Nope. -- Nathan -----Original Message----- From: Joshua Goldbard [mailto:j at 2600hz.com] Sent: Friday, January 18, 2013 2:03 PM To: Nathan Anderson Cc: voiceops at voiceops.org Subject: Re: [VoiceOps] CALEA for the small fry operator Are you a CLEC? Cheers, Joshua Joshua Goldbard VP of Marketing, 2600hz 116 Natoma Street, Floor 2 San Francisco, CA, 94104 415.886.7923 | j at 2600hz.com On Jan 18, 2013, at 1:54 PM, Nathan Anderson <nathana at fsr.com> wrote: We are a small-ish, regional broadband ISP in the U.S. (inland Washington and Idaho) that has also rolled out an interconnected VoIP product over the past year. I'm trying to wrestle through and understand what our responsibilities and obligations are with regards to CALEA compliance at both the legal and technical levels. Confession time: we did not purchase a commercial softswitch product. We built our own solution on top of Asterisk. (I can already hear the groans and feel the tangible disapproval.) We went this route for cost reasons, yes, but more importantly we did it because with a custom-engineered solution, we were able to seamlessly integrate our new voice offering with our other existing products when it comes to both provisioning and billing, and this (I believe) leads to a better and more uniform experience for our customers. For better or worse, we are an ISP first and foremost, and an ITSP second, and provisioning for the new product needed to conform to existing practices rather than be an island unto itself, as so many "turn-key" offerings are. But I recognize that going down this path has brought with it a distinct disadvantage when it comes to solving the CALEA complaince problem. Notably, there are no known CALEA solutions for Asterisk of any stripe that I have been able to find, and any discussion about Asterisk and CALEA seems to have peaked around the time (2006-2007) that the feds announced VoIP providers were going to have to bring themselves into compliance, and then quickly faded after that. Sure, I could easily come up with something that would allow for live or recorded call interception and/or delivery of CDR/CPNI to law enforcement using existing tools already available to me. What is unclear to me, though, is whether there is any particular format or delivery mechanism for this data that the law stipulates we follow. I know that there is an ANSI standard, T1.678v2 (and the subsequent supplements), but of course I have no access to that (200+ page) document without paying the publisher hundreds of dollars for a copy. And even if we got our hands on a copy, it sounds like it would be prohibitively difficult to implement by ourselves. Does the law actually stipulate that T1.678 be followed, and are you not in compliance with CALEA regulations unless you specifically use a solution that is T1.678-compatible? Or is the T1.678 standard simply recommended and preferred by LEAs? I have seen discussion threads where other people have talked about their "creative" solutions to CALEA compliance, which include things such as proxying the RTP stream and having a bank of E&M channels at the ready to mirror the audio to (http://fonality.com/trixbox/forums/trixbox-forums/open-discussion/what-i-nee...). Do these people actually know if their solution gets a passing grade, or are they taking a gamble? Thanks, -- Nathan Anderson First Step Internet, LLC nathana at fsr.com _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

