Digital Homes, Signal Intelligence, and the Public Good

Generally, people have a greater expectation of privacy at home than in public, and rightfully so. Regulatory measures such as search warrants protect those expectations while also allowing for society’s need for public safety. As new signal intelligence sources have evolved, lawful interception of telecom traffic such as SMS messages and social media, for example, has been standardized in order to support criminal or public safety investigations. However new signal intelligence sources like IoT devices require updated regulations to protect both citizens’ privacy and the public good.

For the most part, traditional lawful intercept of telecommunications data has focused on personal computers and mobile devices. However today, smart homes generate signaling from connected appliances, digital assistants, video doorbells, and more, making the balance between privacy needs and lawful intelligence increasingly complex. The public broadly underappreciates the privacy implications of these devices and law enforcement agencies (LEAs) lack effective means to leverage evidence from them. To address this new aspect of modern lawful intelligence, the regulatory bodies must formalize regulations that clarify when and what LEAs have the right to intercept.

The Value of Small Details

Soon after the advent of modern landline telephones, wiretapping evolved to allow LEAs to capture the contents of communications. Widespread encryption of voice and data transmissions in today’s mobile world, however, have made control-plane metadata increasingly important, from call data records to sophisticated location intelligence. In fact, the importance of the details that surround messaging, rather than the message content itself, has always been an important part of lawful intelligence.

In the case of traditional landline telephones, the FBI, for example, insisted on being notified when a subject of interest picked up a phone, got the dial tone, but hung up without dialing any number. While seemingly of low value, that information nevertheless could confirm that a home was occupied at a given time, potentially contributing to an investigation or the serving of a search warrant. This capability was of great enough value that regulators compelled equipment manufacturers to invest millions putting the needed dial-tone listening hardware on telecom switches.

This example should guide how we regard information emanating from digital home devices. A connected refrigerator, for example, might generate an alert when the door is opened, providing lawful intelligence value analogous to dial-tone listening on a landline. At the same time, sources such as digital assistants and video doorbells capture far richer information from in and around a growing proportion of homes.

Evolving Standards for Smart Homes

The focus of current communications regulations such as the Communications Assistance for Law Enforcement Act (CALEA) of 1994 do not adequately address digital home sources of intelligence, which offer more than just communication content. Enablement between LEAs and consumer equipment vendors is therefore limited by a lack of standardization and limited availability across the entire law enforcement community – particularly to small, local police forces.

A new framework is needed to balance citizens’ privacy with public safety requirements and specify the technical underpinnings that will allow seamless lawful access and handover for all LEAs. Codifying these aspects of modern telecommunications will not only improve their effectiveness, but further protect citizen privacy. SS8 is working with industry and LEA leaders to evolve lawful intelligence toward being as well-defined and sophisticated for digital home devices as it is for mobile phones and other user equipment.

Digital Homes as Objects of Evidence and Forensic Analysis

The rapid multiplication of digital devices in homes shows no sign of slowing down, and the implications for evidence and forensic analysis are unmistakable. As homes become more and more connected, the opportunities for law enforcement to leverage the data being transmitted by smart devices multiply. LEAs can gain significant value from these digital trails, intercepting information about a subject of interest’s activities and patterns of life that can be used as evidence in the prosecution of crimes.

To understand the transition to capturing these new information sources, it’s helpful to review the historical context of lawful intelligence. The United States and other countries maintain multiple levels of communications surveillance authorization, for example, because some intercept techniques such as pen registers or trap and trace methods provide only simple Call Detail Record (CDR) or who-called-who type of information. Since they do not provide communications content, it is easier for LEAs in these countries to obtain the required legal authorization, as opposed to the Title III authorization required for more comprehensive interception warrants for communications content.

That distinction corresponds to the level of privacy disruption associated with the two levels of information disclosure. Likewise, there are different classes of information available from digital home sources. Basic signaling that shows a refrigerator door opening or a dishwasher being turned on corresponds to older practices of dial-tone listening or pen registers. Feeds from digital assistant technologies such as Alexa or Siri, video doorbells, and countless other present and future sources however, may carry different requirements.

Conclusion

The rapid pace of change in telecommunications technologies requires that industry and LEA stakeholders create flexible categories and standards governing how lawful intelligence handles emerging information sources. In the US, the rise of the internet put similar pressure on existing regulatory and technology approaches to interception, eventually requiring the passage of the USA PATRIOT Act to clarify the responsibilities of internet-era communication service providers (CSPs) to LEAs. Additionally, 3GPP and other standards have codified the technological specifications for doing so. That transition demonstrates the need for ongoing expansion of what lawful intelligence regards as information and the measures needed to use and protect it. Just as SS8 supports ongoing oversight of internet traffic regulations, we are partnering with leading mobile technology stakeholders to continue privacy and safety for all citizens.

About Dr. Cemal Dikmen

Dr Cemal Dikmen Blog Head Shot - SS8 Networks

 

As SS8’s CTO, Cemal plays an integral role in the company’s strategic direction, development, and future growth. A renowned expert and thought leader in the legal compliance and communications analysis domain, he has been a frequent speaker at various industry conferences over the past 10 years. Cemal holds BS, MS, and PhD degrees in Electrical Engineering. You can learn more about Cemal on his LinkedIn profile by clicking here.

 

About SS8 Networks

SS8, a network intelligence company, provides solutions to help customers quickly identify, track, and investigate devices and subjects of interest. SS8 is trusted by six of the largest intelligence agencies, eight of the fourteen largest communications providers and five of the largest systems integrators.

Tweet Us @SS8       Follow Us LinkedIn

SS8 Newsletter

LATEST WEBINAR

THE DATA SILO DILEMMA FOR LAW ENFORCEMENT

How to Ingest, Filter and Query 5G Volumes

Webinar Presented by Kevin McTiernan

CLICK HERE to watch!