With the deadline for compliance with the Communications Assistance for Law Enforcement Act (CALEA) approaching, rural telephone companies are scrambling to meet the Congressional mandate to make it possible for possible for law enforcement personnel to intercept phone calls, emails, and other communications on their broadband networks.
While the country’s largest phone companies will have no trouble meeting the May 14 deadline, the unfunded mandate poses a major financial burden for smaller phone companies that serve small populations in largely rural areas, according to John McHugh, technical director for the Organization for the Protection and Advancement of Small Telephone Companies (OPASTCO).
Moreover, while the companies are legally required to make the upgrades, many believe their operations are so small that authorities will never have cause to make use of them. “Still, while there are concerns about the economics, I have not run into any company that does not understand the social obligation,” McHugh said.
A $150,000 Mandate
A permanent solution costs as much as $150,000, said McHugh. While larger phone companies can absorb the cost, smaller companies are in a bind. A rural phone company with 1,000 customers and a broadband penetration of 10 percent has just 100 customers over which to spread the cost.
In response to financial concerns, the Federal Communications Commission (FCC) last year said small phone companies, as an alternative to purchasing their own infrastructure, could meet the CALEA requirements through use of a “trusted third party,” that is, an outsourcing company that can provide the tools for CALEA compliance for a monthly fee.
In return, the FCC said phone companies could not use high cost as a reason for missing the May 14 deadline, unless the company had already begun working with a trusted third party. Companies providing trusted third-party solutions include Intelleq Communications, the Martin Group, Neustar, and VeriSign.
Updating CALEA
CALEA has been in force for conventional, circuit-switched telephone networks for more than a decade. The latest round of CALEA compliance involves broadband and wireless networks, including Voice over Internet Protocol (VoIP) technology. However, because IP phone calls and other digitized packet data move across the network in different ways than traditional point-to-point phone calls, wiretapping and interception require new, more expensive approaches.
Cable companies, cellular companies, and broadband wireless providers moving into the VoIP space, such as EarthLink, are also required to be CALEA-compliant.
The good news is that costs are coming down, especially as trusted third parties compete for business as the deadline approaches.
An additional concern, however, is the possibility that Congress might change the CALEA requirements at some point down the road. Under current law, telephone companies have five days to implement a court order authorizing a wiretap or other form of monitoring. That window, McHugh said, makes the trusted third-party option viable. Should Congress decide to shrink that timeframe, small telephone companies might have to invest in their own systems.
Steven Titch ([email protected]) is senior fellow for IT and telecom policy at The Heartland Institute and managing editor of IT&T News.