I read (and I think most people do) "Facilities-Based Broadband Internet Access Providers" and "Providers of Interconnected VoIP" in that paragraph as two distinct categories. You don't need to be a CLEC to be an interconnected VoIP provider. If that were the case, then we wouldn't have to file 499s and pay into USF, would we? (Oh, if only...) Furthermore, I don't think the section you quoted makes mention of LECs. It says "Facilities-Based BROADBAND INTERNET ACCESS Providers". So they aren't necessarily even talking about LECs here (although some LECs -- ones that have an ISP arm or division -- would be a subset of that group). I don't think "facilities-based" is a term with a specific legal definition that means "telecom company with their own switch". They are referencing "facilities-based" (that is, non-resellers/"white-labelers") ISPs (such as us), and "interconnected" VoIP providers (VoIP services that "interconnect" with the PSTN and use NANP TNs, such as Vonage, and now us). I would love to be proven wrong. -- Nathan Anderson First Step Internet, LLC nathana at fsr.com -----Original Message----- From: Joshua Goldbard [mailto:j at 2600hz.com] Sent: Friday, January 18, 2013 2:31 PM To: Nathan Anderson Cc: voiceops at voiceops.org Subject: Re: [VoiceOps] CALEA for the small fry operator From: http://transition.fcc.gov/pshs/services/calea/ CALEA Compliance for Packet Equipment, And Equipment for Facilities-Based Broadband Internet Access Providers and Providers of Interconnected VoIP All facilities-based broadband Internet access providers and providers of interconnected VoIP service must ensure that their services comply with CALEA upon launch. In the May 12, 2006 Commission order, the Commission found that section 107(c)(1) may not be used by entities seeking extensions for equipment, facilities, and services deployed on or after October 25, 1998 (the effective date of the CALEA section 103 and 105 requirements). I believe you aren't subject to CALEA unless you're a facilities-based CLEC/ILEC. I am not a lawyer, this is not legal advice, but I don't think this applies to you. (Someone please correct me if I'm mistaken). Joshua Goldbard VP of Marketing, 2600hz 116 Natoma Street, Floor 2 San Francisco, CA, 94104 415.886.7923 | j at 2600hz.com On Jan 18, 2013, at 2:16 PM, Nathan Anderson <nathana at fsr.com> wrote: Nope. -- Nathan -----Original Message----- From: Joshua Goldbard [mailto:j at 2600hz.com] Sent: Friday, January 18, 2013 2:03 PM To: Nathan Anderson Cc: voiceops at voiceops.org Subject: Re: [VoiceOps] CALEA for the small fry operator Are you a CLEC? Cheers, Joshua Joshua Goldbard VP of Marketing, 2600hz 116 Natoma Street, Floor 2 San Francisco, CA, 94104 415.886.7923 | j at 2600hz.com On Jan 18, 2013, at 1:54 PM, Nathan Anderson <nathana at fsr.com> wrote: We are a small-ish, regional broadband ISP in the U.S. (inland Washington and Idaho) that has also rolled out an interconnected VoIP product over the past year. I'm trying to wrestle through and understand what our responsibilities and obligations are with regards to CALEA compliance at both the legal and technical levels. Confession time: we did not purchase a commercial softswitch product. We built our own solution on top of Asterisk. (I can already hear the groans and feel the tangible disapproval.) We went this route for cost reasons, yes, but more importantly we did it because with a custom-engineered solution, we were able to seamlessly integrate our new voice offering with our other existing products when it comes to both provisioning and billing, and this (I believe) leads to a better and more uniform experience for our customers. For better or worse, we are an ISP first and foremost, and an ITSP second, and provisioning for the new product needed to conform to existing practices rather than be an island unto itself, as so many "turn-key" offerings are. But I recognize that going down this path has brought with it a distinct disadvantage when it comes to solving the CALEA complaince problem. Notably, there are no known CALEA solutions for Asterisk of any stripe that I have been able to find, and any discussion about Asterisk and CALEA seems to have peaked around the time (2006-2007) that the feds announced VoIP providers were going to have to bring themselves into compliance, and then quickly faded after that. Sure, I could easily come up with something that would allow for live or recorded call interception and/or delivery of CDR/CPNI to law enforcement using existing tools already available to me. What is unclear to me, though, is whether there is any particular format or delivery mechanism for this data that the law stipulates we follow. I know that there is an ANSI standard, T1.678v2 (and the subsequent supplements), but of course I have no access to that (200+ page) document without paying the publisher hundreds of dollars for a copy. And even if we got our hands on a copy, it sounds like it would be prohibitively difficult to implement by ourselves. Does the law actually stipulate that T1.678 be followed, and are you not in compliance with CALEA regulations unless you specifically use a solution that is T1.678-compatible? Or is the T1.678 standard simply recommended and preferred by LEAs? I have seen discussion threads where other people have talked about their "creative" solutions to CALEA compliance, which include things such as proxying the RTP stream and having a bank of E&M channels at the ready to mirror the audio to (http://fonality.com/trixbox/forums/trixbox-forums/open-discussion/what-i-nee...). Do these people actually know if their solution gets a passing grade, or are they taking a gamble? Thanks, -- Nathan Anderson First Step Internet, LLC nathana at fsr.com _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

