The following statement of work was released in late August 2011 by the U.S. Air Force in support of a contract to provide lawful interception capability to the Government of Iraq. The document provides a number of specific details about the system’s requirements including the ability to monitor over 5000 targets at a time including at least 1000 simultaneous voice calls. The work statement was originally pointed out by privacy researcher Christopher Soghoian who commented that based on the level of detail provided in the document, “We know more (from open source docs) about the wiretap system the US gov is buying for Iraq telcos than the systems already installed here.”
Lawful Intercept Capability for the Government of Iraq Statement of Work
- 7 pages
- August 18, 2011
This Statement of Work (SOW) involves purchasing and installing a Lawful Intercept (LI) capability for the Government of Iraq (GOI). The capability shall include: providing installation, system engineering, system administration, terminal operations support, and mentoring/training Iraqi system operators. The solution should include a disaster recovery feature/configuration that would replicate (backup) the server and database storage at a physically separate facility. LI will provide the GOI a powerful communications intelligence tool to assist in combating criminal organizations and insurgencies by supporting evidence-based prosecutions, warrant-based targeting, and intelligence-based operations.
The objective of this effort is to provide a LI capability to the GOI so they can intercept cellular communications (whether voice, data, or Short Message Service (SMS)) in order to disrupt criminal activity, organized crime, and insurgent operations. The installed system will allow LI of communications across all Global System for Mobile Communications (GSM) providers within Iraq. This effort will focus on setting up the system on the three service providers networks (Asia Cell, Zain, and Korek).
2.1.1 The Contractor shall ensure the LI system is compliant with relevant ETSI standards governing LI, including, but not limited to ETSI TS 101 331, ETSI ES 201 158, and ETSI TS 101 671.
2.1.2 The system shall have a Lawful Intercept based switch.
2.1.3 The operating software language shall be identified by the contractor.
2.1.4 The LI system shall maintain a database, including identifications in order to build a comprehensive catalog of targets, associates and relationships.
2.1.5 The system shall allow for collected names and numbers to be automatically added to the names/numbers database.
2.1.6 The system shall have a single common integrated desktop Graphical User Interface (GUI) for monitors to access all collected content types from one view.
2.1.7 The system shall be capable of monitoring 5000 targets and support 20% (1000) total simultaneous voice calls. The Contractor shall use general LI traffic assumptions for identifying GPRS (Mobile Data) and SMS volume requirement, and support the identified requirements for each service provider. GPRS and circuit switched data traffic is to be intercepted within each of the 3 service providers.
2.1.8 The LI system shall have the ability to capture and store for at minimum 90 days the following: voice calls, SMS messages, and intercept related information for replay.
2.1.9 The LI system shall be expandable to process voice & data on PSTN, CDMA, and 3G providers.
2.1.10 The LI system shall display data in both tabular and graphical format, as applicable, to include geospatial display of targeted user’s location(s) within 100 meters.
2.1.11 The system shall support the use of satellite imagery and other mapping overlays (e. g. Google Earth).
2.1.12 The system shall have the ability to automate workflow procedures.
2.1.13 The system shall provide a method to automate the playback of content with minimal user intervention.
2.1.14 The system shall support user created complex queries that can be shared among other users.
2.1.15 The system shall provide an automatic screen refresh of common fields to allow users to see up to date information every 10 seconds or less.
2.1.16 The LI system shall provide for differing tasking based on privilege levels.
2.1.17 The LI system shall provide a reporting and metrics sub-system which generates custom reports using different metrics input by the user to evaluate system and collection performance.
2.1.18 The LI system shall employ a cryptographic means to guarantee that intercepted content is not tampered with from time of interception to time of trial.
2.1.19 The LI system shall have the ability to perform near real-time monitoring/surveillance on voice calls, SMS messages, and intercept related information.
2.1.20 The LI system shall provide near real time location monitoring of targets, based on Location Area Code (LAC), Cell, or actual Location-Based Service (LBS.)
2.1.21 The LI system shall be able to raise a near real time (less than 10 minutes) alarm if two or more targets come within a user defined distance of each other.
2.1.22 The LI system shall be able to raise a near real time (less than 10 minutes) alarm if the target transitions in or out of a user defined geo-fence area.
2.1.23 The LI system shall be located at the monitoring center location, which serves as the law enforcement monitoring facility.
2.1.24 The LI system shall provide redundant capabilities to avoid single points of failure or data loss; this includes a second set of backup servers located at NIIA Headquarters to be installed.
2.1.25 The Contractor shall ensure the technical solution will integrate into the existing site-specific infrastructure and/or Government, of Iraq Networks, specifically the International Zone Fiber Network/Iraqi National Packet Network (IZFN/INPN) and other partner transport networks as identified by the U.S. Government. Currently there are no other partner transport networks.
2.1.26 The Contractor shall label all telecommunication infrastructure and equipment components to Indications and Warnings (IAW) standards. All labeling shall be in both Arabic and English.
2.1.27 All equipment procured and installed by this project shall be rated to operate at 220 volts/50 Hertz (the Iraqi electrical standard).
2.1.28 The Contractor shall engineer necessary power backup systems, to include Uninterrupted Power Supply (UPS) and generator backup to ensure 24/7 operation of the equipment in an environment with unstable power (1 hour on UPS, indefinitely on generator). The Contractor shall provide backup electric and cooling systems in sufficient quantity to maintain LI functionality at both the primary and backup sites. LI functionality is defined as keeping the installed LI system and all monitoring stations and equipment associated with collecting LI data operational and running at full capacity.