The right to privacy of individuals is enshrined in national constitutions and international conventions. The European Convention on Human Rights (specifically article 8), for example, protects the individual against arbitrary interference by public authorities in his or her private or family life.
This principle is potentially at odds with lawful interception and data retention. Law enforcement agencies and intelligence services require access to telecom data such as call data and subscriber data, and even to the content of communications for the purpose of criminal prosecution and terror prevention. Call data, for instance, reveal important information about the location of subscribers and enable investigators to understand social networks between individuals. The contents of intercepted communications might even be used as evidence in court. In order to protect the individual, legal frameworks define in detail which bodies are authorized to access telecom data and for what purposes.
While the laws and implementations of lawful interception and data retention processes vary from country to country, solid technical systems that strictly protect the privacy of sensitive data and which provide controlled access only are fundamental. For legal compliance, telecom operators must strike a balance between data protection and support for law enforcement.
Depending on specific national regulations, the following security and data protection considerations must be met with LI and DR:
- Sensitive telecom data must be protected against unauthorized access, loss, and manipulation by state-of-the-art means at all times
- Access to the LI and DR systems must be restricted to authorized personnel only
- Each action related to the access to sensitive data must be securely logged for security audits
- Data intercepted and delivered to an LEA must be restricted to data to/from the person under surveillance
- Interception must be transparent to the person under surveillance
- Data must be removed when it is no longer needed
- LI and DR systems must be protected against malicious attacks