For the purposes of USF and the 499 A/Q filing process, the FCC does not restrict "interconnected VoIP" carriers to those who have actual interconnection agreements with LECs and the facilities necessary to carry out those interconnections. Otherwise, again, we could get away with never filing a 499A or Q again or paying into USF (right now we are still "de minimis" but I expect that will probably change within the next year or two). We get our DIDs from a partner CLEC local to the area and they trunk calls to those numbers to us via IP/SIP over the public internet. We currently terminate outbound calls via Flowroute. For E911, we use 911ETC, which resells iNetwork's platform (f.k.a. "dash carrier services"). -- Nathan Anderson First Step Internet, LLC nathana at fsr.com -----Original Message----- From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Carlos Alvarez Sent: Friday, January 18, 2013 3:24 PM To: voiceops at voiceops.org Subject: Re: [VoiceOps] CALEA for the small fry operator On Fri, Jan 18, 2013 at 4:02 PM, Nathan Anderson <nathana at fsr.com> wrote: Furthermore, I don't think the section you quoted makes mention of LECs. It says "Facilities-Based BROADBAND INTERNET ACCESS Providers". So they aren't necessarily even talking about LECs here (although some LECs -- ones that have an ISP arm or division -- would be a subset of that group). I don't think "facilities-based" is a term with a specific legal definition that means "telecom company with their own switch". They are referencing "facilities-based" (that is, non-resellers/"white-labelers") ISPs (such as us), and "interconnected" VoIP providers (VoIP services that "interconnect" with the PSTN and use NANP TNs, such as Vonage, and now us). The "interconnected" part could bear some refinement. We no longer directly connect to any carriers using traditional telephony methods. We only connect to other carriers via SIP. Technically, we aren't "interconnected" as we ourselves don't facilitate connectivity between IP and the PSTN. We facilitate connection between IP and IP. That may or may not be too fine a point. How do you connect to the PSTN? -- Carlos Alvarez TelEvolve 602-889-3003

On 1/18/13 6:30 PM, Nathan Anderson wrote:

For the purposes of USF and the 499 A/Q filing process, the FCC does not restrict "interconnected VoIP" carriers to those who have actual interconnection agreements with LECs and the facilities necessary to carry out those interconnections. Otherwise, again, we could get away with never filing a 499A or Q again or paying into USF (right now we are still "de minimis" but I expect that will probably change within the next year or two).

To quote http://transition.fcc.gov/cgb/consumerfacts/voip911.pdf, which has been brought up in this thread already: To ensure that a consumer's choice of Voice over Internet Protocol (VoIP) for telephone service does not adversely affect that consumer's ability to access emergency services, the Federal Communications Commission (FCC) has taken steps to require that providers of ?interconnected? VoIP services (VoIP services that use the Public Switched Telephone Network (PSTN), including wireless networks, to originate and terminate calls) meet Enhanced 911 (E911) obligations. Or, as I read that, if you can place calls to or from the PSTN you're "interconnected." If you've got some weird system for hooking up intercoms in your 5 factories that has no access to/from the PSTN, they don't care about your "phone system." So just because you're using SIP trunks, instead of PRIs, interconnections to a LEC, or what-have-you, has no bearing at all so far as I know. --Jon Radel jradel at vantage.com 267-756-1014

I would respectfully disagree. We are most certainly not a CLEC, but we have received warrants for wire taps, and have complied. Fortunately we do use a commercial softswitch that can provide this. Its a dangerous game, of not if but when they will come asking, and if you have a solution in place before that time comes, since the fines for non-compliance are extreme. Additionally, what you may do if you are using a reputable DID provider who is a CLEC (not a reseller) is inquire with them about them supporting CALEA, and see if they can fill this gap for you. I know in the past when speaking with certain large national providers on this topic (much may have changed since then) if they owned the DID AND I Could route all outbound calls for the subscriber with the warrant back to them, since they were the CLEC that the number was actually owned by, I could deflect the warrants to them. Might be worth looking into. On 01/18/2013 02:30 PM, Joshua Goldbard wrote:

