30 September 2000. Thanks to report by Frédéric Vladyslav, vnunet.fr.

Jump to Carnivore comments.


Source: http://www.tiaonline.org/government/filings/JEM_Rpt_Cov_ltr_092900.pdf

September 29, 2000

The Honorable William E. Kennard
Chairman
Federal Communications Commission
445 12th Street, S.W.
Washington, DC 20554

Re: In the Matter of Communications Assistance for Law Enforcement Act, CC Docket No. 97-213

Dear Chairman Kennard:

The Telecommunications Industry Association (“TIA”) respectfully submits the attached Report on Surveillance of Packet-Mode Technologies for the Commission’s consideration.

In its Third Report and Order,1 the Commission considered the issue of CALEA compliance for packet-mode communications. Although the Commission expressed some concerns with the technical solutions provided by the industry safe harbor standard (J-STD-025),2 it decided that CALEA solutions consistent with J-STD-025 should be provided by September 30, 2001.

At the same time, however, the Commission noted “that packet-mode technology is rapidly changing, and that different technologies may require differing CALEA solutions.” The Commission also recognized that “we must avoid implementing CALEA requirements that could impede the development of new technologies” and concluded that “[w]e do not believe that the record sufficiently addresses packet technologies and the problems that they may present for CALEA purposes.” As a result, the Commission requested that TIA further study the technical issues concerning the surveillance of packet mode technologies and submit a report to the Commission by September 30, 2000.

_____________________

1 In the Matter of Communications Assistance for Law Enforcement Act, Third Report and Order, CC Docket No. 97-213, FCC 99-230, ¶ 55 (rel. August 31, 1999) (“Third Report & Order”).

2 Telecommunications Industry Association & Alliance for Telecommunications Industry Solutions, Interim Standard, Lawfully Authorized Electronic Surveillance, J-STD-025 (December 1997).

As mentioned in TIA’s previous status reports to the Commission,3 TIA immediately formed a working group, drawing on the technical expertise of its various standards committees, to provide technical input to this study. In order to expand the technical expertise contributing to the packet data study, TIA also invited a broad variety of packet-oriented technical groups to participate in a series of Joint Experts Meetings (“JEM”). The first session of the JEM was held on May 3-5, 2000 in Las Vegas, Nevada. The second session was held in Washington, D.C. from June 27-29.

____________________

3 Telecommunications Industry Association, Status Report, CC Docket No. 97-213 (filed on December 23, 1999); Telecommunications Industry Association, Second Status Report, CC Docket No. 97-213 (filed on May 17, 1999).

TIA appreciates the hard work and contributions made by all of the companies and organizations that participated in the JEM process. Both sessions of the JEM were well attended and sparked lively discussion. Participants included not only a broad spectrum of the industry, but also representatives from the Federal Bureau of Investigation and the Center for Democracy and Technology. TIA was especially pleased that representatives of the Commission’s staff were able to participate in both meetings. A list of attendees from the two sessions is attached.

Without attempting to summarize the entire Report, TIA would like to draw the Commission’s attention to a few, critical issues raised during the Joint Experts Meetings.

In conclusion, TIA would encourage the Commission to establish a procedure by which CALEA solutions for packet data technologies could be implemented in a more efficient and rational method. As TIA noted in its recent comments in this docket,4 the Commission should immediately suspend the September 30, 2001 compliance deadline pending the completion of any proceedings the Commission may initiate after evaluating this Report. Manufacturers and carriers are unsure whether to continue expending considerable resources developing complicated and expensive solutions consistent with the J-STD-025, if it is possible that those solutions may prove to be only an “interim” or “temporary remedy.” By suspending the deadline, the Commission will enable itself to solicit comments on the Report and make a final, informed decision.

TIA appreciates the confidence expressed by the Commission in entrusting to TIA the responsibility for preparing this Report. If you have any questions about the Report, please do not hesitate to contact me.

