Your SlideShare is downloading. ×
© 2004 VeriSign, Inc. VoIP and CALEA:
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

© 2004 VeriSign, Inc. VoIP and CALEA:

322
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
322
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. VoIP and CALEA: Current Developments Tony Rutkowski V.P. for Regulatory Affairs VeriSign mailto:trutkowski@verisign.com tel:+1 703.948-4305 VoIP World Fall 2004 Washington DC 12 Nov 2004 Panel on CALEA and VoIP
  • 2. Overview
    • The new FCC CALEA proceeding
      • Timeline
      • Who is saying what
    • Applicability of CALEA
      • Public broadband Internet access facilities
      • Public managed/mediated VoIP facilities
      • Jurisdiction and findings
      • Other bases
      • Telecommunications carrier issue
      • Information service issue
    • Requirements and Solutions
      • Traffic data extraction
      • Trusted Third Party service bureaus as complete independent solution
      • Safe harbor standards
      • Subscriber identity information
      • Stored traffic data
      • Transnational
    • Compliance Extension Petitions
    • Enforcement
      • How should the FCC deal with the problem of evolving standards and their implementation?
      • Are any existing CALEA standards deficient?
      • What other steps could be adopted for effective enforcement?
    • Cost and Recovery
    • Effective Date
    • VeriSign and its NetDiscovery ™ Service
  • 3. The new FCC CALEA proceeding 1990 1995 2000 2004 2005 2006 2007 Adopted 25 Oct 1994 Original CALEA Proceeding NPRM 10 Oct 1997 FNPRM 5 Nov 1998 R&O 15 Mar 1999 2ndR&O 31 Aug 1999 3rdR&O 31 Aug 1999 DCcir 15 Aug 2000 Recon Order 16 Apr 2001 Order 21 Sep 2001 Order 27 Sep 2001 Remand Order 11 Apr 2002 Docket 97-213 Docket 04-36 Omnibus IP-Enabled Services Proceeding NPRM 14 Feb 2004 Docket 04-295 Broadband-VoIP CALEA Proceeding RM-10865 12 Mar 2004 NPRM 9 Aug 2004 Comments 8 Nov 2004 Replies 7 Dec 2004 R&O Apr? 2005 Compliance Benchmark Notice Aug? 2005 Compliance Benchmark Deadline Jul? 2006 Congressional hearing 10 Sep 2004
  • 4. Spectrum of filings http://svartifoss2.fcc.gov/prod/ecfs/comsrch_v2.cgi Enter: “04-295” in block 1 American Civil Liberties Union BellSouth CDT/ Public Interest Joint EarthLink, Inc. EDUCAUSE Coalition Electronic Frontier Foundation Global Crossing Level 3 Communications, LLC US Internet Service Provider Assn Yahoo! Inc. Largely No Problems Largely Opposed FiduciaNet NCTA New York Attorney General Nextel Communications, Inc. Satellite Industry Association Subsentio Texas Department of Public Safety United States Department of Justice USTA VeriSign Verizon AMA TechTel Communications CTIA Cingular Corr Coalition for Rural Broadband CALEA Motorola National Telecom Cooperative Association Nextel Nuvio OPASTCO Rural Telecommunications Group Rural Telecommunications Providers SBC Smithville T-Mobile USA, Inc. TIA Some Concerns Alternative: http://www.fcc.gov/cgb/ecfs/ Click on “Search for Filed Comments”
  • 5. Applicability of CALEA
    • Communications Assistance to Law Enforcement
      • Provide real-time (or stored) traffic data or content for forensic evidence or investigations
      • More than 10,000 agencies in U.S.; Title 18, Title 50, almost every State; international
      • Certainty – basic purpose of proceeding
      • Enhance privacy
    • Focus
      • Next Generation Networks; IP-enabled services
        • Broadband Internet Access Service (>200 kb/s)
        • Managed/Mediated VoIP (anything other than P2P)
    • Jurisdiction and findings
      • Substantial Replacement
      • Public Interest
        • Critical infrastructure protection
      • Switching and common carrier service
      • No adverse effect on technology
      • Cybercrime Convention and MLATs
    • Global action
      • Almost every country has similar requirements
      • Coordination among law enforcement worldwide
    • Telecommunications carrier issue
      • Carriers under CALEA have different definition and purpose
    • Information service issue
      • Narrow exclusion
      • Packet-Mode is covered
  • 6. Requirements and Solutions
    • Traffic data (call-identifying, Intercept Related Information) extraction
      • What is reasonable in packet-mode environment?
      • Who is encumbered? Where? How?
