[96426] in North American Network Operators' Group
Re: ISP CALEA compliance
daemon@ATHENA.MIT.EDU (Jeff Shultz)
Thu May 10 14:14:57 2007
Date: Thu, 10 May 2007 11:14:35 -0700
From: Jeff Shultz <jeffshultz@wvi.com>
To: Jason Frisvold <xenophage0@gmail.com>,
NANOG list <nanog@nanog.org>
In-Reply-To: <924f29280705101103g1744ecebkfd68b9ff3e5bad9e@mail.gmail.com>
Errors-To: owner-nanog@merit.edu
Jason Frisvold wrote:
>
> On 5/10/07, Jared Mauch <jared@puck.nether.net> wrote:
>> If you're not offering VoIP services, your life may be easier as
>> you will only need to intercept the data. Depending on your environment
>> you could do this with something like port-mirroring, or something
>> more advanced. There are a number of folks that offer TTP (Trusted
>> third-provider) services. Verisign comes to mind. But using a TTP
>> doesn't mean you can hide behind them. Compliance is ultimately your
>> (the company that gets the subponea) responsibility.
>
> Here's a question that's come up around here. Does a CALEA intercept
> include "hairpining" or is it *only* traffic leaving your network?
> I'm of the opinion that a CALEA intercept request includes every bit
> of traffic being sent or received by the targeted individual, but
> there is strong opposition here that thinks only internet-related
> traffic counts.
>
>> - Jared (IANAL!)
>
That would be something best brought up with a CALEA lawyer or one of
the Trusted Third Party companies for an answer.
I suspect that you probably ought to have the capability of getting both
ends of the "conversation" (incoming & outgoing) as the warrant may be
written that way.
--
Jeff Shultz
