ISPs under Govt tapping pressure

Australia's Internet service and carriage providers are staring down the barrel of stiff legislative requirements to provide law enforcement, intelligence agencies and other authorised bodies with the capability to intercept IP traffic for lawful purposes, delegates at the Hack 2003 IT security conference have been told.

While telephone tapping is nothing new, Umar Goldeli, founder of carrier interception technology firm, Universal Defence, told the audience that authorities, carriers and ISPs ultimately had to come to terms with what lawful IP interception "actually involves at the coalface."

A significant issue understood to be facing authorities is that in order to obtain useable 'product', data streams must be intercepted as close to the source as possible. That effectively means going into ISPs small and large to gain access to traffic.

"The closer you are to the entry point to the network, the higher the quality of the data intercepted," Goldeli said. "Almost anything can happen between ISP 'A' and carrier 'B' - like inter-customer traffic, multiple upstreams and asymmetric routing. Half of your (target) traffic might go out through carrier A and come back through carrier B.

"That's not uncommon, but it is very difficult to coordinate (an intercept ordered by a warrant), because it's taking a completely different path and that means if you only get one side, you miss half of the communication. You have to be able to pull it off closer to the source."

While telcos are predictably silent on such issues and argue they never discuss any operational security matters, a senior source at a tier-one network and communications supplier familiar with interception issues confirmed that demand for IP interception from the government is indeed growing.

"The pressure is definitely on since S11 (to provide IP intercept capability)," said the source, who agreed to comment on condition of anonymity. "There's a lot going on. With data and wireless it's a lot more complicated than voice, so people who do voice now have to look at those capabilities. A lot of our customers, large and medium size, who would previously do the bare minimum are looking at (their IP intercept capabilities). They are getting a lot more pressure to acquiesce."

Goldeli argued that a point of difference on the local landscape was that Australian authorities required carriers or ISPs to self-fund any capital investment for government interception requirements, a situation that about 700 smaller ISP were probably yet to grapple with.

"As more communications move to IP, so will the requirements for monitoring at a similar rate. A substantial proportion of criminals and persons or organizations of interest now use IP through ISPs and that will grow because there is a perception that the Internet is anonymous," Goldeli said. "These requirements are law - if you don't or can't comply you can be shut down by the Australian Communications Authority."