept solutions for telecommunication and computer network providers are potentially costly costs are increased by the compartmentalization and legal review necessary to authenticate the legal process and meet countervailing laws intended to protect customer privacy and prevent unauthorized disclosure of legal surveillance orders costs are increased by the compartmentalization and legal review necessary to authenticate the legal process and meet countervailing laws intended to protect customer privacy and prevent unauthorized disclosure of legal surveillance orders use of intermediate, network-based service bureaus may effect significant cost sharing use of intermediate, network-based service bureaus may effect significant cost sharing key considerations are "who pays," and on what basis - both with respect to implementing the necessary capabilities as well as for actual production orders key considerations are "who pays," and on what basis - both with respect to implementing the necessary capabilities as well as for actual production orders in some jurisdictions, standards have been used as the basis for imposing uncompensated additional cost burdens on providers in some jurisdictions, standards have been used as the basis for imposing uncompensated additional cost burdens on providers

7 Introduction of new technology LEAs and judicial authorities are often reluctant to use lower cost technology LEAs and judicial authorities are often reluctant to use lower cost technology secure VPN transport technology secure VPN transport technology common global data elements common global data elements structured syntax schema structured syntax schema PKI authentication PKI authentication Widespread introduction of the Internet and other next- generation network platforms, especially Voice over IP (VoIP) to exacerbate these legacy incompatibilities and costs Widespread introduction of the Internet and other next- generation network platforms, especially Voice over IP (VoIP) to exacerbate these legacy incompatibilities and costs

8 Global legal and regulatory requirements transparency national legislatures have adopted new mandates applicable to existing and emerging network infrastructures national legislatures have adopted new mandates applicable to existing and emerging network infrastructures Activities are ongoing and often independent of each other Activities are ongoing and often independent of each other International drivers include Convention on Cybercrime in 2001 and the adoption of Lawful Interception-related mutual assistance agreements - normative provisions have added to the complexity and created transnational mandates International drivers include Convention on Cybercrime in 2001 and the adoption of Lawful Interception-related mutual assistance agreements - normative provisions have added to the complexity and created transnational mandates Affects diverse standards-making forums and activities, including ultimately the providers of telecommunication, computer networking, and lawful interception products and services Affects diverse standards-making forums and activities, including ultimately the providers of telecommunication, computer networking, and lawful interception products and services No effective global mechanisms exist to provide notice of ongoing consultative and rule making activities or the resulting law and regulations No effective global mechanisms exist to provide notice of ongoing consultative and rule making activities or the resulting law and regulations Exacerbated by diversity of parties Exacerbated by diversity of parties

9 Multiple standards, schema, data elements, identifiers, and modules Significant number of largely independent vendors and standards bodies have produced a growing body of implementations and standards Significant number of largely independent vendors and standards bodies have produced a growing body of implementations and standards lack of awareness, lack of coordination and collaboration has resulted in isolated implementation islands with little or no interoperability lack of awareness, lack of coordination and collaboration has resulted in isolated implementation islands with little or no interoperability Involves the structured acquisition and transfer of data, but no integrated data element dictionary for LI exists Involves the structured acquisition and transfer of data, but no integrated data element dictionary for LI exists Specifications require the use of key identifiers as the basis for the unique identification of parties, records, and network elements, but no global coordination Specifications require the use of key identifiers as the basis for the unique identification of parties, records, and network elements, but no global coordination Global Next-Generation Networks and Internet-based applications like VoIP are especially affected Global Next-Generation Networks and Internet-based applications like VoIP are especially affected

10 Interception Architectures For NGNs and Internet-based applications, deployed architectures have dramatic effects For NGNs and Internet-based applications, deployed architectures have dramatic effects Highly distributed nature of Internet-based applications, many different providers are potentially involved in supporting the service attributes - often entirely under the control of the end- user, and with no cognizance by other providers Highly distributed nature of Internet-based applications, many different providers are potentially involved in supporting the service attributes - often entirely under the control of the end- user, and with no cognizance by other providers at provider premises sites, there are four interception technology platforms emerging at provider premises sites, there are four interception technology platforms emerging no "one option fits all" solution no "one option fits all" solution intermediate service bureaus become necessary for effective integration of the stored and real-time records, and delivery to the potentially thousands of different Law Enforcement Monitoring Facilities intermediate service bureaus become necessary for effective integration of the stored and real-time records, and delivery to the potentially thousands of different Law Enforcement Monitoring Facilities requires pragmatic involvement, collaboration, and recognition of many different kinds of standards activities requires pragmatic involvement, collaboration, and recognition of many different kinds of standards activities

11 Internet LI Architecture Model

12 Stored subscriber information and traffic record access (Lawful Access) Support required both by multilateral agreements and national law includes access to stored subscriber information and traffic records Support required both by multilateral agreements and national law includes access to stored subscriber information and traffic records Production orders for this information far exceed the number of real-time interceptions, and constitute a major global integration challenge as well as an unwanted major cost encumbrance for service providers if not compensated by Law Enforcement Authorities Production orders for this information far exceed the number of real-time interceptions, and constitute a major global integration challenge as well as an unwanted major cost encumbrance for service providers if not compensated by Law Enforcement Authorities The potentially large authentication difficulties and costs in authenticating subscriber-provided information in an Internet-application environment are also formidable The potentially large authentication difficulties and costs in authenticating subscriber-provided information in an Internet-application environment are also formidable Standards initiatives undertaken by "E-Government" and Integrated Justice programs, and related products developed by industry vendors can be leveraged into the existing Lawful Interception sector Standards initiatives undertaken by "E-Government" and Integrated Justice programs, and related products developed by industry vendors can be leveraged into the existing Lawful Interception sector


Download ppt "Lawful Access/Interception: Global Cooperation and Collaboration Anthony M Rutkowski."

Similar presentations


Ads by Google