The first of two revisions of ENFOPOL 98. The arguments for extending interception to cover the "new technologies" is simplified.
Support our work: become a Friend of Statewatch from as little as £1/€1 per month.
TEXT
EUROPEAN UNION, THE COUNCIL
10 November 1998
10951/1/98
REV 1
LIMITE
ENFOPOL 98
NOTE
from: Austrian Presidency
to : Police Cooperation Working Party
No. prev. doc.: OJ C 329, 4.11.96, p.1; 10102/98 ENFOPOL 87; 10951/98 ENFOPOL 98
Subject: Interception of telecommunications - Draft Council Resolution on new technologies
Preliminary remark
The delegations will find attached the revised draft version of the Council Resolution on Interception of Telecommunications in Relation to New Technologies.
This version was compiled at two IUR Expert Meetings (20 - 22 October 1998 in Vienna and 27 - 28 October in Madrid).
It was agreed to make a reference in the actual text of the (new) Council Resolution that the requirements of 17 January 1995 are applicable both to existing and new technologies, these requirements needing supplementary explanatory detail as a result of progress in telecommunications technology.
In Part 1 (Requirements) and Part 2 (Glossary) the provisions of the requirements 1995 are listed, explained and supplemented. Part 3 contains additional requirements and explanations. With regard to other technical areas which are indirectly related to the actual interception requirements (e.g. cryptography, call-associated and subscriber-related data), additional technical descriptions will be required. After completion, these might be published together with the Requirements 1995 and the above mentioned explanations and supplementary detail in a technical handbook.
DRAFT
COUNCIL RESOLUTION
of ..........
on the Lawful Interception of Telecommunications in relation to New Technologies.
THE COUNCIL OF THE EUROPEAN UNION
(PREAMBLE)
HAS ADOPTED THIS RESOLUTION:
Part I: Explanation of Requirements
(The normal text correspondence to the requirements; the bold text are explanations)
Note: The Internet requires specific explanations.
1.1 Law enforcement agencies require access to all interception subjects operating temporarily or permanently within a telecommunications system.
1.2 Law enforcement agencies require access in cases where the interception subject may be using features to divert calls to other telecommunications services or terminal equipment, including calls that traverse more than one network operator/service provider before completing.
1.3 Law enforcement agencies require that the telecommunications to and from a target service be provided to the exclusion of any telecommunications that do not fall within the scope of the interception authorisation.
1.4 Law enforcement agencies require access to call associated data such as:
1.4.1 Signalling of access ready status.
1.4.2 Called party number for outgoing connections even if there is no successful connection established.
Note: Called party number includes any identifier of the called party.
1.4.3 Calling party number for incoming connections even if there is no successful connection established.
Note: Calling party number includes any identifier of the calling party.
1.4.4 All signals emitted by the target, including post-connection dialled signals emitted to activate features such as conference calling and call transfer.
1.4.5 Beginning, end and duration of the connection.
1.4.6 Actual destination and intermediate directory numbers if call has been diverted.
1.5 Law enforcement agencies require information on the most accurate geographical location known to the network for mobile subscribers.
1.6 Law enforcement agencies require data on the specific services used by the interception subject and the technical parameters for those types of communication.
Notes: In this context and in relation to call associated data, data is required within a few seconds.
3.1 Law enforcement agencies require network operators/service providers to provide call associated data and call content from the target service in a way that allows for the accurate correlation of call associated data with call content.
3.2 Law enforcement agencies require that the format for transmitting the intercepted communications to the monitoring facility be a generally available format. This format will be agreed upon on an individual country basis.
3.3 If network operators/service providers initiate encoding, compression or encryption of telecommunications traffic, law enforcement agencies require the network operators/service providers to provide intercepted communications en clair.
3.4 Law enforcement agencies require network operators/service providers to be able to transmit the intercepted communications to the law enforcement monitoring facility via fixed or switched connections.
Note: Switched connections includes all types of switched connections including circuit-switched and packet-switched connections. IP connections are not excluded.
3.5 Law enforcement agencies require that the transmission of the intercepted communications to the monitoring facility meet applicable security requirements.
Note: Further security requirements are detailed in the attached paper.
Note: Further security requirements are detailed in the attached paper.
5.1 Law enforcement agencies require network operators/service providers to protect information on which and how many interceptions are being or have been performed, and not disclose information on how interceptions are carried out.
5.2 Law enforcement agencies require network operators/service providers to ensure that intercepted communications are only transmitted to the monitoring agency specified in the interception authorisation.
5.3 According to national regulations, network operators/service providers could be obliged to maintain an adequately protected record of activations of interceptions.
