6 November 1998
Source: http://www.fcc.gov/Bureaus/Common_Carrier/Notices/1998/fcc98282.wp (374K)

See related press release.

Federal Communications Commission FCC 98-282

Before the
Federal Communications Commission
Washington, D.C. 20554

In the Matter of:

Communications Assistance for
Law Enforcement Act		 )
)
)
)

CC Docket No. 97-213


FURTHER NOTICE OF PROPOSED RULEMAKING



Adopted: October 22, 1998 ; Released: November 5, 1998

Comment Date: December 14, 1998

Reply Comment Date: January 13, 1999

By the Commission: Commissioner Furchtgott-Roth issuing a statement.



TABLE OF CONTENTS


I. INTRODUCTION

II. BACKGROUND

A. CALEA Assistance Capability Requirements

B. Development of Industry Interim Standard J-STD-025

C. Petitions for Rulemaking

III. DISCUSSION

A. Authority and Approach

B. Industry Interim Standard J-STD-025

C. Particular Capabilities of J-STD-025 Opposed by CDT

1. Location information
2. Packet-Mode

D. DoJ/FBI Punch List

1. General Comments
2. Content of subject-initiated conference calls
3. Party hold, join, drop on conference calls
4. Subject-initiated dialing and signaling information
5. In-band and out-of-band signaling
6. Timing information
7. Surveillance status
8. Continuity check tone
9. Feature status
10. Dialed digit extraction

E. Disposition of J-STD-025

F. Other Technologies and Systems

G. Other Matters

IV. PROCEDURAL MATTERS

A. Scope of Proceeding

B. Ex Parte

C. Initial Regulatory Flexibility Analysis

D. Notice and Comment Provisions

V. ORDERING CLAUSES

VI. APPENDIX OF COMMENTING PARTIES

NOTES


I. INTRODUCTION

1. In this Further Notice of Proposed Rulemaking (Further NPRM), we address alleged deficiencies in industry-developed technical requirements for wireline, cellular, and broadband Personal Communications Services (PCS) carriers to comply with the assistance capability requirements prescribed by the Communications Assistance for Law Enforcement Act of 1994 (CALEA, or the Act).(1) Industry developed these technical requirements in an attempt to satisfy the "safe harbor" provision of the Act, which permits telecommunications carriers to be found in compliance with CALEA if carriers comply with publicly available technical requirements adopted by an industry association or standard-setting organization, or by the Commission.(2) The Act authorizes the Commission to establish, by rule, technical requirements or standards that meet the assistance capability requirements, if industry or standards-setting organizations have failed to set such standards, or if any party believes that an industry standard is deficient.(3) To date, the Commission has received four petitions for rulemaking asking us to establish such requirements or standards pursuant to our statutory authority under the Act.(4) In addition, in response to a Public Notice the Commission's Wireless Telecommunications Bureau and Office of Engineering and Technology released on April 20, 1998, we have received numerous comments disputing whether certain specific technical requirements are necessary to comply with CALEA.(5)

2. In light of petitioners' claims that the interim standard adopted by industry(6) is deficient with regard to particular technical requirements it currently includes, this Further NPRM analyzes those specific requirements and reaches tentative conclusions regarding which of them are required by CALEA. The Further NPRM also seeks comment on a range of issues associated with the Commission's obligations under the Act. In addition, we seek comment on what role, if any, we can or should play in assisting telecommunications carriers other than wireline, cellular, and broadband PCS carriers to set standards for, or to achieve compliance with, CALEA's requirements.(7)


II. BACKGROUND

3. Since 1970, telecommunications carriers have been required to cooperate with law enforcement agencies in conducting electronic surveillance.(8) Recent advances in technology, however, most notably the introduction of digital transmission and processing techniques and the proliferation of wireless services, have hampered the law enforcement community's ability to conduct lawfully authorized surveillance. CALEA was enacted in 1994 to address such problems, and to ensure that law enforcement surveillance efforts would not be unintentionally thwarted by the development and deployment of new telecommunications technologies and services.(9) At the same time, however, Congress recognized the need to protect privacy interests within the context of court-authorized electronic surveillance. In defining the terms and requirements of the Act, therefore, Congress sought to balance three important policies: "(1) to preserve a narrowly focused capability for law enforcement agencies to carry out properly authorized intercepts; (2) to protect privacy in the face of increasingly powerful and personally revealing technologies; and (3) to avoid impeding the development of new communications services and technologies."(10) Based on these considerations, Congress envisioned that the requirements of CALEA would serve as "both a floor and a ceiling," defining the minimum capabilities that should be provided to law enforcement, while also establishing limits as to what can be provided.(11)

4. CALEA directs carriers to ensure that their equipment, facilities, and services are capable of meeting certain requirements to assist law enforcement in carrying out lawfully authorized electronic surveillance. To accomplish this, the Act sets out general assistance capability requirements that telecommunications carriers must meet, and defines the obligations of the industry, the law enforcement community, and the Commission in developing the technical requirements or standards necessary to meet these requirements. To date, industry and the law enforcement community, although they have reached agreement on many issues, disagree on whether certain specific features and/or technical requirements must be provided by carriers to comply with the Act's assistance capability requirements. Consequently, as authorized by the Act, representatives of industry, law enforcement, and the privacy community have petitioned the Commission to establish such technical requirements or standards. In this Further NPRM, therefore, we consider whether certain specific technical requirements are necessary for wireline, cellular and broadband PCS carriers(12) to meet CALEA's assistance capability requirements.(13) Below we discuss the relevant provisions of the Act.



A. CALEA Assistance Capability Requirements

5. The basic requirements for meeting CALEA's mandates are contained in Section 103, which establishes four general "assistance capability requirements" that carriers must meet to achieve compliance. Specifically, Section 103 requires a telecommunications carrier(14) to:

(a) [E]nsure that its equipment, facilities, or services that provide a customer or subscriber with the ability to originate, terminate, or direct communications are capable of--
(1) expeditiously isolating and enabling the government, pursuant to a court order or other lawful authorization, to intercept, to the exclusion of any other communications, all wire and electronic communications carried by the carrier within a service area to or from equipment, facilities, or services of a subscriber of such carrier concurrently with their transmission to or from the subscriber's equipment, facility, or service, or at such later time as may be acceptable to the government;

(2) expeditiously isolating and enabling the government, pursuant to a court order or other lawful authorization, to access call-identifying information that is reasonably available to the carrier--

(A) before, during, or immediately after the transmission of a wire or electronic communication (or at such later time as may be acceptable to the government); and

(B) in a manner that allows it to be associated with the communication to which it pertains, except that, with regard to information acquired solely pursuant to the authority for pen registers and trap and trace devices (as defined in section 3127 of title 18, United States Code),(15) such call-identifying information shall not include any information that may disclose the physical location of the subscriber (except to the extent that the location may be determined from the telephone number);

(3) delivering intercepted communications and call-identifying information to the government, pursuant to a court order or other lawful authorization, in a format such that they may be transmitted by means of equipment, facilities, or services procured by the government to a location other than the premises of the carrier; and

(4) facilitating authorized communications interceptions and access to call-identifying information unobtrusively and with a minimum of interference with any subscriber's telecommunications service and in a manner that protects--

(A) the privacy and security of communications and call-identifying information not authorized to be intercepted; and

(B) information regarding the government's interception of communications and access to call-identifying information.(16)

6. CALEA does not specify how these four assistance capability requirements are to be met. Rather, it states only that telecommunications carriers, in consultation with manufacturers and telecommunications support service providers, must ensure that the carriers' equipment, facilities, and services comply with the requirements.(17) Manufacturers and telecommunications support service providers are subject to a "cooperation" requirement, i.e., they are required to make available to carriers the features and modifications necessary for carriers to comply with the requirements "on a reasonably timely basis and at a reasonable charge."(18) Additionally, the Attorney General of the United States must consult with appropriate industry associations and standards-setting organizations; with representatives of users of telecommunications equipment, facilities, and services; and with state utility commissions "to ensure the efficient and industry-wide implementation of the assistance capability requirements."(19)

7. Section 107(a)(2) of CALEA contains a "safe harbor" provision, stating that "[a] telecommunications carrier shall be found to be in compliance with the assistance capability requirements under Section 103, and a manufacturer of telecommunications transmission or switching equipment or a provider of telecommunications support services shall be found to be in compliance with section 106, if the carrier, manufacturer, or support service provider is in compliance with publicly available technical requirements or standards adopted by an industry association or standard-setting organization, or by the Commission under subsection (b), to meet the requirements of Section 103."(20) Thus, the Act envisions that an industry association or a standards-setting organization would set applicable standards. Individual carriers, however, are free to choose any technical solution that meets the assistance capability requirements of CALEA, whether based on an industry standard or not. Carriers, therefore, have some degree of flexibility in deciding how they will comply with CALEA's Section 103 requirements. CALEA specifically states, however, that the absence of industry standards does not relieve a carrier of its obligation to comply with the assistance capability requirements.(21)

8. In addition to the safe harbor provision, section 107 also defines certain Commission responsibilities under the Act. Specifically, upon petition, section 107(b) authorizes the Commission to establish, by rule, technical requirements or standards necessary for implementing Section 103.(22) Section 107(b) provides that a petition may be filed with the Commission (1) if industry associations or standard-setting organizations fail to issue technical requirements or standards, or (2) if a government agency or any other person believes that requirements or standards that were issued are deficient.

9. Section 107(b) specifies five factors that the Commission must consider as part of its efforts to establish technical requirements or standards to meet the assistance capability requirements of Section 103. Such technical requirements or standards must:

meet the assistance capability requirements of Section 103 by cost-effective methods; protect the privacy and security of communications not authorized to be intercepted;

minimize the cost of such compliance on residential ratepayers;

serve the policy of the United States to encourage the provision of new technologies and services to the public; and

provide a reasonable time and conditions for compliance with and the transition to any new standard, including defining the obligations of telecommunications carriers under Section 103 during any transition period.(23)

10. Section 107(c) authorizes the Commission to extend the compliance date for telecommunications carriers' equipment, facilities, and services. On September 11, 1998, the Commission exercised its authority under section 107(c) by extending the deadline for compliance with Section 103 requirements from October 25, 1998 to June 30, 2000.(24) This extension applies to all telecommunications carriers proposing to install or deploy, or having installed or deployed, any equipment, facility or service prior to the effective date of Section 103, for that part of the carrier's business on which the new equipment, facility or service is used.(25)

B. Development Of Industry Interim Standard J-STD-025

11. Since early 1995, Subcommittee TR45.2 of the Telecommunications Industry Association (TIA) has been working to develop an industry standard that would satisfy the assistance capability requirements of Section 103 for wireline, cellular, and broadband PCS carriers.(26) The standards-setting effort has included participation by industry and law enforcement. In 1996, the Subcommittee received from the Federal Bureau of Investigation (FBI) a document known as the Electronic Surveillance Interface (ESI). The ESI was law enforcement's recommendation for the logical and physical interfaces between a wireline, cellular, or broadband PCS carrier's network and a law enforcement agency's electronic surveillance collection facility. The ESI was developed at the request of industry to describe law enforcement's vision and recommendations for the interface. The ESI defined the requirements for the delivery of both call content and call-identifying information to a law enforcement agency (LEA).

