Electronic Code of Federal Regulations (e-CFR)
BETA TEST SITE
e-CFR Data is current as of October 6, 2006
Title
47: Telecommunication
PART
1—PRACTICE AND PROCEDURE
Subpart
Z—Communications Assistance for Law Enforcement Act
§ 1.20000 Purpose.
Pursuant to the Communications Assistance for Law Enforcement Act (CALEA), Public Law 103–414, 108 Stat. 4279 (1994) (codified as amended in sections of 18 U.S.C. and 47 U.S.C.), this subpart contains rules that require a telecommunications carrier to:
(a) Ensure that any interception of communications or access to call-identifying information effected within its switching premises can be activated only in accordance with appropriate legal authorization, appropriate carrier authorization, and with the affirmative intervention of an individual officer or employee of the carrier acting in accordance with regulations prescribed by the Commission; and
(b) Implement the assistance capability requirements of CALEA section 103, 47 U.S.C. 1002, to ensure law enforcement access to authorized wire and electronic communications or call-identifying information.
§ 1.20003 Policies and procedures for employee supervision and control.
A telecommunications carrier shall:
(a) Appoint a senior officer or employee responsible for ensuring that any interception of communications or access to call-identifying information effected within its switching premises can be activated only in accordance with a court order or other lawful authorization and with the affirmative intervention of an individual officer or employee of the carrier.
(b) Establish policies and procedures to implement paragraph (a) of this section, to include:
(1) A statement that carrier personnel must receive appropriate legal authorization and appropriate carrier authorization before enabling law enforcement officials and carrier personnel to implement the interception of communications or access to call-identifying information;
(2) An interpretation of the phrase “appropriate authorization” that encompasses the definitions of appropriate legal authorization and appropriate carrier authorization, as used in paragraph (b)(1) of this section;
(3) A detailed description of how long it will maintain its records of each interception of communications or access to call-identifying information pursuant to §1.20004;
(4) In a separate appendix to the policies and procedures document:
(i) The name and a description of the job function of the senior officer or employee appointed pursuant to paragraph (a) of this section; and
(ii) Information necessary for law enforcement agencies to contact the senior officer or employee appointed pursuant to paragraph (a) of this section or other CALEA points of contact on a seven days a week, 24 hours a day basis.
(c) Report to the affected law enforcement agencies, within a reasonable time upon discovery:
(1) Any act of compromise of a lawful interception of communications or access to call-identifying information to unauthorized persons or entities; and
(2) Any act of unlawful electronic surveillance that occurred on its premises.
§ 1.20004 Maintaining secure and accurate records.
(a) A telecommunications carrier shall maintain a secure and accurate record of each interception of communications or access to call-identifying information, made with or without appropriate authorization, in the form of single certification.
(1) This certification must include, at a minimum, the following information:
(i) The telephone number(s) and/or circuit identification numbers involved;
(ii) The start date and time that the carrier enables the interception of communications or access to call identifying information;
(iii) The identity of the law enforcement officer presenting the authorization;
(iv) The name of the person signing the appropriate legal authorization;
(v) The type of interception of communications or access to call-identifying information (e.g., pen register, trap and trace, Title III, FISA); and
(vi) The name of the telecommunications carriers' personnel who is responsible for overseeing the interception of communication or access to call-identifying information and who is acting in accordance with the carriers' policies established under §1.20003.
(2) This certification must be signed by the individual who is responsible for overseeing the interception of communications or access to call-identifying information and who is acting in accordance with the telecommunications carrier's policies established under §1.20003. This individual will, by his/her signature, certify that the record is complete and accurate.
(3) This certification must be compiled either contemporaneously with, or within a reasonable period of time after the initiation of the interception of the communications or access to call-identifying information.
(4) A telecommunications carrier may satisfy the obligations of paragraph (a) of this section by requiring the individual who is responsible for overseeing the interception of communication or access to call-identifying information and who is acting in accordance with the carriers' policies established under §1.20003 to sign the certification and append the appropriate legal authorization and any extensions that have been granted. This form of certification must at a minimum include all of the information listed in paragraph (a) of this section.
(b) A telecommunications carrier shall maintain the secure and accurate records set forth in paragraph (a) of this section for a reasonable period of time as determined by the carrier.
(c) It is the telecommunications carrier's responsibility to ensure its records are complete and accurate.
(d) Violation of this rule is subject to the penalties of §1.20008.
Effective Date Note: At 71 FR 38108, July 5, 2006, §1.2004 was added. This section contains information collection and recordkeeping requirements and will not become effective until approval has been given by the Office of Management and Budget.
§ 1.20005 Submission of policies and procedures and Commission review.
(a) Each telecommunications carrier shall file with the Commission the policies and procedures it uses to comply with the requirements of this subchapter. These policies and procedures shall be filed with the Federal Communications Commission within 90 days of the effective date of these rules, and thereafter, within 90 days of a carrier's merger or divestiture or a carrier's amendment of its existing policies and procedures.
(b) The Commission shall review each telecommunications carrier's policies and procedures to determine whether they comply with the requirements of §§1.20003 and 1.20004.
(1) If, upon review, the Commission determines that a telecommunications carrier's policies and procedures do not comply with the requirements established under §§1.20003 and 1.20004, the telecommunications carrier shall modify its policies and procedures in accordance with an order released by the Commission.
