I just sat in on a web conference on CALEA (Communications Assistance for Law Enforcement Act) compliance in the US. According to the conference, a hotspot provider needs to be CALEA compliant in the US. To be CALEA compliant, we need to do the following things:
- Identify and isolate CII (Communication Identity Information) within communication flows.
_.
\ - Extract and monitor the CII.
This requires us to make copies of the information available to the Law Enforcement Agencies. I assume this can be done by logging the packets marked above and creating copies to be downloaded.
\ - Ensure that other users CII isn’t intercepted.
This is fixed by the packet marking. Then we are only drawing the recommended information.
\ - Ensure the interception is unknown.
This is also done by the packet marking. I assume there is no way for someone on the network to know they’re being monitored more so than they already are.
\ - Ensure all the above doesn’t affect the network.
I can’t imagine doing the above will create any latency.
For any other Mikrotik users in the US, CALEA requirements can be found at:
http://www.usdoj.gov/criminal/cybercrime/usamay2001_4.htm\
The question I have is in regard to number 2.
How do I extract the information needed in number 2 in a format that can be forwarded?
Ideally, it is looking for the header information for any websites visited, as well as copies of email sent. It also may want copies of packets used for instant messaging as well as anything accessed via torrent.
As much as I don’t like the law and the end of privacy it represents, I am bound by it and $100,000USD per day fines for non-compliance.
Any answers and concerns appreciated._