June 2016 Newsletter

President’s Corner
The Mission
By Steve Bock, President & CEO


A year has passed since Subsentio purchased the Neustar Legal Compliance Services Division. What a year it’s been.  When I’m asked if it was worth it my answer is absolutely ‘yes.’

Subsentio has more than doubled in size.  As the largest Trusted Third party in the United States, Subsentio is the unchallenged market leader.  We have earned our title “the CALEA Compliance Company” many times over.  Many factors have played an important role in our ascendance:  the most outstanding team of professionals in the business; peerless technology solutions — always tested, certified and ready for action from the moment a court order arrives; our end-to-end service bureau model that guarantees results from start to finish; and always – Subsentio’s intense service focus that puts both the service provider customer and law enforcement first.

But I want to make it clear that the platform driving these key factors is the unique atmosphere of absolute trust among all parties involved – service providers, law enforcement, policymakers, the Court System, and us.  That platform flows from a higher source: Subsentio’s commitment to “The Mission.”

For those who might not know us yet, perhaps a word of explanation is in order.

For me, the end game at Subsentio has always been so much more than profit.  Don’t get me wrong, we are in business to make money.  We can’t provide the level of service that is unmatched in the industry without it.  However, because it’s ‘The Mission’ that motivates me and everyone else on the staff, I’d like to illustrate what I mean.

I spent the week of 9/11 in New York City.  While everyone was trying to get out, I was trying to get in because I had staff working in the city.  I saw the fear, anger and heartache that a handful of terrorists could cause.  One of our Verizon team members lost a cousin in the Twin Towers.  She worked for Cantor Fitzgerald, a premier investment banking company that was virtually wiped out that day.  So, for me, 9/11 was very personal.  If you recall, all air traffic was grounded that week but I was finally able to take the very first flight out of La Guardia five days later.  There was only one other passenger besides myself, and two flight attendants who couldn’t stop crying.

At that moment, my career became focused on a single purpose, to help catch the bad guys.  I was too old to join the army or law enforcement, but I had built a career in telecommunications and I realized that there were tools in those networks that could have helped prevent 9/11.  That was the genesis of Subsentio.

Beginning with Ward Jackson, a retired special agent for the FBI, we slowly built a company that has attracted the “best of the best” talent in the industry.  More importantly, customers bought into the mission.  As a result, through the years our reputation has grown not only within the law enforcement community, but also among service providers.  They know we can be trusted to do the right thing always.  Subsentio’s commitment to ‘The Mission’ stands in stark contrast to the attitude of most of our competitors, who sacrifice quality – and put public safety at risk – by selling on price alone.

Twelve years later, serving ‘The Mission’ has become more complex and challenging than ever. For many, the horror of 9/11 has faded over time.  Subsentio never forgets.  In my office I have an American Flag that was raised over the U.S. Capitol — considered the likely last target on 9/11.  I had it flown in honor of United Airlines Flight 93 which crashed in rural Pennsylvania on 9/11 because that was the moment when we fought back.  If you are a Subsentio customer, an employee or a law enforcement officer, that still means something.

Last week, we got a thank you note from a law enforcement officer whom we assisted on an emergency case involving the sexual molestation of a two-year-old child.  Thankfully, the child is safe now.  We celebrate such success stories because heinous crimes are far more common than many realize.  We know because we deal with them every day.  So when we help save a life, stop a terrorist or catch a fugitive who is on his way to kill his former girlfriend, we know that our mission is a higher calling than profits alone — and so do our customers.

For all those that trust us with the services we provide, I want to personally thank you.  You, too, are vital contributors to ‘The Mission’.  The world is a better place because of you.

Products & Services

globe_head_smallThe Cloud and Much More

Flexibility is the Key.
Subsentio has hundreds of customers.   Each is a communications service provider with its own network utilizing a wide variety of manufacturers’ switches and routers.  Subsentio has to be able to provide technical solutions to each.  And we have.  Historically, we have utilized our Verint platform to create our Harbor Intercept active mediation solution and our very own Safe Harbor Probe for passive intercept solutions.  And we have continued to enhance both offerings.  But technology keeps evolving.  More and more the efficiencies of Cloud services are being experienced in all aspects of network technology, so as networks migrate to the Cloud, so does Subsentio.  In fact, we have created two Cloud solutions, one in our data center and one in the Amazon Cloud.

