 |
|
|
The dispute over the CALEA surveillance legislation flooded over the banks of standards committees some time ago, with critical decisions now before the US Congress and the FCC. Will the J-STD-025 standard that the TIA and ATIS developed be declared sufficient? Or deficient? Will the funding cut-off date be modified? What about the implementation date? While (multi-) million dollar questions like these are decided in Washington, the standards group that created J-STD-025 is now working on the FBI’s so-called ‘punch list’ of surveillance capabilities not included in the standard.
The punch list originated because there were a number of capabilities that the telecommunications industry balked at placing in J-STD-025. It considers them outside the scope of CALEA legislation and that they may, at best, be considered as extra-cost options, assuming that they are practical and lawful. The FBI (and other law enforcement agencies) believe that the punch list items are mandated by CALEA, and therefore should be included in J-STD-025 as part of the essential surveillance package.
The FBI’s description of the requirements for the punch list represent the technical gulf between US law enforcement and the telecom industry. Details were presented to both the FCC as reply comments in CC Docket No. 97-213 and to the TIA/ATIS Enhanced Surveillance Services ad hoc standards group in June of this year. Some requirements would extend surveillance to new situations, and others improve the robustness of the link between a switch and the law enforcement monitoring station.
J-STD-025 specifies that for conference calls, call waiting and other services that may put parties on hold, only parties connected to the intercept subject are monitored. The FBI is demanding that parties on hold be monitored separately, and they want to be informed of every change in the connection status (i.e. adding a party, dropping a party, or placing a party on hold). The ability to monitor associates who are not covered by a surveillance order at times when they are not connected to the surveillance subject has already raised the eyebrows of people concerned about civil liberties.
The television image of surveillance is of officers huddled in a van listening to conversations, yet in many cases law enforcement only request a summary of data pertinent to the call, such as the identity of the parties involved in the call, and the time and duration of the call. Consequently, any DTMF tones (TouchTone) that are dialed during the call would not be monitored. Not surprisingly, law enforcement want calls monitored for these tones, which could then be transmitted over a data connection to law enforcement. This requirement has a few technical problems (apart from the potential legal problem of monitoring call content without a court order) as the wireless system cannot easily determine what valid DTMF tones are. The minimum and maximum duration of tones is defined by the device receiving them (e.g. bank, voice mail, inter-exchange carrier). Without precise timing information it would be easy for a smart criminal to spoof the monitors by entering tones that were too short to cause any action or that were entered when the terminating device was not ready to receive them. There may be a number of other parameters that may be critical, such as the tolerance for frequency and amplitude of the tones. And it is impossible for the originating telecom system to identify the system (e.g. bank machine or inter-exchange carrier) that is processing the tones, if there even is one. Fundamentally, short of recording the tones and the feedback from terminating devices, the meaning of mid-call tones cannot be reliably determined by a carrier. Even if it is technically feasible to collect this information, it increases the cost of monitoring calls by requiring that the voice path is monitored continuously for valid DTMF tones (and possibly other groups of tones as well) for every intercept for which voice is not being provided. If full call content is provided, then law enforcement has easy access to the tones and any feedback associated with them.
Similarly, the FBI wants to be notified of all network initiated signals, including tones (e.g. busy and call-waiting tones) and short messages (excluding user-generated short messages). Obviously, audible information is available if the court order requires voice monitoring, but it is considerably more difficult to provide otherwise, because each type of signal has to be separately encoded, which will result in protocol modifications every time a new tone is added for a new feature. One future example could be Calling Party Pays, which may be implemented using a distinct tone to inform callers of the possibility of CPP charges. Furthermore, other types of signals (such as display messages or other visual indicators) could come in an extremely wide variety, and will all have to be encoded in a standardized fashion. Again, any change in signaling (which happens even more frequently with radio air interfaces than with in-band tones) will require the standardization of new encodings to inform law enforcement of the new information.
J-STD-025 requires that data is delivered to law enforcement over one interface (Call Data Channel or CDC), while voice is delivered over a number of trunks. Data messages on the CDC identify the trunk that has started to carry the voice of a subject, but the trunk (which carries no signaling) does not identify the CDC. The FBI is requesting that the voice trunk actually carry a unique identifier (e.g. a series of tones) that will correlate with the data messages on the CDC. This will delay the delivery of voice information and will require that all voice conversations be buffered by that amount of time, requiring a significant amount of RAM to be assigned (e.g. over 100 kilobits for each trunk, assuming a 2-second delay). The cost of such custom circuits will be considerably more than standard T1/DS0 circuits.
Other timing requirements are the delivery of voice no more than 2 seconds late (99% of the time) and the delivery of messages on the CDC no more than 3 seconds after the event that they record occurs. And, they want all time stamps to be accurate to within 100 milliseconds.
To increase the robustness of communication between the wireless system and law enforcement, the FBI is demanding that the status of every active surveillance be reported on a regular basis and that a continuous tone (probably the DTMF “C” tone) be transmitted on each voice trunk to verify connectivity.
These requirements may increase the cost of implementations, and may be outside the jurisdiction of law enforcement to specify.
If the FBI ‘punch list’ requirements are imposed by the FCC or the US Congress it will significantly add to the costs of telecommunications carriers’ compliance with CALEA. Many FBI requirements could be more easily performed by law enforcement obtaining full call content and performing the interpretation themselves. Mid-call tones, for example, could easily be obtained (with context) in this way. Not only would this approach be cheaper, and more efficient, but it is hard to see how an interpretation of a series of tones could stand up in court without any feedback from the device intercepting the tones, and without a full characterization of their timing, frequencies, amplitude and other characteristics. Furthermore, there are privacy considerations, because the tones may be conveying information that is not covered by the court order.
The major decisions regarding the FBI punch list are now in the hands of the US Congress and the FCC. Once they have made a decision, the courts may get dragged in through lawsuits. All technologists can do is point out some of the difficulties that these capabilities will introduce, the illusory nature of the supposed benefits, and the concomitant increase in costs for implementing CALEA. And then, they can only do this when asked.
© – Copyright