____________________

4 Telecommunications Industry Association, Comments, CC Docket No. 97-213 (filed September 15, 2000).

Pursuant to 47 C.F.R. § 1.1206, copies of the Report will be filed with the Commission’s Secretary. TIA is also providing copies of this Report to several of the Commission staff involved in this proceeding.

Sincerely,

/s/

Matthew J. Flanigan
President
Grant Seiffert
Vice President, Government Relations

cc (w/encl.):

The Honorable Harold Furchtgott-Roth
The Honorable Susan Ness
The Honorable Michael Powell
The Honorable Gloria Tristani


Source: http://www.tiaonline.org/government/filings/JEM_Rpt_Final_092900.pdf

Report to the
Federal Communications Commission
on Surveillance of
Packet-Mode Technologies

(September 29, 2000)

Prepared by the Joint Experts Meeting convened by Committee TR
45 of the Telecommunications Industry Association

[Full report is 89 pages.]


[The following letters accompanied a TIA August 30 report which was later submitted apparently unchanged to the FCC on September 29: http://www.tiaonline.org/standards/CALEA_JEM/45053132.pdf ]

Sheraton Fisherman’s Wharf
San Francisco, CA

TR45/00.08.30.39a

TIA COMMITTEE TR-45 MOBILE & PERSONAL COMMUNICATIONS STANDARDS (TR-45)

TITLE: CALEA Packet Surveillance JEM Final Report

ABSTRACT: This contribution contains the final CALEA Packet Surveillance JEM report as submitted to TIA. TIA is expected to use this report to create a white paper for the FCC by September 30, 2000.The transmittal letter that accompanies the report is included.

DATE: August 30, 2000

SOURCE: Peter Musgrove (JEM chair)
AT&T Wireless Services
425-580-6875
peter.musgrove@attws.com

RECOMMENDATION: For information.


Sheraton Fisherman’s Wharf
San Francisco, CA

TR45/00.08.30.39a

Dan Bart
Vice President, Standards & Technology
Telecommunications Industry Association
2500 Wilson Boulevard
Suite 300
Arlington, Virginia 22201-3834

Re: Joint Experts Meeting Report on Surveillance of Packet-Mode Communications

Dear Mr. Bart:

In its Third Report and Order on Implementation of the Communications Assistance for Law Enforcement Act (“CALEA”), released August 31, 1999, the Federal Communications Commission (“FCC”) invited the Telecommunications Industry Association (“TIA”) to report on "steps that can be taken . . . that will better address privacy concerns" raised by lawfully authorized surveillance of packet-mode communications. Under TIA’s auspices and under Committee TR45, a Steering Committee was appointed and a Joint Experts Meeting (“JEM”) convened to prepare a report to assist TIA in responding to the FCC’s request.

On behalf of the Steering Committee, I am pleased to submit the final JEM report. It sets out in detail the procedures followed in preparing the report and the technical conclusions reached by consensus in the JEM deliberations. Because the JEM was constituted as a technical fact-finding body, the JEM report does not address legal issues raised regarding application of CALEA to packet-mode communications. Indeed, during the Steering Committee’s completion of the final report, the United States Court of Appeals for the District of Columbia Circuit issued an opinion that directly affects the FCC’s Third Report and Order. However, the Steering Committee did not attempt to address whether that Court’s opinion affected the lawfulness of any technical solutions outlined in the report, viewing any such effort to be outside the scope of the JEM.

In addition to providing TIA with this report, the Steering Committee has submitted a copy to the August 30 TR45 meeting for its information. Also, the report has been submitted for posting on the TIA JEM Web site. The Steering Committee requests that TIA make appropriate distribution of the report and liaison with other standards organizations and JEM invitees.

Sincerely,

Peter Musgrove
Chair, JEM Steering Committee


[Following excerpts from both August 30 and September 29 reports.]

[Page 2.]