    • Trusted Third Party service bureaus as complete independent solution
      • Can TTPs by themselves serve as safe harbor
      • Relationship to safe harbor standards
    • Safe Harbor standards
      • What constitutes safe harbor
      • What standards are “deficient”
      • Who can produce standards
      • How do you deal with evolution of standards; versioning problem
    • Notice as to what’s required
      • FBI and international requirements documents
    • Subscriber identity information
      • Inherent problem with NGN/IP-enabled services
      • NGN Directory service protocols are key
    • Stored traffic data
      • Greater problem/cost for carriers than real-time CALEA requirements
      • Common global stored data handover interface is key
    • Transnational requirements
      • Looming problem for providers; backhauling is not a scaleable solution
    • Enhancing Privacy
      • How to enhance privacy in a NGN/IP-enabled services environment
  • 7. Trusted Third Party Value Propositions
    • Independence is key to trust
      • What is a trusted third party
      • TTPs can enhance CALEA privacy
    • Has freedom to employ a range of architectures
      • Internal, adjunct, external
      • Mew unified interfaces
    • Will generally follow safe harbor standards, exceptions
      • standards do not exist or are “deficient”
      • standards are not incorporated in network elements
      • standards versions change
    • Value added services
      • Authentication and trust systems
      • Legal analysis and verification of orders
      • Proof of performance
      • Subpoena processing
  • 8. TTP Models for Broadband Internet Access Internal Adjunct External Local Access Point Premises LI Provider Premises Broadband Service Provider Premises Broadband Service Provider Premises LI Provider Premises Broadband Service Provider Premises To Law Enforcement Public Internet Public Internet Local Access Point Premises To Law Enforcement content traffic data control content traffic data control LI Provider Premises To Law Enforcement traffic data + content control traffic data + content control (Mixture of the above)
  • 9. TTP Models for Managed/Mediated VoIP Services Internal Adjunct Managed/Mediated VoIP Provider Premises LI Provider Premises LI Provider Premises To Law Enforcement Public Internet Public Internet To Law Enforcement Managed/Mediated VoIP Provider Premises External Broadband Service Provider Premises LI Provider Premises To Law Enforcement content traffic data control content traffic data control (Mixture of the above) content traffic data control content traffic data control PSTN PSTN
  • 10. VoIP LI Standards
    • ETSI (access, multimedia cable, WiFi)
    • 3GPP/ETSI (3G)
    • IETF (IP generic, SNMP based)
    • Cable Labs (voice cable)
    • ATIS (VoIP, access)
    • TIA (wireless)
    IETF Architecture International (ETSI) Architecture Unified Interface Architecture
  • 11. Compliance Extension Petitions
    • Potential relief under CALEA Secs. 107 and 109
      • What is “reasonably achievable”
      • USDOJ argues none should be granted
      • Lack of standard is not a basis
    • Existing packet-mode extensions
      • Most appear “without merit”
      • Solutions are available in the marketplace
      • No further extensions
      • Fold into enforcement and benchmark compliance process
      • CALEA carriers face “high burden of proof” for non-compliance
    • Treatment of rural and “underserved” providers
      • Benchmark compliance process should be applied
  • 12. Enforcement
    • FCC use of its own enforcement authority
      • Under CALEA [47 USC § 229(a)] and under Communications Act
      • Ability to investigate and impose administrative penalties
      • Would exist in addition to judicial enforcement
    • CALEA carrier is generally encumbered with obligations
      • Reseller may be responsible if involved in provisioning
      • WiFi hotspot implementations may have shared responsibility
    • Responsibility remains with CALEA carrier, even if outsourced to Trusted Third Party
      • Law allows Trusted Third Parties to assume responsibility and indemnify the carrier
    • Proof of performance
      • Used by FCC over many decades in radio sector
      • Self or independent party certification may be considered for CALEA compliance
  • 13. Cost and Recovery
    • Distinguish between “CALEA capital costs” and “CALEA intercept costs”
    • U.S. government will not pay for capital or recurring costs, only actual costs for intercepts
    • Providers cannot attempt recovery in interception billings
      • Detail billings required
    • Providers can institute line-item billing to subscribers
      • Full and complete record is needed in the proceeding
    • Providers can outsource to Trusted Third Parties and recover costs
  • 14. Effective date
    • 90 days after adoption of rules
      • Notice of compliance or benchmark plan required
    • 15-month benchmark compliance process
      • Benchmark compliance plan to be filed 90 days after adoption
      • Detail steps taken to implement
        • Self-implementation
        • Trusted Third Party
      • Detail any additional steps necessary over subsequent 12 months
  • 15. VeriSign and its NetDiscovery ™ Services
    • Largest global provider of “intelligent infrastructure” services
      • Billion dollar annual revenues and growing
      • Worldwide presence
      • Emphasis on own ultra high availability and security platforms
      • Multiple interrelated sectors
        • Telecom/wireless content, signalling, and directory infrastructure
        • Internet signalling and directory infrastructure
        • Telecom and Internet security and financial transaction infrastructure
    • CALEA, Lawful Interception and subpoena processing services
      • Started as internal services in 1990s
      • Rolled out as NetDiscovery™ service bureau offerings in early 2002
      • Operates on national VPN cloud with redundant data centers
      • Pushed into IP-services, international in 2003
      • Serves as industry leader domestically and internationally
      • Contact Raj Puri [rpuri@verisign.com; +1.510.469.7874] or VeriSign carrier sales representative
  • 16. Compliance Outsourcing – Cost Comparison
    • NetDiscovery Service results in significant accumulative cost savings year over year
    • Provides consistency in policies and procedures
    • Provides “future-proof” compliance
    • Self Deployment Costs
    • Initial equipment capital expense
    • Annual equipment maintenance
    • Dedicated Resources
      • Security Operations Staff
      • Technical Support, LEA Connectivity Installation Support
      • Regulatory/Legal Support
    • Outsourced Lawful Assistance Compliance
    • Low Initial Setup/Monthly Fee/ Per Event Fee
    • VeriSign acts as the agent
    VeriSign NetDiscovery vs. Self Deployment 1 2 3 4 5 6 7 8 9 10 Year Cost ($) NetDiscovery Self Deployment