As responsible citizens of the world, we are all equal stakeholders in the
society. It is our duty, therefore, to do our bit towards building a healthier
and fearless society.
Terrorism and organized crime are the nemesis of today’s world. Terrorists
exchange information to organize, plan, coordinate and execute their activities.
Security agencies need to tap this information to take pre-emptive action and
prevent terrorists from causing damage and loss to property and lives of the
innocent people.
Lawful interception plays a crucial role in helping law enforcement agencies
to combat against criminal activity by monitoring and intercepting communication
between terrorist groups. While this has become a top priority globally after
the incident of September 11, certain countries like Israel, India, and the US,
that are prime targets of the militants, need to take more steps and be even
more alert.
Although there are different standards for lawful interception, like CALEA
(in the US) and ETSI (in Europe), security agencies in every country have
different expectations and telecommunication service providers in each country
have to build systems to meet the country’s legislations. However, there are
certain genuine issues that service providers face while helping the security
agencies in their mission to track terrorist activities.
|
The first and foremost issue is of lack of clarity in the exact requirements
of lawful interception. This, coupled with unavailability of right solutions,
has already delayed service rollouts of several NLD/ILD service providers.
Unless and until the requirements are frozen, the right solution cannot even be
thought of, let alone being developed.
The whole thing was much simpler earlier before Internet became prevalent,
when only voice calls were intercepted. This process was as follows:
- Security agencies provided the telecom service provider details of the
phone number or group of numbers that had to be intercepted - The service provider programmed the switch to monitor those number(s)
- Whenever a call was made from or to that number, the service provider
would connect to the security agencies who could hear it live or/and record
it as well
In the modern Internet world, this becomes very complex, where lot of
information exchange happens through e-mails , Internet telephony and VoIP over
dedicated leased lines that directly connect to the Internet cloud, bypassing
the PSTN switches.
In India, the current scenario of lawful interception is quite fluid due to
the following reasons:
- Security requirements and solutions for TDM voice services are reasonably
in place. However, for newer services like VoIP over IPLCs, there are no
standard specifications defined for lawful interception - Liberation of telecom market in India is seeing large number of new
private SPs entering the scenario. Security agencies that earlier dealt with
only BSNL/VSNL are now trying to play it safe and make the security
specifications as exhaustive as possible - Security agencies are still finalizing their expectations from SPs
In developed countries, where similar solutions have been deployed, usually
the onus is on the security agencies to define the specifications and
requirements for lawful interception. In fact, there the security agencies are
the owners of the required monitoring systems and equipment and the respective
governments provide subsidies for this project, as it is a matter of the nation’s
security. The service provider is responsible only for providing access to the
network traffic by tapping information at the entry/exit point of the network.
This approach is followed in other countries based on two perspectives.
Confidentiality: Process and capability of monitoring remains fully
confidential with security agencies.
Customized Solutions: The monitoring equipment are not available off
the shelf. They are highly customized solutions, which require extra development
efforts to meet the requirements and hence are very expensive.
Additional costs prevent SPs from lowering the tariffs and pass on the cost
benefit to end consumers. Perhaps a phase-wise approach can give service
providers sufficient time for implementation. But the key to successful
implementation lies in a collective approach–involving service providers and
security agencies.
The author is V-P (technology), Bharti Infotel