[Federal Register Volume 63, Number 220 (Monday, November 16, 1998)]
[Proposed Rules]
[Pages 63639-63654]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 98-30552]


=======================================================================
-----------------------------------------------------------------------

FEDERAL COMMUNICATIONS COMMISSION

47 CFR Part 64

[CC Docket No. 97-213, FCC 98-282]


Communications Assistance for Law Enforcement Act

AGENCY: Federal Communications Commission.

ACTION: Proposed rule.

-----------------------------------------------------------------------

SUMMARY: This Further Notice of Proposed Rulemaking (Further NPRM) 
addresses alleged deficiencies in industry-developed technical 
requirements for wireline, cellular and broadband Personal 
Communications Services (PCS) carriers to comply with the assistance 
capability requirements prescribed by the Communications Assistance for 
Law Enforcement Act of 1994 (CALEA, or the Act). The Act authorizes the 
Commission to establish, by rule, technical requirements or standards 
that meet the assistance capability requirements, if industry or 
standards setting organizations have failed to set such standards, or 
if any party believes that an industry standard is deficient.

DATES: Comments are due December 14, 1998; reply comments are due 
January 13, 1999.

FOR FURTHER INFORMATION CONTACT: Rodney Small, Office of Engineering 
and Technology, (202) 418-2452.

SUPPLEMENTARY INFORMATION: This is a summary of the Commission's 
Further Notice of Proposed Rulemaking, CC Docket 97-213, FCC 98-282, 
adopted October 22, 1998, and released November 5, 1998. The full text 
of this Commission decision is available for inspection and copying 
during normal business hours in the FCC Reference Center (Room CY-
C404), 445 Twelfth Street, S.W., Washington, D.C., and also may be 
purchased from the Commission's duplication contractor, International 
Transcription Service, (202) 857-3800, 1231 20th Street, N.W., 
Washington, D.C. 20036.

Summary of the Further Notice of Proposed Rulemaking

    1. The Further NPRM addresses alleged deficiencies in industry-
developed technical requirements for wireline, cellular, and broadband 
PCS carriers to comply with the assistance capability requirements 
prescribed by CALEA. Industry developed these technical requirements in 
an attempt to satisfy the ``safe harbor'' provision of the Act, which 
permits telecommunications carriers to be found in compliance with

[[Page 63640]]

CALEA if carriers comply with publicly available technical requirements 
adopted by an industry association or standard-setting organization, or 
by the Commission. The Act authorizes the Commission to establish, by 
rule, technical requirements or standards that meet the assistance 
capability requirements, if industry or standards-setting organizations 
have failed to set such standards, or if any party believes that an 
industry standard is deficient. The Commission has received four 
petitions for rulemaking asking us to establish such requirements or 
standards pursuant to our statutory authority under the Act. In 
addition, in response to a Public Notice the Commission's Wireless 
Telecommunications Bureau and Office of Engineering and Technology 
released on April 20, 1998, we have received numerous comments 
disputing whether certain specific technical requirements are necessary 
to comply with CALEA.
    2. In light of petitioners' claims that the interim standard 
adopted by industry is deficient with regard to particular technical 
requirements it currently includes, this Further NPRM analyzes those 
specific requirements and reaches tentative conclusions regarding which 
of them meet the definitions of CALEA Section 103. The Further NPRM 
also seeks comment on a range of issues associated with the 
Commission's obligations under the Act. In addition, we seek comment on 
what role, if any, we can or should play in assisting 
telecommunications carriers other than wireline, cellular, and 
broadband PCS carriers to set standards for, or to achieve compliance 
with, CALEA's requirements.
    3. Since 1970, telecommunications carriers have been required to 
cooperate with law enforcement agencies in conducting electronic 
surveillance. Recent advances in technology, however, most notably the 
introduction of digital transmission and processing techniques and the 
proliferation of wireless services, have hampered the law enforcement 
community's ability to conduct lawfully authorized surveillance. CALEA 
was enacted in 1994 to address such problems, and to ensure that law 
enforcement surveillance efforts would not be unintentionally thwarted 
by the development and deployment of new telecommunications 
technologies and services. At the same time, however, Congress 
recognized the need to protect privacy interests within the context of 
court-authorized electronic surveillance. In defining the terms and 
requirements of the Act, therefore, Congress sought to balance three 
important policies: ``(1) to preserve a narrowly focused capability for 
law enforcement agencies to carry out properly authorized intercepts; 
(2) to protect privacy in the face of increasingly powerful and 
personally revealing technologies; and (3) to avoid impeding the 
development of new communications services and technologies.'' Based on 
these considerations, Congress envisioned that the requirements of 
CALEA would serve as ``both a floor and a ceiling,'' defining the 
minimum capabilities that should be provided to law enforcement, while 
also establishing limits as to what can be provided.
    4. CALEA directs carriers to ensure that their equipment, 
facilities, and services are capable of meeting certain requirements to 
assist law enforcement in carrying out lawfully authorized electronic 
surveillance. To accomplish this, the Act sets out general assistance 
capability requirements that telecommunications carriers must meet, and 
defines the obligations of the industry, the law enforcement community, 
and the Commission in developing the technical requirements or 
standards necessary to meet these requirements. To date, industry and 
the law enforcement community, although they have reached agreement on 
many issues, disagree on whether certain specific features and/or 
technical requirements must be provided by carriers to comply with the 
Act's assistance capability requirements. Consequently, as authorized 
by the Act, representatives of industry, law enforcement, and the 
privacy community have petitioned the Commission to establish such 
technical requirements or standards. In this Further NPRM, therefore, 
we consider whether certain specific technical requirements are 
necessary for wireline, cellular and broadband PCS carriers to meet 
CALEA's assistance capability requirements. Below we discuss the 
relevant provisions of the Act.

CALEA Assistance Capability Requirements

    5. The basic requirements for meeting CALEA's mandates are 
contained in Section 103, which establishes four general ``assistance 
capability requirements'' that carriers must meet to achieve 
compliance. Specifically, Section 103 requires a telecommunications 
carrier to:

    (a) [E]nsure that its equipment, facilities, or services that 
provide a customer or subscriber with the ability to originate, 
terminate, or direct communications are capable of--
    (1) Expeditiously isolating and enabling the government, 
pursuant to a court order or other lawful authorization, to 
intercept, to the exclusion of any other communications, all wire 
and electronic communications carried by the carrier within a 
service area to or from equipment, facilities, or services of a 
subscriber of such carrier concurrently with their transmission to 
or from the subscriber's equipment, facility, or service, or at such 
later time as may be acceptable to the government;
    (2) Expeditiously isolating and enabling the government, 
pursuant to a court order or other lawful authorization, to access 
call-identifying information that is reasonably available to the 
carrier--
    (A) Before, during, or immediately after the transmission of a 
wire or electronic communication (or at such later time as may be 
acceptable to the government); and
    (B) In a manner that allows it to be associated with the 
communication to which it pertains,

except that, with regard to information acquired solely pursuant to 
the authority for pen registers and trap and trace devices (as 
defined in section 3127 of title 18, United States Code), such call-
identifying information shall not include any information that may 
disclose the physical location of the subscriber (except to the 
extent that the location may be determined from the telephone 
number);
    (3) Delivering intercepted communications and call-identifying 
information to the government, pursuant to a court order or other 
lawful authorization, in a format such that they may be transmitted 
by means of equipment, facilities, or services procured by the 
government to a location other than the premises of the carrier; and
    (4) Facilitating authorized communications interceptions and 
access to call-identifying information unobtrusively and with a 
minimum of interference with any subscriber's telecommunications 
service and in a manner that protects--
    (A) The privacy and security of communications and call-
identifying information not authorized to be intercepted; and
    (B) Information regarding the government's interception of 
communications and access to call-identifying information.

    6. CALEA does not specify how these four assistance capability 
requirements are to be met. Rather, it states only that 
telecommunications carriers, in consultation with manufacturers and 
telecommunications support service providers, must ensure that the 
carriers' equipment, facilities, and services comply with the 
requirements. Manufacturers and telecommunications support service 
providers are subject to a ``cooperation'' requirement, i.e., they are 
required to make available to carriers the features and modifications 
necessary for carriers to comply with the requirements ``on a 
reasonably timely basis and at a reasonable charge.'' Additionally, the 
Attorney General of the United States must consult with appropriate 
industry associations and

[[Page 63641]]

standards-setting organizations; with representatives of users of 
telecommunications equipment, facilities, and services; and with state 
utility commissions ``to ensure the efficient and industry-wide 
implementation of the assistance capability requirements.''
    7. Section 107(a)(2) of CALEA contains a ``safe harbor'' provision, 
stating that ``[a] telecommunications carrier shall be found to be in 
compliance with the assistance capability requirements under Section 
103, and a manufacturer of telecommunications transmission or switching 
equipment or a provider of telecommunications support services shall be 
found to be in compliance with section 106, if the carrier, 
manufacturer, or support service provider is in compliance with 
publicly available technical requirements or standards adopted by an 
industry association or standard-setting organization, or by the 
Commission under subsection (b), to meet the requirements of Section 
103.'' Thus, the Act envisions that an industry association or a 
standards-setting organization would set applicable standards. 
Individual carriers, however, are free to choose any technical solution 
that meets the assistance capability requirements of CALEA, whether 
based on an industry standard or not. Carriers, therefore, have some 
degree of flexibility in deciding how they will comply with CALEA's 
Section 103 requirements. CALEA specifically states, however, that the 
absence of industry standards does not relieve a carrier of its 
obligation to comply with the assistance capability requirements.
    8. In addition to the safe harbor provision, section 107 also 
defines certain Commission responsibilities under the Act. 
Specifically, upon petition, section 107(b) authorizes the Commission 
to establish, by rule, technical requirements or standards necessary 
for implementing Section 103. Section 107(b) provides that a petition 
may be filed with the Commission (1) if industry associations or 
standard-setting organizations fail to issue technical requirements or 
standards, or (2) if a government agency or any other person believes 
that requirements or standards that were issued are deficient.
    9. Section 107(b) specifies five factors that the Commission must 
consider as part of its efforts to establish technical requirements or 
standards to meet the assistance capability requirements of Section 
103. Such technical requirements or standards must:
     Meet the assistance capability requirements of Section 103 
by cost-effective methods;
     Protect the privacy and security of communications not 
authorized to be intercepted;
     Minimize the cost of such compliance on residential 
ratepayers;
     Serve the policy of the United States to encourage the 
provision of new technologies and services to the public; and
     Provide a reasonable time and conditions for compliance 
with and the transition to any new standard, including defining the 
obligations of telecommunications carriers under Section 103 during any 
transition period.
    10. Section 107(c) authorizes the Commission to extend the 
compliance date for telecommunications carriers' equipment, facilities, 
and services. On September 11, 1998, the Commission exercised its 
authority under section 107(c) by extending the deadline for compliance 
with Section 103 requirements from October 25, 1998 to June 30, 2000. 
This extension applies to all telecommunications carriers proposing to 
install or deploy, or having installed or deployed, any equipment, 
facility or service prior to the effective date of Section 103, for 
that part of the carrier's business on which the new equipment, 
facility or service is used.