12. By the spring of 1997, TIA developed a final draft of a proposed CALEA industry standard. The draft standard defined services and features to support lawfully authorized electronic surveillance and the interfaces to deliver authorized intercepted communications and call-identifying information to a LEA. Specifically, the draft standard defined the intercept function in terms of five broad categories: access, delivery, service provider administration, collection, and law enforcement administration.(27) This standard was submitted for balloting to all participants in the standards-setting process under procedures of the American National Standards Institute (ANSI).(28) The law enforcement community unanimously opposed adoption of this standard, and it was voted down. The FBI, on behalf of this community, attached a lengthy critique of the draft standard to its ballot, including specific recommendations for changes.(29)

13. The FBI's objections to the draft standard centered around a list of technical capabilities that it contended are necessary to meet CALEA's requirements, but that were not included in the industry interim standard. The FBI's list, which has come to be known as the "punch list," originally contained 11 items, and now contains nine items.(30) Specifically, the FBI's punch list identifies the following capabilities it believes must be provided under CALEA:(31)

1) Content of subject-initiated conference calls -- Would enable law enforcement to access the content of conference calls supported by the subject's service (including the call content of parties on hold).(32)

2) Party hold, join, drop -- Messages would be sent to law enforcement that identify the active parties of a call. Specifically, on a conference call, these messages would indicate whether a party is on hold, has joined or has been dropped from the conference call.

3) Subject-initiated dialing and signaling information -- Access to all dialing and signaling information available from the subject would inform law enforcement of a subject's use of features (such as the use of flash-hook and other feature keys).

4) In-band and out-of- band signaling (notification message) -- A message would be sent to law enforcement whenever a subject's service sends a tone or other network message to the subject or associate (e.g., notification that a line is ringing or busy).

5) Timing information -- Information necessary to correlate call-identifying information with the call content of a communications interception.(33)

6) Surveillance status -- Message that would verify that an interception is still functioning on the appropriate subject.

7) Continuity check tone (c-tone) -- Electronic signal that would alert law enforcement if the facility used for delivery of call content interception has failed or lost continuity.

8) Feature status -- Would affirmatively notify law enforcement of any changes in features to which a subject subscribes.

9) Dialed digit extraction(34) -- Information would include those digits dialed by a subject after the initial call setup is completed.

14. After the close of balloting, Subcommittee TR45.2 held a number of meetings and made changes to the draft industry standard, including a number of changes recommended by the FBI. However, based on the concerns discussed below, none of the FBI punch list items were added to the industry standard. The Subcommittee recommended that the revised standard be considered as a joint TIA/Committee T1 Interim Standard and reballoted under TIA procedures rather than ANSI's.(35) An interim standard, however, is valid for a period of only three years and is considered by ANSI as a "trial use." TIA adopted the recommendations, and the revised draft standard was submitted for voting in the fall of 1997. Because no law enforcement agencies are members of the TIA or Committee T1, however, only industry entities were eligible to cast ballots.

15. The industry unanimously approved the draft standard as fulfilling the requirements mandated by CALEA. In December 1997, the TIA and Committee T1, sponsored by the Alliance for Telecommunications Industry Solutions, announced the joint publication of interim standard J-STD-025, Lawfully Authorized Electronic Surveillance (J-STD-025, interim standard, or industry interim standard). This standard defines services and features required to support lawfully authorized electronic surveillance and specifies interfaces necessary to deliver intercepted communications and call-identifying information to a LEA. TIA stated that compliance with J-STD-025 satisfies the "safe harbor" provisions of CALEA.

C. Petitions for Rulemaking

16. In July 1997, before the industry interim standard was released, the Cellular Telecommunications Industry Association (CTIA) filed a petition for rulemaking on behalf of its members requesting that the Commission establish a standard to implement the requirements of Section 103, pursuant to the Commission's authority under section 107(b). CTIA contended that the standards setting process was deadlocked, and that it was unlikely that a standard would be developed in the near future. CTIA attached to its petition the draft industry standard that ultimately became J-STD-025, and argued that this draft standard met the functional requirements of CALEA in their entirety.(36)

17. In August 1997, comments on the CTIA petition were filed jointly by the Center for Democracy and Technology (CDT) and the Electronic Frontier Foundation (EFF).(37) CDT/EFF generally supported CTIA's request to adopt the proposed industry standard; however, they recommended the deletion of provisions relating to subject location and packet-mode information. In March 1998, following adoption of the industry interim standard, DoJ/FBI jointly filed a motion to dismiss CTIA's Petition for Rulemaking on the grounds that the December 1997 adoption of the interim standard rendered CTIA's petition moot.(38) As discussed below, we agree, and dismiss CTIA's July 1997 Petition for Rulemaking.(39)

18. On March 26, 1998, CDT filed a petition for rulemaking, requesting that the Commission intervene in the implementation of CALEA. CDT reiterated the position it and EFF had enunciated in August 1997, arguing that J-STD-025 goes too far in permitting location information capabilities and fails to protect the privacy of packet-mode communications. CDT further argued that the additional surveillance enhancements sought by the FBI in the punch list are not required under CALEA. CDT stated that the telecommunications industry and the FBI had failed to agree on a plan for preserving a narrowly-focused surveillance capability that would protect privacy and, further, were now mired in an argument over designing additional surveillance features into the nation's telecommunications system. Finally, CDT stated that compliance with J-STD-025 was not reasonably achievable and requested that the Commission indefinitely delay implementation of CALEA while a more narrowly-focused standard consistent with the intent of CALEA is developed.(40)

19. On March 27, 1998, DoJ and the FBI jointly filed a petition for expedited rulemaking, asking the Commission to correct deficiencies in the industry standard by establishing additional technical standards that meet the requirements of CALEA. DoJ/FBI claim that the interim standard adopted by industry is deficient because: 1) it does not ensure that law enforcement will be able to receive all of the communications content and call-identifying information that carriers are obligated to deliver under CALEA; and, 2) it fails to ensure that information will be delivered in a timely manner.(41) DoJ/FBI set forth, as a proposed rule, the features (i.e., the punch list items) they believe should be added to the interim standard to correct its deficiencies.(42) DoJ/FBI request that the Commission leave the industry interim standard in effect pending the issuance of a final decision.(43)

20. On April 2, 1998, TIA filed a petition for rulemaking, asking the Commission to resolve the dispute as to whether the interim standard is overinclusive or underinclusive. TIA requested that we: 1) immediately announce suspension of enforcement of CALEA until we make our determination of a permanent standard; 2) establish a reasonable compliance schedule of at least 24 months to implement the permanent standard; 3) undertake an expedited schedule for establishing a permanent standard; and 4) remand any further technical standardization work to TIA Subcommittee TR45.2.(44)

21. On April 20, 1998, the Commission's Wireless Telecommunications Bureau and Office of Engineering and Technology released a Public Notice in this proceeding soliciting comment on the above petitions, as well as soliciting comment on whether the October 25, 1998 deadline for compliance with CALEA's capability requirements should be extended.(45) The Public Notice also requested specific comment on the scope of the assistance capability requirements necessary to satisfy the obligations imposed by CALEA. In particular, the Public Notice requested analyses of whether the technical requirements discussed in the petitions from CDT and from DoJ/FBI are necessary for carriers to meet CALEA's Section 103 requirements. Finally, the Public Notice requested comment on remanding any additional standards development to TIA Subcommittee TR45.2.(46)

22. A number of parties petitioned the Commission to extend the October 25, 1998 deadline for complying with the core features of CALEA, and on September 11, 1998, the Commission released a Memorandum Opinion and Order granting such an extension until June 30, 2000.(47) Pursuant to our authority under section 107(c) of CALEA, we determined that compliance with the assistance capability requirements of Section 103 was not reasonably achievable by any telecommunications carrier through the application of available technology by CALEA's compliance deadline of October 25, 1998.(48) Therefore, we granted a blanket extension of CALEA's compliance deadline until June 30, 2000, for all telecommunications carriers similarly situated to the petitioners, i.e., those carriers proposing to install or deploy, or having installed or deployed, any equipment, facility or service prior to the effective date of Section 103, for that part of the carrier's business on which the new equipment, facility or service is used.(49)

III. DISCUSSION

A. Authority and Approach

23. Upon petition, section 107(b) of CALEA empowers the Commission to establish, by rule, technical requirements or standards to meet the assistance capability requirements of Section 103.(50) Additionally, section 301(a) of CALEA states that "[t]he Commission shall prescribe such rules as are necessary to implement the requirements of [CALEA]."(51)

24. In fulfilling our obligations under CALEA, our evaluation in this proceeding will closely follow the plain language of the Act. Pursuant to our statutory authority, we will separately examine the two contested features of the J-STD-025 standard (i.e., the location information and packet-mode features opposed by CDT) and the punch list items sought by the FBI, to determine whether each meets the mandates of Section 103.

25. As an initial matter, we will first determine whether the specific item we are evaluating meets the assistance capability requirements set forth in Section 103(a)(1)-(4).(52) In doing so, we propose to interpret these provisions narrowly.(53) As noted above, we look to the plain language, its context, and, if necessary, any legislative history that assists in ascertaining Congressional intent. Specifically, we explore below the intent of Congress' use of the terms "equipment, facilities or services" in Section 103(a)(1) as it relates to the content of subject-initiated conference calls. We also seek to interpret Section 103(a)(2)'s provision that call-identifying information must be provided to a LEA only if that information is "reasonably available" to a telecommunications carrier. In this regard, we tentatively conclude that before we can make a determination whether a specific technical requirement meets the mandates of Section 103's assistance capability requirements, the Commission must determine whether the information to be provided to a LEA under Section 103(a)(2) is reasonably available to the carrier. The Act does not specify how the term "reasonably available" should be defined or interpreted, and the Act's legislative history offers little additional guidance. We therefore request comment on what factors the Commission should use in determining whether the information to be provided to a LEA under Section 103(a)(2) is reasonably available.

