[asterisk-biz] CALEA

Matthew Rubenstein email at mattruby.com
Tue Mar 6 08:41:27 MST 2007


	I'm not saying that I wouldn't cooperate. That's *my* government,
mostly working on protecting me, and I won't be protecting actual
criminal activity from actual justice. Which requires handing them data,
because only the actual justice system can investigate and determine
crime. But that doesn't mean that I want to be in the position for
maximum legal abuse when that "inefficient" machine starts chewing me up
to get its targets. Nor do I want a blind spot to where competition
without that burden can operate. Especially when I'm connecting my
infosystems to them and *their* government rules.


On Tue, 2007-03-06 at 10:20 -0500, Alexander Lopez wrote:
> What I think is the general thought here and should not be sidelined is
> that if a Government wants information and you do not give it to them,
> even thought you may be 150% in the right but they will and can make
> your life almost impossible. 
> 
> It is better to have a plan even if YOU feel that you are exempt.
> (Non-US company, Users are elsewhere, media does not touch me, Etc.) It
> is much better to give them something even if it not 100% of what they
> ask for but it does the job. You have helped them and a happy Fed is a
> Fed that goes away......
> 
> 
> > -----Original Message-----
> > From: asterisk-biz-bounces at lists.digium.com [mailto:asterisk-biz-
> > bounces at lists.digium.com] On Behalf Of Matthew Rubenstein
> > Sent: Tuesday, March 06, 2007 9:38 AM
> > To: Trixter aka Bret McDanel
> > Cc: Asterisk-Biz
> > Subject: Re: [asterisk-biz] CALEA
> > 
> > 	If your business is, say, a NY corporation, but your servers are
> in,
> > say, Canada, are these CALEA requirements enforceable? What if your
> > business is an Ontario corp, or Yukon, or Iranian? Is there some combo
> > of foreign corp/servers that CALEA can't reach?
> > 
> > 
> > On Tue, 2007-03-06 at 13:15 +0000, Trixter aka Bret McDanel wrote:
> > >
> > >
> > > On 3/6/07, Matt <mhoppes at gmail.com> wrote:
> > >
> > >                 CALEA support is generally more than just log files,
> > >                 thge government likes those log files in specific
> > >                 formats, they like the recordings done such that
> they
> > >                 can tell which leg of the call
> > >
> > >         To that I'd say touch noogies.. here's a comma delimited
> > >         version with headers :)
> > >
> > > that may work, however in my experience if you upset the government
> > > they will spend years doing everything they can to 'get even'.
> Often
> > > spanning more than a decade.  They also work it so that even if they
> > > lose in court they still win.
> > >
> > > If its not a problem to convert it and play nice, why not - and its
> > > unlikely that anyone on this list will ever receive a title III
> > > warrant anyway given how few are issued.
> > >
> > >
> > >
> > >                 noise occured on (for background analysis), often
> they
> > >                 have a stereo recording where left channel is A leg,
> > >                 right channel is B leg, I have seen mp3 as well as
> > >                 regular CD audio for that.
> > >
> > >         I still don't see why the system can't do this out of the
> box?
> > >
> > > I never said it couldnt, I was addressing a specific persons
> comments
> > > with mine.
> > >
> > >
> > >                 CALEA support also means being able to record
> without
> > >                 alerting the user, since there is a
> > >
> > >         Again.. by DEFAULT Asterisk doesn't alert the user when
> > >         recording begins.
> > >
> > > reinviting the media off to the real provider (if you do that)
> except
> > > when recording is happening is a grey area, and that is what I was
> > > addressing.  It causes a change that can be observed by the person
> > > being recorded and the government can argue that is notification,
> > > whether or not its a valid interpretation.  I know that when the
> > > government decides something its generally very difficult to change
> > > their mind, and generally by the time you do they  already got what
> > > they wanted.
> > >
> > >
> > >
> > >                 provision against notification.  If you are a
> > >                 "interconnected VoIP provider" as defined in the CFR
> > >                 (ie 911, USF, etc apply to you) you have to be able
> to
> > >                 record all calls that go through you, not just the
> > >                 pstn ones - this means pc->pc if its through you.  I
> > >                 want to clarify before
> > >
> > >         Again.. Asterisk already acomplishes this.
> > >
> > > Again, I was addressing a specific persons comments, I never once
> > > indicated whether or not asterisk was capable of anything in the
> > > original post.  Had you left those comments in it would have been
> > > easier to reference, but you omitted them so it requires someone