Development of Industry Interim Standard J-STD-025

    11. Since early 1995, Subcommittee TR45.2 of the Telecommunications 
Industry Association (TIA) has been working to develop an industry 
standard that would satisfy the assistance capability requirements of 
Section 103 for wireline, cellular, and broadband PCS carriers. The 
standards-setting effort has included participation by industry and law 
enforcement. In 1996, the Subcommittee received from the Federal Bureau 
of Investigation (FBI) a document known as the Electronic Surveillance 
Interface (ESI). The ESI was law enforcement's recommendation for the 
logical and physical interfaces between a wireline, cellular, or 
broadband PCS carrier's network and a law enforcement agency's 
electronic surveillance collection facility. The ESI was developed at 
the request of industry to describe law enforcement's vision and 
recommendations for the interface. The ESI defined the requirements for 
the delivery of both call content and call-identifying information to a 
law enforcement agency (LEA).
    12. By the spring of 1997, TIA developed a final draft of a 
proposed CALEA industry standard. The draft standard defined services 
and features to support lawfully authorized electronic surveillance and 
the interfaces to deliver authorized intercepted communications and 
call-identifying information to a LEA. Specifically, the draft standard 
defined the intercept function in terms of five broad categories: 
access, delivery, service provider administration, collection, and law 
enforcement administration. This standard was submitted for balloting 
to all participants in the standards-setting process under procedures 
of the American National Standards Institute (ANSI). The law 
enforcement community unanimously opposed adoption of this standard, 
and it was voted down. The FBI, on behalf of this community, attached a 
lengthy critique of the draft standard to its ballot, including 
specific recommendations for changes.
    13. The FBI's objections to the draft standard centered around a 
list of technical capabilities that it contended are necessary to meet 
CALEA's requirements, but that were not included in the industry 
interim standard. The FBI's list, which has come to be known as the 
``punch list,'' originally contained 11 items, and now contains nine 
items. Specifically, the FBI's punch list identifies the following 
capabilities it believes must be provided under CALEA:
    (1) Content of subject-initiated conference calls--Would enable law 
enforcement to access the content of conference calls supported by the 
subject's service (including the call content of parties on hold).
    (2) Party hold, join, drop--Messages would be sent to law 
enforcement that identify the active parties of a call. Specifically, 
on a conference call, these messages would indicate whether a party is 
on hold, has joined or has been dropped from the conference call.
    (3) Subject-initiated dialing and signaling information--Access to 
all dialing and signaling information available from the subject would 
inform law enforcement of a subject's use of features (such as the use 
of flash-hook and other feature keys).
    (4) In-band and out-of-band signaling (notification message)--A 
message would be sent to law enforcement whenever a subject's service 
sends a tone or other network message to the subject or associate 
(e.g., notification that a line is ringing or busy).
    (5) Timing information--Information necessary to correlate call-
identifying information with the call content of a communications 
interception.
    (6) Surveillance status--Message that would verify that an 
interception is still functioning on the appropriate subject.

[[Page 63642]]

    (7) Continuity check tone (c-tone)--Electronic signal that would 
alert law enforcement if the facility used for delivery of call content 
interception has failed or lost continuity.
    (8) Feature status--Would affirmatively notify law enforcement of 
any changes in features to which a subject subscribes.
    (9) Dialed digit extraction--Information would include those digits 
dialed by a subject after the initial call setup is completed.
    14. After the close of balloting, Subcommittee TR45.2 held a number 
of meetings and made changes to the draft industry standard, including 
a number of changes recommended by the FBI. However, based on the 
concerns discussed below, none of the FBI punch list items were added 
to the industry standard. The Subcommittee recommended that the revised 
standard be considered as a joint TIA/Committee T1 Interim Standard and 
reballoted under TIA procedures rather than ANSI's. An interim 
standard, however, is valid for a period of only three years and is 
considered by ANSI as a ``trial use.'' TIA adopted the recommendations, 
and the revised draft standard was submitted for voting in the fall of 
1997. Because no law enforcement agencies are members of the TIA or 
Committee T1, however, only industry entities were eligible to cast 
ballots.
    15. The industry unanimously approved the draft standard as 
fulfilling the requirements mandated by CALEA. In December 1997, the 
TIA and Committee T1, sponsored by the Alliance for Telecommunications 
Industry Solutions, announced the joint publication of interim standard 
J-STD-025, Lawfully Authorized Electronic Surveillance (J-STD-025, 
interim standard, or industry interim standard). This standard defines 
services and features required to support lawfully authorized 
electronic surveillance and specifies interfaces necessary to deliver 
intercepted communications and call-identifying information to a LEA. 
TIA stated that compliance with J-STD-025 satisfies the ``safe harbor'' 
provisions of CALEA.

Petitions for Rulemaking

    16. In July 1997, before the industry interim standard was 
released, the Cellular Telecommunications Industry Association (CTIA) 
filed a petition for rulemaking on behalf of its members requesting 
that the Commission establish a standard to implement the requirements 
of Section 103, pursuant to the Commission's authority under section 
107(b). CTIA contended that the standards setting process was 
deadlocked, and that it was unlikely that a standard would be developed 
in the near future. CTIA attached to its petition the draft industry 
standard that ultimately became J-STD-025, and argued that this draft 
standard met the functional requirements of CALEA in their entirety.
    17. In August 1997, comments on the CTIA petition were filed 
jointly by the Center for Democracy and Technology (CDT) and the 
Electronic Frontier Foundation (EFF). CDT/EFF generally supported 
CTIA's request to adopt the proposed industry standard; however, they 
recommended the deletion of provisions relating to subject location and 
packet-mode information. In March 1998, following adoption of the 
industry interim standard, DoJ/FBI jointly filed a motion to dismiss 
CTIA's Petition for Rulemaking on the grounds that the December 1997 
adoption of the interim standard rendered CTIA's petition moot. As 
discussed below, we agree, and dismiss CTIA's July 1997 Petition for 
Rulemaking.
    18. On March 26, 1998, CDT filed a petition for rulemaking, 
requesting that the Commission intervene in the implementation of 
CALEA. CDT reiterated the position it and EFF had enunciated in August 
1997, arguing that J-STD-025 goes too far in permitting location 
information capabilities and fails to protect the privacy of packet-
mode communications. CDT further argued that the additional 
surveillance enhancements sought by the FBI in the punch list are not 
required under CALEA. CDT stated that the telecommunications industry 
and the FBI had failed to agree on a plan for preserving a narrowly-
focused surveillance capability that would protect privacy and, 
further, were now mired in an argument over designing additional 
surveillance features into the nation's telecommunications system. 
Finally, CDT stated that compliance with J-STD-025 was not reasonably 
achievable and requested that the Commission indefinitely delay 
implementation of CALEA while a more narrowly-focused standard 
consistent with the intent of CALEA is developed.
    19. On March 27, 1998, DoJ and the FBI jointly filed a petition for 
expedited rulemaking, asking the Commission to correct deficiencies in 
the industry standard by establishing additional technical standards 
that meet the requirements of CALEA. DoJ/FBI claim that the interim 
standard adopted by industry is deficient because: (1) It does not 
ensure that law enforcement will be able to receive all of the 
communications content and call-identifying information that carriers 
are obligated to deliver under CALEA; and, (2) it fails to ensure that 
information will be delivered in a timely manner. DoJ/FBI set forth, as 
a proposed rule, the features (i.e., the punch list items) they believe 
should be added to the interim standard to correct its deficiencies. 
DoJ/FBI request that the Commission leave the industry interim standard 
in effect pending the issuance of a final decision.
    20. On April 2, 1998, TIA filed a petition for rulemaking, asking 
the Commission to resolve the dispute as to whether the interim 
standard is overinclusive or underinclusive. TIA requested that we: (1) 
Immediately announce suspension of enforcement of CALEA until we make 
our determination of a permanent standard; (2) establish a reasonable 
compliance schedule of at least 24 months to implement the permanent 
standard; (3) undertake an expedited schedule for establishing a 
permanent standard; and (4) remand any further technical 
standardization work to TIA Subcommittee TR45.2.
    21. On April 20, 1998, the Commission's Wireless Telecommunications 
Bureau and Office of Engineering and Technology released a Public 
Notice in this proceeding soliciting comment on the above petitions, as 
well as soliciting comment on whether the October 25, 1998 deadline for 
compliance with CALEA's capability requirements should be extended. The 
Public Notice also requested specific comment on the scope of the 
assistance capability requirements necessary to satisfy the obligations 
imposed by CALEA. In particular, the Public Notice requested analyses 
of whether the technical requirements discussed in the petitions from 
CDT and from DoJ/FBI are necessary for carriers to meet CALEA's Section 
103 requirements. Finally, the Public Notice requested comment on 
remanding any additional standards development to TIA Subcommittee 
TR45.2.
    22. A number of parties petitioned the Commission to extend the 
October 25, 1998 deadline for complying with the core features of 
CALEA, and on September 11, 1998, the Commission released a Memorandum 
Opinion and Order (Extension Order) granting such an extension until 
June 30, 2000. Pursuant to our authority under section 107(c) of CALEA, 
we determined that compliance with the assistance capability 
requirements of Section 103 was not reasonably achievable by any 
telecommunications carrier through the application of available 
technology by CALEA's compliance deadline of

[[Page 63643]]

October 25, 1998. Therefore, we granted a blanket extension of CALEA's 
compliance deadline until June 30, 2000, for all telecommunications 
carriers similarly situated to the petitioners, i.e., those carriers 
proposing to install or deploy, or having installed or deployed, any 
equipment, facility or service prior to the effective date of Section 
103, for that part of the carrier's business on which the new 
equipment, facility or service is used.