26. Specifically, we request comment on how cost should be considered in our determination of reasonable availability. Further, we note that carriers use a variety of system architectures and different types of equipment, leading us to believe that reasonable availability is also likely to vary from carrier to carrier. Commenters should discuss how the Commission can evaluate whether a particular technical requirement is reasonably available in these circumstances and discuss how the application or interpretation of these terms in Section 103(a)(2) is similar to or different from the application or interpretation of "reasonably achievable" in section 109(b), and the factors listed there.

27. We also ask commenters to evaluate the type of information that has been traditionally available under pen register and trap-and-trace authorizations, and whether the provision of such information to LEAs, in light of the statutory definitions of "pen register" and "trap and trace device",(54) and judicial interpretations of them, provide guidance or represent possible factors for determining "reasonable availability."

28. Finally, we also invite comment on whether and, if so, under what circumstances and to what extent, information that does not qualify as call-identifying information under section 102(2) or otherwise is not "reasonably available" under Section 103(a)(2), may nevertheless qualify as call content information under Section 103(a)(1) and the definitions of "wire and electronic communications" in 18 U.S.C. 2510(1), (12). Commenters should take into account that the provisions of Section 103(a)(1) do not include a criterion of "reasonable availability."

29. If we conclude that the item in question constitutes a technical requirement that meets the Section 103 assistance capability requirements, we will then proceed to analyze each of the factors identified by section 107(b) and seek comment on whether a particular technical requirement: (1) meets the assistance capability requirements of Section 103 by cost-effective methods; (2) protects the privacy and security of communications not authorized to be intercepted; (3) minimizes the cost of such compliance on residential ratepayers; and, (4) serves the policy of the United States to encourage the provision of new technologies and services to the public.(55) Additionally, section 107(b)(5) requires the Commission to provide a reasonable time and conditions for compliance with and the transition to any new standard, including defining the obligations of telecommunications carriers under Section 103 during any transition period.(56) Thus, we will also seek comment on issues bearing on our section 107(b)(5) determinations. If, on the other hand, we tentatively conclude that a specific technical requirement falls outside of the parameters of the assistance capability requirements established by Section 103, we will seek comment on our tentative conclusion, and request that commenters responding to this conclusion provide support for their agreement or disagreement by thoroughly analyzing the section 107(b) factors mentioned above.

30. We emphasize that, because CALEA specifically requires us to consider the section 107(b) factors, commenters are strongly encouraged to provide us with information as detailed and specific as possible. For sections 107(b)(1) and (3), for example, we seek detailed comment regarding the costs of adding a feature to a telecommunications carrier's network and on what, if any, impact of such costs will have on residential ratepayers. Commenters should consider the costs to manufacturers in developing the equipment or software needed to implement the technical requirement, as well as the cost to carriers to install and deploy such equipment. Commenters should be specific as to which entities would incur the cost of adding particular features; e.g., manufacturers, local exchange carriers (LECs), interexchange carriers (IXCs), or commercial mobile radio service (CMRS) providers, etc. Commenters should also be specific as to what costs would be incurred for hardware, as opposed to software upgrades to carriers' networks, and whether some of these upgrades would have other uses in the networks. If costs are likely to be passed on to residential ratepayers, those costs should be identified, as well as specific mechanisms that could be used to minimize such costs.

31. Under section 107(b)(2), if a party believes that a proposed technical requirement would not protect the privacy and security of communications not authorized to be intercepted, we request comment on modifications or alternative technical requirements that would enable Section 103's capability requirements to be met. In addition, we seek detailed information on whether our determination that a particular feature must be provided under CALEA will encourage or discourage the provision of new technologies and services to the public. Will the implementation of a particular technical requirement constrain a carrier's ability to develop new services or technologies? Commenters should provide a projected timeline for each technical requirement, identifying the time needed to develop, test, and deploy it. Additionally, commenters should address the extent to which the capacity requirements of section 104 should affect our determinations under section 107(b). In this regard, we observe that several commenting parties have contended that the nearly two and one-half years of delay in publication of the final notice of capacity has, in turn, impaired the ability of standards-setting associations, telecommunications equipment manufacturers, and telecommunications carriers to establish capability standards pursuant to Section 103, because capability standards cannot be completed without first knowing the capacity that those capability standards must support.(57) Finally, we ask for comment on any conditions necessary for compliance and any specific obligations that should be imposed on telecommunications carriers during the transition to a new standard.

32. We note that the tentative conclusions we reach in this Further NPRM focus on the technical requirements that the petitioners have asked us to address in their petitions pending before us, i.e., the two contested features of J-STD-025 and the nine punch list items. In making our tentative decision, we recognize that CALEA requires carriers to ensure that their networks can provide the capabilities defined in Section 103, but does not mandate use of, or adherence to, any particular standard. In other words, compliance with the industry standard is voluntary, not compulsory. As a result, carriers are free to develop CALEA solutions in any manner they choose. Thus, a carrier may choose to utilize an industry standard as a safe harbor, or they may choose to implement other solutions that meet the capability requirements of Section 103. However, in order for an adopted industry standard to satisfy the safe harbor provision of section 107(a),(58) it must incorporate all of the technical requirements that we ultimately determine meet the assistance capability requirements of Section 103.

33. We note further that this proceeding does not involve any attempt to interpret statutes other than CALEA or define the scope of authorizations needed by LEAs to intercept or obtain call content or call-identifying information. Rather, this proceeding is limited to determining, as a safe harbor, what capabilities each carrier must provide if and when presented with a proper authorization or court order to expeditiously provide LEAs access to call content and call-identifying information.

34. We believe that industry is in the best position to determine how to implement these technical requirements most effectively and efficiently. Standards-setting organizations, manufacturers, and/or individual telecommunications carriers should develop the technical requirements consistent with our ultimate determinations reached in this proceeding. We tentatively conclude that it would then be appropriate for industry, in consultation with the law enforcement community, to develop a final "safe harbor" standard for CALEA compliance.(59) We seek comment on this conclusion.

35. Finally, we also note that manufacturers and carriers are free to develop and deploy additional features and capabilities, beyond those required by CALEA, in efforts to assist law enforcement agencies in conducting lawfully-authorized electronic surveillance. Such capabilities, however, will not be subject to any of CALEA's obligations, including cost recovery, and will not affect any party's obligations under CALEA in any way. Thus, nothing in the instant Further NPRM should be construed as limiting or proposing to limit telecommunications manufacturers, carriers or support service providers' ability to negotiate with law enforcement agencies to add additional capabilities to the carrier's systems, nor to define a maximum level of capabilities available to law enforcement under the applicable provisions of law.(60) We now turn to a discussion of whether we should reexamine the uncontested portions of J-STD-025 as part of our section 107(b) inquiry.

B. Industry Interim Standard J-STD-025

36. The industry interim standard, J-STD-025, which applies only to wireline, cellular, and broadband PCS carriers, specifies that telecommunications carriers are to provide LEAs with two telecommunications channels to perform electronic surveillance -- call content channels (CCCs) and call data channels (CDCs).(61) J-STD-025 defines the five functions of the intercept architecture to be used.(62) Those functions are:

Access -- Provides the LEA with the ability to isolate the subject's call content or call-identifying information accurately and unobtrusively. The access function helps to prevent the unauthorized access, manipulation, and disclosure of intercept controls, call content, and call-identifying information.

Delivery -- Accepts call content and call-identifying information from the access function and delivers it to one or more LEA collection functions. Ensures that the call content and call-identifying information that are delivered are authorized for a particular LEA, and thus also prevents the unauthorized access, manipulation, and disclosure of intercept controls, call content, and call-identifying information.

Collection -- Receives and processes call content and call-identifying information for the subject. (This function is the responsibility of the LEA.)

Service Provider Administration -- Controls the carrier's electronic surveillance functions. (This function is beyond the scope of the interim standard.)

Law Enforcement Administration -- Controls the LEA electronic surveillance functions. (This function is the responsibility of the LEA, and is also beyond the scope of the interim standard.)



37. Telecommunications carriers and manufacturers in their comments support adoption of J-STD-025 as the final CALEA standard. The Ameritech Operating Companies and Ameritech Mobile Communications, Inc. (Ameritech) state that J-STD-025 is industry's attempt to realistically and reasonably interpret the requirements of CALEA consistent with Title III of the Omnibus Crime Control and Safe Streets Act of 1968, modified by the Electronic Communications Privacy Act of 1986 (collectively, "Title III").(63) Ameritech contends that the FBI's challenge of only a limited number of items not included in J-STD-025 is a testament to the industry's efforts in developing a workable solution.(64)

38. BellSouth Corporation, Inc., BellSouth Telecommunications, Inc., BellSouth Cellular Corp., BellSouth Personal Communications, Inc., and BellSouth Wireless Data, L,P. (BellSouth) request that we adopt J-STD-025 in its present form pursuant to section 107.(65) BellSouth maintains that the FBI is attempting to use CALEA as a vehicle to require carriers to build technology into their systems to give law enforcement new expanded surveillance capabilities, and that such expanded capabilities are in contrast to Congress's intent that CALEA should merely ensure that lawful surveillance capabilities not be diminished. BellSouth concludes that the legislative history of CALEA makes clear that its purpose is to preserve (not enhance) government electronic surveillance capabilities; to protect the privacy of customers' communications; and to not impede the industry's development and deployment of new technology, features, or services.(66)

39. AT&T Corporation (AT&T) states that the Commission should categorize standards issues into four distinct components for examination (call content, call-identifying information, privacy protection, and wiretap administration), and ask whether the industry standard meets CALEA's requirements, if any, for each category.(67) AT&T concludes that we should affirm J-STD-025 and reject the additional, enhanced surveillance features sought by DoJ/FBI in their Petition.(68)

40. TIA states that the vast majority of comments support the conclusion that J-STD-025 is consistent with CALEA. TIA contends that CALEA imposes a standard of "reasonable availability" rather than "historical availability," and that section 107(b) of that statute permits the Commission to modify a telecommunications industry "safe harbor" compliance standard only where the standard is deficient for failure to satisfy the assistance capability requirements of Section 103(a). TIA maintains, however, that J-STD-025 is not deficient and therefore no Commission action is required.(69)

