Complying With CALEA
Author's Note [11/06/01]: The information included below about compliance by November 19, 2001 with the two unchallenged "punch list" requirements is incorrect. The November 19 date is for packet-mode compliance only. Compliance with all punch list requirements has been suspended until the FCC resolves the four challenged requirements. I apologize for the error.
has once again extended the deadline for
compliance with the Communications Assistance for Law Enforcement Act (CALEA)
to November 19 for wireless, cellular, and broadband service providers.
Specifically, those service providers will have to implement two
"punch list" requirements by that date. Those items require
service providers to provide the content of subject-initiated conference
calls pursuant to a court order or legal authorization beyond a pen
register order (which captures the phone numbers dialed on outgoing
telephone calls), and to provide timing information to correlate
call-identifying information with the call content of an interception.
Four additional punch list requirements, which have been debated by
various members of the industry, are still being discussed by the FCC as
they involve separating call or packet-identifying information from the
actual contents of a communication. Not all CALEA-compliance solutions
available today have the capability to separate that information, and the
diverse equipment found in many carriers' and service providers' networks
makes it difficult to meet those requirements.
The FBI has been promoting DCS1000 (aka Carnivore) as the solution for
compliance, as it can easily intercept wireline and wireless
communications. One of the flaws of the system, however, is that it cannot
separate call or packet identifying information from actual content,
relying on the honesty of law enforcement agents doing the interception to
prevent them from reading contents of communications they are not entitled to view.
But there are several alternatives to Carnivore already in use for
intercepting wireline communications, and many of these solutions have
been modified for use in packet and wireless interceptions.
spoke to Scott Coleman, senior product manager at ADC
their CALEAserver, which offers targeted interception searches based on a
specific subscriber's information. A new product, Xcipio, will be launched
later this year, combining circuit-switched and IP interception
capabilities and offering a migration path for service providers who are
changing from Class 5 to packet-switching environments. The company is
working closely with Telcordia and has integrated the server with their
softswitch. They are also working on interoperability with four additional
One of the main differentiators of ADC's solution is that they offer a
separate box for sniffing out packets in both ISP and legacy environments,
so that law enforcement officials may obtain only the information they are
entitled to (i.e. packet routing or signaling information, in the case of
VoIP calls), and only on a specific subscriber. As for the disputed punch
list items, Coleman said the company is waiting to see what the FCC
decides before working on solutions that specifically address those
issues. The items in question involve interception of subject-initiated
dialing and signaling information, which requires carriers to give
authorities access to dialing and signaling information from the subject;
party hold, join, and drop information on conference calls; in-band and
out-of-band signaling notification messages; and dialed digit extraction,
which includes any digits dialed by the subject after
connecting to another carrier's service.
"My feeling is that the generosity of extensions is going to be
severely curtailed," said Coleman about the FCC's attitude on
continuously extending the deadline for compliance with the punch list
items. He believes the government will become more aggressive about
deployment, and that service providers will be forced to find solutions
that will work with the switching equipment they have in place. ADC plans
to add new switching interfaces through the end of 2002, and to support
additional standards as well.
CALEA compliance was announced Wednesday by CommWorks Corporation
in its Total Control 1000 Interworking Function (IWF) High Density
Gateway, a wireless gateway for code division multiple access (CDMA)
service providers. The gateway enables CDMA providers with 2G and 2.5G
data services to deliver Internet and corporate intranet access as well as
voice and data services, and supports an interface with all major wireless
switches. The company is also working on CALEA compliance for the Total
Control 1000 3G Packet Data Serving Node.
Comverse Infosys, a subsidiary of Comverse
Technology, offers the STAR-GATE solution for CALEA compliance, supporting
both circuit-switched and packet networks. The system consists of a
Mediation Device, which offers the delivery functions of surveillance, and
a Surveillance Administration Subsystem, which assigns interception
targets and oversees administration, maintenance, and security.
The VoiceBoxIII Digital Collection System from JSI Telecom
supports circuit-switched intercepts, as well as fax, data, VoIP, and
video within a single Windows environment. The solution also supports
intercepts of all wireless services from Nextel. The
system features a database analysis program for creating text and
graphical reports, a post-processing option for generating and managing
translations and transcriptions, and forensic capabilities like audio
filters, adaptive equalizers, and video clean-up tools.
Pen-Link, Ltd. offers the Local Intercept Network
Collection - On Line Network (LINCOLN), which is compatible with existing
pen register equipment and may be used in wireline and wireless networks.
The system is compliant with CALEA specifications, and may be used for
wiretap, pen register, and trap and trace investigations. Pen-Link
Software is included with the LINCOLN solution, enabling data collection,
management, and analysis, as well as search, retrieval, and playback
Alternative solutions to Carnivore certainly give wireless and
broadband service providers a more level playing field for complying with
CALEA and the approved punch list items. But compliance still won't be
easy, and the FCC is allowing individual carriers to petition for
extensions beyond the November 19 date, in anticipation of complications
in meeting requirements. As for the contested punch list items, the FCC
expects to reach a decision by the end of this year about the feasibility
of requiring these items, and has set a date of June 30, 2002 for all
carriers to be fully compliant with CALEA.
Laura Guevin welcomes your comments at firstname.lastname@example.org.