Lawful Access/Interception: Global Cooperation and Collaboration Anthony M Rutkowski.

Slides:



Advertisements
Similar presentations
Implementing Telephone Numbers for VoIP Tony Rutkowski Vice-President of Regulatory Affairs Tom Kershaw Vice-President of.
Advertisements

Transparency and Domestic Regulation Mina Mashayekhi Division on International Trade UNCTAD.
U M T S F o r u m © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG
International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
Vehicle-infrastructure integration: creating co-operative mobility systems and services Hearing EU Parliament, 22 January 2009 Hermann Meyer, CEO.
1 NATIONAL TELECOMMUNICATIONS AGENCY MULTIMEDIA IN THE FIXED SWITCHED TELEPHONE SERVICE the of information Edmundo Antonio Matarazzo Superintendent.
CALEA Compliance in 2006 H. Michael Warren Vice President, Fiduciary Services NeuStar, Inc February 2006.
Fabio Leite, IMT-2000 Project Manager International Telecommunication Union (ITU) Emergency Telecommunications Workshop February.
AN INTERNATIONAL SOLUTION TO A GLOBAL PROBLEM. A Global Problem What is cybercrime? How does it affect us ? The solution.
Geneva, Switzerland, 2 June 2014 The Regulatory aspects of CPND, CLI and OI “the ITRs” Sherif Guinena SG2 Chairman ITU Workshop on “Caller ID Spoofing”
International Telecommunication Union ITU Perspective on ENUM Robert Shaw ITU Internet Strategy and Policy Advisor ICANN Rio de Janeiro, Brazil March 25,
Security Controls – What Works
Europol’s tailor-made data protection framework
Applied Cryptography for Network Security
(Geneva, Switzerland, September 2014)
1 Regulatory Challenges During and Following a Major Safety or Security Event Muhammad Iqbal Pakistan Nuclear Regulatory Authority Presentation at General.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
1 May 2006 … Identity management - Internet - Data controller - PKI - Vulnerabilities - Fingerprint - Critical Information Infrastructure - Privacy and.
The Sixth Annual African Consumer Protection Dialogue Conference
Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.
CNRI Handle System and its Applications
Management Information Systems
Eric J. Pritchard One Liberty Place, 46 th Floor 1650 Market Street Philadelphia, Pennsylvania (215)
Confidential and proprietary material for authorized Verizon Wireless personnel only. Use, disclosure or distribution of this material is not permitted.
UNITS 1 and 2: THE EUROPEAN JUDICIAL AREA IN CIVIL AND COMMERCIAL MATTERS. THE JUDGE IN THE CONSTRUCTION OF THE EUROPEAN JUDICIAL AREA Joaquín Delgado.
THE REGIONAL MUNICIPALITY OF YORK Information Technology Strategy & 5 Year Plan.
 2007 Johns Hopkins Bloomberg School of Public Health Section B Strategies to Control Illicit Trade.
1 Carrier concerns and issues: VoIP Anthony M Rutkowski Vice President, NetDiscovery Service VeriSign President, Global LI Industry.
1 Enterprise and Global Management of Information Technology.
The Draft SADC Annex on Trade in Services UNCTAD Secretariat Sub-regional Conference on Improving Industrial Performance and Promoting Employment in SADC.
Industry Canada 1 Bob Leafloor Colman Ho Peter Chau Industry Canada January 2003 (ENUM) T E lephone NU mber M apping.
Model For Effective Self-Regulation November 2002 Daniel M. Sibears Senior Vice President & Deputy Member Regulation, NASD.
Information Sharing Challenges, Trends and Opportunities
The European influence on privacy law and practice Nigel Waters, Pacific Privacy Consulting International Dimension of E-commerce and Cyberspace Regulation.
