WASHINGTON-Comments regarding the Federal Communications Commission’s notice of proposed rule making on the Communications Assistance for Law Enforcement Act have one thing in common-moving the compliance date back two years, to Oct. 25, 2000.
The Telecommunications Industry Association, the Cellular Telecommunications Industry Association, the American Mobile Telecommunications Association, Motorola Inc., Omnipoint Communications Inc., the Personal Communications Industry Association, Nextel Communications Inc. and others support such a measure.
This contentious act, in play since October 1994, was aimed to help law-enforcement officials maintain a manner of legally surveying wireline and wireless communications that may be used by criminals in their efforts to circumvent the law without giving such officials more expanded powers.
During the past three years, a battle has raged between the law, primarily the Federal Bureau of Investigation, and the communications industry focused on interpretation of the act. The FBI held out for wiretap applications the wireless industry could not-or would not-facilitate. Until last month, there had been no agreement to craft a standard for CALEA-compliant equipment; a standard finally was voted in, mostly due to pressure from Congress. Now, however, less than a year exists before carriers must be able to prove a CALEA-respondent network.
In its NPRM, the commission sought, in part, comment on the definition of “telecommunications carrier” in the context of which companies would be liable for CALEA compliance; carrier security policies and procedures; timeliness, security and accuracy of intercepts; If CALEA strictures “are reasonably achievable” by most carriers; and whether the compliance date should be moved back.
The FBI’s comments disagreed with the commission proposal to exempt some carriers from CALEA compliance, viewing it as a loophole for criminal activity. However, private land mobile services could be exempt until they begin performing local exchange carrier-type services. The FBI also wants to limit legal requests for surveillance to court orders or certificates of authorization, at which time the carrier would be required to begin an intercept within two hours. Only certified and screened personnel would be allowed to follow a surveillance procedure, and such personnel would have to be on the premises or on call 24 hours a day, seven days a week.
All surveillance records must be kept by the carrier for 10 years, with the originals transmitted to the bureau within 10 days of an operation’s conclusion, the FBI continued. And no special requirements should be put in place regarding how large and small companies are treated in surveillance matters or during certification.
TIA, facilitator of standards during the CALEA process, urged the commission to adopt a narrow definition of “telecommunications carrier,” saying that Congress meant only “common carriers” to be CALEA compliant and not private mobile radio services or other operators that cannot duplicate LEC services. The group is concerned that the FCC’s proposed definition, “an entity that holds itself out to serve the public indiscriminately in the provision of any telecommunications service,” exceeds what had been the accepted CALEA definition and what had been included about CALEA in amendments to the 1996 telecom act.
TIA urged the commission not to adopt any technical standards until its own is accepted by the American National Standards Institutes board. And if the FCC decides to modify any final standard, carriers should be given additional time to comply; it alludes to an FBI challenge of the standard at the commission, which will delay compliance.
In its comments, CTIA asked the commission for a blanket industry extension of the 1998 compliance date “because CALEA-compliant technology will not be available within the compliance period;” that such factors as consumer costs, law-enforcement demands, privacy and competition be considered before a carrier is judged to be able to support CALEA; that all information services, including paging, be exempt from compliance; and that the FCC mandate that law enforcement submit “lawful” orders prior to an intercept so that carrier personnel will be protected and so that “burdensome record-keeping” won’t become an issue.
CTIA, like TIA, pointed out that the FBI continues to claim that the recently adopted TIA standard “is deficient because it does not include all of the surveillance capabilities they desire,” and that “the FBI informed industry that unless its enhanced surveillance needs were included in any agreement to deploy CALEA solutions, the FBI would oppose a [compliance] extension for that carrier or manufacturer.”
Carriers that petition the commission to waive CALEA compliance due to their not being able to “reasonably achieve” such should be able to be relieved from that obligation, CTIA wrote, even if they would be reimbursed for doing so. And because some current and emerging carriers will find CALEA-compliant hardware and software too expensive, “the commission may be asked to consider a stripped-down version of the industry standard … any proposal that elevates surveillance above call processing should be rejected.”
AMTA wants PMRS providers permanently divorced from CALEA compliance. “Most 200-MHz, 450 MHz-512 MHz and most 800 MHz and 900 MHz specialized mobile radio systems do not lend themselves to the sort of narrowly targeted interception required by law-enforcement agencies,” it wrote. “AMTA knows of no commonly used SMR equipment that can reserve system capacity in the manner described by the FBI … AMTA again submits that the most efficient way to conduct surveillance of the communications of a targeted individual over a minimally interconnected system is through interception of the telephone number at the LEC switch.” AMTA also suggested the use of cloned handsets, much like cloned pagers, to intercept criminal transmissions.
Resellers should be introduced into the telecommunications-carrier definition mix, wrote PCIA, “to the extent these entities have unique access to customer information that is essential to the expedient execution of electronic surveillance warrants. Because resellers have traditionally been classified as common carriers by the courts and regulated as such by the commission, treating them as telecommunications carriers for the purpose of CALEA would be consistent with prior practice.” However, the association cautioned the FCC not to “require resellers to do the impossible by making resellers responsible for ensuring that the network of the underlying facilities-based carrier complies with CALEA’s technical requirements.”
Paging carriers always have worked closely with the law, PCIA pointed out, and expanded obligations at this time are not needed.
Responding to the FCC’s two proposals on how to monitor carrier security procedures, PCIA wrote that both large and small carriers should be able to take advantage of the streamlined reporting features the commission detailed only for small carriers-“the option of either filing a statement describing their security policies and procedures or certifying that they observe procedures consistent with the commission’s system security rules.”
Personal communications services carrier Omnipoint disagreed with the FBI’s two-method court order system, saying that exception should include subpoenas, emergency oral requests for call tracing and written certifications. Carriers already have built-in ways to protect themselves from prosecution for “alleged improper cooperation from law-enforcement officials,” and Omnipoint asked the FCC not to include carrier requirements regarding this in any order.
Motorola does not agree with the others on reseller inclusion in CALEA compliance for technical reasons; however, the manufacturer pointed out that resellers already are obligated to work with law enforcement based on a previous 1968 crime-control law.
Nextel disagr
eed with the FCC’s contention that CALEA implementation costs would be “minimal for most carriers,” writing, “this conclusion ignores the marketplace reality that there are a number of new entrant providers … who have not had the opportunity to establish internal processes. Therefore, the cost of compliance for these new entrants will be far from minimal-particularly for those carriers such as Nextel that are building out nationwide systems.”