Authority and Approach

    23. Section 107(b) of CALEA empowers the Commission to establish, 
by rule, technical requirements or standards to meet the assistance 
capability requirements of Section 103. Additionally, section 301(a) of 
CALEA states that ``[t]he Commission shall prescribe such rules as are 
necessary to implement the requirements of [CALEA].''
    24. In fulfilling our obligations under CALEA, our evaluation in 
this proceeding will closely follow the plain language of the Act. 
Pursuant to our statutory authority, we will separately examine the two 
contested features of the J-STD-025 standard (i.e., the location 
information and packet-mode features opposed by CDT) and the punch list 
items sought by the FBI, to determine whether each meet the mandates of 
Section 103.
    25. As an initial matter, we will first determine whether the 
specific item we are evaluating meets the assistance capability 
requirements set forth in Section 103(a)(1)-(4). In doing so, we 
propose to interpret these provisions narrowly. As noted above, we look 
to the plain language, its context, and, if necessary, any legislative 
history that assists in ascertaining Congressional intent. 
Specifically, we explore below the intent of Congress' use of the terms 
``equipment, facilities or services'' in Section 103(a)(1) as it 
relates to the content of subject-initiated conference calls. We also 
seek to interpret Section 103(a)(2)'s provision that call-identifying 
information must be provided to a LEA only if that information is 
``reasonably available'' to a telecommunications carrier. In this 
regard, we tentatively conclude that before we can make a determination 
whether a specific technical requirement meets the mandates of Section 
103's assistance capability requirements, the Commission must determine 
whether the information to be provided to a LEA under Section 103(a)(2) 
is reasonably available to the carrier. The Act does not specify how 
the term ``reasonably available'' should be defined or interpreted, and 
the Act's legislative history offers little additional guidance. We 
therefore request comment on what factors the Commission should use in 
determining whether the information to be provided to a LEA under 
Section 103(a)(2) is reasonably available.
    26. Specifically, we request comment on how cost should be 
considered in our determination of reasonable availability. Further, we 
note that carriers use a variety of system architectures and different 
types of equipment, leading us to believe that reasonable availability 
is also likely to vary from carrier to carrier. Commenters should 
discuss how the Commission can evaluate whether a particular technical 
requirement is reasonably available in these circumstances and discuss 
how the application or interpretation of these terms in Section 
103(a)(2) is similar to or different from the application or 
interpretation of ``reasonably achievable'' in section 109(b), and the 
factors listed there.
    27. We also ask commenters to evaluate the type of information that 
has been traditionally available under pen register and trap-and-trace 
authorizations, and whether the provision of such information to LEAs, 
in light of the statutory definitions of ``pen register'' and ``trap 
and trace device'', and judicial interpretations of them, provide 
guidance or represent possible factors for determining ``reasonable 
availability.''
    28. Finally, we also invite comment on whether and, if so, under 
what circumstances and to what extent, information that does not 
qualify as call-identifying information under Section 102(2) or 
otherwise is not ``reasonably available'' under Section 103(a)(2), may 
nevertheless qualify as call content information under Section 
103(a)(1) and the definitions of ``wire and electronic communications'' 
in 18 U.S.C. Sec. 2510(1), (12). Commenters should take into account 
that the provisions of Section 103(a)(1) do not include a criterion of 
``reasonable availability.''
    29. If we conclude that the item in question constitutes a 
technical requirement that meets the Section 103 assistance capability 
requirements, we will then proceed to analyze each of the factors 
identified by section 107(b) and seek comment on whether a particular 
technical requirement: (1) Meets the assistance capability requirements 
of Section 103 by cost-effective methods; (2) protects the privacy and 
security of communications not authorized to be intercepted; (3) 
minimizes the cost of such compliance on residential ratepayers; and, 
(4) serves the policy of the United States to encourage the provision 
of new technologies and services to the public. Additionally, section 
107(b)(5) requires the Commission to provide a reasonable time and 
conditions for compliance with and the transition to any new standard, 
including defining the obligations of telecommunications carriers under 
Section 103 during any transition period. Thus, we will also seek 
comment on issues bearing on our section 107(b)(5) determinations. If, 
on the other hand, we tentatively conclude that a specific technical 
requirement falls outside of the parameters of the assistance 
capability requirements established by Section 103, we will seek 
comment on our tentative conclusion, and request that commenters 
responding to this conclusion provide support for their agreement or 
disagreement by thoroughly analyzing the section 107(b) factors 
mentioned above.
    30. We emphasize that, because CALEA specifically requires us to 
consider the section 107(b) factors, commenters are strongly encouraged 
to provide us with information as detailed and specific as possible. 
For sections 107(b)(1) and (3), for example, we seek detailed comment 
regarding the costs of adding a feature to a telecommunications 
carrier's network and on what, if any, impact of such costs will have 
on residential ratepayers. Commenters should consider the costs to 
manufacturers in developing the equipment or software needed to 
implement the technical requirement, as well as the cost to carriers to 
install and deploy such equipment. Commenters should be specific as to 
which entities would incur the cost of adding particular features; 
e.g., manufacturers, local exchange carriers (LECs), interexchange 
carriers (IXCs), or commercial mobile radio service (CMRS) providers, 
etc. Commenters should also be specific as to what costs would be 
incurred for hardware, as opposed to software upgrades to carriers' 
networks, and whether some of these upgrades would have other uses in 
the networks. If costs are likely to be passed on to residential 
ratepayers, those costs should be identified, as well as specific 
mechanisms that could be used to minimize such costs.
    31. Under section 107(b)(2), if a party believes that a proposed 
technical requirement would not protect the privacy and security of 
communications not authorized to be intercepted, we request comment on 
modifications or alternative technical requirements that would enable 
Section 103's capability requirements to be met. In addition, we

[[Page 63644]]

seek detailed information on whether our determination that a 
particular feature must be provided under CALEA will encourage or 
discourage the provision of new technologies and services to the 
public. Will the implementation of a particular technical requirement 
constrain a carrier's ability to develop new services or technologies? 
Commenters should provide a projected timeline for each technical 
requirement, identifying the time needed to develop, test, and deploy 
it. Additionally, commenters should address the extent to which the 
capacity requirements of section 104 should affect our determinations 
under section 107(b). Finally, we ask for comment on any conditions 
necessary for compliance and any specific obligations that should be 
imposed on telecommunications carriers during the transition to a new 
standard.
    32. We note that the tentative conclusions we reach in this Further 
NPRM focus on the technical requirements that the petitioners have 
asked us to address in their petitions pending before us; i.e., the two 
contested features of J-STD-025 and the nine punch list items. In 
making our tentative decision, we recognize that CALEA requires 
carriers to ensure that their networks can provide the capabilities 
defined in Section 103, but does not mandate use of, or adherence to, 
any particular standard. In other words, compliance with the industry 
standard is voluntary, not compulsory. As a result, carriers are free 
to develop CALEA solutions in any manner they choose. Thus, a carrier 
may choose to utilize an industry standard as a safe harbor, or they 
may choose to implement other solutions that meet the capability 
requirements of Section 103. However, in order for an adopted industry 
standard to satisfy the safe harbor provision of section 107(a), it 
must incorporate all of the technical requirements that we ultimately 
determine meet the assistance capability requirements of Section 103.
    33. We note further that this proceeding does not involve any 
attempt to interpret statutes other than CALEA or define the scope of 
authorizations needed by LEAs to intercept or obtain call content or 
call-identifying information. Rather, this proceeding is limited to 
determining, as a safe harbor, what capabilities each carrier must 
provide if and when presented with a proper authorization or court 
order to expeditiously provide LEAs access to call content and call-
identifying information.
    34. We believe that industry is in the best position to determine 
how to implement these technical requirements most effectively and 
efficiently. Standards-setting organizations, manufacturers, and/or 
individual telecommunications carriers should develop the technical 
requirements consistent with our ultimate determinations reached in 
this proceeding. We tentatively conclude that it would then be 
appropriate for industry, in consultation with the law enforcement 
community, to develop a final ``safe harbor'' standard for CALEA 
compliance. We seek comment on this conclusion.
    35. Finally, we also note that manufacturers and carriers are free 
to develop and deploy additional features and capabilities, beyond 
those required by CALEA, in efforts to assist law enforcement agencies 
in conducting lawfully-authorized electronic surveillance. Such 
capabilities, however, will not be subject to any of CALEA's 
obligations, including cost recovery, and will not affect any party's 
obligations under CALEA in any way. Thus, nothing in the instant 
Further NPRM should be construed as limiting or proposing to limit 
telecommunications manufacturers, carriers or support service 
providers' ability to negotiate with law enforcement agencies to add 
additional capabilities to the carrier's systems, nor to define a 
maximum level of capabilities available to law enforcement under the 
applicable provisions of law. We now turn to a discussion of whether we 
should reexamine the uncontested portions of J-STD-025 as part of our 
section 107(b) inquiry.

Industry Interim Standard J-STD-025

    36. The industry interim standard, J-STD-025, which applies only to 
wireline, cellular, and broadband PCS carriers, specifies that 
telecommunications carriers are to provide LEAs with two 
telecommunications channels to perform electronic surveillance--call 
content channels (CCCs) and call data channels (CDCs). J-STD-025 
defines the five functions of the intercept architecture to be used. 
Those functions are:
     Access--Provides the LEA with the ability to isolate the 
subject's call content or call-identifying information accurately and 
unobtrusively. The access function helps to prevent the unauthorized 
access, manipulation, and disclosure of intercept controls, call 
content, and call-identifying information.
     Delivery--Accepts call content and call-identifying 
information from the access function and delivers it to one or more LEA 
collection functions. Ensures that the call content and call-
identifying information that are delivered are authorized for a 
particular LEA, and thus also prevents the unauthorized access, 
manipulation, and disclosure of intercept controls, call content, and 
call-identifying information.
     Collection--Receives and processes call content and call-
identifying information for the subject. (This function is the 
responsibility of the LEA.)
     Service Provider Administration--Controls the carrier's 
electronic surveillance functions. (This function is beyond the scope 
of the interim standard.)
     Law Enforcement Administration--Controls the LEA 
electronic surveillance functions. (This function is the responsibility 
of the LEA, and is also beyond the scope of the interim standard.)
    37. In seeking to fulfill our obligations under the Act, the 
Commission acknowledges the immense time and effort both industry and 
government representatives have put into the development of CALEA 
standards. We also appreciate the input and involvement of privacy 
organizations in this proceeding. We further note that the Act 
expresses a preference for industry to set CALEA standards, in 
consultation with the Attorney General, and that the Act's legislative 
history also reveals that Congress envisioned that industry would have 
primary responsibility in defining standards. Consequently, we believe 
that the most efficient and effective method for ensuring that CALEA 
can be implemented as soon as possible is to build on the work that has 
been done to date.
    38. We therefore do not intend to reexamine any of the uncontested 
technical requirements of the J-STD-025 standard. Instead, we will make 
determinations only regarding whether each of the location information 
and packet-mode provisions currently included within J-STD-025, and the 
nine punch list items that are currently not included, meet the 
assistance capability requirements of Section 103. We base this 
approach on the fact that the issues raised in the petitions and 
comments filed in this proceeding focus solely on the location 
information and packet-mode provisions of J-STD-025 and the nine punch 
list items sought by the FBI. Accordingly, these features will be 
evaluated separately. We further note that no party has raised any 
specific challenges to J-STD-025 other than with respect to these 
issues, and we have not been presented with any

[[Page 63645]]

compelling reason to reexamine the entire standard. We tentatively 
conclude that by limiting our inquiry to only these specific technical 
issues, we will better enable manufacturers and carriers to build on 
the extensive work already completed or in process, and permit them to 
deploy CALEA solutions on a more expedited basis. Accordingly, the 
uncontested technical requirements are beyond the scope of this 
proceeding.
    39. In establishing technical requirements or standards, section 
107(b)(5) requires the Commission to provide a ``reasonable time'' for 
carriers to comply with and/or transition to any new standards and to 
define the obligations of telecommunications carriers under Section 103 
during any transition period. We previously concluded in our decision 
under section 107(c) that telecommunications carriers must have 
installed CALEA-compliant equipment and facilities based on the 
``core'' features of J-STD-025 by June 30, 2000. A footnote in that 
decision indicated that the ``core'' of J-STD-025 excludes both the 
location information feature and the packet-mode feature. We now 
clarify those findings as follows. J-STD-025 represents an attempt by 
industry to develop a standard that carriers may choose to adopt 
voluntarily as a means to comply with CALEA's ``safe harbor'' provision 
set forth in section 107(a). We further recognize that the statute 
leaves carriers with the discretion to choose to comply with CALEA by 
other means. We emphasize that in requiring carriers to comply with the 
core features of J-STD-025 by June 30, 2000, we did not intend for the 
Extension Order to alter the substantive requirements of CALEA. Rather, 
we meant only to extend the deadline for compliance. Thus, we now 
clarify our Extension Order by requiring that by June 30, 2000, 
carriers must either have installed the core features of J-STD-025 to 
take advantage of the ``safe harbor'' provision of section 107(a) of 
CALEA or have otherwise developed an individual solution and installed 
capabilities that meet the assistance capability requirements of 
Section 103. We believe that this approach is more consistent with the 
language of the statute and the legislative history on this point. In 
addition, we now propose to modify footnote 139 of the Extension Order 
to include the location information feature as part of the core of J-
STD-025 which, if chosen by carriers as a means to qualify for the 
``safe harbor,'' must be implemented by the June 30, 2000 deadline.
    40. As detailed in the Extension Order, an extension until June 30, 
2000, provides sufficient time for manufacturers to produce CALEA 
compliant equipment based on the core features of J-STD-025 or to 
develop individual network solutions and provides telecommunications 
carriers sufficient time to purchase, test and install such equipment 
throughout their networks. We further recognize that the additional 
``non-core'' technical requirements we propose to be adopted in this 
rulemaking may require additional time for manufacturers to design and 
develop these capabilities and for telecommunications carriers to 
incorporate them into their networks. Thus, we will consider 
establishing another deadline or an implementation schedule for 
telecommunications carriers to comply with any new technical 
requirements we ultimately adopt in the instant proceeding. We seek 
comment on this proposal. Specifically, we ask carriers and 
manufacturers to supply us with timelines that detail how they plan to 
develop and deploy the additional technical requirements noted herein.

