Data Interception

23 August 2007 (Last Updated August 23rd, 2007 18:30)

A major factor of aviation security is the ability of intelligence services to intercept the communications of terrorists. As the UK Government considers allowing intercept evidence to be used in court, Scott Cadzow, vice-chair of the ETSI lawful interception group, explains the legal background.

Data Interception

The standardisation of lawful interception will provide an economically and technically feasible solution that complies with national and international conventions and legislation. The European Telecommunications Standards Institute (ETSI) has played a leading role in this area since 1991.

Today the ETSI's work is concentrated in its Technical Committee Lawful Interception (TC LI), which enjoys the active participation of the major telecom manufacturers, network operators and regulatory authorities in Europe and around the world.

ETSI's LI work covers the whole spectrum of interception aspects, from a logical overview of the entire architecture and the generic intercepted data flow to the service-specific details for email and internet, and the requirements for law enforcement agencies in each country.

ETSI STANDARDS

A major achievement of ETSI's work in this area has been publishing the specifications for the handover procedure: TS 101 671 and ES 201 671. These specifications illustrate the flow that the intercepted data should follow in telecommunication networks or services. In this context, they specify the network or service protocols necessary to provide lawful interception, as well as the physical or logical point at which the interception has to take place (the handover interface) both for packet data and switched-circuit communications.

ETSI has also produced other important specifications on lawful interception in other technical committees. For this reason, TC LI is the legally authorised process by which a network operator or service provider gives law enforcement officials access to the communications (telephone calls, email messages etc) of private individuals or organisations.

Lawful interception is becoming crucial to preserving national security, combating terrorism and investigating serious criminal activities, working in close collaboration with TC TISPAN, the committee in charge of creating the specifications for NGN in ETSI. Airport authorities are finding themselves at the forefront of this effort.

WHAT THE STANDARDS DO

The LI handover specifications are already widely used. They were first adopted in 2003 by the Netherlands regulatory authority (the Directorate General for Telecommunication and Post of the Ministry of Economic Affairs). Meanwhile, a number of other countries are in the process of implementation or have expressed an interest in adopting the specifications.

The specifications are subject to constant review and updating within ETSI to accommodate emerging needs, and are being used as the basis for specifying the procedures for lawful interception.

"Lawful interception is becoming crucial to preserving national security."

The increasing trend towards the use of packet-switched technologies has necessitated a standard for the delivery of IP-based interception: TS 102 232 specifies the approach, the protocols and headers needed to perform lawful interception on an IP-based platform.

In addition, lawful interception has to be possible on specific services that make use of the IP framework: TS 102 233 covers the service-specific details for email services, describing the handover to the law enforcement authorities, while TS 102 234 covers the service-specific details for internet access.

GUIDANCE TO AUTHORITIES

ETSI has also standardised the general requirements of network operators, service providers and access providers, who are obliged to make available results of interception to the law enforcement agencies. Complementing this, a technical specification (TS) relating to handover interfaces for the interception provides guidance for law enforcement agencies on the cooperation required by network operators and service providers.

Recent publications include a description of service specific details for Layer 2 lawful interception. This specification applies to access providers having access to information on Layer 2 session information. This TS is particularly important because, in many situations, information on higher layers is either not accessible or not stored.

ONGOING ACTIVITIES

A specification on the lawful interception of public internet access by means of wireless LAN technology is also being produced. This is a critical issue for lawful interception because the user cannot always be identified.

IMS (the system created in 3GPP to enable the provision of multimedia services) and TISPAN specifications are being developed in tandem to allow the convergence of fixed and mobile networks over this common IP-based platform. The handover interface for lawful interception is being developed in TC LI to align with the latest TISPAN and 3GPP specifications for NGN.

DATA RETENTION

European governments are also becoming increasingly interested in preserving communications. The European Parliament's civil liberties committee recently voted in favour of new rules, whereby details on telephone calls and internet use would be kept for six to 12 months. TC LI is producing a report (DTR/LI-00020) that will provide a simple architectural framework, interface and extensible syntax for the request and delivery of available or retained stored data between government authorities and providers of communication services or their agents, based on common global capability needs.

With aviation affected more than any other sector by the current security climate, airport authorities, their security firms, border agents and all those involved in the protection of passenger safety need to be familiar with the legal requirements and format standards of this crucial intercept data.