41. DoJ/FBI state that J-STD-025 includes a number of important capabilities that are required by law enforcement, but argue that the interim standard is deficient by virtue of its failure to include the requested punch list capabilities. DoJ/FBI claim that every one of the capabilities in their punch list was originally included by industry itself in the initial working draft document (PN3580) for the industry standard.(70) To remedy this alleged deficiency, DoJ/FBI recommend that we use the proposed rule set forth in their March 1998 Petition as the basis for our standards rulemaking. Alternatively, DoJ/FBI state that we could base our standards rulemaking on an alternative rule that we preliminarily conclude is warranted under section 107(b) of CALEA.(71)

42. CDT disagrees with all of the above parties, arguing that J-STD-025 is deficient by virtue of being overinclusive. CDT states that the initial wiretap law, Title III, had as its dual purpose protecting the privacy of wire and oral communications and delineating on a uniform basis circumstances and conditions under which the interception of wire and oral communications may be authorized. CDT further states that the Electronic Communications Privacy Act(72) extended Title III to wireless and non-voice communications and established rules for law enforcement's use of pen registers and trap and trace devices.(73) CDT contends that Congress sought to preserve an appropriate balance in CALEA, but that the FBI's approach would require the opposite of what Congress intended. Specifically, CDT objects to J-STD-025 providing location information and packet-mode call content information to law enforcement, and maintains that the additional capabilities requested by DoJ/FBI would provide a flood of constitutionally-protected information to law enforcement that would go well beyond anything that has historically been available under a pen register or trap and trace authority. Additionally, CDT asserts, provision of capabilities that go beyond CALEA's requirements would drive up costs for telecommunications carriers. CDT concludes that the DoJ/FBI approach to CALEA, unless rejected by the Commission, would impermissibly expand the amount of information that law enforcement would receive under pen register and trap and trace authority.(74)

43. The Electronic Privacy Information Center (EPIC)/EFF/American Civil Liberties Union (ACLU) argue that J-STD-025 exceeds the scope of CALEA and thus should be rejected.(75) EPIC/EFF/ACLU state that the Commission must adhere to the privacy protections afforded by the Fourth Amendment (against unreasonable searches and seizures) and Congressional mandates, provide privacy protections that withstand the evolution of new technologies, and construe law enforcement's surveillance authority narrowly with respect to new technologies. EPIC/EFF/ACLU contend that neither provision of location information nor packet data was mandated by CALEA. They further contend that CALEA expands the privacy protections of the 1986 Electronic Communications Privacy Act in the area of cordless telephones and certain radio-based telecommunications, and that the Act was narrowly drawn to remedy enumerated FBI complaints, not to extend law enforcement's general surveillance authority.(76) Additionally, EPIC/EFF/ACLU assert that the proceedings leading up to adoption of the interim standard were effectively closed to non-law enforcement and non-telecommunications industry participants. EPIC/EFF/ACLU conclude that the Commission should reject the industry standard and commence a proceeding to establish the standards that will be used to implement CALEA.(77)

44. Discussion. In seeking to fulfill our obligations under the Act, the Commission acknowledges the immense time and effort both industry and government representatives have put into the development of CALEA standards. We also appreciate the input and involvement of privacy organizations in this proceeding. We further note that the Act expresses a preference for industry to set CALEA standards, in consultation with the Attorney General,(78) and that the Act's legislative history also reveals that Congress envisioned that industry would have primary responsibility in defining standards.(79) Consequently, we believe that the most efficient and effective method for ensuring that CALEA can be implemented as soon as possible is to build on the work that has been done to date.

45. We therefore do not intend to reexamine any of the uncontested technical requirements of the J-STD-025 standard. Instead, we will make determinations only regarding whether each of the location information and packet-mode provisions currently included within J-STD-025, and the nine punch list items that are currently not included, meet the assistance capability requirements of Section 103. We base this approach on the fact that the issues raised in the petitions and comments filed in this proceeding focus solely on the location information and packet-mode provisions of J-STD-025 and the nine punch list items sought by the FBI. Accordingly, these features will be evaluated separately.(80) We further note that no party has raised any specific challenges to J-STD-025 other than with respect to these issues, and we have not been presented with any compelling reason to reexamine the entire standard.(81) We tentatively conclude that by limiting our inquiry to only these specific technical issues, we will better enable manufacturers and carriers to build on the extensive work already completed or in process, and permit them to deploy CALEA solutions on a more expedited basis. Accordingly, the uncontested technical requirements are beyond the scope of this proceeding.

46. In establishing technical requirements or standards, section 107(b)(5) requires the Commission to provide a "reasonable time" for carriers to comply with and/or transition to any new standards and to define the obligations of telecommunications carriers under Section 103 during any transition period.(82) We previously concluded in our decision under section 107(c) that telecommunications carriers must have installed CALEA-compliant equipment and facilities based on the "core" features of J-STD-025 by June 30, 2000.(83) A footnote in that decision indicated that the "core" of J-STD-025 excludes both the location information feature and the packet-mode feature.(84) We now clarify those findings as follows. J-STD-025 represents an attempt by industry to develop a standard that carriers may choose to adopt voluntarily as a means to comply with CALEA's "safe harbor" provision set forth in section 107(a).(85) We further recognize that the statute leaves carriers with the discretion to choose to comply with CALEA by other means. We emphasize that in requiring carriers to comply with the core features of J-STD-025 by June 30, 2000, we did not intend for the Extension Order to alter the substantive requirements of CALEA. Rather, we meant only to extend the deadline for compliance. Thus, we now clarify our Extension Order by requiring that by June 30, 2000, carriers must either have installed the core features of J-STD-025 to take advantage of the "safe harbor" provision of section 107(a) of CALEA or have otherwise developed an individual solution and installed capabilities that meet the assistance capability requirements of Section 103. We believe that this approach is more consistent with the language of the statute(86) and the legislative history on this point.(87) In addition,(88) we now propose to modify footnote 139 of the Extension Order to include the location information feature as part of the core of J-STD-025 which, if chosen by carriers as a means to qualify for the "safe harbor," must be implemented by the June 30, 2000 deadline.

47. As detailed in the Extension Order, an extension until June 30, 2000 provides sufficient time for manufacturers to produce CALEA compliant equipment based on the core features of J-STD-025 or to develop individual network solutions and provides telecommunications carriers sufficient time to purchase, test and install such equipment throughout their networks.(89) We further recognize that the additional "non-core" technical requirements we propose to be adopted in this rulemaking may require additional time for manufacturers to design and develop these capabilities and for telecommunications carriers to incorporate them into their networks. Thus, we will consider establishing another deadline or an implementation schedule for telecommunications carriers to comply with any new technical requirements we ultimately adopt in the instant proceeding. We seek comment on this proposal. Specifically, we ask carriers and manufacturers to supply us with timelines that detail how they plan to develop and deploy the additional technical requirements noted herein.

C. Particular Capabilities of J-STD-025 Opposed by CDT

1. Location Information

48. Background. J-STD-025 includes a "location" parameter that would identify the location of a subject's "mobile terminal" whenever this information is reasonably available at the intercept access point and its delivery to law enforcement is legally authorized. Location information would be available to the LEA irrespective of whether a call content channel or a call data channel was employed.(90)

49. CDT objects to the inclusion of a location parameter in J-STD-025, stating that its inclusion violates the balance established by the Act between law enforcement and privacy by mandating a location tracking capability that Congress did not intend to be included within CALEA.(91) CDT asserts that location information does not fit within the definition of call-identifying information,(92) and that it must be deleted from the final standard because it goes beyond the assistance capability requirements set forth in Section 103(a)(1)-(4).(93) EPIC/EFF/ACLU state that CALEA excludes wireless services from any requirement to provide location-tracking information to law enforcement.(94)

50. Most other parties, however, either disagree with this position, or justify the inclusion of location information in the industry interim standard as a compromise reached between industry and law enforcement. For example, SBC Communications, Inc. (SBC) claims that CDT has overstated the capabilities of the J-STD-025 location feature. SBC asserts that this feature does not convert all wireless phones into location-tracking devices, but merely provides the ability to identify the landline central office through which a cellular call is routed.(95) TIA states that while it is unclear as to whether CALEA requires location information capabilities, such capabilities are reasonably available to telecommunications carriers, and industry and law enforcement have reached a reasonable compromise on incorporating this feature into J-STD-025.(96) AT&T voices a similar view, stating that a feature to provide location information at the origination and at the termination of wireless calls was included in J-STD-025 as a compromise to law enforcement's original, much broader claim that CALEA required carriers to provide location information whenever a wireless phone registered autonomously or as it moved from cell site to cell site.(97)

51. By contrast, DoJ/FBI contend that information identifying the location of the cell site or other network element handling a wireless communications falls squarely within the statutory definition of "call-identifying information" contained in section 102(2) of CALEA, because it identifies the origin or destination of the call. Further, DoJ/FBI state, Section 103(a)(2) does include location information under the category of "call-identifying information," but also requires law enforcement to have authority beyond that "solely" applicable to the use of pen registers and trap and trace devices. Finally, DoJ/FBI state that the J-STD-025 location feature would require wireless carriers to provide only cell site information, not the specific location of a subject's wireless phone, and then only at the beginning and termination of the call.(98)

52. Discussion. We tentatively conclude that location information is call-identifying information under CALEA. The Act states that call-identifying information is "dialing or signaling information that identifies the origin, direction, destination, or termination of each communication generated or received by a subscriber by means of any equipment, facility, or service of a telecommunications carrier."(99) We believe, contrary to the position of CDT and EPIC/EFF/ACLU, that location information identifies the "origin" or "destination" of a communication and thus is covered by CALEA.

53. We also observe that in the wireline environment, irrespective of the precise nature of law enforcement's surveillance authorization, LEAs have been able to obtain location information routinely from the telephone number because the telephone number corresponds with location. With the telephone number, location information is available from a LEA's own 911/Enhanced 911 (E911) database or from the telephone company's electronic records, such as the Loop Maintenance Operating System (LMOS).(100)

54. We note, however, that the location feature as it currently appears in J-STD-025 is unclear. In particular, we note that this feature refers to the identification of the location of a subject's "mobile terminal," but does not specifically state whether it is the precise location of the mobile terminal or handset that is intended, or simply the location of the cell site to which the terminal or handset is connected. Also unstated in J-STD-025 is whether continuous location tracking is intended to be provided, or only the location at the beginning and termination of the call. Nonetheless, we note that DoJ/FBI and industry appear now to agree that the standard covers only the location of the cell site, and only at the beginning and termination of the call.(101)

55. In view of the above analysis, we tentatively affirm that location information should be construed to mean cell site location at the beginning and termination of a call.(102) We seek comment on these proposals and, as required by section 107(b), on the other factors that we must consider in establishing a technical requirement or standard. We note that location information is already included in J-STD-025, the interim standard adopted by industry, and was opposed solely by the privacy groups. Therefore, we request comment in particular on whether our proposal raises issues regarding the protection of privacy and security of communications which are not authorized to be intercepted. As discussed above, we propose that the June 30, 2000 CALEA compliance deadline also is sufficient for development and implementation of compliant equipment that includes this feature.(103)

56. Finally, we tentatively conclude that location information is reasonably available to telecommunications carriers, because this technical requirement was developed by industry and is included in the interim standard. However, we request comment on how the Commission should decide or interpret the term "reasonably available" in the context of the proposed location information requirement. For example, it appears that location information is already available through the wireless carriers' billing, hand-off and system use features. Additionally, wireless carriers will be required to have a location information capability as part of their E911 obligations.(104) We seek comment as to whether the location information feature in these other contexts can be used to address the needs of law enforcement under CALEA. We request comment on any other issues that may impact our determination as to whether the location information that would be required to be provided to a LEA is reasonably available to carriers.