Location Information

    41. J-STD-025 includes a ``location'' parameter that would identify 
the location of a subject's ``mobile terminal'' whenever this 
information is reasonably available at the intercept access point and 
its delivery to law enforcement is legally authorized. Location 
information would be available to the LEA irrespective of whether a 
call content channel or a call data channel was employed.
    42. We tentatively conclude that location information is call-
identifying information under CALEA. The Act states that call-
identifying information is ``dialing or signaling information that 
identifies the origin, direction, destination, or termination of each 
communication generated or received by a subscriber by means of any 
equipment, facility, or service of a telecommunications carrier.'' We 
believe, that location information identifies the ``origin'' or 
``destination'' of a communication and thus is covered by CALEA.
    43. We also observe that in the wireline environment, irrespective 
of the precise nature of law enforcement's surveillance authorization, 
LEAs have been able to obtain location information routinely from the 
telephone number because the telephone number corresponds with 
location. With the telephone number, location information is available 
from a LEA's own 911/Enhanced 911 (E911) database or from the telephone 
company's electronic records, such as the Loop Maintenance Operating 
System (LMOS).
    44. We note, however, that the location feature as it currently 
appears in J-STD-025 is unclear. In particular, we note that this 
feature refers to the identification of the location of a subject's 
``mobile terminal,'' but does not specifically state whether it is the 
precise location of the mobile terminal or handset that is intended, or 
simply the location of the cell site to which the terminal or handset 
is connected. Also unstated in J-STD-025 is whether continuous location 
tracking is intended to be provided, or only the location at the 
beginning and termination of the call.
    45. In view of the above analysis, we tentatively affirm that 
location information should be construed to mean cell site location at 
the beginning and termination of a call. We seek comment on these 
proposals and, as required by section 107(b), on the other factors that 
we must consider in establishing a technical requirement or standard. 
We note that location information is already included in J-STD-025, the 
interim standard adopted by industry, and was opposed solely by the 
privacy groups. Therefore, we request comment in particular on whether 
our proposal raises issues regarding the protection of privacy and 
security of communications which are not authorized to be intercepted. 
Since the location information feature was included by industry in J-
STD-025, we find that the June 30, 2000 CALEA compliance deadline is 
also sufficient for development and implementation of compliant 
equipment that includes this feature.
    46. Finally, we tentatively conclude that location information is 
reasonably available to telecommunications carriers, because this 
technical requirement was developed by industry and is included in the 
interim standard. However, we request comment on how the Commission 
should decide or interpret the term ``reasonably available'' in the 
context of the proposed location information requirement. For example, 
it appears that location information is already available through the 
wireless carriers' billing, hand-off and system use features. 
Additionally, wireless carriers will be required to have a location 
information capability as part of their E911 obligations. We seek 
comment as to whether the location information feature in these other 
contexts can be used to address the needs of law enforcement under 
CALEA. We request comment on any other issues that may impact our 
determination as to whether the location information that would be

[[Page 63646]]

required to be provided to a LEA is reasonably available to carriers.
    47. Commenters should also note CALEA's express statement that 
``with regard to information acquired solely pursuant to the authority 
for pen registers and trap and trace devices (as defined in section 
3127 of title 18, United States Code), . . . call-identifying 
information shall not include any information that may disclose the 
physical location of the subscriber (except to the extent that the 
location may be determined from the telephone number).'' We agree with 
DoJ/FBI that this provision does not exclude location information from 
the category of ``call-identifying information,'' but simply imposes 
upon law enforcement an authorization requirement different from that 
minimally necessary for use of pen registers and trap and trace 
devices. We seek comment on this issue.

Packet-Mode

    48. J-STD-025 provides for LEA access to call-identifying 
information and the interception of wire and electronic 
telecommunications, regardless of whether the telecommunications are 
carried in circuit-mode or in packet-mode. It further states that the 
``call-identifying information associated with the circuit-mode content 
surveillance is provided on the [call data channel],'' but does not 
specifically address whether call-identifying information, if any, 
associated with packet-mode surveillance must be provided over a call 
data channel.
    49. Packet data and packet-switching technology are potentially 
usable for both information services and telecommunications services. 
We first observe that Section 103(b)(2)(A) of CALEA expressly excludes 
``information services'' from its assistance capability requirements. 
Thus, packet data and packet-switching technology is subject to these 
requirements only to the extent it is used to provide 
telecommunications services, and not for information services. Packet-
mode telecommunications services are expected to grow rapidly in the 
near future. J-STD-025 appears to be appropriately limited to apply 
only to ``telecommunications services'' as defined by the Commission. 
Second, we observe that CALEA requires telecommunications carriers to 
provide information to the LEA ``in a manner that protects . . . the 
privacy and security of communications . . . not authorized to be 
intercepted.'' This mandate would seem to be violated if the carrier 
were to give the LEA both call-identifying and call content information 
when only the former were authorized. Under those circumstances, the 
LEA would be receiving call content information without having the 
requisite authorization.
    50. The record before us, however, is not sufficiently developed to 
support a proposal of any particular CALEA technical requirements for 
packet-mode telecommunications. Additional analysis is needed. We are 
aware that packet-mode technology is rapidly changing, and that 
different technologies may require differing CALEA solutions. We do not 
believe that the record sufficiently addresses packet technologies and 
the problems that they may present for CALEA purposes. While it is 
premature to impose any particular technical requirements for packet-
mode telecommunications at this time, it is appropriate to ask for a 
full range of comment on this issue.
    51. In seeking to develop a full record, we first set forth an 
analytical framework we believe will prove useful for evaluating the 
issue of setting CALEA technical requirements for packet-mode 
telecommunications. First, we advise commenters to consider the 
difference between connection-oriented and connectionless packet-mode 
services, and also between permanent virtual circuits, which have no 
per-call information, and switched virtual circuits. With these 
distinctions in mind, we request that commenters provide detailed 
comments regarding whether and, if so, how the statutory requirements 
of Section 103(a) of CALEA apply to packet-mode telecommunications. We 
request comment on what constitutes the equivalent of ``call-
identifying information'' for packet-mode telecommunications services 
within the context of CALEA. Will packet-mode call-identifying 
information (or its equivalent) be reasonably available to carriers 
and, thus, subject to the provisions of Section 103(a)(2) of CALEA? How 
could packet-mode call content and call-identifying information (or its 
equivalent) be separated for delivery to law enforcement in compliance 
with CALEA?
    52. In addition, we seek comment on the other section 107(b) 
factors that we must consider in establishing technical requirements. 
Specifically, we seek comment on any cost-effective methods for 
incorporating CALEA packet-mode requirements into a telecommunications 
carrier's system, and whether or not this can be accomplished in a 
manner that minimizes costs to residential ratepayers. Further, we 
request additional comment on whether the inclusion of packet-mode 
technical requirements to meet the assistnace capability requirements 
envisioned by Section 103 raises issues regarding the protection of 
privacy and security of communications which are not authorized to be 
intercepted. Additionally, we solicit comment on whether the inclusion 
of such technical requirements would have a positive or negative effect 
on the provision of new technologies and services to the public. 
Commenters are also asked to provide detailed information regarding the 
amount of time and conditions that they believe will be necessary to 
successfully develop and deploy packet-mode technical requirements in 
telecommunications systems. Finally, we recognize that packet-mode 
issues are complex, and that relative to the other issues under 
consideration herein, additional time may be required to resolve them.

Content of Subject-initiated Conference Calls

    53. This capability would permit the LEA to monitor the content of 
conversations connected via conference call set up by the facilities 
under surveillance. Surveillance of all portions of a conference call 
would continue, even if any party to the call utilized services such as 
hold, call waiting, or three-way calling. For example, if anyone 
involved in a conference call were placed on hold, all remaining 
conversations would continue to be available to the LEA for monitoring. 
The ability to monitor would continue even after the subject drops off 
the conference call.
    54. We tentatively conclude that the provision of the content of 
subject-initiated conference calls is a technical requirement that 
meets the assistance capability requirements of Section 103. With 
appropriate lawful authorization, the LEA is entitled to ``intercept, 
to the exclusion of any other communications, all wire and electronic 
communications carried by the carrier within a service area to or from 
equipment, facilities, or services of a subscriber.'' TIA asserts that 
we must first determine whether a conference call capability would 
unduly expand Title III's concept of ``facilities'' before deciding 
whether such a capability is required under CALEA. We note, however, 
that the plan language of CALEA's Section 103 includes the terms 
``equipment'' and ``services'', in addition to ``facilities'' thus, 
extending LEAs entitlement to access the ``services and equipment'', as 
well as the ``facilities'', of a subscriber. According to the 
legislative history, ``conference calling'' is one of the ``features 
and

[[Page 63647]]

services'' that is covered by CALEA. We seek comment on this proposal. 
We also seek comment as to how the Commission should define or 
interpret Section 103's use of the phrase ``equipment, facilities, or 
services'' in the context of subscriber-initiated conference calls.
    55. We recognize that not all carriers' system architecture is the 
same. Some carriers, for example, may have systems that support 
continuation of conference calls after the subscriber drops off the 
call, while others may not. For those network configurations in which, 
when a subscriber drops off a conference call, the call nevertheless 
remains routed through the subscriber's ``equipment, facilities, or 
services,'' we tentatively interpret CALEA as requiring the carrier to 
continue to provide the LEA the call content of the remaining parties, 
pursuant to court order or other lawful authorization. For those 
configurations, however, in which, when the subscriber drops off the 
call, the call is either disconnected or rerouted, and the ``equipment, 
facilities, or services of a subscriber'' are no longer used to 
maintain the conference call, we tentatively conclude that CALEA does 
not require the carrier to provide the LEA access to the call content 
of the remaining parties. Moreover, in some cases where the call is re-
routed, the content of the call may no longer be classifiable as 
``communications carried by the carrier within a service area'' 
pursuant to Section 103(a)(1) and (d). Thus, under such circumstances, 
CALEA would not require the carrier to modify its system architecture 
in order to support this particular technical requirement. We seek 
comment on this tentative conclusion. Commenters should address how 
Sections 103(a)(1) and (d) should be interpreted in this context. Also, 
we tentatively conclude that CALEA does not extend to conversations 
between a participant of the conference call other than the subject and 
any person with whom the participant speaks on an alternative line 
(e.g., when A, the subjects, is on a conference call with B and C, we 
tentatively conclude that C's conversation with D on call waiting is 
beyond CALEA's requirements. We also seek comment on this tentative 
conclusion.
    56. Additionally, we seek comment on the section 107(b) factors 
that we must consider in establishing a technical requirement or 
standard. Are there cost-effective methods of incorporating access to 
conference call content into a telecommunications carrier's system? Can 
it be accomplished in a manner that minimizes costs to residential 
ratepayers? Further, we request comment on whether this proposal raises 
issues regarding the protection of privacy and security of 
communications which are not authorized to be intercepted. 
Additionally, we solicit comment on whether the inclusion of this 
technical requirement within the assistance capability requirements 
envisioned by Section 103 would positively or negatively affect the 
provision of new technologies and services to the public. Would, for 
example, networks have to be redesigned in such a way as to preclude 
certain new technologies or services? Finally, commenters are asked to 
provide detailed information regarding the amount of time and 
conditions that they believe will be necessary to successfully develop 
and deploy this technical requirement in telecommunications systems.

