As a legally sanctioned official access to private communications, Lawful Interception (LI) is a security process in which a service provider or network operator collects and provides law enforcement officials with intercepted communications of private individuals or organizations.

LI implementation is required by the European Council Resolution from 19951 which allows for LI to prevent crime, including fraud and terrorism.

The ETSI specifications are now in use globally in a large number of countries that require the Lawful Interception of telecommunications, and well as the Retained Data (RD) functionality.

1. Official Journal C 329, 04/11/1996 p. 0001 - 0006 Council Resolution of 17 January 1995 on the lawful interception of telecommunications.

Our Role & Activities

Bringing together the interests of governments and law enforcement agencies (LEAs) as well as mobile network operators and equipment vendors, our Technical Committee Lawful Interception (TC LI) develops standards supporting international requirements for LEAs, including the interception and retention of electronic communications data sent over public communication services. We cover the whole spectrum of interception aspects working closely with other ETSI committees and with the 3rd Generation Partnership Project (3GPPTM).

At the core of an ALL IP current and future networks is the IP Multimedia Subsystem (IMS) which provides an access independent platform for a variety of access technologies. IMS is being developed in 3GPPs Service and System Aspects Group, with the handover interface for lawful interception being developed in TC LI.

TC LI activities include work on Retained Data (RD) and the committee published specifications on requirements and on the Retained Data Handover Interface.

TC LI regularly updates its suite of standards by adding needed functionalities to the LI and RD specifications. Important recent new work was published with the specifications on handover interface for communication among law enforcement agencies and handover for messaging services over HTTP/XML, and a report which assesses the problems, and recommends solutions, associated with interception and secure onward delivery of high-bandwidth user traffic using TCP or TLS.

In recent years work has been extended to ensure strong collaboration with our group working on Cybersecurity, and that the LI and RD functions are performed in the context of cloud services, Network Functions Virtualization (NFV) and Multi-access Edge Computing (MEC).


A full list of related standards in the public domain is accessible via the LI committee page.

Related Committees