Intercept laws may force data capture downstream

Australia’s Internet service and carriage providers are staring down the barrel of stiff legislative requirements to provide law enforcement, intelligence agencies and other authorized bodies with the capability to intercept IP traffic for lawful purposes, delegates at the Hack 2003 IT security conference have been told.

While telephone tapping is nothing new, Umar Goldeli, founder of carrier interception technology firm Universal Defence told the audience that authorities, carriers and ISPs ultimately have to come to terms with what lawful IP interception “actually involves at the coalface.”

A significant issue understood to be facing authorities is that in order to obtain useable ‘product’, data streams must be intercepted as close to the source as possible – which effectively means going into ISPs small and large to gain access to traffic.

“The closer you are to the entry point to the network, the higher the quality of the data intercepted. Almost anything can happen between ISP ‘A’ and carrier ‘B’ – like inter-customer traffic, multiple upstreams and asymmetric routing. Half of your (target) traffic might go out through carrier A and come back through carrier B.

“That’s not uncommon, but it is very difficult to co-ordinate (an intercept ordered by a warrant), because it’s taking a completely different path and that means if you only get one side, you miss half of the communication. You have to be able to pull it off closer to the source,” Goldeli says.

While telcos are predictably silent on such issues and argue they never discuss any operational security matters, a senior source at a tier one network and communications supplier familiar with interception issues confirmed that demand for IP interception from the government is indeed growing.

“The pressure is definitely on since S11 (to provide IP intercept capability). There’s a lot going on. With data and wireless it’s a lot more complicated than voice, so people who do voice now have to look at those capabilities. A lot of our customers, large and medium size, who would previously do the bare minimum, are looking at (their IP intercept capabilities). They are getting a lot more pressure to acquiesce,” the source, who agreed to comment on condition of anonymity.

Goldeli argues that a point of difference on the local landscape is that Australian authorities require carriers or ISPs to self-fund any capital investment for government interception requirements, a situation that around 700 smaller ISP are probably yet to grapple with.

“As more communications move to IP, so will the requirements for monitoring at a similar rate. A substantial proportion of criminals and persons or organizations of interest now use IP through ISPs and that will grow because there is a perception that the Internet is anonymous. These requirements are law – if you don’t or can’t comply you can be shut down by the Australian Communications Authority,” Goldeli said.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now