If your company received a lawful request for specific Call Detail Records from three years ago to help with a current criminal investigation, would you be able to fulfill the request?
In our regulatory work, we’ve worked with carriers who get many subpoena requests, and we’ve had carriers that can’t remember the last time they got one. We’ve found that smaller providers don’t receive too many warrants or requests, but larger ISPs are routinely asked for this information.
Regardless of which end of the spectrum your company falls under, being able to lawfully monitor information is necessary for our national security, and the inability to fulfill requests can be devastating to criminal investigations.
Luckily, modern data storage and technology have made it easy for all telecommunications carriers to comply with CALEA regulations.
What is CALEA?
At the surface, CALEA ensures that Telecommunications carriers have the capabilities to expeditiously isolate and obtain electronic information if lawfully requested. This includes Lawful Intercepts and Subpoena Requests.
While an intercept order authorizes a Law Enforcement Agency to monitor a criminal suspect’s communications in real-time, a subpoena request entitles an agency to collect historic information such as Call Detail Records and IPDRs. These records can reveal who the suspect has contacted, along with the times, dates, locations, and duration of the calls, websites visited, and other relevant information.
Subpoena Requests are much more common than wiretaps & trace orders and require carriers to have the technical capability to extract specific, relevant information. With this, carriers are required to retain large amounts of information that can be accessed either manually or by other automated means.
Every carrier must outline their data retention policy in their System Security and Integrity (SSI) plan, but the following are common retention periods for providers:
- IP assignment logs. up to 6 months
- Subscriber information. 3 years
- Call records. 18 to 36 months depending on the state
- Home security activity logs.
- Alarm activity info. 3 months
- Video and images. 6 months
- Alarm and event information. 13 months
- Audio from central monitoring stations. 24 months
If you looked at any part of this list and thought that you might not be able to extract that information in a timely manner, it’s in your interest to take another look at other ways to retain data.
A failure to obtain the requested information within a reasonable time may result in a fine of $10,000 per day for each day of violation of the enforcement order.
Data Retention Solutions
For storing all forms of communication detail records, we highly recommend using cloud storage for all of our telecommunication clients.
In terms of CALEA, cloud storage allows you to configure a data retention policy and govern what records you’ll store, and how long you want to store them. Storing data in the cloud gives carriers the ability to extract information from specific customers and fulfill subpoena requests without obstructing daily operations.
Something we developed at ATS to help providers is our ESAP Platform, after realizing how many can't easily get a hold of their data. ESAP allows carriers to store and retrieve their CDRs, uncover key analytics, and easily comply with Subpoena Requests.
Cloud storage has a variety of other benefits outside of CALEA, including lower operating costs, reduced overheads, and other data analytics capabilities.
Whether you receive a thousand or just a few of these requests, it's a good business practice that dictates that providers have the ability to respond as quickly as possible to these important requests.
If you would like to hear more about how we are helping other companies in this area, please let us know.