A communication service provider (CSP) was looking for automated testing solutions. They had all the standard requirements – verifying speed and performance for voice and data on 2G, 3G, LTE, and 5G.
They also wanted to know how automated testing could help verify lawful interception (LI) compliance. A law enforcement agency had recently issued an LI warrant, and the CSP wasn’t able to pull all the necessary data as quickly as required.
To avoid future infractions, they wanted to perform active testing to generate the LI reference data and verify that it transferred correctly and reliably to the related LI systems.
A CSP doesn’t necessarily realize how critical LI compliance is until it isn’t working. And like any other telecommunications issue, you don’t have days to fix it. Every second counts.
Telecommunications technology has continuously evolved with a multitude of services, devices and radio signals. Besides maintaining a competitive edge with optimal quality and performance, telecommunications companies also need to comply with legal and regulatory requirements.
This article digs into the details of lawful interception, the importance of compliance and the implications of 5G for CSPs.
What Is Lawful Interception?
Lawful interception (LI) refers to the technical capabilities of telecommunications networks to collect and provide communications data of individuals or organizations to law enforcement officials. Law enforcement agencies use this information to fight crime, prevent terrorism and ensure national security.
The ETSI (European Telecommunications Standards Institute) and the 3GPP (Third Generation Partnership Project) have led the way in standardization. CALEA (Communications Assistance for Law Enforcement Act) is one of the laws that details LI standards in the United States.
International cooperation between multiple European countries, Australia, New Zealand, Canada and the US have helped define the standards we know today. LI laws generally aim to balance the need to protect the public’s right to privacy while enabling law enforcement to perform investigations and protect the public.
These laws apply to communications over telephone, SMS text, emails, call detail records (CDR), as well as web browsing history. A law enforcement agency may request historical data or ongoing surveillance.
Why Is LI Compliance Critical?
It’s our civic duty to support law enforcement agencies. LI warrants are issued to investigate crimes and terrorist threats. LI compliance is also necessary to avoid hefty penalties and protect licensing. Finally, LI can be a valuable revenue stream in some countries when local authorities pay specific fees for every observation to the CSP.
LI Compliance Is Complex
There are many challenges to complying with LI regulations and supporting law enforcement agencies. LI used to just be about wire-tapping phones. Today, criminals have a wide variety of communication channels through different types of technology and encryption methods.
Robust administrative processes must be in place to receive, verify and implement court orders. The number of lawful interception warrants has increased dramatically in the last decade. Streamlined processes are critical to keep operational costs down.
CSPs must have the technical capabilities to retain historical data, perform ongoing surveillance, filter and sort relevant data, and securely hand over the data to law enforcement agencies. Security protocols are imperative to avoid surveillance detection and protect the privacy of non-suspects.
And finally, continuous monitoring is critical. Ongoing automated testing helps ensure technical capabilities are maintained and continuously compliant throughout transitions, migrations and upgrades.
LI Compliance Must Be Quick and Flawless
When a law enforcement agency issues an LI warrant, immediate response is required. They can’t wait multiple days for the requested data or surveillance.
At the same time, data must be complete and accurate, including the meta-data and the communication content. The entire data set must be present without inadvertently providing unnecessary data to protect the privacy of non-suspects.
As upgrades and migration occur, ongoing testing is imperative. Not only to verify speed and performance for subscribers, but also to ensure there are no gaps in the CSPs ability to provide LI data quickly and accurately when a warrant is received.
5G Implications of Lawful Interception
There is no doubt that 5G is a gamechanger for individuals and industries. We are still at the beginning stages of seeing what 5G can do. With monumental speeds and decreased latency, there are incredible new opportunities for innovative connected experiences, the Internet of things, and the Fourth Industrial Revolution.
What are the implications of 5G on LI? That’s exactly what we need to consider in order to future proof LI compliance.
Interoperability
Whenever a network undergoes any type of update, upgrade or overhaul, interoperability is a top concern. Operators spend countless hours testing and verifying network performance and interoperability across radio signals to ensure these activities are seamless to subscribers.
Likewise, handovers across radio access technologies must be uninterrupted for law enforcement agencies when evaluating data and performing surveillance. Retained records must be maintained and dispersed in similar formats for analysis.
There will be a series of stages as architecture is migrated from 4G to 5G, and LI compliance will be a critical consideration for every step along the way to ensure data availability and accuracy.
Increased Volume
The number of connected devices will exponentially increase with 5G. With increased connectivity and the Internet of things, the number of connected devices is expected to grow 100 times from 4G to 5G. This will result in many more observations and therefore CSPs must have technology and tools available to provide complete and relevant data.
At the same time, law enforcement agencies will need to ensure that their lawful interception maintenance systems (LIMS) are able to receive, store and organize data effectively. The ability to proactively remove unwanted data will be necessary to save on analysis and storage resources.
Increased Encryption
Some data that were not encrypted in 4G are now encrypted in 5G. As a result, there are more encrypted network and device interfaces in the 5G architecture.
This is a good thing overall to address previous vulnerabilities. However, it introduces interoperability intricacies and adds additional layers of complexity for the operations staff and law enforcement monitoring systems.
How SEGRON Can Help You Maintain LI Compliance
It’s critical to ensure compliance with lawful interception regulations to support law enforcement agencies and avoid fines and penalties for violations.
SEGRON’s Automated Testing Framework (ATF) can help you validate LI compliance. With each transition, migration and update, you can run a series of test scripts to generate the reference data interfacing to the law enforcement agency’s LIMS.
Continuous monitoring and ongoing automated testing help verify everything is working as expected. When issues are detected, notifications alert the appropriate personnel immediately. Reporting and analysis tools enable quick troubleshooting and problem resolution.
The ATF can generate reference data for audio calls, SMS text, facsimiles, downloaded data, and files transferred over the Internet. All network technologies can be intercepted, including 2G/3G, LTE/VoLTE, VoWifi, 5G, WLAN, VoIP, PSTN, and ISDN. SEGRON’s Beyond End2End features provide powerful functionality to ensure compliance with ETSI/3GPP LI standards.
Contact us to see how SEGRON can help you monitor LI compliance and future proof your test bench.