10/10/2015 GSC8 Resolutions 11 Resolutions Joint 3, GRSC 5, GTSC 1, IPR 1, UWG 1 1GSC-9, Seoul SOURCE:TTA TITLE:GSC8 Resolutions AGENDA ITEM:Opening Plenary.
ENUM Services and their Provisioning Submitted by VeriSign, Inc and Telcordia Technologies, Inc Available at
DOCUMENT #: GSC15-GTSC8-06 FOR: Presentation SOURCE: ATIS AGENDA ITEM: GTSC8; 4.2 CONTACT(S): Art Reilly ATIS Cybersecurity.
World summit on the information society 1 WSIS: Internet Governance President of the WSIS Phase II Preparatory Committee Ambassador Janis Karklins April.
GRA Implementations using Open Source Technologies Mark Perbix and Yogesh Chawla SEARCH.
Sridhar Ramachandran Chief Technology Officer Core Session Controller.
COMPLYING WITH THE UN CONVENTION ON THE RIGHTS OF PERSONS WITH DISABILITIES.
ITU Regional Standardization Forum for Americas (Washington D.C., United States, 21 September 2015) Conformance and Interoperability Activities in CITEL.
CALEA Communications Assistance for Law Enforcement Act Current Campus Perspective of Implementation Issues November 17, 2005 Doug Carlson – New York University.
RECOMMENDATIONS FOR THE INSTITUTIONALIZATION OF THE ACTIVITIES OF THE REMJA WORKING GROUP ON MUTUAL LEGAL ASSISTANCE IN CRIMINAL MATTERS AND EXTRADITION.
Overview of Issues and Interests in Standards and Interoperability Mary Saunders Chief, Standards Services Division NIST.
1 International Telecommunication Union ITU CHALLENGES AND RESPONSES (Fabio Bigi – TSB Deputy Director) (
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
Ratification There are two normative acts which regulate the ratification, accession, approval and acceptance of the international treaties in the Republic.
1 The Challenges of Globalization of Criminal Investigations Countries need to: Enact sufficient laws to criminalize computer abuses; Commit adequate personnel.
National Information Exchange Model (NIEM) Executive Introduction November 29, 2006 Thomas O’Reilly NIEM Program Management Office.
Enabling the Future Service-Oriented Internet (EFSOI 2008) Supporting end-to-end resource virtualization for Web 2.0 applications using Service Oriented.
Fighting eCrime Agencies and other involved parties Investigative and procedural powers affecting computers.
Data protection and compliance in context 19 November 2007 Stewart Room Partner.
Biosafety Clearing House Training Workshop date place.
Global policy framework and standards on ICT accessibility UNDESA/DSPD FPRUM DISABILITY INCLUSION AND ACCESSIBLE URBAN DEVELOPMENT Nairobi, Kenya 28 October.
Protecting Privacy and Freedom of Communication in the Fight against Cybercrime Southeast Europe Cybersecurity Conference Sofia, Bulgaria 8-9 September.
Richard Gurdak International Development Blue Ridge Networks Service Providers and Lawful Intercept.
GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.
PHDSC Privacy, Security, and Data Sharing Committee Letter to Governors.
Issues need harmonization
VIRTUALIZATION & CLOUD COMPUTING
Establishing the Infrastructure for Radiation Safety Preparatory Actions and Initial Regulatory Activities.
IS4550 Security Policies and Implementation
U.S. Department of Justice
Global Standards Collaboration (GSC) 14 Security and Lawful Intercept
IP and NGN Projects in ITU-T Jean-Yves Cochennec France Telecom SG13 Vice Chair Workshop on Satellites in IP and Multimedia - Geneva, 9-11 December 2002.
The e-government Conference main issues
Reinhard Scholl, GTSC-7 Chairman
Malcolm Johnson, Director, Telecommunication Standardization Bureau
Presentation transcript:

