North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ISP CALEA compliance
On Thu, May 10, 2007 at 08:44:00AM -0700, Nikos Mouat wrote: > > > I have interpretted CALEA to apply only to providers of VOICE service, be > it VOIP or traditional, however I was told this morning point blank by the > FCC that CALEA most definitely applies to all ISPs that provide internet > access at speeds over 200k. > > The FCC said that routers must send a copy of all packets to and from a > selected IP to law enforcement in real time from gateway routers. > > I've seen very little CALEA related traffic on this list which reinforced > my belief that it did not apply to data providers. > > Can anyone comment on this? Sure, You need to have a router or some appliances that will assist you in the required lawful-intercept capabilities that are necessary. Take the time to read the 2nd order and report, and review FCC form 445. The filing date for that form passed, but that was a form to be filed to capture a "snapshot" of the current state of compliance. Keep in mind that you may need to negotiate with the requesting agency (ie: the folks that give you the subponea that cites CALEA). Take a moment and also review things like T1.IAS (I think it was renamed again). There was also a brief CALEA presentation at the past nanog. As usual, make sure you chat with your legal counsel. Finding some that have FCC knowledge/competence (and technology) is a plus. If you're not offering VoIP services, your life may be easier as you will only need to intercept the data. Depending on your environment you could do this with something like port-mirroring, or something more advanced. There are a number of folks that offer TTP (Trusted third-provider) services. Verisign comes to mind. But using a TTP doesn't mean you can hide behind them. Compliance is ultimately your (the company that gets the subponea) responsibility. This is a oversimplified summary and since IANAL nor am I a CALEA expert all this may be bunk. Some possibly useful links: http://www.fcc.gov/calea/ http://www.askcalea.net/ http://www.access.gpo.gov/uscode/title47/chapter9_subchapteri_.html - Jared (IANAL!) -- Jared Mauch | pgp key available via finger from [email protected] clue++; | http://puck.nether.net/~jared/ My statements are only mine.
|