Communication interception goes global

OASIS has set up a committee to develop a technical framework that enables security agencies to share information easily around the world

Security agencies around the world will soon be able to share intercepted information on criminal and 'terrorist' activities far more easily after a new technical framework is introduced, a committee claims.

The Organization for the Advancement of Structured Information Standards (OASIS) has created the LegalXML Lawful Intercept XML (LI-XML) technical committee to develop a global framework to support the "rapid discovery and sharing of suspected criminal and terrorist evidence by law enforcement agencies".

"As the ability for criminals and terrorists to access technology increases, the challenge for law enforcement to detect, comply with legal process and implement evidence discovery tools also grows," said the chair of the technical committee, Anthony Rutkowski of VeriSign. He added that the enhanced precisions, authentication, and audit features provided by the framework would result in greater public trust in the "traditionally sensitive area of legal discovery".

The initial meetings of the committee have already been held, and the committee hopes to identify all XML schemas relating to lawful interception by 10 February. By January 2004 the committee plans to publish information on the interoperability test results of the different schemes.

According to the committee, the most common activity related to lawful interception is the simple act of looking up basic information about a communications identifier (such as an email address or phone number), and one objective of the committee is to develop a Global User Identifier Lookup schema.

The second most common activity is requesting the records of a specific user from a communications services operator. There are currently no means to do this electronically, and the committee plans to develop a Global Communications Record Lookup schema.

The technical committee also plans to develop specifications for interoperable Lawful Intercept Global Identifier Registries and associated verification and authentication schemes, after noting that there is no global mechanism to verify the authenticity of the tens of thousands of parties worldwide involved in the lawful interception of communications.

The committee is prevented from finalising or approving a technical specification if it believes the specification relies on third-party intellectual property, unless that third party has agreed to proved necessary license rights on perpetual, royalty-free, non-discriminatory terms.

The OASIS LegalXML LI-XML Technical Committee is open to all organisations and individuals, and OASIS will host an open mail list for public comment. Information on joining OASIS can be found on the organisation's Web site.

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Security News Section.

Let the editors know what you think in the Mailroom.