From: http://transition.fcc.gov/pshs/services/calea/

CALEA Compliance for Packet Equipment, And Equipment for Facilities-Based Broadband Internet Access Providers and Providers of Interconnected VoIP

All facilities-based broadband Internet access providers and providers of interconnected VoIP service must ensure that their services comply with CALEA upon launch. In the May 12, 2006 Commission order, the Commission found that section 107(c)(1) may not be used by entities seeking extensions for equipment, facilities, and services deployed on or after October 25, 1998 (the effective date of the CALEA section 103 and 105 requirements). I believe you aren't subject to CALEA unless you're a facilities-based CLEC/ILEC. I am not a lawyer, this is not legal advice, but I don't think this applies to you. (Someone please correct me if I'm mistaken).

Joshua Goldbard VP of Marketing, 2600hz

116 Natoma Street, Floor 2 San Francisco, CA, 94104 415.886.7923 | j at 2600hz.com <mailto:j at 2600hz.com>

On Jan 18, 2013, at 2:16 PM, Nathan Anderson <nathana at fsr.com <mailto:nathana at fsr.com>> wrote:

...

Nope.

-- Nathan

-----Original Message----- From: Joshua Goldbard [mailto:j at 2600hz.com <http://2600hz.com>] Sent: Friday, January 18, 2013 2:03 PM To: Nathan Anderson Cc: voiceops at voiceops.org <mailto:voiceops at voiceops.org> Subject: Re: [VoiceOps] CALEA for the small fry operator

Are you a CLEC?

Cheers, Joshua

Joshua Goldbard VP of Marketing, 2600hz

116 Natoma Street, Floor 2 San Francisco, CA, 94104 415.886.7923 | j at 2600hz.com <mailto:j at 2600hz.com>

On Jan 18, 2013, at 1:54 PM, Nathan Anderson <nathana at fsr.com <mailto:nathana at fsr.com>> wrote:

We are a small-ish, regional broadband ISP in the U.S. (inland Washington and Idaho) that has also rolled out an interconnected VoIP product over the past year. I'm trying to wrestle through and understand what our responsibilities and obligations are with regards to CALEA compliance at both the legal and technical levels.

Confession time: we did not purchase a commercial softswitch product. We built our own solution on top of Asterisk. (I can already hear the groans and feel the tangible disapproval.) We went this route for cost reasons, yes, but more importantly we did it because with a custom-engineered solution, we were able to seamlessly integrate our new voice offering with our other existing products when it comes to both provisioning and billing, and this (I believe) leads to a better and more uniform experience for our customers. For better or worse, we are an ISP first and foremost, and an ITSP second, and provisioning for the new product needed to conform to existing practices rather than be an island unto itself, as so many "turn-key" offerings are.

But I recognize that going down this path has brought with it a distinct disadvantage when it comes to solving the CALEA complaince problem. Notably, there are no known CALEA solutions for Asterisk of any stripe that I have been able to find, and any discussion about Asterisk and CALEA seems to have peaked around the time (2006-2007) that the feds announced VoIP providers were going to have to bring themselves into compliance, and then quickly faded after that.

Sure, I could easily come up with something that would allow for live or recorded call interception and/or delivery of CDR/CPNI to law enforcement using existing tools already available to me. What is unclear to me, though, is whether there is any particular format or delivery mechanism for this data that the law stipulates we follow. I know that there is an ANSI standard, T1.678v2 (and the subsequent supplements), but of course I have no access to that (200+ page) document without paying the publisher hundreds of dollars for a copy. And even if we got our hands on a copy, it sounds like it would be prohibitively difficult to implement by ourselves.

Does the law actually stipulate that T1.678 be followed, and are you not in compliance with CALEA regulations unless you specifically use a solution that is T1.678-compatible? Or is the T1.678 standard simply recommended and preferred by LEAs? I have seen discussion threads where other people have talked about their "creative" solutions to CALEA compliance, which include things such as proxying the RTP stream and having a bank of E&M channels at the ready to mirror the audio to (http://fonality.com/trixbox/forums/trixbox-forums/open-discussion/what-i-nee...). Do these people actually know if their solution gets a passing grade, or are they taking a gamble?

