Technical Committee (TC) Lawful Interception (LI) Activity Report 2020

Chair: Martin Kissel, Telefonica S.A.

Responsible for developing standards that support the technical requirements of national and international obligations for law enforcement (including lawful interception and lawful disclosure).

Lawful Interception (LI) and Lawful Disclosure (LD) play a crucial role in the growth and development of the Information Society, by helping law enforcement agencies (LEAs) to investigate terrorism and serious criminal activity. Bringing together the interests of governments and law enforcement agencies as well as mobile network operators and equipment vendors, ETSI’s committee on Lawful Interception (TC LI) develops standards supporting common international requirements for LEAs, including the interception of content and disclosure of electronic communications related data with supporting standards for warrantry and internal interfaces.

Working in partnership with other ETSI technical bodies, projects and partnerships, TC LI develops standards to support industry compliance with the requirements of national and international law. The committee’s role in these partnerships is in the development and publication of control and handover interfaces, and of rules for the delivery of technology specific interception or retained data. In addition, TC LI liaises with other bodies – notably 3GPP, GSMA and the ITU-T, as well as ETSI’s own oneM2M/SmartM2M, CYBER, TCCE, NFV, MEC, ENI and NIN groups – to capture the requirements of users (law enforcement agencies) and translate these into requirements to be applied to technical specifications.

In 2020 the committee continued to create and update various standards, specifications and reports relating to LI and LD.

During the year TC LI completed a major collaborative project to define handover details for LI functionality in OTT (Over-The-Top) messaging services delivered over HTTP/XML. Development of this specification [TS 103 707] saw inputs from a number of ETSI Members providing OTT (Over-The-Top) services, namely NTTs (Non-Traditional Telecoms).

Our new study on high-bandwidth delivery [TR 103 656] assesses the problems associated with interception and secure onward delivery of high-bandwidth user traffic using TCP or TLS as currently defined in ETSI TC LI specifications. It identifies whether there is a need to solve these problems, as well as potential technical and other measures that can be used to mitigate or address them.

We published a new report [TR 103 685] that examines LI and LD network function security with a focus on virtualization (including but not restricted to Network Functions Virtualization). Considering threats and risks, the report provides applicable recommendations and identifies areas where other standards present recommendations which are relevant to the threats and risks identified.

During the year we meanwhile continued to update our suite of existing deliverables, notably our seven-part specification [TS 102 232] on Handover Interface and Service-Specific Details (SSD) for IP delivery.

We made successive revisions to our specification [TS 103 120] of the Handover Interface 1 for warrant information.

We revised our specification [TS 101 331] on LI requirements of Law Enforcement Agencies to clarify multiple interception measures.

We made revisions to both parts of our specification [TS 103 221-1, TS 103 221-2] for internal network LI interfaces (X1 in part 1 and X2/X3 in part 2), covering connections between LI systems and (depending on the network) many network elements from different vendors. With a view toward the future, as network and services become virtualized, the X interfaces specifications intend to support newer implementations by ensuring that standard interfaces are available to the provisioning equipment or service, which should reduce complexity and cost for the Communication Service Providers.

We made progressive updates to our specification [TS 102 657] that details handover requirements and a handover specification for retained data.

Published with input from ETSI’s ITS (Intelligent Transport Systems) committee, a Technical Report [TR 103 767] provides a high-level description of a process for interfacing between law enforcement and providers of vehicle information. The study highlights the benefits of using an automated, secure, efficient interface and investigates how existing TC LI specifications can be used for such an interface.

We updated our Technical Report [TR 102 503] giving an overview of relevant Object IDentifiers (OID) used in LI and LD handling specifications by ETSI, and others produced by ITU-T and ISO.


  • Criminal matters, e.g. through bilaterally agreed legal assistance, or using the secure European Judicial Network
  • Technical Specification (TS) on flexible and extensible data structures for Lawful Disclosure for use in combination with existing ETSI handover interface standards
  • Revision to multi-part TS 102 232 on Handover Interface and Service-Specific Details (SSD) for IP delivery
  • Revision to TS 103 462 on inter LEA Handover Interface (ILHI) - specifying LEMF to LEMF and/or the Coordination Function to LEMF interface to support (as a minimum) European Investigation Orders (EIOs) and Production and Preservation Orders (EPOC) related to LI and/or LD
  • Revision to TS 103 221 on Internal Network Interfaces; Part 1: X1 / Part 2: X2/X3
  • Revision to dictionary of parameters commonly used in multiple TC LI specifications
  • Technical Report (TR) on library and mapping for LI and LD, describing national parameters and implementations in the context of the Inter LEA Handover Interface (TS 103 462) and cross-border data exchange