1 Introduction

In 1997, an industry specification, TIA/EIA/J-STD-025 Lawfully Authorized Electronic Surveillance, was published in response to the Communications Assistance for Law Enforcement Act (CALEA) released in 1994. Privacy concerns have been raised against the packet data solution contained in this specification.

Accordingly, in its Third Report and Order regarding implementation of CALEA, the FCC invited TIA to study CALEA solutions for packet-mode technology and report in one year on "steps that can be taken, including particular amendments to J-STD-025, that will better address privacy concerns." To meet the deadline imposed by the FCC, and to build a record based on technical facts, the Telecommunications Industry Association (TIA) has sponsored two Joint Experts Meetings (JEM). This report represents the findings of these meetings.

1.1 Purpose and Scope

The purpose and scope of this report is to assist the Telecommunications Industry Association (TIA) to prepare a mandated report to the Federal Communications Commission (FCC) regarding certain technical and privacy concerns in packet-mode communications associated with lawfully authorized electronic surveillance under the Communications Assistance for Law Enforcement Act.

[Balance of Section 1 on committee organization, Section 2 on references and Section 3 on acronyms omitted here.]


[Pages 9-13.]

4 Introduction and Executive Summary

4.1 Convening the JEM

In its Third Report and Order regarding implementation of the Communications Assistance for Law Enforcement Act (CALEA), the FCC finds "that the approach taken [by industry] with regard to packet-mode communications in J-STD-025 raises significant technical and privacy concerns." Under J-STD-025 for packet-mode communications, law enforcement could be provided with access to the full call content stream when only Pen Register or Trap and Trace information was authorized to be delivered.

The FCC "believe[s] that further efforts can be made to find ways to better protect privacy by providing law enforcement only with the information to which it is lawfully entitled." However, the FCC acknowledges that the record before it does not sufficiently address packet technologies and the problems that they may present for CALEA purposes. The FCC notes, for example, "that some packet technologies (e.g., frame relay, ATM, X.25) are connection oriented i.e., there are call set-up and take-down processes, similar to those used in circuit switched voice networks, whereby addressing information is made available to the carrier separate from and before call content is transmitted. Other packet technologies (e.g., Internet protocol based solutions) would not be processed this way."

Accordingly, the FCC invited TIA to study CALEA solutions for packet-mode technology and report in one year on "steps that can be taken, including particular amendments to J-STD-025, that will better address privacy concerns." To meet the deadline imposed by the FCC, and to build a record based on technical facts, the Telecommunications Industry Association (TIA) convened a Joint Experts Meeting.

The JEM was intended to serve as a technical fact-finding body across the spectrum of packet-mode communication technologies regarding the feasibility of delivering less than the full content of a packet to law enforcement in response to a pen register order. Invitations were sent to a broad range of packet-mode communications expert organizations. The invitation list is attached as Appendix B.

To facilitate discussion at the JEM, contributions from various entities were made available through posting on the TIA website prior to meeting in person (see CALEA JEM link at http://www.tiaonline.org/standards/calea_jem). A publicly available mailing list was also maintained. A two-hour question and answer session covering the scope of the JEM was conducted on March 20, 2000.

The first JEM session was conducted on May 3-5, 2000, in Las Vegas, NV. Based on the results of the first JEM, a second JEM session was conducted in Washington D.C., on June 26-29, 2000. The output from those meetings is described below.

4.2 JEM I Output

Following opening remarks, updates were provided on the status of Revision A of J-STD-025, the legal purpose of the JEM, and the status of CALEA activities. Presentations on technical issues followed. A copy of the JEM I meeting agenda is attached as Appendix C.

While the scope of the JEM included reporting on the broadest number of packet-mode communications technologies, contributions were received only on the following technologies: cdma2000, GPRS, and IP. There was broad discussion across many technologies however.

JEM I established a framework for preparing this report. A copy of the JEM I meeting report to TIA TR45 is attached as Appendix D.