Thanks,

-- Nathan Anderson First Step Internet, LLC nathana at fsr.com <mailto:nathana at fsr.com> _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

Well in our case we were provided with a destination that signaling was to be sent to at Quantico, and a phone number that would be dialed to collect the audio (forked in the network). This is of course the fancy way. I'm sure any call recording solution that can associate signaling and media in a neat package would probably suffice, presuming its local and not federal. Again IANAL so you might want to consult with one before taking anything I say as gospel. -Ryan On 01/18/2013 03:50 PM, Carlos Alvarez wrote:

On Fri, Jan 18, 2013 at 4:44 PM, Ryan Delgrosso <ryandelgrosso at gmail.com <mailto:ryandelgrosso at gmail.com>> wrote:

I would respectfully disagree. We are most certainly not a CLEC, but we have received warrants for wire taps, and have complied. Fortunately we do use a commercial softswitch that can provide this.

When you say "provide this" can you tell us exactly how? It seems like a simple ability to listen in to calls may or may not be compliant.

-- Carlos Alvarez TelEvolve 602-889-3003

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

What format was the live call data in? Is it just the SIP signalling in real-time? Are they just concerned about DTMF? Is there any reason why they would not accept having the DTMF put back in-band and including it in the audio fork? If they just want the SIP signalling mirrored across the VPN connection but also want to keep the DTMF out-of-band, could I take the RTP DTMF and convert it to SIP INFO and send it to them that way? -- Nathan -----Original Message----- From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Carlos Alcantar Sent: Saturday, January 19, 2013 2:30 PM To: ryandelgrosso at gmail.com; voiceops at voiceops.org Subject: Re: [VoiceOps] CALEA for the small fry operator Every calea request that we have had to deal with we have had a setup like the one described below where we would basically fork the call to an external # for the audio as well as we setup a vpn connection with the requesting agency to send them the live call data. Eg. Touch tones pressed ect. Carlos Alcantar Race Communications / Race Team Member 1325 Howard Ave. #604, Burlingame, CA. 94010 Phone: +1 415 376 3314 / carlos at race.com / http://www.race.com From: Ryan Delgrosso <ryandelgrosso at gmail.com> Reply-To: "ryandelgrosso at gmail.com" <ryandelgrosso at gmail.com> Date: Friday, January 18, 2013 3:59 PM To: VoiceOps <voiceops at voiceops.org> Subject: Re: [VoiceOps] CALEA for the small fry operator Well in our case we were provided with a destination that signaling was to be sent to at Quantico, and a phone number that would be dialed to collect the audio (forked in the network). This is of course the fancy way. I'm sure any call recording solution that can associate signaling and media in a neat package would probably suffice, presuming its local and not federal. Again IANAL so you might want to consult with one before taking anything I say as gospel. -Ryan On 01/18/2013 03:50 PM, Carlos Alvarez wrote: On Fri, Jan 18, 2013 at 4:44 PM, Ryan Delgrosso <ryandelgrosso at gmail.com> wrote: I would respectfully disagree. We are most certainly not a CLEC, but we have received warrants for wire taps, and have complied. Fortunately we do use a commercial softswitch that can provide this. When you say "provide this" can you tell us exactly how? It seems like a simple ability to listen in to calls may or may not be compliant. -- Carlos Alvarez TelEvolve 602-889-3003 _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.orghttps://puck.nether.net/mailman/listinfo/voiceops

