Digital Wiretap Warrant: Improving the security of ETSI Lawful Interception

Lawful Interception (LI) of data communications is an essential tool for Law Enforcement Agencies (LEA) in order to investigate criminal activities carried out or coordinated by means of Internet. However, the ability to secretly monitor the activities of citizens also has a great impact on civil rights. Therefore, democratic societies must prevent abuse and ensure that LI is only employed in specific cases with justifiable grounds or a probable cause. Nowadays, in many countries each interception must be authorized by a wiretap warrant, usually issued by a judge. However, this wiretap warrant is merely an administrative document that should be checked by the network or service operator before enabling the monitoring of its customers, whose communications are later handed over to a LEA in plaintext. This paper proposes the idea of employing a Digital Wiretap Warrant (DWW), which further protects the civil liberties, security and privacy of LI by ensuring that monitoring devices can only be enabled with a valid DWW, and by encrypting the captured data so only the authorized LEA is able to decrypt those communications. Moreover, in the proposed DWW framework all digital evidence is securely time-stamped and signed, thus guaranteeing that it has not been tampered with, and that a proper chain of custody has been met. In particular this paper proposes how to apply the DWW concept to the lawful interception framework defined by the ETSI LI Technical Committee, and evaluates how the additional security mechanisms could impact the performance and storage costs of a LI platform.