> going
> > > to the archives to see that I really was only addressing the persons
> > > comments who said 'here is a log file'.
> > >
> > >
> > >
> > >         We have a call center and we record every single call that
> > >         comes through there.... granted the caller DOES know.. but
> > >         only because we tell them in a message.
> > >
> > > Many do, and with some of the mixing apps you can create a single
> wav
> > > with left/right channel representing the a/b legs of the calls.  I
> do
> > > not know that a/b leg seperation is reqired but it is desirable, and
> > > if you read transcripts of wiretaps (written by the agents typically
> > > littered with opinions of the agents written as fact) you will see
> > > that they do make notes of background voices that are audible
> > > corelating it with which side of the call it came from.
> > >
> > >
> > >
> > >
> > >         On a side note..... am I expempt from CALEA if all I handle
> > >         are CDR records... and I issue re-invites for ALL traffic?
> > >         That is.. if someone from me makes an outbound call and I
> > >         terminate IP.. if I connect my terminator directly to my
> > >         client... does that absolve me? (I certainly don't intend to
> > >         do that.. but an interesting thought).
> > >
> > > that is a grey area which I tried to address earlier.  Its unclear
> > > what the governments position will be and any position statement you
> > > get can change at will.  Further, changing from reinviting
> everything
> > > to not for recorded calls is grey as to whether or not it qualifies
> as
> > > notification to the end user.  The original laws were written in the
> > > 80s (1984 iirc) and as a result they didnt take into account
> anything
> > > but traditional phone systems where you had to handle the media as
> > > well as the signalling.
> > >
> > > The reason its grey on reinvites is that there is a provision in the
> > > calea statutes that exempts entities where its not technically
> > > feasable to record.  If you dont have the capacity to handle
> > > reinvites, or cant do it in a way that doesnt alert the customer you
> > > might qualify.  Then again the government can say  you arent in
> > > compliance and the fine is something like $10k/day/switch (which
> they
> > > would likely assess as per asterisk box).  IIRC you dont have to be
> > > served to be in violation and subject to the fine, although they
> > > shouldnt be able to know until you are and cant comply.
> > >
> > > There is also a bit of time you have to enable a warrant, but that
> is
> > > measured in days not weeks.  So if you are served, you dont want to
> > > scramble to write a bunch of CALEA hooks in and all, you should have
> a
> > > plan ahead of time just in case.
> > >
> > > Also note, calea generally doesnt cover stuff that isnt covered by a
> > > title III warrant (of which only about 3500 are issued annually
> anyway
> > > for 300M people and billions of minutes of calls).  But the patriot
> > > act changed it to allow for tapping a person not just a specific
> line.
> > > So 1 warrant can now cover multiple lines.  title III warrants have
> to
> > > go for judicial review regularly, I believe every month, and
> > > extensions have to be granted or it expires.  Common grounds for
> > > extensions are 'the suspect is aware of our tapping efforts', so
> > > tipping your hand just gives cause to prolong your recording, which
> if
> > > you dont generally do that does have an impact on your capacity
> since
> > > it is extra cycles running on your system.
> > >
> > > Stuff calea doesnt cover, nor do title III warrants are things like
> > > business records, which CDR data qualifies as.  Business records
> > > (according to the federal rules of criminal procedure as well as
> civil
> > > procedure) are generally anything the business uses in its day to
> day
> > > operations.  Subpoenas are all that are required on that, unless the
> > > company wants to voluntarially give them up, which it can do should
> it
> > > choose to.
> > >
> > >
> > >
> > >
> > >
> > > --
> > > Trixter http://www.0xdecafbad.com     Bret McDanel
> > > Belfast +44 28 9099 6461        US +1 516 687 5200
> > > http://www.trxtel.com the VoIP provider that pays you!
> > > _______________________________________________
> > > --Bandwidth and Colocation provided by Easynews.com --
> > >
> > > asterisk-biz mailing list
> > > To UNSUBSCRIBE or update options visit:
> > >    http://lists.digium.com/mailman/listinfo/asterisk-biz
> > --
> > 
> > (C) Matthew Rubenstein
> > 
> > _______________________________________________
> > --Bandwidth and Colocation provided by Easynews.com --
> > 
> > asterisk-biz mailing list
> > To UNSUBSCRIBE or update options visit:
> >    http://lists.digium.com/mailman/listinfo/asterisk-biz
-- 

(C) Matthew Rubenstein



More information about the asterisk-biz mailing list