57. Commenters should also note CALEA's express statement that "with regard to information acquired solely pursuant to the authority for pen registers and trap and trace devices (as defined in section 3127 of title 18, United States Code), . . . call-identifying information shall not include any information that may disclose the physical location of the subscriber (except to the extent that the location may be determined from the telephone number)."(105) We agree with DoJ/FBI that this provision does not exclude location information from the category of "call-identifying information," but simply imposes upon law enforcement an authorization requirement different from that minimally necessary for use of pen registers and trap and trace devices.(106) We seek comment on this issue.

2. Packet-Mode

58. Background. J-STD-025 provides for LEA access to call-identifying information and the interception of wire and electronic telecommunications, regardless of whether the telecommunications are carried in circuit-mode or in packet-mode.(107) It further states that the "call-identifying information associated with the circuit-mode content surveillance is provided on the [call data channel]," but does not specifically address whether call-identifying information, if any, associated with packet-mode surveillance must be provided over a call data channel.(108)

59. CDT challenges J-STD-025's treatment of intercepted packets as violative of the legal balance between the rights of law enforcement and the rights of individuals to privacy, asserting that the interim standard fails to require adequate privacy protections in packet-mode networks.(109) Specifically, CDT asserts that J-STD-025 does not require telecommunications carriers to excise call content information from packets before providing the packets to law enforcement over call data channels -- the interim standard merely permits the carriers to separate the information prior to delivery, at their option. CDT concludes that the interim standard would allow a LEA, possessing only a pen register order, to receive all of the contents of a person's communications without any effort by the carrier to excise the call content from the call-identifying information authorized for delivery to the LEA. Accordingly, CDT maintains that the treatment of packet transmissions in J-STD-025 threatens to obliterate entirely the distinction between call content and dialed numbers or similar signaling information.(110) CDT contends that Title III's "minimization" requirement is inadequate to protect the privacy of call content in packet communications subject to a pen register order because there is no such requirement under the pen register standard.(111)

60. EPIC/EFF/ACLU concur with CDT, stating that the FBI seeks to obtain the full content of a subject's packet-mode communications even when the government is authorized only to intercept addressing or signaling information. EPIC/EFF/ACLU contend that the provision of call content to law enforcement in this situation would violate the minimization requirements of both the Fourth Amendment and Title III, and would also violate Section 103(a)(4) of CALEA, which requires the carriers to protect communications not authorized to be intercepted.(112)

61. TIA disagrees with CDT and EPIC/EFF/ACLU, contending that their argument that J-STD-025 is deficient because it permits delivery of an entire packet stream in response to a pen register order fails to recognize the differences between circuit-mode and packet-mode technology. TIA states that existing technology does not permit telecommunications carriers to provide separated packet headers as call-identifying information. TIA concedes, however, that it is unclear whether the LEA has authority to access packet-mode communications under a pen register order.(113)

62. DoJ/FBI argue that when a carrier delivers an entire packet stream to the LEA pursuant to a pen register authorization, the LEA is legally precluded from recording or decoding information other than dialing and signaling information. DoJ/FBI state that the packet-mode provisions of J-STD-025 rely on the existence of this legal safeguard to ensure that call content is not improperly accessed in pen register cases. DoJ/FBI also state that LEAs performing pen register surveillance in an analog environment traditionally have received access to all information transmitted over the subscriber's line on the local loop, including call content. Accordingly, DoJ/FBI contend, the packet-mode provisions do not represent a diminution of traditional privacy protection.(114) SBC concurs, stating that law enforcement is not allowed to intercept call content unless authorized to do so, and that sending the LEA an entire packet stream would not represent a change from the status quo.(115)

63. Discussion. Packet data and packet-switching technology are potentially usable for both information services and telecommunications services. We first observe that Section 103(b)(2)(A) of CALEA expressly excludes "information services" from its assistance capability requirements.(116) Thus, packet data and packet-switching technology is subject to these requirements only to the extent it is used to provide telecommunications services, and not for information services.(117) Packet-mode telecommunications services are expected to grow rapidly in the near future.(118) J-STD-025 appears to be appropriately limited to apply only to "telecommunications services" as defined by the Commission.(119) Second, we observe that CALEA requires telecommunications carriers to provide information to the LEA "in a manner that protects . . . the privacy and security of communications . . . not authorized to be intercepted."(120) This mandate would seem to be violated if the carrier were to give the LEA both call-identifying and call content information when only the former were authorized. Under those circumstances, the LEA would be receiving call content information without having the requisite authorization.

64. The record before us, however, is not sufficiently developed to support a proposal of any particular CALEA technical requirements for packet-mode telecommunications. Additional analysis is needed. We are aware that packet-mode technology is rapidly changing, and that different technologies may require differing CALEA solutions.(121) We do not believe that the record sufficiently addresses packet technologies and the problems that they may present for CALEA purposes. While it is premature to impose any particular technical requirements for packet-mode telecommunications at this time, it is appropriate to ask for a full range of comment on this issue.

65. In seeking to develop a full record, we first set forth an analytical framework we believe will prove useful for evaluating the issue of setting CALEA technical requirements for packet-mode telecommunications. First, we advise commenters to consider the difference between connection-oriented and connectionless packet-mode services, and also between permanent virtual circuits, which have no per-call information, and switched virtual circuits. With these distinctions in mind, we request that commenters provide detailed comments regarding whether and, if so, how the statutory requirements of Section 103(a) of CALEA apply to packet-mode telecommunications. We request comment on what constitutes the equivalent of "call-identifying information" for packet-mode telecommunications services within the context of CALEA. Will packet-mode call-identifying information (or its equivalent) be reasonably available to carriers and, thus, subject to the provisions of Section 103(a)(2) of CALEA?(122) How could packet-mode call content and call-identifying information (or its equivalent) be separated for delivery to law enforcement in compliance with CALEA?

66. In addition, we seek comment on the other section 107(b) factors that we must consider in establishing technical requirements. Specifically, we seek comment on any cost-effective methods for incorporating CALEA packet-mode requirements into a telecommunications carrier's system, and whether or not this can be accomplished in a manner that minimizes costs to residential ratepayers.(123) Further, we request additional comment on whether the inclusion of packet-mode technical requirements to meet the assistance capability requirements envisioned by Section 103 raises issues regarding the protection of privacy and security of communications which are not authorized to be intercepted.(124) Additionally, we solicit comment on whether the inclusion of such technical requirements would have a positive or negative effect on the provision of new technologies and services to the public.(125) Commenters are also asked to provide detailed information regarding the amount of time and conditions that they believe will be necessary to successfully develop and deploy packet-mode technical requirements in telecommunications systems.(126) Finally, we recognize that packet-mode issues are complex, and that relative to the other issues under consideration herein, additional time may be required to resolve them.

D. DoJ/FBI Punch List

1. General Comments

67. DoJ/FBI maintain that the nine FBI punch list items must be implemented if essential law enforcement requirements are to be met. DoJ/FBI assert that the basic goal of CALEA's assistance capability requirements is to ensure that the technical ability of law enforcement to carry out electronic surveillance meets, rather than falls short of, law enforcement's legal authority. DoJ/FBI state that each of the nine capabilities missing from J-STD-025 and requested in the DoJ/FBI Petition is firmly rooted in the language, legislative history, and policies of CALEA, and that failure to provide these capabilities will result in serious injury to the government's ability to enforce state and federal laws through electronic surveillance.(127)

68. Telecommunications carriers and their representatives generally oppose inclusion of any portion of the punch list in the final CALEA standard. The United States Telephone Association (USTA) states that J-STD-025 already represents a compromise on the part of industry.(128) AT&T argues that industry and other public commenters have made a compelling case that the FBI punch list of capabilities is not required by CALEA, whereas DoJ/FBI has made only a showing of how beneficial the capabilities would be to future law enforcement surveillance.(129) AT&T contends that the industry interim standard uses the precise definition of call-identifying information set forth in CALEA, but that DoJ/FBI ask the Commission to go well beyond this definition by including as "call-identifying" information: subject-initiated dialing and signaling; party hold, drop, and join messages; and notification messages of network-generated in-band and out-of-band signaling.(130) AT&T further argues that DoJ/FBI has not addressed section 107 of CALEA, which requires cost-effective implementation of the statute.(131) AT&T contends that the DoJ/FBI punch list is really an attempt to force telecommunications carriers to provide additional capabilities without reimbursement from law enforcement.(132)

69. BellSouth and CDT concur with AT&T's assessment regarding call-identifying information. BellSouth states that CALEA defines call-identifying information narrowly as the numbers identifying the calling and called parties, and not other carrier network messages, tones, signals, or information.(133) CDT contends that DoJ/FBI is attempting to use CALEA to include more data in the category of call-identifying information to ensure that such data can be available under the less stringent legal standards applicable for the LEA to obtain pen register and trap and trace authority than is required under Title III for the LEA to obtain call content information.(134)

70. Other parties concur with AT&T regarding cost-effective implementation of the punch list. AirTouch Communications, Inc. (AirTouch), for example, states that a vendor has advised AirTouch that developing the punch list would require an effort exceeding by 160% the substantial effort required to develop the industry standard. AirTouch therefore maintains that implementation of the punch list would be costly and would divert resources from developing new technologies and services.(135) Sprint Spectrum L.P. d/b/a Sprint PCS (Sprint PCS) contends that implementation of the punch list will almost certainly exceed the $500 million authorized by Congress for implementation of CALEA.(136) US West, Inc. (US West) states that rate increases will likely be necessary if telecommunications carriers are required to implement any of the additional capabilities proposed by DoJ/FBI.(137)

71. Bell Emergis - Intelligent Signalling Technologies (Bell Emergis), on the other hand, states that the entire punch list can be adopted as an Addendum to J-STD-025. Bell Emergis contends that while there may be cost and technical difficulties in incorporating the punch list within a switch-based approach, network-based solutions -- such as one it has developed -- meet the test of both cost effectiveness and technical achievability.(138)

72. DoJ/FBI disagree with commenters who reject the punch list, stating that these commenters have a fundamental misunderstanding of the policies and goals of CALEA. DoJ/FBI contend that Section 103 imposes mandatory assistance capability obligations that must be met by all telecommunications carriers, and assert that commenters who suggest that law enforcement concerns are of no more than secondary importance in the CALEA legislation are incorrect. DoJ/FBI conclude that if the Commission does not implement the punch list in its entirety, industry-promulgated standards will effectively replace the underlying statutory requirements of Section 103.(139) Below we discuss each punch list item in detail.

