I made brief mention of CALEA in a Telephony, VoIP and Regulation paper that should be posted in the Realtime VoIP Community Reading Room in the next day or two. Because of my own recent thoughts about CALEA and other regulatory concerns related to telecommunications, Aswath's post yesterday, How COULD Skype support CALEA? obviously caught my attention. Here are what I think are the most salient observations in Aswath's post -

CALEA has two aspects: the first one is interception of call control information and the other is interception of call content. The legal requirements are different. Nonetheless, a LEA has to get approval from a legal authority and produce the order to the relevant service provider. In this case Skype is advised ahead of time the identity of the target. We also know that when a user logs into Skype system, the user is given a list of supernodes to try. We do not know on what basis, Skype selects this list. But Skype can clearly select its set of supernodes (let me call them CALEA supernodes) and deliver only that list to the target. This way, Skype can ensure that only CALEA supernodes will serve the target. Then it is a simple matter for the supernode to collect call control information and deliver to the relevant LEA(s).

If the LEA is authorized to intercept call content as well, then the CALEA supernode can be instructed to use a relay supernode (again operated by Skype for the purpose of CALEA) and use the relay supernode to intercept the call content. The fact that the content is encrypted is not a big problem, because Skype can deliver the key to the LEA through CALEA supernode.

For anyone involved in the telecom industry, CALEA requirements have often proven challenging. In traditional telephony, they're often easliy supported by virtue of the telco cabling plant. That wired PSTN infrastructure provides mechanisms more easily adopted than VoIP services can support.

While Aswath's idea can't necessarily fit all models of VoIP, at a glance, it seems quite workable for the Skype model.

The larger challenge ahead will be how CALEA can ever be supported in a peer-to-peer VoIP model. If true P2P services evolve, every application would need to be altered to provide CALEA support. In the service provider model, this seems reasonable and makes sense. The larger question is as VoIP evolves and P2P technologies become widely adopted across the Internet user base, is the CALEA construct workable? I believe we'll need to develop a complete new model for the future. And to make it work, I believe P2P companies like Popular Telephony need to be proactive in defining what CALEA might become in the future.





Technorati Tags: CALEA, VoIP security, law enforcement, wiretapping