I had thought of asking our CLEC partner who provides us with our DIDs about their CALEA readiness, but one of the complications we face is that we only use them for call origination. They don't have a termination product, so we use someone else for that. So the CLEC in question would only be able to tap inbound calls to the LEAs target, and not calls that the target makes him/herself. I think this would necessitate our involvement at some level, rather than telling the agency in question to simply contact the CLEC and our termination provider separately. -- Nathan Anderson First Step Internet, LLC nathana at fsr.com -----Original Message----- From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Ryan Delgrosso Sent: Friday, January 18, 2013 3:44 PM To: voiceops at voiceops.org Subject: Re: [VoiceOps] CALEA for the small fry operator I would respectfully disagree. We are most certainly not a CLEC, but we have received warrants for wire taps, and have complied. Fortunately we do use a commercial softswitch that can provide this. Its a dangerous game, of not if but when they will come asking, and if you have a solution in place before that time comes, since the fines for non-compliance are extreme. Additionally, what you may do if you are using a reputable DID provider who is a CLEC (not a reseller) is inquire with them about them supporting CALEA, and see if they can fill this gap for you. I know in the past when speaking with certain large national providers on this topic (much may have changed since then) if they owned the DID AND I Could route all outbound calls for the subscriber with the warrant back to them, since they were the CLEC that the number was actually owned by, I could deflect the warrants to them. Might be worth looking into. On 01/18/2013 02:30 PM, Joshua Goldbard wrote: From: http://transition.fcc.gov/pshs/services/calea/ CALEA Compliance for Packet Equipment, And Equipment for Facilities-Based Broadband Internet Access Providers and Providers of Interconnected VoIP All facilities-based broadband Internet access providers and providers of interconnected VoIP service must ensure that their services comply with CALEA upon launch. In the May 12, 2006 Commission order, the Commission found that section 107(c)(1) may not be used by entities seeking extensions for equipment, facilities, and services deployed on or after October 25, 1998 (the effective date of the CALEA section 103 and 105 requirements). I believe you aren't subject to CALEA unless you're a facilities-based CLEC/ILEC. I am not a lawyer, this is not legal advice, but I don't think this applies to you. (Someone please correct me if I'm mistaken). Joshua Goldbard VP of Marketing, 2600hz 116 Natoma Street, Floor 2 San Francisco, CA, 94104 415.886.7923 | j at 2600hz.com On Jan 18, 2013, at 2:16 PM, Nathan Anderson <nathana at fsr.com> wrote: Nope. -- Nathan -----Original Message----- From: Joshua Goldbard [mailto:j at 2600hz.com] Sent: Friday, January 18, 2013 2:03 PM To: Nathan Anderson Cc: voiceops at voiceops.org Subject: Re: [VoiceOps] CALEA for the small fry operator Are you a CLEC? Cheers, Joshua Joshua Goldbard VP of Marketing, 2600hz 116 Natoma Street, Floor 2 San Francisco, CA, 94104 415.886.7923 | j at 2600hz.com On Jan 18, 2013, at 1:54 PM, Nathan Anderson <nathana at fsr.com> wrote: We are a small-ish, regional broadband ISP in the U.S. (inland Washington and Idaho) that has also rolled out an interconnected VoIP product over the past year. I'm trying to wrestle through and understand what our responsibilities and obligations are with regards to CALEA compliance at both the legal and technical levels. Confession time: we did not purchase a commercial softswitch product. We built our own solution on top of Asterisk. (I can already hear the groans and feel the tangible disapproval.) We went this route for cost reasons, yes, but more importantly we did it because with a custom-engineered solution, we were able to seamlessly integrate our new voice offering with our other existing products when it comes to both provisioning and billing, and this (I believe) leads to a better and more uniform experience for our customers. For better or worse, we are an ISP first and foremost, and an ITSP second, and provisioning for the new product needed to conform to existing practices rather than be an island unto itself, as so many "turn-key" offerings are. But I recognize that going down this path has brought with it a distinct disadvantage when it comes to solving the CALEA complaince problem. Notably, there are no known CALEA solutions for Asterisk of any stripe that I have been able to find, and any discussion about Asterisk and CALEA seems to have peaked around the time (2006-2007) that the feds announced VoIP providers were going to have to bring themselves into compliance, and then quickly faded after that. Sure, I could easily come up with something that would allow for live or recorded call interception and/or delivery of CDR/CPNI to law enforcement using existing tools already available to me. What is unclear to me, though, is whether there is any particular format or delivery mechanism for this data that the law stipulates we follow. I know that there is an ANSI standard, T1.678v2 (and the subsequent supplements), but of course I have no access to that (200+ page) document without paying the publisher hundreds of dollars for a copy. And even if we got our hands on a copy, it sounds like it would be prohibitively difficult to implement by ourselves. Does the law actually stipulate that T1.678 be followed, and are you not in compliance with CALEA regulations unless you specifically use a solution that is T1.678-compatible? Or is the T1.678 standard simply recommended and preferred by LEAs? I have seen discussion threads where other people have talked about their "creative" solutions to CALEA compliance, which include things such as proxying the RTP stream and having a bank of E&M channels at the ready to mirror the audio to (http://fonality.com/trixbox/forums/trixbox-forums/open-discussion/what-i-nee...). Do these people actually know if their solution gets a passing grade, or are they taking a gamble? Thanks, -- Nathan Anderson First Step Internet, LLC nathana at fsr.com _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