2. Content of subject-initiated conference calls

73. Background. This capability would permit the LEA to monitor the content of conversations connected via a conference call set up by the facilities under surveillance. Surveillance of all portions of a conference call would continue, even if any party to the call utilized services such as hold, call waiting, or three-way calling. For example, if anyone involved in a conference call were placed on hold, all remaining conversations would continue to be available to the LEA for monitoring. The ability to monitor would continue even after the subject drops off the conference call.

74. AirTouch states that there is no basis to impose an enhanced conference call requirement on carriers.(140) AirTouch also states that it would appear to be easy for criminals to bypass this feature if carriers were to deploy it because it would enable law enforcement to intercept only those conference calls that use the facilities under surveillance and are supported by a conference service provided by the subject's local carrier. AirTouch maintains that law enforcement would not be able to intercept conference calls when the subject no longer participates if the call is set-up by another person using another telephone or if the subject initiates the call, but uses a conference bridge service offered by another carrier or service provider.(141)

75. TIA argues that CALEA does not require delivery of conference call conversations that cannot be heard over a subscriber's facilities, but only communications that are to or from a subscriber. TIA states that implementation of this punch list item would result in an effectively unlimited, and unwarranted, expansion of the "facilities" doctrine of Title III. TIA states that, despite the fact that the DoJ/FBI Petition acknowledges that "facilities" have historically been considered for Title III purposes as the subscriber's "terminal equipment," DoJ/FBI now interpret Title III as including not just the subscriber's facilities, but services as well. Furthermore, in TIA's view, implementation of this feature would violate the limits on wiretaps and other searches imposed by the Fourth Amendment. TIA argues that eliminating the required link to the subscriber's facilities would take an interception far afield from the particular persons and places with regard to which law enforcement has established "probable cause" warranting the electronic surveillance.(142)

76. DoJ/FBI disagree with the above commenters, arguing that Title III does not require the target of the investigation to be on the line in order for law enforcement lawfully to intercept communications taking place over the facilities under surveillance or supported by the subscriber's service.(143) DoJ/FBI state that it is the subscriber who pays for call conferencing capability and any charges associated with the duration of the call itself, demonstrating that the subscriber's services are involved even if the subscriber drops off the call.(144) DoJ/FBI maintain that Title III does not confine the LEA to communications in which the individual under investigation -- who may or may not be the subscriber -- is taking part. DoJ/FBI acknowledge that the LEA is obligated to minimize the interception of communications not otherwise subject to interception under Title III, but contend that this minimization obligation does not foreclose the LEA from intercepting communications that involve other criminal activity merely because they do not involve the target of a particular investigation. DoJ/FBI conclude by stating that where a conference call continues to be carried by the subscriber's facilities and supported by the subscriber's services even when the subscriber is not on the line, the communications of all parties to such a call are covered by Section 103(a)(1) of CALEA.(145)

77. Discussion. We tentatively conclude that the provision of the content of subject-initiated conference calls is a technical requirement that meets the assistance capability requirements of Section 103.(146) With appropriate lawful authorization, the LEA is entitled to "intercept, to the exclusion of any other communications, all wire and electronic communications carried by the carrier within a service area to or from equipment, facilities, or services of a subscriber."(147) TIA asserts that we must first determine whether a conference call capability would unduly expand Title III's concept of "facilities" before deciding whether such a capability is required under CALEA.(148) We note, however, that the plain language of CALEA's Section 103 includes the terms "equipment" and "services", in addition to "facilities." Also, according to the legislative history, "conference calling" is one of the "features and services" that is covered by CALEA.(149) We seek comment on our tentative conclusion. We also seek comment as to how the Commission should define or interpret Section 103's use of the phrase "equipment, facilities, or services" in the context of subscriber-initiated conference calls.

78. We recognize that different carriers provide conference calling features in various ways and that not all carriers' system architecture is the same. Some carriers, for example, may have systems that support continuation of conference calls after the subscriber drops off the call, while others may not. For those network configurations in which, when a subscriber drops off a conference call, the call nevertheless remains routed through the subscriber's "equipment, facilities, or services," we tentatively interpret CALEA as requiring the carrier to continue to provide to the LEA the call content of the remaining parties, pursuant to court order or other lawful authorization. For those configurations, however, in which, when the subscriber drops off the call, the call is either disconnected or rerouted, and the "equipment, facilities, or services of a subscriber" are no longer used to maintain the conference call, we tentatively conclude that CALEA does not require the carrier to provide the LEA access to the call content of the remaining parties. Moreover, in some cases where the call is re-routed, the content of the call may no longer be classifiable as "communications carried by the carrier within a service area" pursuant to Sections 103(a)(1) and (d).(150) Thus, under such circumstances, CALEA would not require the carrier to modify its system architecture in order to support this particular technical requirement. We seek comment on this tentative conclusion. Commenters should address how Sections 103(a)(1) and (d) should be interpreted in this context. Also, we tentatively conclude that CALEA does not extend to conversations between a participant of the conference call other than the subject and any person with whom the participant speaks on an alternative line (e.g., when A, the subject, is on a conference call with B and C, we tentatively conclude that C's conversation with D on call waiting is beyond CALEA's requirements. We also seek comment on this tentative conclusion.

79. Additionally, we seek comment on the section 107(b) factors that we must consider in establishing a technical requirement or standard. Are there cost-effective methods of incorporating access to conference call content into a telecommunications carrier's system? Can it be accomplished in a manner that minimizes costs to residential ratepayers? Further, we request comment on whether this proposal raises issues regarding the protection of privacy and security of communications which are not authorized to be intercepted. Additionally, we solicit comment on whether the inclusion of this technical requirement within the assistance capability requirements envisioned by Section 103 would positively or negatively affect the provision of new technologies and services to the public. Would, for example, networks have to be redesigned in such a way as to preclude certain new technologies or services? Finally, commenters are asked to provide detailed information regarding the amount of time and conditions that they believe will be necessary to successfully develop and deploy this technical requirement in telecommunications systems.

3. Party hold, join, drop on conference calls

80. Background. This item also involves features designed to aid a LEA in the interception of conference calls. This feature would permit the LEA to receive from the telecommunications carrier messages identifying the parties to a conversation at all times. The party hold message would be provided whenever one or more parties are placed on hold. The party join message would report the addition of a party to an active call or the reactivation of a held call. The party drop message would report when any party to a call is released or disconnects and the call continues with two or more other parties.

81. AT&T states that DoJ/FBI admit that they have not received party hold, drop, and join messages in the past, but DoJ/FBI claim this information is now needed so that law enforcement can demonstrate that a party hears material portions of a communications. AT&T contends, however, that these messages will not indicate to law enforcement whether a party hears or does not hear any communication because the party may or may not be listening at relevant times. AT&T further contends that its review of all wiretapping cases discloses no decision where such information was an issue in any decided case. AT&T maintains that J-STD-025 already provides law enforcement with all numbers dialed or received from any participant to multi-party calls; change messages whenever call-identities are merged, split, or changed; and a message identifying when the resources for all legs of a call are released. AT&T concludes, therefore, that addition of the instant punch list item is unnecessary to identify the call.(151)

82. BellSouth states that the call-identifying information intended by CALEA to be provided to law enforcement is simply the telephone number indicating call origination or destination. BellSouth argues that the additional information sought by law enforcement, such as which parties are on a call, do not constitute origination or destination telephone numbers, and therefore cannot be categorized as "call-identifying information." Moreover, BellSouth argues, party hold, drop, and join message information would be extremely difficult to provide because, in all but the simplest cases, conference calls are established in a remote bridge, separate from the voice switch.(152)

83. TIA states that the industry interim standard already requires provision of information that substantially satisfies the party join/drop capabilities requested by DoJ/FBI. Thus, TIA maintains, law enforcement's primary dispute regarding this issue is that J-STD-025 does not require a real-time message to be delivered to law enforcement whenever a participant is placed on hold or released from hold by the subject. However, TIA argues, party hold information is not call-identifying information nor is it reasonably available to the carrier. TIA also states that a party who is not on hold may stop listening or walk away from the phone -- thus, the DoJ/FBI rationale for adding this feature, that "without these messages, law enforcement would not know who joins or leaves a conference call, whether the subject alternated between calls, or which parties heard or said parts of the conversation," is unpersuasive. Rather, TIA states, the only persuasive evidence that a party heard an intercepted statement is a demonstration that the party responded to the statement.(153)

84. DoJ/FBI disagree with the above parties, contending that party hold/join/drop messages constitute call-identifying information. DoJ/FBI contend that carriers are obligated under Section 103(a)(1) to provide this information, regardless of whether the LEA could have acquired it through traditional monitoring techniques in the past. DoJ/FBI state that party hold/join/drop messages enable the LEA to identify who is connected in a subject's conference call at any point in the conference. Without these messages, according to DoJ/FBI, the LEA would not know who joins or leaves a conference call, whether the subject alternated between calls, or which parties heard or said particular parts of a conversation. Therefore, according to DoJ/FBI, this information must be added to the industry standard to ensure that the assistance capability requirements of Section 103(a) of CALEA are met as intended by Congress.(154)

85. Discussion. We tentatively conclude that party hold/join/drop information falls within CALEA's definition of "call-identifying information" because it is "signaling information that identifies the origin, direction, destination, or termination of each communication generated or received" by the subject.(155) For example, party join information appears to identify the origin of a communication; party drop, the termination of a communication; and party hold, the temporary origin, temporary termination, or re-direction of a communication. This capability also appears to be necessary to enable the LEA to isolate call-identifying and content information because, without it, the LEA would be unable to determine who is talking to whom, and, more accurately, to focus on the subject's role in the conversation.(156) Further, by isolating the call-identifying information in this manner, the LEA can ascertain and isolate third parties who are not privy to the communications involving the subject, thereby furthering the minimization concept.

