Europol’s recent paper sheds light on formidable challenges posed by Privacy Enhancing Technologies (PET) in Home Routing systems. These technologies, aimed at safeguarding user privacy, inadvertently hinder law enforcement agencies (LEAs) from intercepting communications originating from foreign SIM cards.
Home Routing allows for service providers to continue providing services to paying customers even after they have travelled abroad. This limitation not only impedes investigations involving foreign nationals but also complicates cases where citizens use foreign SIM cards domestically.
The new paper details how this technology could potentially delay or even prevent lawful access to evidence in serious criminal cases.
Europol Details Home Routing Intervention Challenges
The Europol paper states that the core issue lies in the implementation of Privacy Enhancing Technologies (PET) within Home Routing of telecommunication network. When PET is enabled, the visiting network can’t access encryption keys used by the home network, making it impossible to retrieve unencrypted data. This creates a roadblock for LEAs, as they can no longer intercept communications from foreign SIM cards without cooperation from the home country’s service provider.
The inability to intercept communications from foreign SIM cards affects not only investigations of foreign nationals but also cases involving citizens using foreign SIM cards in their own country. This limitation extends beyond simple inconvenience:
LEAs become dependent on cooperation from service providers in the suspect’s home country.
Domestic interception orders can’t be enforced across borders.
European Investigation Orders, while available, can take up to 120 days – too long for urgent cases.
These challenges stem from the disparity between the European single market, which allows service providers to operate across borders while law enforcement still remains limited by national jurisdictions.
Proposed Solutions to Home Routing
To address these issues, potential solutions must balance maintaining investigatory powers with protecting secure communications and the confidentiality of criminal investigations. The solutions outlined in the paper range from disabling the Privacy Enhancing Technologies (PET) in Home Routing networks, creation of a new legal framework to allow domestic law enforcement agencies to request the interception of a suspect’s communication in the territory of another member state within the EU coupled with a common interface to interpret these laws and regulations across borders.
The paper details these two potential approaches as solutions to navigate these challenges:
1. Legally mandating the disabling of PET in Home Routing:
Maintains current security levels and law enforcement capabilities
Allows domestic service providers to execute interception orders for foreign SIM cards
Technically feasible and easily implemented
Preserves privacy at the same level as communication via national SIM cards
2. Enabling cross-border interception requests:
Allows LEAs to request interception from service providers in other EU member states
Maintains PET for all users
Requires development of cross-border standards and interfaces
May compromise operational security by revealing persons of interest to foreign entities
The paper admits that the success of these solutions will depend on the cooperation of telecommunication service providers, law enforcement agencies, and national authorities. These challenges accentuate the criticalness of developing a solution that that balances the need for European law enforcement agencies to access data along with the need to protect the privacy and security of individuals with region.
Earlier in 2019, the European Council raised the need for addressing and mitigating potential challenges to law enforcement agencies from the deployment of 5G networks and services. In the paper titled, ‘The significance of 5G to the European Economy and the need to mitigate security risks linked to 5G‘, the Council stressed on the need to, “address and mitigate potential challenges arising from the deployment of 5G networks and services to law enforcement including e.g. lawful interception.”
Source: Read More