On Fri, Jan 18, 2013 at 4:06 PM, Carlos Alvarez <carlos at televolve.com> wrote:

Someone we work with calls Asterisk "crack." You think you should get off of it, but every time you try something different it has various limitations that drive you back. Our view is that Asterisk flexibility lets us do interesting things that other providers can't do with their high end commercial products, and we have customers who are with us specifically because they had a request that others said "can't" be done. It also lets us build a crazy amount of physical redundancy for very little cost.

I've long been a fan of Asterisk (even before 1.0), but I have to say that for flexibility, nothing beats FreeSWITCH. Literally *every* aspect of it can be configured dynamically. Anyway, I not trying to turn this into a Ford vs. Chevy thread. I only mention it because of the insane levels of flexibility you can get. Personally, I'm happy to have so many great tools to choose from. Happy hacking! Gabe Gunderson izeni.com

JSTD formatted as a ASN.1 stream is the typical requirement. Although the letter of the law states interception of voice, call metadata extraction, and dialed digit extraction as the basic expectations. Media can be delivered as either a callout mechanism or as a direct media (raw RTP delivered to a specified port range). CODEC manipulation is not preferred. The LEA can challenge your assertion that you depend on an upstream LEC for the solution, especially if you provide intra-tenant calling on your platform (on-net), as this traffic bypasses the LEC. I have heard that a combination of packet sniffed logs (and disabling direct media) have solved this problem in the past. As always, please consult your legal advisors for the definitive answer. Sid Rao | CTI Group | +1 (317) 262-4677 On Jan 18, 2013, at 7:23 PM, "PE" <peeip989 at gmail.com> wrote:

I seem to recall there being something called the "j-standard" (j-std?) which, I thought, is an open standard. Might be deprecated. Dunno. Never used it and my memory is fuzzy. Wikipedia makes reference to it.

On Jan 18, 2013, at 4:54 PM, Nathan Anderson <nathana at fsr.com> wrote:

...

We are a small-ish, regional broadband ISP in the U.S. (inland Washington and Idaho) that has also rolled out an interconnected VoIP product over the past year. I'm trying to wrestle through and understand what our responsibilities and obligations are with regards to CALEA compliance at both the legal and technical levels.

Confession time: we did not purchase a commercial softswitch product. We built our own solution on top of Asterisk. (I can already hear the groans and feel the tangible disapproval.) We went this route for cost reasons, yes, but more importantly we did it because with a custom-engineered solution, we were able to seamlessly integrate our new voice offering with our other existing products when it comes to both provisioning and billing, and this (I believe) leads to a better and more uniform experience for our customers. For better or worse, we are an ISP first and foremost, and an ITSP second, and provisioning for the new product needed to conform to existing practices rather than be an island unto itself, as so many "turn-key" offerings are.

But I recognize that going down this path has brought with it a distinct disadvantage when it comes to solving the CALEA complaince problem. Notably, there are no known CALEA solutions for Asterisk of any stripe that I have been able to find, and any discussion about Asterisk and CALEA seems to have peaked around the time (2006-2007) that the feds announced VoIP providers were going to have to bring themselves into compliance, and then quickly faded after that.