86. Accordingly, we propose that provision of party hold/join/drop information, if reasonably available to the carrier, is a technical requirement that meets the assistance capability requirements of Section 103. We base this conclusion on the statutory language found in Sections 103(a)(2) and 102(2). We note, however, that LEA access to this information would be required only in those cases where the carrier's facilities, equipment or services are involved in providing the service; in other words, when a network signal is generated. To the extent that customer premises equipment (CPE) is used to provide such features, we tentatively conclude that party hold/join/drop information could not be reasonably made available to the LEA since no network signal would be generated. For example, many telephone sets have a "hold" button that does not signal the network -- thus, from the carrier's point of view, the call's status is unchanged. We seek comment on this tentative conclusion. We also seek comment on TIA's assertion that party/hold/join drop information is already substantially available to the LEA and, if so, whether it is or needs to be provided in real time.

87. We seek comment on our proposal and, as required by section 107(b), on the other factors that we must consider in establishing a technical requirement or standard. Are there cost-effective methods of incorporating a party hold/join/drop capability into a telecommunications carrier's system? Can it be accomplished in a manner that minimizes costs to residential ratepayers? Further, we request comment on whether this proposal raises issues regarding the protection of privacy and security of communications which are not authorized to be intercepted. Additionally, we solicit comment on whether the inclusion of this technical requirement within the assistance capability requirements envisioned by Section 103 would positively or negatively affect the provision of new technologies and services to the public. Further, commenters are asked to provide detailed information regarding the amount of time and conditions that they believe will be necessary to successfully develop and deploy this technical requirement in telecommunications systems.

4. Subject-initiated dialing and signaling information

88. Background. This capability would permit the LEA to be informed when a subject using the facilities under surveillance uses services such as call forwarding, call waiting, call hold, and three-way calling. DoJ/FBI requests this information for each communication initiated by the subject. This capability would require the telecommunications carrier to deliver a message to the LEA, informing the LEA that the subject has invoked a feature which would place a party on hold, transfer a call, forward a call, or add/remove a party to a call.

89. USTA and US West state that such dialing and signaling activity goes beyond the definition of call-identifying information set forth in CALEA.(157) TIA concurs, contending that DoJ/FBI offer no evidence that failure to provide information on all such signaling activity will impair the ability of law enforcement to determine the destination of communications. TIA also contends that the DoJ/FBI petition does not identify any specific signaling activity that is both required by CALEA and is not already required to be provided under the industry interim standard, provided it is reasonably available. TIA states that the only additional information that would be available under the DoJ/FBI request is the identity of the actual keys pressed by the subject, but argues that this information is not required by CALEA, as it is not reasonably available and not built into the network.(158)

90. DoJ/FBI disagree with the above parties, contending that such dialing and signaling activity is call-identifying information. Further, DoJ/FBI maintain that in the past the LEA was able to detect flash hook signaling by changes to the electric signals on the analog local loop, but that digital switching now prevents the LEA from having this capability. DoJ/FBI state that without access to such dialing and signaling activity the LEA may be unable to determine what has happened to a call when the direction, or the destination, of the call dramatically changes. For example, according to DoJ/FBI, a subject may use his/her flash hook capability to move back and forth between two associates on concurrent calls, and without the receipt of a message showing this signaling activity, the LEA may be unable to follow the course of the conversation or determine to whom the subject is speaking at any given point.(159)

91. Discussion. We tentatively conclude that subject-initiated dialing and signaling information fits within the definition of call-identifying information contained in section 102(2) of CALEA. For example, call-forwarding signaling information identifies the direction and destination of a call, and call-waiting signaling information identifies the origin and termination of each communication. We request comment on whether remote operation of these features should affect our tentative conclusion. For example, a subject may be able to change some aspects of his/her service from a pay telephone, as well as from the subject's telephone.

92. We also tentatively conclude that access to subject-initiated dialing and signaling information may be necessary in order for the LEA to isolate and correlate call-identifying and call content information. Knowing what features a subject is using will ensure that the LEA receives information "in a manner that allows it to be associated with the communication to which it pertains."(160) For example, without knowing that a subject has switched over to a call on call-waiting, the LEA may not be able to associate the call-identifying information with the call content to which it pertains and thus could be more likely to mistake one call for another. Once again, to the extent CPE is used to perform any of the functions described here, and no network signal is generated, that information will not be reasonably available to a carrier, and thus, should not be required to be provided.(161)

93. We observe that signaling data indicating that the subject is accessing his/her voice mail is properly classified as "call-identifying information." The contents of the voice mail, however, fall outside the scope of CALEA. This is because voice mail "permits a customer to retrieve stored information from . . . information storage facilities,"(162) and CALEA does not apply to information services.(163) The requirement we propose below is consistent with this distinction because it provides only the call identifying information and is not capable of providing voice content.

94. Accordingly, we propose to include information on subject-initiated dialing and signaling that is reasonably available to the carrier as a technical requirement necessary to meet the assistance capability requirements of Section 103. We base our conclusion regarding subject-initiated dialing and signaling information that is reasonably available to the carrier on the statutory language found in Sections 103(a)(2) and 102(2). We seek comment on this proposal and, as required by section 107(b), on the other factors that we must consider in establishing a technical requirement or standard. Are there cost-effective methods of providing subject-initiated dialing and signaling information? Can this requirement be accomplished in a manner that minimizes costs to residential ratepayers? Further, we request comment on whether this proposal or tentative conclusion raises issues regarding the protection of privacy and security of communications which are not authorized to be intercepted. Additionally, we solicit comment on whether the inclusion of this technical requirement within the assistance capability requirements envisioned by Section 103 would positively or negatively affect the provision of new technologies and services to the public. Commenters are asked to provide detailed information regarding the amount of time and conditions that they believe will be necessary to successfully develop and deploy this technical requirement in telecommunications systems. In addition, excluding those CPE-controlled features noted above, we request comment on whether information required to provide LEAs with subject-initiated dialing and signaling activity is reasonably available to carriers. Finally, we recognize that some commenters assert that at least portions of this technical requirement may be provided through other features of J-STD-025. We request comment on the accuracy of these contentions. Commenters should demonstrate clearly how the features required are provided, or not provided, elsewhere in J-STD-025.

5. In-band and out-of-band signaling

95. Background. This technical requirement would allow a telecommunications carrier to send a notification message to the LEA when any network message (ringing, busy, call waiting signal, message light, etc.) is sent to a subject using facilities under surveillance. For example, if someone leaves a voice mail message on the subject's phone, the notification to the LEA would indicate the type of message notification sent to the subject (such as the phone's message light, audio signal, text message, etc.). For calls the subject originates, a notification message would also indicate whether the subject ended a call when the line was ringing, busy (a busy line or busy trunk), or before the network could complete the call.

96. BellSouth states that, for telecommunications carriers to be able to signal a LEA whenever a subject's service sends a network message to the subject or an associate, significant technical upgrades to the carriers' facilities would be needed, and even then the LEA would receive mostly redundant information.(164) PrimeCo Personal Communications, L.P. (PrimeCo) concurs and argues that this information is already readily available through the audio portion of a call content intercept and, therefore, to procure this information, the LEA should be required to obtain a Title III authorization. PrimeCo contends that Congress did not intend to "require the specific design of systems or features" that would be required to implement this capability as a "call-identifying" technical requirement.(165)

97. TIA states that DoJ/FBI define network-generated in-band and out-of-band signaling information to include any alerting of incoming calls or messages, audible indications of incoming calls or messages, visual indications of incoming calls or messages, and alphanumeric display information. TIA contends that, to the extent J-STD-025 does not already provide this information, the information is not "call-identifying" and is not required by CALEA to be provided on a call data channel.(166)

98. DoJ/FBI contend that in-band and out-of-band signaling identifies the "direction, destination, and/or termination" of a communication, and therefore is call-identifying information that must be provided under CALEA. DoJ/FBI believe that the interim standard is deficient with respect to this capability because it does not allow the LEA to ascertain what a subject hears and sees when a call is not completed. DoJ/FBI assert that the capability they are requesting is appropriately limited in scope because it relates only to signaling from the subscriber's service.(167)

99. Discussion. We believe that certain types of in-band and out-of-band signaling information, such as notification that a voice mail message has been received by a subject, constitute call-identifying information under CALEA. Nevertheless, there may also be other types of in-band and out-of-band signaling information that would constitute call content information and thus would raise questions as to under what authority they should be provided to the LEA. However, for purposes of this proceeding, we do not address such questions of whether or what type of authorization LEAs would need to access such information. This is up to the judicial branch. Unless necessary to establish technical standards under CALEA's safe harbor, it is not our intention to specifically decide whether certain types of in-band or out-of-band signaling is either call content or call-identifying information since CALEA requires that carriers have the ability to provide access to both. We request comment on what types of in-band and out-of-band signaling should constitute a technical requirement necessary to meet the assistance capability requirements envisioned by Section 103.(168)

100. Also, in the event that we ultimately determine that in-band and out-of-band signaling is a technical requirement necessary to meet the assistance capability requirements under Section 103, we request comment on whether there are cost-effective methods of providing in-band and out-of-band signaling to a LEA. Can this requirement be accomplished in a manner that minimizes costs to residential ratepayers? Further, we request comment on whether this requirement raises issues regarding the protection of privacy and security of communications which are not authorized to be intercepted. Additionally, we solicit comment on whether the inclusion of this technical requirement within the assistance capability requirements envisioned by Section 103 would positively or negatively affect the provision of new technologies and services to the public. Commenters are asked to provide detailed information regarding the amount of time and conditions that they believe will be necessary to successfully develop and deploy this technical requirement in telecommunications systems.

6. Timing information

101. Background. In those cases where the LEA has obtained authorization to intercept both content and call-identifying information, this capability would require that a telecommunications carrier send call timing information to the LEA so that the LEA could associate the call-identifying information with the actual content of the call. There would be two elements to this capability:

1) Each call-identifying message (answer message, party join message, party drop message, etc.) would be time stamped within a specific amount of time from when the event triggering the message occurred in the intercept access point.(169) This time-stamp would allow the LEA to associate the message to the call content information (i.e., the conversation).

2) A carrier would be required to send the message to the LEA within a defined amount of time from the event to permit the LEA to associate the number dialed to the conversation.