Lawful Access/Interception: Global Cooperation and Collaboration Anthony M Rutkowski

Decision or Action Requested Adoption of a resolution: 1) recognizing the need for the timely exchange of information among forums concerning Lawful Interception standards, specifications and related legal requirements, similar to that portrayed in the Annex; 1) recognizing the need for the timely exchange of information among forums concerning Lawful Interception standards, specifications and related legal requirements, similar to that portrayed in the Annex; 2) concluding that there is a need for collaboration among these forums to enhance interoperability of the resulting specifications and maximize reuse of schema or protocols; and 2) concluding that there is a need for collaboration among these forums to enhance interoperability of the resulting specifications and maximize reuse of schema or protocols; and 3) resolving to promote such information exchange and collaboration 3) resolving to promote such information exchange and collaboration

Introduction LI: multilateral agreements and domestic law in most countries require the production of investigative or evidentiary information by telecommunication or information network providers.[1] LI: multilateral agreements and domestic law in most countries require the production of investigative or evidentiary information by telecommunication or information network providers.[1][1] LA: production requirements of real-time traffic data and content have resulted in extensive global standards activities in a multiplicity of forums, commonly referred to as Lawful Interception. LA: production requirements of real-time traffic data and content have resulted in extensive global standards activities in a multiplicity of forums, commonly referred to as Lawful Interception. term is synonymous with "legal interception" term is synonymous with "legal interception" phrase “Lawful Access” typically encompasses stored subscriber and traffic data phrase “Lawful Access” typically encompasses stored subscriber and traffic data The increasing importance of this activity resulted in GSC- 7/RAST10 identifying the subject as one of "high interest" for GSC-8 – particularly with respect to Next Generation Networks.[2] The increasing importance of this activity resulted in GSC- 7/RAST10 identifying the subject as one of "high interest" for GSC-8 – particularly with respect to Next Generation Networks.[2][2] [1] See, e.g., Convention on Cybercrime (Budapest, November 2001). 1] [2][2] See, Resolution GSC7/1 (Sydney, November 2001) [2]

Activity Communication service providers, Law Enforcement Authorities (LEAs) and LI industry product and service providers are working together worldwide to support LEA requirements Communication service providers, Law Enforcement Authorities (LEAs) and LI industry product and service providers are working together worldwide to support LEA requirements international conferences international conferences national legislatures national legislatures regulatory consultative and policy- making proceedings regulatory consultative and policy- making proceedings resulted in an array of standards-making forums and industry entrepreneurial initiatives that have delivered specifications and products resulted in an array of standards-making forums and industry entrepreneurial initiatives that have delivered specifications and products specifications include ASN.1 and XML schema and modules – facilitates interoperability and reusable code specifications include ASN.1 and XML schema and modules – facilitates interoperability and reusable code

Issues Impacts on service providers Impacts on service providers Introduction of new technology Introduction of new technology Global legal and regulatory requirements transparency Global legal and regulatory requirements transparency Multiple standards, schema, data elements, identifiers, and modules Multiple standards, schema, data elements, identifiers, and modules Interception Architectures Interception Architectures Stored subscriber information and traffic record access Stored subscriber information and traffic record access

Impacts on service providers Intercept solutions for telecommunication and computer network providers are potentially costly Intercept solutions for telecommunication and computer network providers are potentially costly costs are increased by the compartmentalization and legal review necessary to authenticate the legal process and meet countervailing laws intended to protect customer privacy and prevent unauthorized disclosure of legal surveillance orders costs are increased by the compartmentalization and legal review necessary to authenticate the legal process and meet countervailing laws intended to protect customer privacy and prevent unauthorized disclosure of legal surveillance orders use of intermediate, network-based service bureaus may effect significant cost sharing use of intermediate, network-based service bureaus may effect significant cost sharing key considerations are "who pays," and on what basis - both with respect to implementing the necessary capabilities as well as for actual production orders key considerations are "who pays," and on what basis - both with respect to implementing the necessary capabilities as well as for actual production orders in some jurisdictions, standards have been used as the basis for imposing uncompensated additional cost burdens on providers in some jurisdictions, standards have been used as the basis for imposing uncompensated additional cost burdens on providers

Introduction of new technology LEAs and judicial authorities are often reluctant to use lower cost technology LEAs and judicial authorities are often reluctant to use lower cost technology secure VPN transport technology secure VPN transport technology common global data elements common global data elements structured syntax schema structured syntax schema PKI authentication PKI authentication Widespread introduction of the Internet and other next- generation network platforms, especially Voice over IP (VoIP) to exacerbate these legacy incompatibilities and costs Widespread introduction of the Internet and other next- generation network platforms, especially Voice over IP (VoIP) to exacerbate these legacy incompatibilities and costs