(1) the interception subject's identity, service number or other distinctive identifier, (2) information on the services and features of the telecommunications system used by the interception subject and delivered by network operators/service providers, and (3) information on the technical parameters of the transmission to the law enforcement monitoring facility.
Note: Further subscriber-related data requirements are detailed in the attached paper.
Note: Further explanation concerning number portability is detailed in the attached paper.
Note: For international systems the maximum number of simultaneous interceptions needs to be derived from combining national requirements.
- 10. For the duration of the interception, law enforcement agencies require that the reliability of the services supporting the interception at least equals the reliability of the target services provided to the interception subject. Law enforcement agencies require the quality of service of the intercepted transmissions forwarded to the monitoring facility to comply with the performance standards of the network operators/service providers.
Part II: Explanations of the Definitions in the {glossary in the Council Resolution of 17 January 1995 (OJ 96/C 329/019)
(The normal text correspondence to the requirements.The bold text are explanations)
ACCESS
The technical capability to interface with a communications facility, such as a communications line or switch, so that a law enforcement agency can acquire and monitor communications and call associated data carried on the facility.
Note: In this document access refers to interception access for the law enforcement agencies.
CALL
Any connection (fixed or temporary) capable of transferring information between two or more users of a telecommunications system.
Note: In this document a call includes any connection irrespective of the technology of the network, e.g. packet-switched networks.
CALL ASSOCIATED DATA
Signalling information passing between a target service and the network or another user. Includes signalling information used to establish the call and to control its progress (e.g. call hold, call handover). Call associated data also includes information about the call that is available to the network operator/service provider (e.g. duration of connection)
INTERCEPTION
As used here, the statutory based action of providing access and delivery of a subject's telecommunication and call associated data to law enforcement agencies.
INTERCEPTION INTERFACE
The physical location within the network operators/service providers telecommunications facilities where access to the intercepted communications or call associated data is provided. The interception interface is not necessarily a single, fixed point.
Note: In some telecommunications technologies the interception interface may be a virtual interface within the network.
INTERCEPTION ORDER
An order placed on a network operator/service provider for assisting a law enforcement agency with a lawful authorised telecommunications interception.
INTERCEPTION SUBJECT
Person or persons identified in the lawful authorisation and whose incoming and outgoing communications are to be intercepted and monitored.
LAW ENFORCEMENT AGENCY
A service authorised by law to carry out telecommunications interceptions.
LAW ENFORCEMENT MONITORING FACILITY
A law enforcement facility designated as the transmission destination for the intercepted communications and call associated data for a particular interception subject. The site where monitoring/recording equipment is located.
LAWFUL AUTHORISATION
Permission granted to a law enforcement agency under certain conditions to intercept specified telecommunications. Typically this refers to an order or warrant issued by a legally authorised body.
NETWORK OPERATOR/SERVICE PROVIDER
Networkoperator = the operator of a public telecommunications infrastructure which permits the conveyance of signals between defined network termination points by wire, by microwave, by optical means or by other electromagnetic means; and
Serviceprovider = the natural or legal person providing (a) public telecommunications service(s) whose provision consists wholly or partly in the transmission and routing of signals on a telecommunication.
QUALITY OF SERVICE
The quality specification of a communications channel, system, virtual channel, computer-communications session, etc. Quality of service may be measured, for example, in terms of signal-to-noise ratio, bit error rate, message throughput rate or call blocking probability.
RELIABILITY
The probability that a system or service will perform in a satisfactory manner for a given period of time when used under specified operating conditions.
ROAMING
The ability of subscriber of mobile telecommunications services to place, maintain, and receive calls when they are located outside their designated home serving are.
TARGET SERVICE
A service associated with an interception subject and usually specified in a lawful authorisation for interception.
TELECOMMUNICATION
Any transfer of signs, signals, writing, images sounds, data or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system.
Part III Additional Requirements/Explanations
Individual Telecommunications over the Internet is subject to the IUR 95. In this context number or other electronic identifier means e.g. fixed and dynamic IP addresses (the electronic address assigned to a participant in the Internet), account numbers and e-mail addresses.
Call associated data are not separate from the call content (esp. for requirements 1, 1.4. to 1.4.6, 2, and 3.1).
The growing amount of cross-border co-operation in the field of telecommunications interception requires a parallel level of security in the respective countries.
Spotted an error? If you've spotted a problem with this page, just click once to let us know.
Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author. Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement. Registered UK charity number: 1154784. Registered UK company number: 08480724. Registered company name: The Libertarian Research & Education Trust. Registered office: MayDay Rooms, 88 Fleet Street, London EC4Y 1DH. © Statewatch ISSN 1756-851X. Personal usage as private individuals "fair dealing" is allowed. We also welcome links to material on our site. Usage by those working for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law.