102. TIA states that these timing requirements are inconsistent with the capabilities of existing telecommunications networks and lack any basis in CALEA.(170) US West concurs, and states that implementation of these capabilities would be quite expensive.(171) PrimeCo states that carriers vary considerably in size and technical resources, and therefore adoption of a uniform timing standard is not appropriate.(172) BellSouth contends that establishing an arbitrary timing requirement, without a thorough knowledge of how CALEA will be implemented, is inappropriate.(173) SBC states that the timing of delivery of call-identifying information is a function of network and equipment design, and that DoJ/FBI cannot point to an actual case in which the timing of a carrier's delivery of call-identifying information has ever led to a crime that otherwise would have been prevented.(174)

103. DoJ/FBI disagree with the above parties, arguing that a timing capability is essential to law enforcement. DoJ/FBI cite a kidnapping as an example of a situation where timely delivery of call-identifying information is critical.(175) DoJ/FBI state that in such a situation if call-identifying information is not provided until the end of a call, it may be of little value to the LEA. DoJ/FBI state that it has requested transmission to the LEA from the carrier within three seconds from the time of the event because that timeframe is well within the state-of-the-art, and use of a precise time stamp is important to accurately record events.(176)

104. Discussion. We tentatively conclude that time stamp information fits within the definition of call-identifying information contained within section 102(2) of CALEA(177) and will allow such information "to be associated with the communication to which it pertains."(178) We propose to include timing information that is reasonably available to the carrier as a technical requirement necessary to meet the assistance capability requirements of Section 103(a). We seek comment on this proposal. We base this conclusion on the statutory language found in Section 103(a)(2), and on our tentative conclusion that such information falls within the definition of call-identifying information in section 102(2). A time stamp permits identification of a given call from a series of calls made within a short timeframe, and is necessary to allow a LEA to associate call-identifying information with the communication to which it pertains. We note, however, that CALEA does not impose a specific timing requirement on carriers. Rather, it states that carriers must "expeditiously" isolate and enable the government to access call-identifying information "before, during, or immediately after the transmission of a wire or electronic communication (or at such later time as may be acceptable to the government); and in a manner that allows it to be associated with the communication to which it pertains."(179) Therefore, we seek comment on what is a reasonable amount of time to require the carriers to deliver the time stamped message to the LEA. We note that DoJ/FBI have requested delivery within 3 seconds of the beginning of the event and with an accuracy of 100 milliseconds. Commenters should address whether this is a reasonable time frame, and whether there are any technical barriers to implementing such a requirement. Commenters proposing an alternative time frame should also address technical feasibility and how such a time frame will satisfy the requirements of the statute.

105. In addition, we seek comment, as required by section 107(b), on the factors that we must consider in establishing a technical requirement. Are there cost-effective methods of providing timing information to a LEA? Can this requirement be accomplished in a manner that minimizes costs to residential ratepayers? Further, we request comment on whether this proposal raises issues regarding the protection of privacy and security of communications which are not authorized to be intercepted. Additionally, we solicit comment on whether the inclusion of this technical requirement within the assistance capability requirements envisioned by Section 103 would positively or negatively affect the provision of new technologies and services to the public. Commenters are asked to provide detailed information regarding the amount of time and conditions that they believe will be necessary to successfully develop and deploy this technical requirement in telecommunications systems.

7. Surveillance status

106. Background. This capability would require the telecommunications carrier to send information to the LEA to verify that a wiretap has been established and is still functioning correctly. This information could include the date, time, and location of the wiretap; identification of the subscriber whose facilities are under surveillance; and identification of all voice channels that are connected to the subscriber. This information would be transmitted to the LEA when the wiretap is activated, updated or deactivated, as well as periodically (varying from once every hour to once every 24 hours).

107. AT&T argues that CALEA permits telecommunications carriers to meet their obligations in this regard by whatever means they choose, including human intervention.(180) TIA states that the only statutory basis asserted by DoJ/FBI for this capability is that Section 103(a) of CALEA states that telecommunications carriers "shall ensure" that their equipment is capable of providing access to communications and call-identifying information.(181) SBC concurs that CALEA does not mandate that carriers provide the status of wiretaps to law enforcement in real time. SBC also argues that test procedures are available by which law enforcement can perform this function in concert with carrier personnel.(182) PrimeCo states a more reasonable means of verifying whether a wiretap is operational is to perform a periodic trap and trace test of the target's phone number.(183) Finally, AirTouch states that it has been informed by a vendor that the cost of developing a surveillance status message would be "exorbitant."(184)

108. DoJ/FBI state that, in the context of the analog network, the LEA employs non-automated means to determine whether the interception device is accessing the correct equipment, service, or facility, but that digital switching precludes the LEA from performing this function because it does not allow similar access to the intercept location. DoJ/FBI argue that without a surveillance status message, the LEA would not know when the intercept is turned on or off, or if it has failed; therefore, important evidence could be lost.(185) Finally, DoJ/FBI object to human intervention as a possible solution to this requirement because they state that such intervention would be costly and impractical.(186)

109. Discussion. CALEA requires carriers to ensure that authorized wiretaps can be performed in an expeditious manner,(187) and we believe that a surveillance status message could assist carriers and LEAs in determining the status of such wiretaps. We tentatively conclude, however, that a surveillance status message does not fall within any of the provisions of Section 103. We do not believe that it is call-identifying information as defined by CALEA, since the information such a feature would provide is unrelated to any particular call. Nor does a surveillance status message appear to be required under Section 103(a)(1), since it is not necessary to intercept either wire or electronic communications carried on a carrier's system. Nor are we persuaded by the FBI's interpretation that a surveillance status message is required by CALEA's direction that a carrier "shall ensure" that its system is capable of meeting the Section 103(a) requirements. Rather, we note that the Act expressly states: "a telecommunications carrier shall ensure that its equipment, facilities, or services . . . are capable of" intercepting communications and allowing LEA access to call-identifying information.(188) We interpret the plain language of the statute to mandate compliance with the capability requirements of Section 103(a), but not to require that such capability be proven or verified on a continual basis.

110. Thus, we tentatively conclude that the surveillance status punch list item is not an assistance capability requirement under Section 103.(189) However, we invite comment as to how, generally, carriers intend to ensure that wiretaps remain operational. How, specifically, would "human intervention" be exercised? For example, do carriers plan to periodically check the circuit manually and notify the LEA that the wiretap remains operational? Further, to the extent commenters continue to believe that an automated surveillance status message is necessary to implement the requirements of Section 103, we seek comment on the 107(b) factors that the Commission must evaluate under CALEA. In what manner could such a feature be provided? Are there cost effective methods of providing surveillance status information to a LEA? Can this requirement be accomplished in a manner that minimizes costs to residential ratepayers? Could such provision of surveillance status messages compromise the privacy and security of communications not authorized to be intercepted? Would the provision of such information constrain a carrier's ability to develop and deploy new technologies and services? What period of time would be required to develop and deploy such a feature? And, to the extent that this information were to fall under the definition of call-identifying information, is it reasonably available to carriers?

8. Continuity check tone

111. Background. This technical requirement would require that, in cases where a LEA has obtained authority to intercept wire or electronic communications, a C-tone or dial tone be placed on the call content channel (CCC) received by the LEA from the telecommunications carrier until a user of the facilities under surveillance initiates or receives a call.(190) At that point, the tone would be turned off, indicating to the LEA that the target facilities were in use. This capability would permit correlation between the time a call is initiated and the time the connection is established. The C-tone would also verify that the connection between the carrier's switch and the LEA is in working order.

112. AirTouch states that there is no basis in CALEA for this capability, and that it particularly objects to the FBI's demand that CMRS providers be responsible for providing a continuity tone over the delivery circuits law enforcement agencies will use. AirTouch asserts that in most circumstances, the LEA will obtain its delivery circuits from a LEC, not from a CMRS provider. In those circumstances, according to AirTouch, the responsibility to ensure that the delivery circuit is operational should fall on the LEC, not the CMRS provider, which has no control over either the circuits in question or over the LEC that owns and provides the circuits.(191) BellSouth contends that a continuity tone check is technically feasible only when dedicated content channels are provided and otherwise should not be required.(192)

113. DoJ/FBI state that the LEA, in the context of the analog network, can provide itself with a continuity tone when it conducts interceptions, and that if a similar capability is not provided in digital networks, the LEA will lose the ability to verify the efficacy, accuracy, and integrity of a wiretap.(193) DoJ/FBI argue that Section 103 places an affirmative obligation on the carrier to verify that its equipment is operational and law enforcement has access to all communications and call-identifying information within the scope of the authorized surveillance. DoJ/FBI maintain that the interim standard does not contain any provisions that give effect to this affirmative statutory obligation, and state that its proposal would not require any carrier to implement any particular design or equipment.(194)

114. Discussion. As with the case of surveillance status messages, we believe that continuity tone could assist the LEA in determining the status of a wiretap, but that this technical requirement is not necessary to meet the mandates of Section 103(a). Similar to our reasoning regarding surveillance status messages, we do not believe that a continuity tone falls within CALEA's definition of call-identifying information, nor does it appear to be required under Section 103(a)(1), since it is not necessary to intercept either wire or electronic communications carried on a carrier's system. Furthermore, as explained above, the plain language of the statute mandates compliance with the capability requirements of Section 103(a), but does not require that such capability be proven or verified on a continual basis. Thus, we tentatively conclude that the continuity tone punch list item is not an assistance capability requirement under Section 103.(195)

115. However, to the extent commenters continue to believe such a technical requirement is necessary to implement the requirements of Section 103, we seek comment on the 107(b) factors that the Commission must evaluate under CALEA. In what manner could such a feature be provided? Are there cost effective methods of providing a continuity tone to a LEA? Can this requirement be accomplished in a manner that minimizes costs to residential ratepayers? Could provision of a continuity tone somehow compromise the privacy and security of communications not authorized to be intercepted? For example, could such a tone be detected by the subscriber whose facilities are under surveillance? Would the provision of such information constrain a carrier's ability to develop and deploy new technologies and services? And finally, what period of time would be required to develop and deploy such a feature?

9. Feature status

116. Background. This technical requirement would require a carrier to notify the LEA when specific subscription-based calling services are added to or deleted from the facilities under surveillance, including when the subject modifies capabilities remotely through another phone or through an operator. Examples of such services are call waiting, call hold, three-way calling, conference calling, and call return.(196) Also, the carrier would be required to notify the LEA if the telephone number of the facilities under surveillance was changed or service was disconnected.(197)

117. US West states that feature status information does not identify any telephone numbers or digits dialed by subscribers, and is therefore beyond the scope of CALEA.(198) SBC and BellSouth agree that