Global legal and regulatory requirements transparency national legislatures have adopted new mandates applicable to existing and emerging network infrastructures national legislatures have adopted new mandates applicable to existing and emerging network infrastructures Activities are ongoing and often independent of each other Activities are ongoing and often independent of each other International drivers include Convention on Cybercrime in 2001 and the adoption of Lawful Interception-related mutual assistance agreements - normative provisions have added to the complexity and created transnational mandates International drivers include Convention on Cybercrime in 2001 and the adoption of Lawful Interception-related mutual assistance agreements - normative provisions have added to the complexity and created transnational mandates Affects diverse standards-making forums and activities, including ultimately the providers of telecommunication, computer networking, and lawful interception products and services Affects diverse standards-making forums and activities, including ultimately the providers of telecommunication, computer networking, and lawful interception products and services No effective global mechanisms exist to provide notice of ongoing consultative and rule making activities or the resulting law and regulations No effective global mechanisms exist to provide notice of ongoing consultative and rule making activities or the resulting law and regulations Exacerbated by diversity of parties Exacerbated by diversity of parties

Multiple standards, schema, data elements, identifiers, and modules Significant number of largely independent vendors and standards bodies have produced a growing body of implementations and standards Significant number of largely independent vendors and standards bodies have produced a growing body of implementations and standards lack of awareness, lack of coordination and collaboration has resulted in isolated implementation islands with little or no interoperability lack of awareness, lack of coordination and collaboration has resulted in isolated implementation islands with little or no interoperability Involves the structured acquisition and transfer of data, but no integrated data element dictionary for LI exists Involves the structured acquisition and transfer of data, but no integrated data element dictionary for LI exists Specifications require the use of key identifiers as the basis for the unique identification of parties, records, and network elements, but no global coordination Specifications require the use of key identifiers as the basis for the unique identification of parties, records, and network elements, but no global coordination Global Next-Generation Networks and Internet-based applications like VoIP are especially affected Global Next-Generation Networks and Internet-based applications like VoIP are especially affected

Interception Architectures For NGNs and Internet-based applications, deployed architectures have dramatic effects For NGNs and Internet-based applications, deployed architectures have dramatic effects Highly distributed nature of Internet-based applications, many different providers are potentially involved in supporting the service attributes - often entirely under the control of the end- user, and with no cognizance by other providers Highly distributed nature of Internet-based applications, many different providers are potentially involved in supporting the service attributes - often entirely under the control of the end- user, and with no cognizance by other providers at provider premises sites, there are four interception technology platforms emerging at provider premises sites, there are four interception technology platforms emerging no "one option fits all" solution no "one option fits all" solution intermediate service bureaus become necessary for effective integration of the stored and real-time records, and delivery to the potentially thousands of different Law Enforcement Monitoring Facilities intermediate service bureaus become necessary for effective integration of the stored and real-time records, and delivery to the potentially thousands of different Law Enforcement Monitoring Facilities requires pragmatic involvement, collaboration, and recognition of many different kinds of standards activities requires pragmatic involvement, collaboration, and recognition of many different kinds of standards activities

Internet LI Architecture Model

Stored subscriber information and traffic record access (Lawful Access) Support required both by multilateral agreements and national law includes access to stored subscriber information and traffic records Support required both by multilateral agreements and national law includes access to stored subscriber information and traffic records Production orders for this information far exceed the number of real-time interceptions, and constitute a major global integration challenge as well as an unwanted major cost encumbrance for service providers if not compensated by Law Enforcement Authorities Production orders for this information far exceed the number of real-time interceptions, and constitute a major global integration challenge as well as an unwanted major cost encumbrance for service providers if not compensated by Law Enforcement Authorities The potentially large authentication difficulties and costs in authenticating subscriber-provided information in an Internet-application environment are also formidable The potentially large authentication difficulties and costs in authenticating subscriber-provided information in an Internet-application environment are also formidable Standards initiatives undertaken by "E-Government" and Integrated Justice programs, and related products developed by industry vendors can be leveraged into the existing Lawful Interception sector Standards initiatives undertaken by "E-Government" and Integrated Justice programs, and related products developed by industry vendors can be leveraged into the existing Lawful Interception sector

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.