First, JEM I concluded that, based on current FCC guidance, it could not define “call-identifying information” for packet services. Several contributors noted that the term “call-identifying information” is ambiguous with regard to packet communications. Instead, JEM I concluded that it could only attempt to identify what information may be available about the packet communication without regard to whether it might be characterized as "call identifying information" under CALEA. . Once the information was identified, JEM I concluded that it could then report on the technical impact and feasibility of making that information available to a law enforcement agency (LEA). This decision was consistent with the purpose and scope of the JEM, which did not include discussion of legal issues.

Second, JEM I noted that CALEA requirements apply to telecommunication services not information services. JEM I recognized, however, that from a packet point of view, the two may be indistinguishable. JEM I determined that it is not technically advisable to determine, on a packet by packet basis, the application or communication services that is being provided. JEM I also concluded that, the application or communication services that is being provided can not be determined even by observation of the complete stream of packets. The point of communications setup may be the only time that a telecommunication service can be distinguished from an information service.

JEM I further concluded that the possibility of encapsulation or encryption of packets outside of the service provider's control makes identifying the application or service even more unlikely.

JEM I addressed the issues related to packet-mode services in two main categories: (1) packet communication sessions established by a Call Management Server (CMS), and (2) transport services, (i.e. packet communication sessions established without a CMS). The CMS may, for instance, be an H.323 GateKeeper, or a SIP proxy, or something conceptually equivalent. Typically, an access service provider that offers a CMS also provides transport.

Accordingly, the framework for this report reflects this two-pronged approach. In each category, JEM I decided to report on the information available and the technical impact of providing it. Because further information was necessary, a second JEM meeting was scheduled to accept contributions for technologies and assignments were taken to prepare appendices of technologies for this report.

Finally, JEM I agreed that if a change to the current standard (J-STD-025) were deemed necessary by the Federal Communications Commission, a court or the industry, as a result of this process, the JEM recommends that the open, joint ATIS T1/TIA activity currently underway in TIA TR45.2 LAES Ad Hoc be responsible for completing this task. In its simplest form, this change may just be the inclusion of appropriate references to other standards. Nothing in this process, however, was intended to or should preclude any standards setting or industry organization from adopting their own “safe harbor” standard for their particular technology (e.g., satellite or cable standards).

4.3 JEM II Output

Contributions to JEM II were received in advance of the meeting and made available on the TIA website. Technologies covered in the contributions included: cdma2000 Wireless IP, X.25 over ISDN, ATM, Frame Relay, GPRS, PacketCable, CDPD, and IP.

Following opening remarks, updates were provided on the status of Revision A of J-STD-025 as well as the pending appeal before the U.S. Court of Appeals for the District of Columbia of the FCC Report and Order. Presentations on technical issues followed.

A copy of the JEM II meeting agenda is attached as Appendix E and a copy of the JEM II meeting report to TIA TR45 is attached as Appendix F.

In addition to the contributions based on assignments from JEM I, the CALEA Implementation Section (CIS) of the Federal Bureau of Investigation (FBI) submitted a contribution that proposed a functional approach to separating packet content from packet identifying information. Further, the FBI requested the opportunity to present technology it currently uses to separate identifying information from content known as “Carnivore.”

The Carnivore presentation was provided by law enforcement’s Data Intercept Technology Program at the FBI’s Engineering Research Facility from Quantico, Virginia. The presenters described the current law enforcement techniques for separating identifying information from content to comply with lawfully authorized surveillance orders. In summary, law enforcement, in cooperation with a service provider pursuant to legal authorization, gains access to a packet stream in which the target’s communications reside. The access is made on the service provider’s premises using law enforcement equipment.

According to the presenters, the target’s communications are identified through use of a filtering program developed by law enforcement. In a Pen Register or Trap and Trace Order only the relevant information from the target’s packets are stored to disk. The filter program separates the relevant information from the target’s content and law enforcement then collects the information.