The Safe Harbor Cloud:  We took our own 1Gb and 10Gb Probes, placed them in our data centers and developed a cost-effective eProbe router that is located within a customer’s network and fully capable of creating intercepts upon demand at a much lower cost.  The Safe Harbor Cloud is easy to install and maintain, offers the functionality of “classic” lawful intercept, but is much less expensive.  Here are just a few of its key benefits:

  • The Subsentio eProbe, installed in the customer network, routes broadband traffic to the Cloud.
  • Safe Harbor Cloud service supports multiple downstream networks.
  • Provides CALEA compliance for Internet access broadband providers.
  • Low cost, easy to install and use.
  • Dynamic Host Configuration Protocol (DHCP).
  • Supports ATIS standard.

Virtualization is a technology which makes applications independent of underlying infrastructure.   The “Cloud” is a service, powered by virtualization, that provides resources on demand…Marcus Thomas, CTO, Subsentio

Subsentio in-the-Cloud
More and more customers are developing virtual networks.  When a service that needs to provide CALEA compliance moves into a cloud provider’s virtual environment such Amazon Web Services (AWS), the approach of using a probe that watches the network traffic on physical links does not work for a variety of reasons.  A virtual service consists of virtual machines that are not bound to any specific physical server.  The number of virtual machines may change based on demand, and physical network interfaces might not even exist.  This cloud-based intercept solution solves those problems.  Subsentio in-the-Cloud is only available in the Amazon Cloud right now, but more “Clouds” are coming.  There are significant benefits:

  • Virtual connectivity.
  • Capability of rapid network capacity expansion.
  • Flexibility.
  • Currently provided for Amazon Web Services (AWS); other environments to be added in the future.
  • Supports ATIS and 3GPP CALEA standards.
  • Full IPv6 support.

Safe Harbor Intercept Mediator
We didn’t just stop with our passive Probe solutions.  Our Harbor Intercept solution based on Verint’s Stargate™ platform continues to provide robust intercept solutions for a wide variety of switch technologies.  Smaller networks have struggled with the cost, so, as a first step, Subsentio has enhanced its Probe architecture to provide mediation solutions for Sonus’ networks.  This is a lower cost and more flexible solution for many of the smaller Sonus customer networks.

Subsentio enhanced its Safe Harbor Probe technology to leverage Sonus’s integrated Lawful Intercept (LI) system for identifying LI targets, collecting call-data and call-content and then forwarding the data to Law Enforcement in a compliant ATIS 678 v3 format.  The enhancements support the LI capabilities on the Insight Element Management System (EMS), GSX Open Services Switch, and the SBC 5×00 Session Border Controller (SBC). The Safe Harbor Intercept Mediator can tightly couple a Sonus-based VoIP network and provide safe harbor status.

  • Safe Harbor:  Provides safe-harbor CALEA compliance
  • Powerful:  Able to identify and intercept multiple target assignments
  • Flexible: Integrates into various sized VoIP networks
  • Low Cost:  About half the price of the larger platforms
  • Installation:  Easy and quick to install with integrated VPN.

Records Production:
Subsentio’s Records Production team routinely assists law enforcement with emergency situations.  At times the nature of these situations can be unpleasant, to say the least.  Our team takes pride in their ability to rapidly and effectively provide law enforcement assistance not only with routine request, but also and especially in exigent circumstances.

In April we received the following compliment from a law enforcement agency regarding our Records Production team’s rapid response attitude and real-time performance:

“I want to thank you for your assistance yesterday with the child pornography emergency.  At 1:30 this morning, the subject was arrested and the 2-year old victim was rescued.  If not but for your speedy assistance, this child would have continued to suffer egregious and horrific acts at the hands of her caregiver.  Your partnership with our group is invaluable and we are always incredibly grateful for your cooperation.”

Recent Ruling:  To Disclose, or Not to Disclose?
Recently the Eastern District Court of New York rebuked the US Attorney’s Office for using non-disclosure language in their grand jury subpoenas.  Evidently this runs afoul of the Federal Rules of Criminal Procedure as it pertains to grand jury proceedings.  As a result, the AG’s office continues to direct recipients of grand jury subpoenas not to disclose the existence of the subpoena because the evidence could be suppressed by the court.

What does this mean for us and our clients?  If you are a carrier that falls under the Cable Act, then you have an affirmative obligation to notify customers when you are in receipt of legal process demanding customer records.  In these cases, we may not be able to obtain “Do Not” Disclose language.  In that event we must send notification to your customers.  If we receive a judicial command to delay notification for a specified timeframe we must provide notification at the expiration of the subpoena’s timeframe.