Party Hold, Join, Drop on Conference Calls

    57. This item also involves features designed to aid a LEA in the 
interception of conference calls. This feature would permit the LEA to 
receive from the telecommunications carrier messages identifying the 
parties to a conversation at all times. The party hold message would be 
provided whenever one or more parties are placed on hold. The party 
join message would report the addition of a party to an active call or 
the reactivation of a held call. The party drop message would report 
when any party to a call is released or disconnects and the call 
continues with two or more other parties.
    58. We tentatively conclude that party hold/join/drop information 
falls within CALEA's definition of ``call-identifying information'' 
because it is ``signaling information that identifies the origin, 
direction, destination, or termination of each communication generated 
or received'' by the subject. For example, party join information 
appears to identify the origin of a communication; party drop, the 
termination of a communication; and party hold, the temporary origin, 
temporary termination, or re-direction of a communication. This 
capability also appears to be necessary to enable the LEA to isolate 
call-identifying and content information because, without it, the LEA 
would be unable to determine who is talking to whom, and, more 
accurately, to focus on the subject's role in the conversation. 
Further, by isolating the call-identifying information in this manner, 
the LEA can ascertain and isolate third parties who are not privy to 
the communications involving the subject, thereby furthering the 
minimization concept.
    59. Accordingly, we propose that provision of party hold/join/drop 
information, if reasonably available to the carrier, is a technical 
requirement that meets the assistance capability requirements of 
Section 103. We base this conclusion on the statutory language found in 
Sections 103(a)(2) and 102(2). We note, however, that LEA access to 
this information would be required only in those cases where the 
carrier's facilities, equipment or services are involved in providing 
the service; in other words, when a network signal is generated. To the 
extent that customer premises equipment (CPE) is used to provide such 
features, we tentatively conclude that party hold/join/drop information 
could not be made available to the LEA since no network signal would be 
generated. For example, many telephone sets have a ``hold'' button that 
does not signal the network--thus, from the carrier's point of view, 
the call's status is unchanged. We seek comment on this tentative 
conclusion. We also seek comment on TIA's assertion that party/hold/
join drop information is already substantially available to the LEA 
and, if so, whether it is or needs to be provided in real time.
    60. We seek comment on our proposal and, as required by section 
107(b), on the other factors that we must consider in establishing a 
technical requirement or standard. Are there cost-effective methods of 
incorporating a party hold/join/drop capability into a 
telecommunications carrier's system? Can it be accomplished in a manner 
that minimizes costs to residential ratepayers? Further, we request 
comment on whether this proposal raises issues regarding the protection 
of privacy and security of communications which are not authorized to 
be intercepted. Additionally, we solicit comment on whether the 
inclusion of this technical requirement within the assistance 
capability requirements envisioned by Section 103 would positively or 
negatively affect the provision of new technologies and services to the 
public. Further, commenters are asked to provide detailed information 
regarding the amount of time and conditions that they believe will be 
necessary to successfully develop and deploy this technical requirement 
in telecommunications systems.

Subject-initiated Dialing and Signaling Information

    61. This capability would permit the LEA to be informed when a 
subject using the facilities under surveillance

[[Page 63648]]

uses services such as call forwarding, call waiting, call hold, three-
way calling. DoJ/FBI requests this information for each communication 
initiated by the subject. This capability would require the 
telecommunications carrier to deliver a message to the LEA, informing 
the LEA that the subject has invoked a feature which would place a 
party on hold, transfer a call, forward a call, or add/remove a party 
to a call.
    62. We tentatively conclude that subject-initiated dialing and 
signaling information fits within the definition of call-identifying 
information contained in section 102(2) of CALEA. For example, call-
forwarding signaling information identifies the direction and 
destination of a call, and call-waiting signaling information 
identifies the origin and termination of each communication. We request 
comment on whether remote operation of these features should affect our 
tentative conclusion. For example, a subject may be able to change some 
aspects of his/her service from a pay telephone, as well as from the 
subject's telephone.
    63. We also tentatively conclude that access to subject-initiated 
dialing and signaling information may be necessary in order for the LEA 
to isolate and correlate call-identifying and call content information. 
Knowing what features a subject is using will ensure that the LEA 
receives information ``in a manner that allows it to be associated with 
the communication to which it pertains.'' For example, without knowing 
that a subject has switched over to a call on call-waiting, the LEA may 
not be able to associate the call-identifying information with the call 
content to which it pertains and thus could be more likely to mistake 
one call for another. Once again, to the extent CPE is used to perform 
any of the functions described here, and no network signal is 
generated, that information will not be reasonably available to a 
carrier, and thus, should not be required to be provided.
    64. We observe that signaling data indicating that the subject is 
accessing his/her voice mail is properly classified as ``call-
identifying information.'' The contents of the voice mail fall outside 
the scope of CALEA. This is because voice mail ``permits a customer to 
retrieve stored information from . . . information storage 
facilities,'' and CALEA does not apply to information services. The 
requirement we propose below is consistent with this distinction 
because it provides only the call identifying information and is not 
capable of providing voice content.
    65. Accordingly, we propose to include information on subject-
initiated dialing and signaling that is reasonably available to the 
carrier as a technical requirement necessary to meet the assistance 
capability requirements of Section 103. We base our conclusion 
regarding subject-initiated dialing and signaling information that is 
reasonably available to the carrier on the statutory language found in 
Section 103(a)(2). We seek comment on this proposal and, as required by 
section 107(b), on the other factors that we must consider in 
establishing a technical requirement or standard. Are there cost-
effective methods of providing subject-initiated dialing and signaling 
information? Can this requirement be accomplished in a manner that 
minimizes costs to residential ratepayers? Further, we request comment 
on whether this proposal or tentative conclusion raises issues 
regarding the protection of privacy and security of communications 
which are not authorized to be intercepted. Additionally, we solicit 
comment on whether the inclusion of this technical requirement within 
the assistance capability requirements envisioned by Section 103 would 
positively or negatively affect the provision of new technologies and 
services to the public. Commenters are asked to provide detailed 
information regarding the amount of time and conditions that they 
believe will be necessary to successfully develop and deploy this 
technical requirement in telecommunications systems. In addition, 
excluding those CPE-controlled features noted above, and consistent 
with our proposed ruling regarding voice mail as noted above, we 
request comment on whether information required to provide LEAs with 
subject-initiated dialing and signaling activity is reasonably 
available to carriers. Finally, we recognize that some commenters 
assert that at least portions of this technical requirement may be 
provided through other features of J-STD-025. We request comment on the 
accuracy of these contentions. Commenters should demonstrate clearly 
how the features required are provided, or not provided, elsewhere in 
J-STD-025.

In-band and Out-of-band Signaling

    66. This technical requirement would allow a telecommunications 
carrier to send a notification message to the LEA when any network 
message (ringing, busy, call waiting signal, message light, etc.) is 
sent to a subject using facilities under surveillance. For example, if 
someone leaves a voice mail message on the subject's phone, the 
notification to the LEA would indicate the type of message notification 
sent to the subject (such as the phone's message light, audio signal, 
text message, etc.). For calls the subject originates, a notification 
message would also indicate whether the subject ended a call when the 
line was ringing, busy (a busy line or busy trunk), or before the 
network could complete the call.
    67. We believe that certain types of in-band and out-of-band 
signaling information, such as notification that a voice mail message 
has been received by a subject, constitute call-identifying information 
under CALEA; while there may be other types of in-band and out-of-band 
signaling information that would constitute call content information 
and thus would raise questions as to under what authority they should 
be provided to the LEA. However, for purposes of this proceeding, we do 
not address such questions of whether or what type of authorization 
LEAs would need to access such information. This is up to the judicial 
branch. Unless necessary to establish technical standards under CALEA's 
safe harbor, it is not our intention to specifically decide whether 
certain types of in-band or out-of-band signaling is either call 
content or call-identifying information since CALEA requires carrier 
have the ability to provide access to both. We request comment on what 
types of in-band and out-of-band signaling should constitute a 
technical requirement necessary to meet the assistance capability 
requirements envisioned by Section 103.
    68. Also, in the event that we ultimately determine that in-band 
and out-of-band signaling is a technical requirement necessary to meet 
the assistance capability requirements under Section 103, we request 
comment on whether there are cost-effective methods of providing in-
band and out-of-band signaling to a LEA. Can this requirement be 
accomplished in a manner that minimizes costs to residential 
ratepayers? Further, we request comment on whether this requirement 
raises issues regarding the protection of privacy and security of 
communications which are not authorized to be intercepted. 
Additionally, we solicit comment on whether the inclusion of this 
technical requirement within the assistance capability requirements 
envisioned by Section 103 would positively or negatively affect the 
provision of new technologies and services to the public. Commenters 
are asked to provide detailed information regarding the amount of time 
and conditions that they believe will be necessary to successfully 
develop and deploy this technical

[[Page 63649]]

requirement in telecommunications systems.

