Communications Assistance for Law Enforcement Act
Encyclopedia
The Communications Assistance for Law Enforcement Act (CALEA) is a United States
United States
The United States of America is a federal constitutional republic comprising fifty states and a federal district...

 wiretapping law passed in 1994, during the presidency of Bill Clinton
Presidency of Bill Clinton
The United States Presidency of Bill Clinton, also known as the Clinton Administration, was the executive branch of the federal government of the United States from January 20, 1993 to January 20, 2001. Clinton was the first Democratic president since Franklin D. Roosevelt to win a second full term...

 (Pub. L. No. 103-414, 108 Stat. 4279, codified at 47 USC 1001-1010). In its own words, the purpose of CALEA is:
To amend title 18, United States Code
United States Code
The Code of Laws of the United States of America is a compilation and codification of the general and permanent federal laws of the United States...

, to make clear a telecommunications carrier's duty to cooperate in the interception of communications for Law Enforcement purposes, and for other purposes.


CALEA's purpose is to enhance the ability of law enforcement and intelligence agencies to conduct electronic surveillance
Surveillance
Surveillance is the monitoring of the behavior, activities, or other changing information, usually of people. It is sometimes done in a surreptitious manner...

 by requiring that telecommunications carriers and manufacturers of telecommunications equipment modify and design their equipment, facilities, and services to ensure that they have built-in surveillance capabilities, allowing federal agencies to monitor all telephone, broadband internet, and VoIP traffic in real-time.

The original reason for adopting CALEA was the Federal Bureau of Investigation
Federal Bureau of Investigation
The Federal Bureau of Investigation is an agency of the United States Department of Justice that serves as both a federal criminal investigative body and an internal intelligence agency . The FBI has investigative jurisdiction over violations of more than 200 categories of federal crime...

's worry that increasing use of digital telephone exchange switches would make tapping phones at the phone company's central office harder and slower to execute, or in some cases impossible. Since the original requirement to add CALEA-compliant interfaces required phone companies to modify or replace hardware and software in their systems, U.S. Congress included funding for a limited time period to cover such network upgrades. CALEA was passed into law on October 25, 1994 and came into force on January 1, 1995.

In the years since CALEA was passed it has been greatly expanded to include all VoIP and broadband internet traffic. From 2004 to 2007 there was a 62 percent growth in the number of wiretaps performed under CALEA -- and more than 3,000 percent growth in interception of internet data such as email.

By 2007, the FBI had spent $39 million on its DCSNet
DCSNet
DCSNet, an abbreviation for Digital Collection System Network, is the FBI's point-and-click surveillance system that can perform instant wiretaps on almost any communications device in the US....

 system, which collects, stores, indexes, and analyzes communications data.

Provisions of CALEA

The U.S. Congress passed the CALEA to aid law enforcement in its effort to conduct criminal investigations requiring wiretapping of digital telephone networks. The Act obliges telecommunications companies to make it possible for law enforcement agencies to tap any phone conversations carried out over its networks, as well as making call detail record
Call detail record
A call detail record , also known as call data record, is a data record produced by a telephone exchange or other telecommunications equipment documenting the details of a phone call that passed through the facility or device...

s available. The act stipulates that it must not be possible for a person to detect that his or her conversation is being monitored by the respective government agency.

Common carriers, facilities-based broadband Internet access providers, and providers of interconnected Voice over Internet Protocol (VoIP) service – all three types of entities are defined to be “telecommunications carriers” and must meet the requirements of CALEA.

The CALEA Implementation Unit at the FBI has clarified that intercepted information is supposed to be sent to Law Enforcement concurrently with its capture.

On March 10, 2004, the United States Department of Justice
United States Department of Justice
The United States Department of Justice , is the United States federal executive department responsible for the enforcement of the law and administration of justice, equivalent to the justice or interior ministries of other countries.The Department is led by the Attorney General, who is nominated...

, FBI and Drug Enforcement Administration
Drug Enforcement Administration
The Drug Enforcement Administration is a federal law enforcement agency under the United States Department of Justice, tasked with combating drug smuggling and use within the United States...

 filed a "Joint Petition for Expedited Rulemaking" in which they requested certain steps to accelerate CALEA compliance, and to extend the provisions of CALEA to include the ability to perform surveillance of all communications that travel over the Internet -- such as Internet traffic and VoIP.

