ISP CALEA compliance

Jack Bates jbates at
Thu May 10 20:21:38 UTC 2007

Jason Frisvold wrote:

> Here's a question that's come up around here.  Does a CALEA intercept
> include "hairpining" or is it *only* traffic leaving your network?
> I'm of the opinion that a CALEA intercept request includes every bit
> of traffic being sent or received by the targeted individual, but
> there is strong opposition here that thinks only internet-related
> traffic counts.

IANAL... The law does include "hairpining", however, the conference we went to 
last week on CALEA gave us a lot of insight. The LEAs we talked to were 
interested in us working with them. They understand that the mandate requires 
some things that are technically infeasible or so cost prohibitive as to mandate 
abandoning broadband all together. For example, how do you tap a "customer" that 
is in a cyber cafe? How do you handle "hairpining" on a wireless bridge? There 
is entire DSLAM infrastructure out there that has no filtering capabilities and 
the closest one could tap is leaving the DSLAM, but not traffic between 
customers on the same DSLAM. In general, they seemed to be happy if we could get 
traffic isolated down to a town level, and just do the best we could to assist 
in meeting the traffic tap.

Jack Bates

More information about the NANOG mailing list