Thus far the trend we have seen emerging in various federal circuits is to include a 90-day notification delay by judicial authority.  Requests with a non-disclosure requirement of this nature are being tracked so that we can notify at the expiration of 90 days when applicable.  This is a tricky area that Subsentio continues to track carefully.


Rules & Regulations

rules_head_smallWhen Law Enforcement Obtained an Encryption Key to Private Communications
A recent criminal prosecution revealed that Canadian law enforcement obtained a key to decrypt certain private communications of Blackberry devices.  Was the action lawful?  Did it compromise privacy?  Find out here.

Should a Service Provider Notify Customers When They Are Subject to Law Enforcement Investigations?
Ready for the latest privacy law challenge by an American Internet giant against American law enforcement?  This time the tech giant is Microsoft. The lawsuit claims a non-disclosure rule in the Electronic Communications Privacy Act (ECPA) is unconstitutional.  And the controversy could impact all communication service providers (CSPs).  See Subsentio’s analysis of the legal arguments here.

Proposed FCC Privacy Rules May Add Liability for Errors in Lawful Surveillance
If an ISP compromises subscriber privacy or cyber security when assisting a law enforcement investigation, it may incur liability under the Electronic Communications Privacy Act.  That same type of mistake may soon trigger fines from an additional source: The Federal Communications Commission.  Learn more about the FCC’s proposed ISP privacy rules here.

The Apple-FBI Encryption Dispute Looks Like a Fight Between Subscriber Privacy and National Security, But It’s Not
The media is ablaze with a policy debate between subscriber privacy and national security.  Unfortunately, the spectacle misses the point of the underlying story.
After the San Bernardino terrorist attack, the FBI recovered the iPhone of the deceased terrorist suspect but couldn’t access the phone’s contents in decrypted form.  Apple had redesigned that generation of phones with a technology called “encryption by default” to block such access by law enforcement and everyone else.  Ultimately, the FBI found a work-around to further the San Bernardino investigation.  But Congress realizes the encryption problem is not going away.  They are considering ways to resolve the dilemma through legislation.  An analysis of the encryption dispute may be found here.

Could the Government and Social Media Providers Combat Online Terrorist Recruitment?
U.S. national security officials asked Silicon Valley to help monitor the trend of online terrorist recruitment.  Google announced two small steps to assist the process.  Each measure required minimal business burdens and posed no privacy harm.
But the government appears to want much more help from the private sector.  Their goal is to track “social media recruitment patterns.”  If successful, the tracking tool could disrupt the kind of Islamic State radicalization that led to the mass-shooting at a San Bernardino public health facility in December.  An overview of the issue is found here.

Customer Care

Just-in-Time has passed it’s expiration date.  CALEA for VoIP and Broadband was brand new.  CSPs were to be in compliance by May of 2007.  Everyone was in a hurry to comply with the new mandate.  It was simplicity itself and it was less than half the cost of a permanent solution.  The customer would enter into a service agreement for an agreed upon technical solution.  The Trusted Third Party (TTP) would keep the necessary equipment in inventory available for immediate shipment to the customer.  When the customer received a court order, they would notify Subsentio, who would then overnight the necessary equipment to the customer for installation.  It was hoped that the customer’s technical personnel would then “rack and stack” the server in their network at which point they and Subsentio’s technician would test the unit to make sure that it was operational and then implement the intercept.  The concept was called Just-in-Time. . .except it never was.  Time went by, the CSP’s personnel changed, people forgot what to do, and if a court order notification was delayed, shipped equipment didn’t get installed and the intercept activation was delayed, sometime for weeks.  The Just-in-time concept never lived up to expectations.

Subsentio had to make a decision. While the solution could work, it rarely did in the timeframe demanded by the court order.  Thus, our customer was not in compliance with the CALEA mandate and it certainly wasn’t in Safe Harbor.  The only way for us to be assured that those customers were in compliance would be to provide a technical solution that was resident in their network on a full-time basis.  And that’s what we have been doing.

Recently, Subsentio has announced a new Broadband service – The Safe Harbor Cloud.  It’s our Cloud.  We install an eProbe between the customer’s network router and the Internet.  It connects to the Subsentio “Cloud” via a dedicated VPN.  It is capable of handling 1Gb and 10Gb networks, it is flexible and efficient.

Safe Harbor Cloud works.  Our customers will be in compliance and Safe Harbor and we’ll both have peace of mind.

Our Customer Care department is contacting you now to talk to you about your new Cloud service