As a result, the FCC adopted a "First Report and Order" concluding that CALEA applies to facilities-based broadband Internet access providers and providers of interconnected (with the publicly switched telephone network) Voice-over-Internet-Protocol (VoIP) services.

In May 2006, the FCC adopted a "Second Report and Order", which clarified and affirmed the First Order:
  • The CALEA compliance deadline remains May 14, 2007.
  • Carriers are permitted to meet their CALEA obligations through the services of “Trusted Third Parties (TTP)” -- that is they can hire outside companies, which meet security requirements outlined in CALEA, to perform all of the required functions.
  • Carriers are responsible for CALEA development and implementation costs.

Technical implementation

USA telecommunications providers must install new hardware or software, as well as modify old equipment, so that it doesn't interfere with the ability of a law enforcement agency (LEA) to perform real-time surveillance of any telephone or Internet traffic. Modern voice switches now have this capability built in, yet Internet equipment almost always requires some kind of intelligent Deep Packet Inspection
Deep packet inspection
Deep Packet Inspection is a form of computer network packet filtering that examines the data part of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can...

 probe to get the job done. In both cases the intercept-function must single out a subscriber named in a warrant for intercept, and then immediately send some (headers-only) or all (full content) of the intercepted data to an LEA. The LEA will then process this data with analysis software that is specialized towards criminal investigations.

All traditional voice switches on the market today have the CALEA intercept feature built in. The IP-based "soft switches" typically do not contain a built-in CALEA intercept feature; and other IP-transport elements (routers, switches, access multiplexers) almost always delegate the CALEA function to elements dedicated to inspecting and intercepting traffic. In such cases, hardware taps or switch/router mirror-ports are employed to deliver copies of all of a network's data to dedicated IP probes.

Probes can either send directly to the LEA according to the industry standard delivery formats (c.f. ATIS T1.IAS, T1.678v2, et al.); or they can deliver to an intermediate element called a mediation device, where the mediation device does the formatting and communication of the data to the LEA. A probe that can send the correctly formatted data to the LEA is called a "self-contained" probe.

In order to be compliant, IP-based service providers (Broadband, Cable, VoIP) must choose either a self-contained probe (such as made by IPFabrics); or a "dumb" probe component plus a mediation device (such as made by Verint
Verint
Verint Systems is a company providing analytic software and hardware for the security, surveillance, and business intelligence markets. Their products are aimed to support government and enterprises in making sense of the vast information they collect to meet performance and security goals....

; or they must implement the delivery of correctly formatted for a named subscriber's data on their own.

Lawsuits

Originally CALEA only granted the ability to wiretap digital telephone networks, but in 2004, the United States Department of Justice
United States Department of Justice
The United States Department of Justice , is the United States federal executive department responsible for the enforcement of the law and administration of justice, equivalent to the justice or interior ministries of other countries.The Department is led by the Attorney General, who is nominated...

 (DOJ), Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF), Federal Bureau of Investigation
Federal Bureau of Investigation
The Federal Bureau of Investigation is an agency of the United States Department of Justice that serves as both a federal criminal investigative body and an internal intelligence agency . The FBI has investigative jurisdiction over violations of more than 200 categories of federal crime...

 (FBI), and Drug Enforcement Administration
Drug Enforcement Administration
The Drug Enforcement Administration is a federal law enforcement agency under the United States Department of Justice, tasked with combating drug smuggling and use within the United States...

 (DEA) filed a joint petition with the Federal Communications Commission
Federal Communications Commission
The Federal Communications Commission is an independent agency of the United States government, created, Congressional statute , and with the majority of its commissioners appointed by the current President. The FCC works towards six goals in the areas of broadband, competition, the spectrum, the...

 (FCC) to expand their powers to include the ability to monitor VoIP and broadband
Broadband
The term broadband refers to a telecommunications signal or device of greater bandwidth, in some sense, than another standard or usual signal or device . Different criteria for "broad" have been applied in different contexts and at different times...

 internet communications -- so that they could monitor Web traffic as well as phone calls.

The Electronic Frontier Foundation
Electronic Frontier Foundation
The Electronic Frontier Foundation is an international non-profit digital rights advocacy and legal organization based in the United States...

 (EFF) has filed several lawsuits to prevent the FCC from granting these expanded domestic surveillance
Mass surveillance
Mass surveillance is the pervasive surveillance of an entire population, or a substantial fraction thereof.Modern governments today commonly perform mass surveillance of their citizens, explaining that they believe that it is necessary to protect them from dangerous groups such as terrorists,...

 capabilities.

