1 / 11

CALEA Compliance in 2006

CALEA Compliance in 2006. H. Michael Warren Vice President, Fiduciary Services NeuStar, Inc February 2006. Service Providers’ Responsibilities. Protect the privacy of their subscribers Only disclose records or provide technical assistance that is supported by valid legal process

sen
Download Presentation

CALEA Compliance in 2006

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CALEA Compliance in 2006 H. Michael Warren Vice President, Fiduciary Services NeuStar, Inc February 2006

  2. Service Providers’ Responsibilities • Protect the privacy of their subscribers • Only disclose records or provide technical assistance that is supported by valid legal process • Properly manage the provisioning of electronic surveillance • Assist subscribers who are victims of harassing and annoying calls • Address the customer’s concern • Provide a pathway to resolution • Act only in accordance with the law • Protect the network from unlawful access and fraudulent use

  3. Service Providers’ Responsibilities • Comply with ELSUR Law and CALEA • Develop & Implement policies and procedures supporting ELSUR • Keep detailed records of all interceptions. • Implement measures to ensure the secrecy of interceptions • Prevent unauthorized interceptions. • Designate a senior manager responsible for intercepts, and available to assist law enforcement 24/7. • Deploy CALEA compliant technology • Trusted Third Party Legal Compliance Solutions fulfill all of the service provider’s responsibilities

  4. Legal Compliance: Trusted Third Party Approach • Trusted Third Party Record Production Management: • Receives legal process as “Agent”: Validate and clarify scope of demands • Retrieves & produces information, Toll/CDR: Certifies the authenticity of records produced • Acts as custodian of records produced: Provides testimony as required • Fully compliant and auditable process • Manage Service Providers’ CALEA Compliance Program • Contract with Service Provider as “Agent”: • Provide 24/7 LEA support • Receive, validate and clarify scope of legal demands • Develop and Manage lawful intercept function

  5. Legal Compliance: Technical Assistance • Technical assistance to LEA’s (CALEA compliance) • Review of provider’s compliance • Assess current compliance and recommend solutions • 24/7/365 LEA Support for Lawful Intercept • Manage the provider’s CALEA Compliance Program • Contract operation of provider owned system • Remote provisioning & operation of CALEA /LI Systems • On-site Technical Assistance • Transition to carrier management • Health and status monitoring of provisioned circuits & LI systems • Provide just in time mobile intercept capability • Custodian of Record for intercept information as required by CALEA & ELSUR Law • Testify as necessary

  6. CALEA Compliant VoIP Solution PSTN Provisioning Link is not established during intercept. Centralized Associate Provisioning Link Media Gateway Softswitch VPN Mediation VPN CMTS Central Office MTA LEA Target

  7. Outsourcing Compliance: Why Carriers Do It • Automation can help contain costs & maintain efficiency • Must access and retrieve information from a wide array of records keeping systems • Billing, customer care and/or subscriber databases, call detail records (CDR) aggregation points • Few carriers have been able to benefit from the efficiencies of a centralized records retrieval /subpoena mgt system • Why develop a new platform for non-revenue generating yet critical function? • Too costly to build and maintain infrastructure for non-essential, non-core part of the business • Automation is the key to Trusted Third Party Provider’s efficiency

  8. Next Steps • The FCC, and Congress and the Courts for that matter, will not permit law enforcement to lose one of its most critical investigative techniques. • Trusted Third Party Providers offer a cost effective alternative to building the legal compliance infrastructure in house

  9. Summary • CALEA Mandates policies & procedures for handling of legal process & technical assistance: • Must be filed with the FCC • Must be implemented to shield against liability • Understand what information & access the LEA is entitled to regarding Customer Information or Call Data & Call Content • What legal process is required (Subpoena / Court Order / Search warrant) • Procedures in place & updated as law changes • Train Staff and Audit work to ensure compliance and good faith defense • Severe criminal & civil penalties are imposed for failure to exercise good faith • Must act only on valid legal process

  10. Thanks for your attention... Questions…?

  11. For more information contact… H. Michael Warren, Vice President Fiduciary Services 571 434-3410 (voice - direct) 703 689-0566 (fax) 703 863-1979 (mobile) e-mail at mike.warren@neustar.biz

More Related