[Asterisk-Users] Legal Interception - tapping

John Todd jtodd at loligo.com
Thu Sep 11 13:32:32 MST 2003 

At 3:06 PM -0500 9/11/03, Steven Critchfield wrote:
>On Thu, 2003-09-11 at 14:05, Dan Tusa wrote:
>>  Hi,
>>
>>  Companies that offer telephone service to the public are obliged to offer
>>  tapping to all kind of authorities.
>>
>>  Does anyone know how to tap in Asterisk? I.e. record (or copy) a
>>  conversation based upon their telephone number?
>
>Wouldn't this be possible for your provider to do for you? It would seem
>that you would be buying service from some larger telecom and they
>already have to meet those functions. So wouldn't it be possible to
>shift it to them, especially if all your traffic for any specific
>customer always crossed a specific telecom?
>--
>Steven Critchfield  <critch at basesys.com>

Consider this case, though:

CLEC-R-Us, Inc. has a class 5 switch, and provides local and LD 
service to customers.  They comply with all relevant laws regarding 
CALEA and recording on their switch system.

CLEC-R-Us also offers DSL services and Internet access.  CLEC-R-Us 
offers a "special" rate when your business gets service and you also 
buy service for all your employees in the same region: free calling 
between employees and the business, and even free inbound calls from 
the outside world to each of those locations, all using VoIP. 
CLEC-R-Us uses Asterisk to terminate a PRI from their switch for 
inbound/outbound calls.

So far so good... almost.  The CALEA requirements can be handled 
(probably) for inbound calls from the PSTN by existing methods.  BUT: 
What happens when the FBI comes in and asks for recordings of calls 
between Customer A (VoIP) and Customer C (VoIP) which aren't touching 
the Class 5 switch at all, because they're looped between each other 
through Asterisk or (worse yet!) the RTP data doesn't even go through 
CLEC-R-Us at all?  Whoops.  Suddenly, CLEC-R-Us is out of compliance, 
and Mr. FBI-Guy is doing a lot of frowning and mentioning words like 
"FCC" and "injunction" on the cell phone to his legal department.

A possible ugly way to handle this is to not actually terminate any 
VoIP-to-VoIP calls to each other directly, but send them all out a 
PRI into the Class 5 switch, and loop it right back out to the 
Asterisk server on another PRI channel.  Yuck.  Another possible way 
to handle this is to not be a CLEC that has the burden of those legal 
requirements.

Wait until ENUM and/or TRIP makes this kind of dialing ubiquitous, 
such that it does not even require a CLEC of any kind of intermediate 
provider.  Whoa, Nelly!  I hope you folks at various government 
agencies have an army of technical people in the field with 
DSL/cable/optical sniffers, since that's where all this tapping is 
going to have to be done.  The law is far behind these advances, and 
the more observant (but reactionary) legislators will soon get wind 
of this and promptly think they can control the setting of the sun 
and the movement of the tides with new laws.  I won't even go into 
open-source crypto for RTP sessions; that's another hysteria waiting 
to happen.  Your mileage may vary, I am not a lawyer, etc.

JT

More information about the asterisk-users mailing list