(2) The Commission shall review and order modification of a telecommunications carrier's policies and procedures as may be necessary to insure compliance by telecommunications carriers with the requirements of the regulations prescribed under §§1.20003 and 1.20004.
Effective Date Note: At 71 FR 38108, July 5, 2006, §1.2005 was added. This section contains information collection and recordkeeping requirements and will not become effective until approval has been given by the Office of Management and Budget.
(a) Telecommunications carriers shall provide to a Law Enforcement Agency the assistance capability requirements of CALEA regarding wire and electronic communications and call-identifying information, see 47 U.S.C. 1002. A carrier may satisfy these requirements by complying with publicly available technical requirements or standards adopted by an industry association or standard-setting organization, such as J–STD–025 (current version), or by the Commission.
(b) Telecommunications carriers shall consult, as necessary, in a timely fashion with manufacturers of its telecommunications transmission and switching equipment and its providers of telecommunications support services for the purpose of ensuring that current and planned equipment, facilities, and services comply with the assistance capability requirements of 47 U.S.C. 1002.
(c) A manufacturer of telecommunications transmission or switching equipment and a provider of telecommunications support service shall, on a reasonably timely basis and at a reasonable charge, make available to the telecommunications carriers using its equipment, facilities, or services such features or modifications as are necessary to permit such carriers to comply with the assistance capability requirements of 47 U.S.C. 1002.
(a) Definition—(1) Call-identifying information. Call identifying information means dialing or signaling information that identifies the origin, direction, destination, or termination of each communication generated or received by a subscriber by means of any equipment, facility, or service of a telecommunications carrier. Call-identifying information is “reasonably available” to a carrier if it is present at an intercept access point and can be made available without the carrier being unduly burdened with network modifications.
(2) Collection function. The location where lawfully authorized intercepted communications and call-identifying information is collected by a law enforcement agency (LEA).
(3) Content of subject-initiated conference calls. Capability that permits a LEA to monitor the content of conversations by all parties connected via a conference call when the facilities under surveillance maintain a circuit connection to the call.
(4) Destination. A party or place to which a call is being made (e.g., the called party).
(5) Dialed digit extraction. Capability that permits a LEA to receive on the call data channel a digits dialed by a subject after a call is connected to another carrier's service for processing and routing.
(6) Direction. A party or place to which a call is re-directed or the party or place from which it came, either incoming or outgoing (e.g., a redirected-to party or redirected-from party).
(7) IAP. Intercept access point is a point within a carrier's system where some of the communications or call-identifying information of an intercept subject's equipment, facilities, and services are accessed.
(8) In-band and out-of-band signaling. Capability that permits a LEA to be informed when a network message that provides call identifying information (e.g., ringing, busy, call waiting signal, message light) is generated or sent by the IAP switch to a subject using the facilities under surveillance. Excludes signals generated by customer premises equipment when no network signal is generated.
(9) J–STD–025. The standard, including the latest version, developed by the Telecommunications Industry Association (TIA) and the Alliance for Telecommunications Industry Solutions (ATIS) for wireline, cellular, and broadband PCS carriers. This standard defines services and features to support lawfully authorized electronic surveillance, and specifies interfaces necessary to deliver intercepted communications and call-identifying information to a LEA. Subsequently, TIA and ATIS published J–STD–025–A and J–STD–025–B.
(10) Origin. A party initiating a call (e.g., a calling party), or a place from which a call is initiated.
(11) Party hold, join, drop on conference calls. Capability that permits a LEA to identify the parties to a conference call conversation at all times.
(12) Subject-initiated dialing and signaling information. Capability that permits a LEA to be informed when a subject using the facilities under surveillance uses services that provide call identifying information, such as call forwarding, call waiting, call hold, and three-way calling. Excludes signals generated by customer premises equipment when no network signal is generated.
(13) Termination. A party or place at the end of a communication path (e.g. the called or call-receiving party, or the switch of a party that has placed another party on hold).
(14) Timing information. Capability that permits a LEA to associate call-identifying information with the content of a call. A call-identifying message must be sent from the carrier's IAP to the LEA's Collection Function within eight seconds of receipt of that message by the IAP at least 95% of the time, and with the call event time-stamped to an accuracy of at least 200 milliseconds.
(b) In addition to the requirements in §1.20006, wireline, cellular, and PCS telecommunications carriers shall provide to a LEA the assistance capability requirements regarding wire and electronic communications and call identifying information covered by J–STD–025 (current version), and, subject to the definitions in this section, may satisfy these requirements by complying with J–STD–025 (current version), or by another means of their own choosing. These carriers also shall provide to a LEA the following capabilities:
(1) Content of subject-initiated conference calls;
(2) Party hold, join, drop on conference calls;
(3) Subject-initiated dialing and signaling information;
(4) In-band and out-of-band signaling;
(5) Timing information;
(6) Dialed digit extraction, with a toggle feature that can activate/deactivate this capability.
In the event of a telecommunications carrier's violation of this subchapter, the Commission shall enforce the penalties articulated in 47 U.S.C. 503(b) of the Communications Act of 1934 and 47 CFR 1.80.
File Type | application/msword |
File Title | Electronic Code of Federal Regulations (e-CFR) |
Author | Nancy.Brooks |
Last Modified By | Leslie.Smith |
File Modified | 2006-10-20 |
File Created | 2006-10-20 |