OASIS LegalXML Subscriber Data Handover Interface TC

The original Call For Participation for this TC may be found at http://lists.oasis-open.org/archives/tc-announce/200403/msg00007.html

The charter for this TC is as follows.

Name of the TC:

OASIS LegalXML Subscriber Data Handover Interface (SDHI) TC

Statement of Purpose:

During the course of law enforcement investigations or judicial proceedings, emergency situations, or other government mandated conditions, a critical need arises for information concerning subscribers to telephone, Internet or other communication services at a well-defined interface. Law enforcement authorities may also use collection and analysis systems that assist in understanding the relationships among parties in an investigation. To accomplish this task, these systems may generate requests for subscriber information and use the resulting data furnished by telecommunication or other service providers.

The OASIS LegalXML Subscriber Data Handover Interface (SDHI) Technical Committee, part of the OASIS LegalXML Member Section, will develop a specification for the production of a consistent Subscriber Data Handover Interface (SDHI), by telecommunication or Internet service providers, of XML structured information concerning a subscriber or communications identifier (e.g., a telephone number) in response to an XML structured request which includes, when necessary, authorization from a judicial, public safety, or law enforcement authority.

There are generally two request variations. The first is a request for basic information concerning a subscriber based on a name, number, or other identifier - for which no formal authorizing instrument is usually needed. The second is a request for expanded information pursuant to a subpoena or warrant or other lawful order, which may demand call detail or billing records, mobile user location information, communication or access logs, or other typically privileged information held by the service provider.

This specification will include required access to provider records pursuant to national Codes of Practice for data retention, emergency response, or investigatory requests, although in most cases, the information is kept by communication services providers as part of normal commercial business practice for accounting, billing, fraud prevention, and marketing purposes. See, e.g., United Kingdom, Regulation of Investigatory Powers Act 2000, 2000 chap. 23, part 1 chapter II, and the disclosure of communications data (sections 21-25 inclusive); and France, Loi no. 2003-239 du 18 mars 2003, Loi pour la securite interieure. Rapid and efficient access to retained data among many diverse providers is a major emerging need. The specification is intended only to facilitate access and production of information that may already exist, and has no prescriptive implication or intent.

This process can be described as a simple "query > authorization > response action"

Scope:

The work of the SDHI TC will be limited to the following:

  • SDHI Requirements Specification
  • SDHI Request, Authorization and Response Schema

The identification or development of such additional schema as may be necessary to implement the SDHI Interface. These will include:

  • XML mechanisms for the queries, including if necessary the "envelope" for the authentication and secure transfer of the information, to be imported from other TC work. These capabilities could rely in part on the Legal XML Court Filing Blue Envelope specification.
  • Localization. These Subscriber Data Handover Interface standards must include a localization mechanism to accommodate the diverse legal systems of country authorities and providers, as well as legacy transition schema such as PDF images and delimited field flat files
  • Prioritizing requests
  • Accounting and billing
  • Accommodating number and identifier portability
  • Adjustments or additions to the interface that may be necessary as a result of implementations, new communications technology, localization requirements

Any items not on the above lists or on the List of Deliverables will be considered out of scope for the TC. Also out of scope are the following:

  • communications services provider subscriber management protocols
  • collection system protocols
  • transport protocols
  • subscriber information data architectures
  • specific handover requirements
  • specific retention requirements
  • real-time data handover requirements

List of Deliverables:

  • SDHI Requirements Specification finalized; three months after first meeting.
  • SDHI Request and Response schemas finalized; six months after first meeting
  • Both of the above are intended to be submitted to OASIS for consideration as an OASIS Standard. Afterwards the TC will create materials or define activities related to the promotion and adoption of the above.
  • Define requirements for additional deliverables or revisions to the SDHI request and response schemas to add to the TC charter; after approval of the OASIS Standard

Anticipated Audience:

The anticipated audience and users include law enforcement and public safety officials, judicial and administrative bodies, national regulatory agencies, communication service providers, lawful access service bureaus, and vendors of network equipment, subscriber accounting systems, and collection system analysis tools.

Language:

English.

 

TOP OF PAGE