Timing Information

    69. In those cases where the LEA has obtained authorization to 
intercept both content and call-identifying information, this 
capability would require that a telecommunications carrier send call 
timing information to the LEA so that the LEA could associate the call-
identifying information with the actual content of the call. There 
would be two elements to this capability:
    (1) Each call-identifying message (answer message, party join 
message, party drop message, etc.) would be time stamped within a 
specific amount of time from when the event triggering the message 
occurred in the intercept access point. This time-stamp would allow the 
LEA to associate the message to the call content information (i.e., the 
conversation).
    (2) A carrier would be required to send the message to the LEA 
within a defined amount of time from the event to permit the LEA to 
associate the number dialed to the conversation.
    70. We tentatively conclude that time stamp information fits within 
the definition of call-identifying information contained within section 
102(2) of CALEA and will allow such information ``to be associated with 
the communication to which it pertains.'' We propose to include timing 
information that is reasonably available to the carrier as a technical 
requirement necessary to meet the assistance capability requirements of 
Section 103(a). We seek comment on this proposal. We base this 
conclusion on the statutory language found in Section 103(a)(2), and on 
our tentative conclusion that such information falls within the 
definition of call-identifying information in section 102(2). A time 
stamp permits identification of a given call from a series of calls 
made within a short timeframe, and is necessary to allow a LEA to 
associate call-identifying information with the communication to which 
it pertains. We note, however, that CALEA does not impose a specific 
timing requirement on carriers. Rather, it states that carriers must 
``expeditiously'' isolate and enable the government to access call-
identifying information ``before, during, or immediately after the 
transmission of a wire or electronic communication (or at such later 
time as may be acceptable to the government); and in a manner that 
allows it to be associated with the communication to which it 
pertains.'' Therefore, we seek comment on what is a reasonable amount 
of time to require the carriers to deliver the time stamped message to 
the LEA. We note that DoJ/FBI have requested delivery within 3 seconds 
of the beginning of the event and with an accuracy of 100 milliseconds. 
Commenters should address whether this is a reasonable time frame, and 
whether there are any technical barriers to implementing such a 
requirement. Commenters proposing an alternative time frame should also 
address technical feasibility and how such a time frame will satisfy 
the requirements of the statute.
    71. In addition, we seek comment, as required by section 107(b), on 
the factors that we must consider in establishing a technical 
requirement. Are there cost-effective methods of providing timing 
information to a LEA? Can this requirement be accomplished in a manner 
that minimizes costs to residential ratepayers? Further, we request 
comment on whether this proposal raises issues regarding the protection 
of privacy and security of communications which are not authorized to 
be intercepted. Additionally, we solicit comment on whether the 
inclusion of this technical requirement within the assistance 
capability requirements envisioned by Section 103 would positively or 
negatively affect the provision of new technologies and services to the 
public. Commenters are asked to provide detailed information regarding 
the amount of time and conditions that they believe will be necessary 
to successfully develop and deploy this technical requirement in 
telecommunications systems.

Surveillance Status

    72. This capability would require the telecommunications carrier to 
send information to the LEA to verify that a wiretap has been 
established and is still functioning correctly. This information could 
include the date, time, and location of the wiretap; identification of 
the subscriber whose facilities are under surveillance; and 
identification of all voice channels that are connected to the 
subscriber. This information would be transmitted to the LEA when the 
wiretap is activated, updated or deactivated, as well as periodically 
(varying from once every hour to once every 24 hours).
    73. CALEA requires carriers to ensure that authorized wiretaps can 
be performed in an expeditious manner, and we believe that a 
surveillance status message could assist carriers and LEAs in 
determining the status of such wiretaps. We tentatively conclude, 
however, that a surveillance status message does not fall within any of 
the provisions of Section 103. We do not believe that it is call-
identifying information as defined by CALEA, since the information such 
a feature would provide is unrelated to any particular call. Nor does a 
surveillance status message appear to be required under Section 
103(a)(1), since it is not necessary to intercept either wire or 
electronic communications carried on a carrier's system. Nor are we 
persuaded by the FBI's interpretation that a surveillance status 
message is required by CALEA's direction that a carrier ``shall 
ensure'' that its system is capable of meeting the Section 103(a) 
requirements. Rather, we note that the Act expressly states: ``a 
telecommunications carrier shall ensure that its equipment, facilities, 
or services . . . are capable of'' intercepting communications and 
allowing LEA access to call-identifying information. We interpret the 
plain language of the statute to mandate compliance with the capability 
requirements of Section 103(a), but not to require that such capability 
be proven or verified on a continual basis.
    74. Thus, we tentatively conclude that the surveillance status 
punch list item is not an assistance capability requirement under 
Section 103. However, we invite comment as to how, generally, carriers 
intend to ensure that wiretaps remain operational. How, specifically, 
would ``human intervention'' be exercised? For example, do carriers 
plan to periodically check the circuit manually and notify the LEA that 
the wiretap remains operational? Further, to the extent commenters 
continue to believe that an automated surveillance status message is 
necessary to implement the requirements of Section 103, we seek comment 
on the 107(b) factors that the Commission must evaluate under CALEA. In 
what manner could such a feature be provided? Are there cost effective 
methods of providing surveillance status information to a LEA? Can this 
requirement be accomplished in a manner that minimizes costs to 
residential ratepayers? Could such provision of surveillance status 
messages compromise the privacy and security of communications not 
authorized to be intercepted? Would the provision of such information 
constrain a carrier's ability to develop and deploy new technologies 
and services? What period of time would be required to develop and 
deploy such a feature? And, to the extent that this information were to 
fall under the definition of call-identifying information, is it 
reasonably available to carriers?

[[Page 63650]]

Continuity Check Tone

    75. This technical requirement would require that, in cases where a 
LEA has obtained authority to intercept wire or electronic 
communications, a C-tone or dial tone be placed on the call content 
channel received by the LEA from the telecommunications carrier until a 
user of the facilities under surveillance initiates or receives a call. 
At that point, the tone would be turned off, indicating to the LEA that 
the target facilities were in use. This capability would permit 
correlation between the time a call is initiated and the time the 
connection is established. The C-tone would also verify that the 
connection between the carrier's switch and the LEA is in working 
order.
    76. As with the case of surveillance status messages, we believe 
that continuity tone could assist the LEA in determining the status of 
a wiretap, but that this technical requirement is not necessary to meet 
the mandates of Section 103(a). Similar to our reasoning regarding 
surveillance status messages, we do not believe that a continuity tone 
falls within CALEA's definition of call-identifying information, nor 
does it appear to be required under Section 103(a)(1), since it is not 
necessary to intercept either wire or electronic communications carried 
on a carrier's system. Furthermore, as explained above, the plain 
language of the statute mandates compliance with the capability 
requirements of Section 103(a), but does not require that such 
capability be proven or verified on a continual basis. Thus, we 
tentatively conclude that the continuity tone punch list item is not an 
assistance capability requirement under Section 103.
    77. However, to the extent commenters continue to believe such a 
technical requirement is necessary to implement the requirements of 
Section 103, we seek comment on the 107(b) factors that the Commission 
must evaluate under CALEA. In what manner could such a feature be 
provided? Are there cost effective methods of providing a continuity 
tone to a LEA? Can this requirement be accomplished in a manner that 
minimizes costs to residential ratepayers? Could provision of a 
continuity tone somehow compromise the privacy and security of 
communications not authorized to be intercepted? For example, could 
such a tone be detected by the subscriber whose facilities are under 
surveillance? Would the provision of such information constrain a 
carrier's ability to develop and deploy new technologies and services? 
And finally, what period of time would be required to develop and 
deploy such a feature?

Feature Status

    78. This technical requirement would require a carrier to notify 
the LEA when specific subscription-based calling services are added to 
or deleted from the facilities under surveillance, including when the 
subject modifies capabilities remotely through another phone or through 
an operator. Examples of such services are call waiting, call hold, 
three-way calling, conference calling, and call return. Also, the 
carrier would be required to notify the LEA if the telephone number of 
the facilities under surveillance was changed or service was 
disconnected.
    79. Similar to surveillance status messages and continuity tones, 
we believe that feature status messages could be useful to a LEA, but 
that provision of these messages from a carrier to a LEA is not 
required to meet the mandates of Section 103(a). First, we believe it 
is clear that feature status messages do not constitute call-
identifying information because they do not pertain to the actual 
placement or receipt of individual calls. Further, feature status 
messages do not appear to be required under Section 103(a)(1) because 
they are not necessary to intercept either wire or electronic 
communications carried on a carrier's system. Rather, they would simply 
aid a LEA in determining how much capacity is required to implement and 
maintain effective electronic surveillance of a target facility, 
information that could be useful in assuring that an interception is 
fully effectuated and the intercepted material delivered as authorized. 
However, as noted by AT&T, the information that would be provided by 
feature status messages can be provided by other means, such as a 
subpoena to the carrier. In any event, we reiterate our view that the 
plain language of the Act mandates compliance with the assistance 
capability requirements of Section 103(a), but does not require 
carriers to implement any specific quality control capabilities to 
assist law enforcement. Thus, we tentatively conclude that the feature 
status punch list item does not meet the assistance capability 
requirements of Section 103.
    80. We note, however, that at least some of the information that 
would be provided by feature status messages--for example, a change to 
the phone number of the facilities under surveillance--must be provided 
to the LEA expeditiously if electronic surveillance is to be effective. 
We request comment on whether this information can be provided in such 
an expeditious manner by other means. We also request comment on any 
other aspects or interpretations of a feature status capability that 
might cause at least some portion of this feature to meet the 
assistance capability requirements of Section 103. To the extent 
commenters believe that such a capability is necessary to implement the 
requirements of Section 103, we seek a particularized description of 
such a capability and comment on the 107(b) factors that the Commission 
must evaluate under CALEA. In what manner could such a capability be 
provided? Are there cost effective methods of providing feature status 
messages to a LEA? Can this requirement be accomplished in a manner 
that minimizes costs to residential ratepayers? Could provision of 
feature status messages to a LEA compromise the privacy and security of 
communications not authorized to be intercepted? Would the provision of 
such information constrain a carrier's ability to develop and deploy 
new technologies and services? And finally, what period of time would 
be required to develop and deploy such a capability?

Dialed Digit Extraction

    81. This capability would require the telecommunications carrier to 
provide to the LEA on the call data channel any digits dialed by the 
subject after connecting to another carrier's service (also known as 
``post-cut-through digits''). One example of such dialing and signaling 
would occur when the subject dials an 800 number to access a long 
distance carrier. After connecting to the long distance carrier through 
the 800 number, the subject then dials the telephone number that is the 
ultimate destination of the call.
    82. We tentatively conclude that post-cut-through digits 
representing all telephone numbers needed to route a call, for example, 
from the subscriber's telephone through its LEC, then through IXC and 
other networks, and ultimately to the intended party are call-
identifying information. We seek additional comment on whether such 
call-identifying information is reasonably available to the carrier 
originating the call. Currently, the second set of numbers a subject 
dials (the final destination of the call) apparently is transmitted 
over the CCC (the content portion of the connection) and not over the 
CDC (a separate signaling channel). This method of transmission raises 
two primary questions: (1) Since the post-cut-through digits are 
provided on the content portion of the connection,

[[Page 63651]]

should those numbers be considered content for purposes of CALEA?; and 
(2) Technically, how can such post-cut-through digits be extracted from 
the content channel and delivered to a LEA by a carrier? We seek 
comment on whether originating, intermediate, or terminating carriers 
can deliver such call-identifying information by cost-effective means. 
We are also aware of the concerns expressed by industry and privacy 
advocates that this dialed digit extraction feature could prove to be 
inordinately expensive to design, build, and incorporate into telephone 
network infrastructures. The record established thus far does not 
reflect any specific cost estimates but does raise the possibility that 
there may be newly available, less expensive solutions for this 
feature, although it is not clear if such solutions have the capability 
of separating post-cut-through call-identifying digits from those 
dialed to perform other functions. We seek comment on this proposal 
and, as required by section 107(b), on the other factors that we must 
consider in establishing a technical requirement. Can it be 
accomplished in a manner that minimizes costs to residential 
ratepayers? Additionally, we solicit comment on whether our proposal 
would positively or negatively affect the provision of new technologies 
and services to the public. Commenters are asked to provide detailed 
information regarding the amount of time and conditions that they 
believe will be necessary to successfully develop and deploy this 
technical requirement in telecommunications systems. Finally, we 
request detailed comment on how the privacy and security of 
communications that are not authorized to be intercepted can be 
protected. In particular, we request comment on whether and how such 
call-identifying information can be distinguished from digits dialed to 
perform other functions (e.g., to input a credit card number or to 
access information services after the call reaches its final 
destination in the PSTN).

Disposition of J-STD-025

    83. We believe that the technical requirements proposed herein can 
be most efficiently implemented by permitting Subcommittee TR45.2 of 
the TIA to develop the necessary specifications in accord with our 
determinations. We note that CALEA contemplates that standards will be 
developed either ``by an industry association or standard-setting 
organization, or by the Commission.'' We note that LEAs, carriers, and 
manufacturers are voting members of the Subcommittee. While we could 
undertake this task, we believe that the Subcommittee already has the 
experience and resources in place to resolve these issues more quickly. 
Both law enforcement agencies and telecommunications manufacturers and 
carriers participate on the Subcommittee. The Subcommittee worked 
diligently over a period of several years to craft J-STD-025 and both 
LEAs and privacy groups agree with--or, at least do not raise any 
specific objections to--the vast majority of the features of that 
standard. A Commission-based standard-setting activity would 
necessarily have to rely heavily on the Subcommittee to modify J-STD-
025 in any event, and thus would very likely take longer than industry-
based processes to develop a final safe harbor standard. Our decision 
to rely on industry to develop the final technical specifications 
reflects our commitment to achieve a CALEA solution as expeditiously as 
possible.
    84. Accordingly, we expect TIA to undertake the task of modifying 
J-STD-025 to be consistent with the technical requirements we 
ultimately adopt in this proceeding. Further, we expect the TIA to 
complete any such modifications to J-STD-025 within 180 days of release 
of the Report and Order in this proceeding. While this is an ambitious 
schedule, we believe it is achievable because the TIA has been 
examining CALEA technical standards issues for several years, and the 
modifications to J-STD-025 are likely to be relatively limited. In 
fact, all of the technical requirements that we have identified for 
modification were previously considered in detail by TIA Subcommittee 
TR45.2. We note that any telecommunications carrier conforming with the 
revised standard will be considered to have complied with CALEA's safe 
harbor provisions under section 107(a)(2). We consider 180 days a 
sufficient time period for industry to adopt revised technical 
standards compliant with CALEA and we believe that industry will be 
able to comply with the core requirements of J-STD-025 (excluding the 
packet-mode feature) by June 30, 2000. Therefore, we do not plan to 
extend the CALEA compliance deadline for the core J-STD-025 
requirements beyond that date, except in the case of individual 
extenuating circumstances, to which the criteria of section 107(c) of 
CALEA would apply. Based on comments received in response to this 
Further NPRM, we will set a separate deadline for compliance with the 
additional technical requirements that we determine CALEA mandates. We 
seek comment on these tentative findings and conclusions.

Other Technologies and Systems

    85. We seek comment on what role, if any, the Commission can or 
should play in assisting those telecommunications carriers not covered 
by J-STD-025 to set standards for, or to achieve compliance with, 
CALEA's requirements. Insofar as such carriers argue that CALEA 
contemplates multiple or different standards for services such as 
paging, digital dispatch and wireless data, we seek comment regarding 
how our determinations regarding J-STD-025, the FBI's punch list items, 
and location and packet-mode information will affect the requirements 
and standards already adopted or currently being established by these 
other industry segments. For example, can the Commission's 
determinations in this rulemaking proceeding be adapted to these other 
technologies? Further, we request comment on if and how we should 
consider the impact of the technical requirements we ultimately adopt 
in this proceeding on these other technologies and services.

Other Matters

    86. As previously discussed, in March 1998 CDT submitted a petition 
for rulemaking to the Commission. In its petition, CDT requests relief 
from the Commission under section 109 (as well as section 107) of 
CALEA. CDT argues that ``compliance with CALEA is not reasonably 
achievable with respect to equipment, facilities, and services deployed 
after January 1, 1995, for the simple reason that carriers have had to 
make changes to their systems not knowing what was required to comply 
with CALEA.'' Lack of a CALEA standard, or a dispute about the CALEA 
standard, however, is not grounds for a rulemaking under section 109. 
Rather, a section 109 determination by the Commission presupposes that 
the final requirements that must be met by telecommunications carriers 
under Section 103 are in place. Those requirements, however, are still 
in dispute. Accordingly, we are herein dismissing without prejudice 
that portion of CDT's petition that relies on section 109.
    87. Also, as previously discussed, in July 1997 CTIA filed a 
petition for rulemaking requesting that the Commission establish a 
standard to implement the mandates of Section 103, and in March 1998 
DoJ/FBI submitted a motion to dismiss that petition on the grounds that 
the December 1997 adoption of J-STD-025 rendered CTIA's petition moot. 
CTIA agrees with DoJ/FBI

[[Page 63652]]

that its petition is moot, both because the adoption of the industry 
interim standard supersedes its request for the Commission to establish 
a CALEA standard by rule and because its request in its petition to 
extend the CALEA compliance deadline has been addressed in this 
proceeding. We agree. Accordingly, we herein dismiss as moot CTIA's 
July 16, 1997 Petition for Rulemaking.

Initial Regulatory Flexibility Analysis

    88. As required by the Regulatory Flexibility Act (RFA), the 
Commission has prepared an Initial Regulatory Flexibility Analysis 
(IRFA) of the expected significant economic impact on small entities by 
the policies and rules suggested in this Communications Assistance for 
Law Enforcement Act, Further Notice of Proposed Rulemaking (CALEA 
Further NPRM). Written public comments are requested on the IRFA. 
Comments must be identified as responses to the IRFA and must be filed 
by the deadlines for comments on the CALEA Further NPRM provided above 
on the first page, in the heading. The Secretary shall send a copy of 
the CALEA Further NPRM, including the IRFA, to the Chief Counsel for 
Advocacy of the Small Business Administration (SBA) in accordance with 
paragraph 603(a).

Need for and Objectives of the Proposed Rules

    89. This Further Notice of Proposed Rulemaking responds to the 
legislative mandate contained in the Communications Assistance for Law 
Enforcement Act, Pub. L. No. 103-414, 108 Stat. 4279 (1994) (codified 
as amended in sections of 18 U.S.C. and 47 U.S.C.).

Legal Basis

    90. The proposed action is authorized under the Communications 
Assistance for Law Enforcement Act, Public Law 103-414, 108 Stat. 4279 
(1994) (codified as amended in scattered sections of 18 U.S.C. and 47 
U.S.C.). The proposed action is also authorized by sections 1, 4, 201, 
202, 204, 205, 218, 229, 332, 403 and 503 of the Communications Act of 
1934, as amended, 47 U.S.C. sections 151, 154, 201-205, 218, 229, 301, 
303, 312, 332, 403, 501 and 503.

Description and Estimate of the Number of Small Entities To Which 
the Proposed Rules Will Apply

    91. The proposals set forth in this proceeding may have a 
significant economic impact on a substantial number of small telephone 
companies identified by the SBA. We seek comment on the obligations of 
a telecommunications carrier for the purpose of complying with CALEA.
    92. The RFA generally defines ``small entity'' as having the same 
meaning as the term ``small business,'' ``small organization,'' and 
``small governmental jurisdiction'' and the same meaning as the term 
``small business concern'' under the Small Business Act, unless the 
Commission has developed one or more definitions that are appropriate 
to its activities. Under the Small Business Act, a ``small business 
concern'' is one that: (1) is independently owned and operated; (2) is 
not dominant in its field of operation; and (3) meets any additional 
criteria established by the Small Business Administration (SBA). The 
SBA has defined a small business for Standard Industrial Classification 
(SIC) categories 4812 (Radiotelephone Communications) and 4813 
(Telephone Communications, Except Radiotelephone) to be small entities 
when they have fewer than 1,500 employees. We first discuss generally 
the total number of small telephone companies falling within both of 
those SIC categories. Then, we discuss the number of small businesses 
within the two subcategories, and attempt to refine further those 
estimates to correspond with the categories of telephone companies that 
are commonly used under our rules.
    93. Telephone Companies (SIC 483). Consistent with our prior 
practice, we shall continue to exclude small incumbent LECs from the 
definition of a small entity for the purpose of this IRFA. 
Nevertheless, as mentioned above, we include small incumbent LECs in 
our IRFA. Accordingly, our use of the terms ``small entities'' and 
``small businesses'' does not encompass ``small incumbent LECs.'' We 
use the term ``small incumbent LECs'' to refer to any incumbent LECs 
that arguably might be defined by SBA as ``small business concerns.''
    94. Total Number of Telephone Companies Affected. Many of the 
decisions and rules adopted herein may have a significant effect on a 
substantial number of the small telephone companies identified by SBA. 
The United States Bureau of the Census (the Census Bureau) reports 
that, at the end of 1992, there were 3,497 firms engaged in providing 
telephone services, as defined therein, for at least one year. This 
number contains a variety of different categories of carriers, 
including local exchange carriers, interexchange carriers, competitive 
access providers, cellular carriers, mobile service carriers, operator 
service providers, pay telephone operators, PCS providers, covered SMR 
providers, and resellers. Some of these providers--for example, all SMR 
providers--are not covered by this Further NPRM, and it seems certain 
that some of the 3,497 telephone service firms may not qualify as small 
entities or small incumbent LECs because they are not ``independently 
owned and operated.'' For example, a PCS provider that is affiliated 
with an interexchange carrier having more than 1,500 employees would 
not meet the definition of a small business. It seems reasonable to 
conclude, therefore, that fewer than 3,497 telephone service firms are 
small entity telephone service firms or small incumbent LECs that may 
be affected by this Further NPRM.
    95. Wireline Carriers and Service Providers. SBA has developed a 
definition of small entities for telephone communications companies 
other than radiotelephone (wireless) companies. The Census Bureau 
reports that there were 2,321 such telephone companies in operation for 
at least one year at the end of 1992. According to SBA's definition, a 
small business telephone company other than a radiotelephone company is 
one employing fewer than 1,500 persons. All but 26 of the 2,321 non-
radiotelephone companies listed by the Census Bureau were reported to 
have fewer than 1,000 employees. Thus, even if all 26 of those 
companies had more than 1,500 employees, there would still be 2,295 
non-radiotelephone companies that might qualify as small entities or 
small incumbent LECs. Although it seems certain that some of these 
carriers are not independently owned and operated, we are unable at 
this time to estimate with greater precision the number of wireline 
carriers and service providers that would qualify as small business 
concerns under SBA's definition. Consequently, we estimate that there 
are fewer than 2,295 small entity telephone communications companies 
other than radiotelephone companies that may be affected by the 
decisions and rules recommended for adoption in this NPRM.
    96. Local Exchange Carriers. Neither the Commission nor SBA has 
developed a definition of small providers of local exchange services 
(LECs). The closest applicable definition under SBA rules is for 
telephone communications companies other than radiotelephone (wireless) 
companies. The most reliable source of information regarding the number 
of LECs nationwide of which we are aware appears to be the data that we 
collect annually in connection with the Telecommunications Relay 
Service (TARS). According to our most recent data, 1,347 companies 
reported that

[[Page 63653]]

they were engaged in the provision of local exchange services. Although 
it seems certain that some of these carriers are not independently 
owned and operated, or have more than 1,500 employees, we are unable at 
this time to estimate with greater precision the number of LECs that 
would qualify as small business concerns under SBA's definition. 
Consequently, we estimate that there are fewer than 1,347 small 
incumbent LECs that may be affected by the decisions and rules 
recommended for adoption in this NPRM.
    97. Interexchange Carriers. Neither the Commission nor SBA has 
developed a definition of small entities specifically applicable to 
providers of interexchange services (IXCs). The closest applicable 
definition under SBA rules is for telephone communications companies 
other than radiotelephone (wireless) companies. The most reliable 
source of information regarding the number of IXCs nationwide of which 
we are aware appears to be the data that we collect annually in 
connection with TARS. According to our most recent data, 130 companies 
reported that they were engaged in the provision of interexchange 
services. Although it seems certain that some of these carriers are not 
independently owned and operated, or have more than 1,500 employees, we 
are unable at this time to estimate with greater precision the number 
of IXCs that would qualify as small business concerns under SBA's 
definition. Consequently, we estimate that there are fewer than 130 
small entity IXCs that may be affected by the decisions and rules 
recommended for adoption in this NPRM.
    98. Competitive Access Providers. Neither the Commission nor SBA 
has developed a definition of small entities specifically applicable to 
providers of competitive access services (CAPs). The closest applicable 
definition under SBA rules is for telephone communications companies 
other than radiotelephone (wireless) companies. The most reliable 
source of information regarding the number of CAPs nationwide of which 
we are aware appears to be the data that we collect annually in 
connection with the TARS. According to our most recent data, 57 
companies reported that they were engaged in the provision of 
competitive access services. Although it seems certain that some of 
these carriers are not independently owned and operated, or have more 
than 1,500 employees, we are unable at this time to estimate with 
greater precision the number of CAPs that would qualify as small 
business concerns under SBA's definition. Consequently, we estimate 
that there are fewer than 57 small entity CAPs that may be affected by 
the decisions and rules recommended for adoption in this NPRM.
    99. Operator Service Providers. Neither the Commission nor SBA has 
developed a definition of small entities specifically applicable to 
providers of operator services. The closest applicable definition under 
SBA rules is for telephone communications companies other than 
radiotelephone (wireless) companies. The most reliable source of 
information regarding the number of operator service providers 
nationwide of which we are aware appears to be the data that we collect 
annually in connection with the TARS. According to our most recent 
data, 25 companies reported that they were engaged in the provision of 
operator services. Although it seems certain that some of these 
companies are not independently owned and operated, or have more than 
1,500 employees, we are unable at this time to estimate with greater 
precision the number of operator service providers that would qualify 
as small business concerns under SBA's definition. Consequently, we 
estimate that there are fewer than 25 small entity operator service 
providers that may be affected by the decisions and rules recommended 
for adoption in this NPRM.
    100. Wireless (Radiotelephone) Carriers. SBA has developed a 
definition of small entities for radiotelephone (wireless) companies. 
The Census Bureau reports that there were 1,176 such companies in 
operation for at least one year at the end of 1992. According to SBA's 
definition, a small business radiotelephone company is one employing 
fewer than 1,500 persons. The Census Bureau also reported that 1,164 of 
those radiotelephone companies had fewer than 1,000 employees. Thus, 
even if all of the remaining 12 companies had more than 1,500 
employees, there would still be 1,164 radiotelephone companies that 
might qualify as small entities if they are independently owned are 
operated. Although it seems certain that some of these carriers are not 
independently owned and operated, we are unable at this time to 
estimate with greater precision the number of radiotelephone carriers 
and service providers that would qualify as small business concerns 
under SBA's definition. Consequently, we estimate that there are fewer 
than 1,164 small entity radiotelephone companies that may be affected 
by the decisions and rules recommended for adoption in this NPRM.
    101. Cellular and Mobile Service Carriers: In an effort to further 
refine our calculation of the number of radiotelephone companies 
affected by the rules adopted herein, we consider the categories of 
radiotelephone carriers, Cellular Service Carriers and Mobile Service 
Carriers. Neither the Commission nor the SBA has developed a definition 
of small entities specifically applicable to Cellular Service Carriers 
and to Mobile Service Carriers. The closest applicable definition under 
SBA rules for both services is for telephone companies other than 
radiotelephone (wireless) companies. The most reliable source of 
information regarding the number of Cellular Service Carriers and 
Mobile Service Carriers nationwide of which we are aware appears to be 
the data that we collect annually in connection with the TARS. 
According to our most recent data, 792 companies reported that they are 
engaged in the provision of cellular services and 117 companies 
reported that they are engaged in the provision of mobile services. 
Although it seems certain that some of these carriers are not 
independently owned and operated, or have more than 1,500 employees, we 
are unable at this time to estimate with greater precision the number 
of Cellular Service Carriers and Mobile Service Carriers that would 
qualify as small business concerns under SBA's definition. 
Consequently, we estimate that there are fewer than 792 small entity 
Cellular Service Carriers and fewer than 138 small entity Mobile 
Service Carriers that might be affected by the actions and rules 
adopted in this NPRM.
    102. Broadband PCS Licensees. The broadband PCS spectrum is divided 
into six frequency blocks designated A through F, and the Commission 
has held auctions for each block. The Commission defined ``small 
entity'' for Blocks C and F as an entity that has average gross 
revenues of less than $40 million in the three previous calendar years. 
For Block F, an additional classification for ``very small business'' 
was added, and is defined as an entity that, together with its 
affiliates, has average gross revenues of not more than $15 million for 
the preceding three calendar years. These regulations defining ``small 
entity'' in the context of broadband PCS auctions have been approved by 
SBA. No small businesses within the SBA-approved definition bid 
successfully for licenses in Blocks A and B. There were 90 winning 
bidders that qualified as small entities in the Block C auctions. A 
total of 93 small and very small business bidders won approximately 40% 
of the 1,479 licenses for Blocks D, E, and F. However,

[[Page 63654]]

licenses for Blocks C through F have not been awarded fully, therefore 
there are few, if any, small businesses currently providing PCS 
services. Based on this information, we conclude that the number of 
small broadband PCS licenses will include the 90 winning C Block 
bidders and the 93 qualifying bidders in the D, E, and F blocks, for a 
total of 183 small PCS providers as defined by the SBA and the 
Commissioner's auction rules.
    103. Resellers. Neither the Commission nor SBA has developed a 
definition of small entities specifically applicable to resellers. The 
closest applicable definition under SBA rules is for all telephone 
communications companies. The most reliable source of information 
regarding the number of resellers nationwide of which we are aware 
appears to be the data that we collect annually in connection with the 
TARS. According to our most recent data, 260 companies reported that 
they were engaged in the resale of telephone services. Although it 
seems certain that some of these carriers are not independently owned 
and operated, or have more than 1,500 employees, we are unable at this 
time to estimate with greater precision the number of resellers that 
would qualify as small business concerns under SBA's definition. 
Consequently, we estimate that there are fewer than 260 small entity 
resellers that may be affected by the decisions and rules recommended 
for adoption in this NPRM.

Description of Projected Reporting, Recordkeeping and Other 
Compliance Requirements

    104. The rules proposed in the NPRM require telecommunications 
carriers to establish policies and procedures governing the conduct of 
officers and employees who are engaged in surveillance activity. Those 
proposed rules require telecommunications carriers to maintain records 
of all interceptions of communications and call identification 
information. Further, those proposed rules require telecommunications 
carriers classified as Class A companies pursuant to 47 U.S.C. 
Sec. 32.11 to file individually with the Commission a statement of its 
processes and procedures used to comply with the systems security rules 
promulgated by the Commission. Telecommunications carriers classified 
as Class B companies pursuant to 47 U.S.C. Sec. 32.11 may elect to 
either file a statement describing their security processes and 
procedures or to certify that they observe procedures consistent with 
the security rules promulgated by the Commission.
    105. We tentatively conclude that a substantial number of 
telecommunications carriers, who have been subjected to demands from 
law enforcement personnel to provide lawful interceptions and call-
identifying information for a period time preceding CALEA, already have 
in place practices for proper employee conduct and recordkeeping. We 
seek comment on this tentative conclusion. As a practical matter, 
telecommunications carriers need these practices to protect themselves 
from suit by persons who claim they were the victims of illegal 
surveillance. By providing general guidance regarding the conduct of 
carrier personnel and the content of records in this Further NPRM, the 
Commission permits telecommunications carriers to use their existing 
practices to the maximum extent possible. Thus, we tentatively conclude 
that the additional cost to most telecommunications carriers for 
conforming to the Commission regulations contained in this Further 
NPRM, should be minimal. We seek comment on this tentative conclusion.

Significant Alternatives to Proposed Rules Which Minimize 
Significant Economic Impact on Small Entities and Accomplish Stated 
Objectives

    106. As we noted in Part I of this IRFA, supra, the need for the 
proposed regulations is mandated by Federal legislation. The 
legislation is specific on the content of employee conduct and 
recordkeeping regulations for telecommunications carriers, which 
removes from Commission discretion the consideration of alternative 
employee conduct and recordkeeping regulations for smaller 
telecommunications carriers. The legislation, however, provides for 
Commission discretion to formulate compliance reporting requirements 
for telecommunications carriers that favor smaller telecommunications 
carriers, and in the NPRM the Commission exercised that discretion by 
proposing rules that allow smaller carriers the option to file a 
certification of compliance with the Commission instead of a statement 
of the policies, processes and procedures they use to comply with the 
CALEA regulations.

Federal Rules That May Overlap, Duplicate, or Conflict With the 
Proposed Rules

    107. As we noted in Part I of this IRFA, supra, the need for the 
proposed regulations is mandated by Federal legislation. The purpose of 
CALEA was to empower and require the Federal Communications Commission 
and the Department of Justice to craft regulations pursuant to specific 
statutory instructions. Because there were no other Federal Rules in 
existence before CALEA was enacted, there are no duplicate Federal 
Rules. In addition, there are no overlapping, duplicating, or 
conflicting Federal Rules to the Federal Rules proposed in this 
proceeding.

Ordering Clauses

    108. Accordingly, pursuant to sections 1, 4, 229, 301, 303, and 332 
of the Communications Act of 1934, as amended, and 107(b) of the 
Communications Assistance for Law Enforcement Act, 47 U.S.C. sections 
151, 154, 229, 301, 303, 332, and 1006(b), it is ordered that this 
Further Notice of Proposed Rulemaking is hereby adopted. It is further 
ordered that the Petition for Rulemaking filed by the Cellular 
Telecommunications Industry Association on July 16, 1997 is dismissed 
as moot. It is further ordered that the Petition for Rulemaking filed 
by the Center for Democracy and Technology is dismissed without 
prejudice to the extent the petition seeks relief under section 109 of 
CALEA, 47 U.S.C. section 1008. It is further ordered that the 
Commission shall send a copy of this Further Notice of Proposed 
Rulemaking, including the Initial Regulatory Flexibility Analysis, to 
the Chief Counsel for Advocacy of the Small Business Administration.

List of Subjects in 47 CFR Part 64

    Communications common carriers.

Federal Communications Commission.
Magalie Roman Salas,
Secretary.
[FR Doc. 98-30552 Filed 11-13-98; 8:45 am]
BILLING CODE 6712-01-P