The presenters informed JEM II that development of the filter protocol was intensive and fluid because of the ever changing nature of packet protocols and the constant introduction of new protocols; the Carnivore software or filters may need to be updated almost weekly to stay current. Carnivore has not been proven effective, as yet, in cases where the subject's communications are part of a high bandwidth transmission. The presenters acknowledged that to require service providers to develop and maintain similar Carnivore-like software would be extremely burdensome.

CIS then presented its contribution, which suggested “examining the full packet stream from the subject in order to gather the relevant call-identifying information for delivery to the LEA.” CIS acknowledged in its contribution, however, that “examine[ing] the full packet stream and examine protocol layers higher than layer 3 would place a high load on existing network elements in most architectures.” Accordingly, using the J-STD-025 functional approach to surveillance, CIS suggested that “the access function unobtrusively captures the complete subject packet stream (including all call content and call-identifying information) and distributes it to the delivery function.” The delivery function in the contribution contains a new “sub function” referred to as a Separation Function. The Separation Function would remove “any information the LEA may not be entitled to based on the court order [so that in] the case of Title I court orders, all communication content information would be removed.” The delivery function would then deliver the identifying information to the LEA’s collection function.

CIS did not recommend any specific implementation or ownership of the Separation Function. CIS acknowledged that "development of separation capabilities (i.e. filtering capabilities) within a service provider's network may be unrealistic as it would be highly resource intensive, very inefficient, and potentially inconsistent between providers". For these and other reasons described below there was industry consensus in subsequent discussions that it would not be feasible developing such a Separation Function independently or through a standards based process. To address these issues while also addressing privacy concerns, it was discussed that Carnivore-like software could be made available to service providers so that the Separation Function occurred under service provider management.

JEM II agreed that Carnivore, as presented by CIS, constitutes a potential technical solution for separating content from packet information and therefore is included within the JEM report. However, numerous industry concerns were raised about the introduction of government-provided product into the service provider network. Concerns were acknowledged regarding (a) potential liability for failure of the product, (b) uncertain impact on the network, (c) terms and conditions to obtain the product from government, (d) administrative and operational impacts from constant upgrades to the filter, (e) scalability, (f) privacy, (g) certification or testing of the product, and (h) uncertainty about the scope of the filter (i.e., whether the filter produces information that is coextensive with call identifying information and who establishes the criteria for separation).

A Compaq contribution recommended that a similar filtering technology be developed by an independent, third party entity as open source code. This solution attempts to (1) overcome potential privacy concerns with a solely law enforcement-developed filter, and (2) take advantage of the opportunity provided by an open source model to receive rapid input on new packet protocols as they are developed. As with the FBI-proposed filter, there are many industry concerns regarding the implementation of an open source solution.

Nonetheless, JEM II recognized CIS and Compaq contributions as valuable additions to the process. There was consensus that the technological solution would be included in the report but that the legal, policy and implementation issues would not be addressed and were beyond the scope of the report. For example, JEM II does not address the potential impact of a Carnivore solution being implemented within the delivery function. The potential solution would require additional study. It was also noted that the current packet-mode solution in J-STD-025 is less intrusive from a privacy perspective than law enforcement’s current Carnivore implementation because under the existing standard only the packet stream known by the service provider to be associated with the subject will be delivered to the LEA collection function in contrast to law enforcement’s current practice of attaching Carnivore to a packet stream that will contain packets from a number of different users.

JEM II expressed its appreciation to CIS for arranging the Carnivore presentation and for its technical contribution to the JEM, which was incorporated into the report.

In addition to the CIS contribution, contributions regarding other technologies were reviewed, accepted, and incorporated as appendices to the report. It was agreed that the report would be posted on the TIA website for further review and comment before completion of the JEM process and forwarding to TIA.


Transcription and HTML by Crytpome.