The FCC’s First Report and Order, issued in September 2005, ruled that providers of broadband Internet access and interconnected VoIP services are regulable as “telecommunications carriers” under CALEA. That order was affirmed and further clarified by the Second Report and Order, dated May 2006. On May 5, 2006, a group of higher education and library organizations led by the American Council on Education
American Council on Education
The American Council on Education is a United States organization, established in 1918, comprising over 1,800 accredited, degree-granting colleges and universities and higher education-related associations, organizations, and corporations....

 (ACE) challenged that ruling, arguing that the FCC’s interpretation of CALEA was unconstitutional under the Fourth Amendment
Fourth Amendment to the United States Constitution
The Fourth Amendment to the United States Constitution is the part of the Bill of Rights which guards against unreasonable searches and seizures, along with requiring any warrant to be judicially sanctioned and supported by probable cause...

. However, on June 9, 2006, the D.C. Circuit Court disagreed and summarily denied the petition (American Council on Education vs. FCC, United States Court of Appeals for the District of Columbia Circuit
United States Court of Appeals for the District of Columbia Circuit
The United States Court of Appeals for the District of Columbia Circuit known informally as the D.C. Circuit, is the federal appellate court for the U.S. District Court for the District of Columbia. Appeals from the D.C. Circuit, as with all the U.S. Courts of Appeals, are heard on a...

, June 9, 2006)

See also

  • Carnivore (FBI)
    Carnivore (FBI)
    Carnivore was a system implemented by the Federal Bureau of Investigation that was designed to monitor email and electronic communications. It used a customizable packet sniffer that can monitor all of a target user's Internet traffic...

  • DCSNET
    DCSNet
    DCSNet, an abbreviation for Digital Collection System Network, is the FBI's point-and-click surveillance system that can perform instant wiretaps on almost any communications device in the US....

  • ECHELON
    ECHELON
    ECHELON is a name used in global media and in popular culture to describe a signals intelligence collection and analysis network operated on behalf of the five signatory states to the UK–USA Security Agreement...

  • SORM
    SORM
    SORM is a technical system for search and surveillance in the internet...

     (Russia)
  • Hepting v. AT&T
    Hepting v. AT&T
    Hepting v. AT&T is a United States class action lawsuit filed in January 2006 by the Electronic Frontier Foundation against the telecommunications company AT&T, in which the EFF alleges that AT&T permitted and assisted the National Security Agency in unlawfully monitoring the communications of...

  • Lawful interception
    Lawful interception
    Lawful interception is obtaining communications network data pursuant to lawful authority for the purpose of analysis or evidence. Such data generally consist of signalling or network management information or, in fewer instances, the content of the communications...

  • Magic Lantern
    Magic Lantern (software)
    Magic Lantern is keystroke logging software developed by the United States' Federal Bureau of Investigation. Magic Lantern was first reported in a column by Bob Sullivan of MSNBC on 20 November 2001 and by Ted Bridis of the Associated Press.-How it works:...

  • IPFabrics
  • Verint
    Verint
    Verint Systems is a company providing analytic software and hardware for the security, surveillance, and business intelligence markets. Their products are aimed to support government and enterprises in making sense of the vast information they collect to meet performance and security goals....

  • Pen-Link
  • Secrecy of correspondence
    Secrecy of correspondence
    The secrecy of correspondence ) or literally translated as secrecy of letters, is a fundamental legal principle enshrined in the constitutions of several European countries. It guarantees that the content of sealed letters is never revealed and letters in transit are not opened by government...

  • Secure communication
    Secure communication
    When two entities are communicating and do not want a third party to listen in, they need to communicate in a way not susceptible to eavesdropping or interception. This is known as communicating in a secure manner or secure communication...

  • Surveillance
    Surveillance
    Surveillance is the monitoring of the behavior, activities, or other changing information, usually of people. It is sometimes done in a surreptitious manner...

  • Telecommunications Intercept and Collection Technology Unit
    Telecommunications Intercept and Collection Technology Unit
    The Telecommunications Intercept and Collection Technology Unit is part of the Electronic Surveillance Technology Section of the Federal Bureau of Investigation . Its primary function is performing surveillance of U.S...

  • Telephone tapping
    Telephone tapping
    Telephone tapping is the monitoring of telephone and Internet conversations by a third party, often by covert means. The wire tap received its name because, historically, the monitoring connection was an actual electrical tap on the telephone line...

  • Total Information Awareness

Further reading

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK