I'm going over these "nouvelles directives" and my impression is that there seems to be no new legislation which will be presented to the parliament. This is just a framework for the implementation and certification of systems to expedite surveillance data. It looks like the legal basis that allows for the surveillance has already been established in OSCPT RS 780.1 from October 2000. It seems that there is a great deal of information that providers will be responsible to deliver, historical and real-time to centralized monitoring facility.
The cover letter that I received pretty clearly stats that (my translation from French) "the directives take effect August 1st 2009 with a transitional period until June 30 2010 during which time the providers will implement the measures specified". They also mention that a certification procedure will be put in place for the law enforcement agency to confirm that the provider is complying with the standards.
Am I reading this thing the right way? Does anyone have a solid understanding of what is specified in OSCPT RS 780.1? Or the ETSI standard? Is anyone else looking into how to implement this thing in their network?
btw. I'm surprised there not a bit more noise about this. If you are an ISP is Switzerland and you haven't been made aware of this document I'd check with your legal department and get your hands on a copy. I've got a meeting with our lawyers to talk about what this means for us.
Jon
Patrick.Guelat@imp.ch wrote:
Those of you that are registred with OFCOM as ISP or TSP have probably received the 'Vernehmlassung' for the new LEMF System planned for Switzerland.
Ok, lots of fuzz about how to deliver the data, it's more standardized now following the ETSI standards instead of current proprietary swiss LEMF system, so far so good, a lot of points to take a closer look.
But then... there is a new interception type 'PS_10':
"Internet Access route: Real-time delivery of the complete communication of the Broadband Internet Access as in [1], Art. 15. This includes content of communication (CC) and the related information (IRI) of the broadband internet access"
Welcome to the total supervision all you potentional terrorists...
They claim this type is legally based on SR780.1, Art.15. In this article of BUEPF I can't find anything supporting this argument.
Maybe some law-specialists can shed light upon this...
I hope we'll be able to 'ground' this crap and find alliances in politics so that it won't pass the parliament...
Patrick
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog