Regulation of Interception of Communications and Provision of Communication-Related Information Act, 2002 (Act 70 of 2002)

Directives in Respect of Different Categories of Telecommunications Service Providers made in terms of The Regulation of Interception of Communications and Provision of Communication-Related Information Act, 2002 (Act No. 70 of 2002)

Schedule C : Directive for Internet Service Providers in terms of Section 30(7)(a) read with Section 30(2) of the Regulation of Interception of Communications Information Act, 2002 (Act No. 70 of 2002)

Part 3 : Detailed Security, Functional and Technical Requirements of the Facilities and Devices for Lawful Interception

8. Facilities and Devices

Purchase cart Previous page Return to chapter overview Next page

 

lSPs are expected to abide by the following in terms of the functionality and security of the facilities and devices implemented to make their networks compliant to lawful interception (LI) requirements.

 

8.1The ISP is expected to install and maintain LI interception software, probes and any associated tapping devices. The interception devices must be positioned in the ISP network to ensure that:
all network traffic to and from servers hosted by the ISP can be intercepted;
all network traffic to and from access authentication servers hosted by the ISP can be intercepted; and
all network traffic originating from or destined for an intercept target which is carried across the ISP’s network links can be intercepted.

 

8.2The ISP is expected to implement and manage one or more interception provisioning terminal for lawful interception (LI) compliance purposes. These terminals must be sufficiently closely located on the network to the probes or devices being managed by them so as to ensure that the delay in provisioning an interception based on access login information is minimised.

 

8.3Where necessary, the ISP must implement mediation device(s) for the collection from these probes and devices, normalization and delivery to an interception centre {IC) of intercept related information (IRI) tickets in the format specified within the technical requirement section of this document.