Sure, I could easily come up with something that would allow for live or recorded call interception and/or delivery of CDR/CPNI to law enforcement using existing tools already available to me. What is unclear to me, though, is whether there is any particular format or delivery mechanism for this data that the law stipulates we follow. I know that there is an ANSI standard, T1.678v2 (and the subsequent supplements), but of course I have no access to that (200+ page) document without paying the publisher hundreds of dollars for a copy. And even if we got our hands on a copy, it sounds like it would be prohibitively difficult to implement by ourselves.

Does the law actually stipulate that T1.678 be followed, and are you not in compliance with CALEA regulations unless you specifically use a solution that is T1.678-compatible? Or is the T1.678 standard simply recommended and preferred by LEAs? I have seen discussion threads where other people have talked about their "creative" solutions to CALEA compliance, which include things such as proxying the RTP stream and having a bank of E&M channels at the ready to mirror the audio to (http://fonality.com/trixbox/forums/trixbox-forums/open-discussion/what-i-nee...). Do these people actually know if their solution gets a passing grade, or are they taking a gamble?

Thanks,

-- Nathan Anderson First Step Internet, LLC nathana at fsr.com _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

On 01/19/2013 11:13 AM, Carlos Alvarez wrote:

You can charge any time you get a request for records or intercept. Actually a lot. As a comparative number, Comcast charges $1k to set up an intercept and provide a month of service, $750/mo thereafter. They charge $200/mo for weekly call record delivery.

What do they charge for full delivery of two-way voice recording, not just CDRs? -- Alex -- Alex Balashov - Principal Evariste Systems LLC 235 E Ponce de Leon Ave Suite 106 Decatur, GA 30030 United States Tel: +1-678-954-0670 Web: http://www.evaristesys.com/, http://www.alexbalashov.com/

Carlos, thanks for doing that legwork. A few questions come to mind: 1) What is the "one allowed data standard", and where did you find it referenced? 2) Is there any reference copy of the data standard publicly available? Is it in fact the T1.678 that http://askcalea.fbi.gov/ mentions? 3) What signalling information do they require be recorded and/or streamed in real-time? 4) One might wonder if the concession made to operators not being required to completely redesign their networks was specifically made for those who had networks operating before CALEA compliance was made mandatory. Is there any reason to believe that those of us who have started up networks in the last year or two, well after the CALEA requirements were put in place, cannot use this excuse? It seems to me they could try to argue that we should have known at the outset that this would be required of us, and should have planned our network accordingly. -- Nathan Anderson First Step Internet, LLC nathana at fsr.com -----Original Message----- From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Carlos Alvarez Sent: Saturday, January 19, 2013 8:13 AM To: voiceops at voiceops.org Subject: Re: [VoiceOps] CALEA for the small fry operator I'm trimming all previous replies because this isn't in reply to any one thing. I spent several hours last night reading FCC docs, FBI stuff, and whatever I could find on this topic. There are a few bullet points that stuck in my mind. These are according to my interpretation, and while I've been reading FCC and other legal stuff for a very long time, I'm not a lawyer and my expertise isn't in law. It seems that there is one allowed data standard, but repeatedly I saw that the FCC refused to limit delivery methods, particularly for packet-switched networks. It seems to me that a meetme in Asterisk is almost compliant, though missing some of the signaling stuff. There is in fact an option on the FCC compliance form for "proprietary/home-grown" solution. On that topic however, I repeatedly saw "if reasonably available." The FCC says that you must provide all the signaling requested "if reasonably available" at the network intercept point. They specifically said they don't expect operators to completely redesign their networks. This of course is rather unclear. From our perspective, as a tiny company, it would be easy to argue that it's not reasonable for us to spend 50% of a year's profit changing our network. I may be crazy and that may not work, I don't know. You can charge any time you get a request for records or intercept. Actually a lot. As a comparative number, Comcast charges $1k to set up an intercept and provide a month of service, $750/mo thereafter. They charge $200/mo for weekly call record delivery. -- Carlos Alvarez TelEvolve 602-889-3003