Information Security and the Lawful Interception of Communications by Telecom Service Providers: Advanced Model System Architecture

  • Natalija Parlov Una APICURA Business Intelligence, Zagreb; University of Zadar
  • Željko Sičaja APICURA Business Intelligence, Zagreb; University of Zadar
  • Tihomir Katulić University of Zagreb, Faculty of Law
  • Riko Lusa SedamIT, Zagreb; University of Zagreb, Faculty of Electrical Engineering and Computing
Keywords: lawful interception, telecom service providers, information security, cybersecurity, national security


Communication interception for national security purposes, as well as for purposes of conducting a criminal investigation, is an invaluable asset of law enforcement agencies. In technical terms, this field has seen rapid advances in the last decade, while available software programs and platforms for lawful interception are now able to monitor a broad spectrum of communication channels. Lawful interception of communications invariably intersects with fundamental rights and freedoms of persons in the European Union and the Member States. The purpose of this paper, as part of the discussion on the framework of lawful interception, is to present a study of advanced lawful interception software with its functionalities and processes, compare it with the most common lawful interception models and to analyze the software architecture defined by the European Telecommunications Standards Institute (ETSI) as a general standard. While this particular model of LI architecture was originally designed to intercept voice communications, it can be successfully applied to intercept communications over IP channels. Finally, the paper offers a comparative insight into different kinds of LI software and their capabilities in line with communication interception regulation.


GPP TS 22.228. (2015). Service requirements for the Internet Protocol (IP) multimedia core network subsystem (IMS); Stage 1. 3GPP.

GPPP Architecture Working Group. (2019). View on 5G Architecture, White Paper. 5GPPP, 65-67.

B. Karabacak, and I. Sogukainar (2006). A quantitative method for ISO 17799 gap analysis, Computers and Security journal, Elsevier, vol. 25(6), pp. 413–419, 2006.

Chang, S.E.; Lin, C.S. (2007). Exploring organizational culture for information security management, Industrial Management & Data Systems, vol.107, issue 3, pp. 438 – 458.

CISCO. (2016, April 13). Voice Over IP - Per Call Bandwidth Consumption. Retrieved from Cisco: .

Council Resolution. (1996). On the lawful interception of telecommunications, 96/C 329/01. Official Journal of the European Communities.

Criminal Procedure Act (2008), Official Gazette of the Republic of Croatia, 152/08, 76/09, 80/11, 121/11, 91/12, 143/12, 56/13, 145/13, 152/14, 70/17, 126/19, 126/19.

Dokman, T.; Malnar, D. (2019). Conceptualization of Information Operations in Modelling the Understanding of a Security Environment. Annals of Disaster Risk Sciences, 2(1-2). Retrieved from .

Electronic Communications Act (2008), Official Gazette of the Republic of Croatia, 73/08, 90/11, 133/12, 80/13, 71/14, 72/17.

Ermana, F.H.; Tanuwijaya, M.I. (2012). Security audit information system based on the ISO 27001 Standards, PT. BPR Jatim (STIKOM), Surabaya.

ETSI TS 101 158 V1.3.1. (2014). Telecommunications security; Lawful Interception (LI); Requirements for network functions. ETSI.

ETSI TS 101 671 V3.14.1. (2016). Lawful Interception (LI); Handover interface for the lawful interception of telecommunications traffic. ETSI.

ETSI TS 102 232-1 V3.1.1. (2012). Lawful Interception (LI); Handover interface and Service-Specific details (SSD) for IP delivery; Part 1: Handover specification for IP delivery. ETSI.

ETSI TS 102 232-3 V3.5.1. (2017). Lawful Interception (LI; Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 3: Service-specific details for internet access services. ETSI.

European Court of Auditors. (2018). Broadband in the EU Member States: despite progress, not all the Europe 2020 targets will be met. Special Report, no 12, p. 11.

GSMA IR.92. (2015). IR.92 - IMS Profile for Voice and SMS v9. GSMA.

ITU-R M.2370-0. (2015). IMT traffic estimates for the years 2020 to 2030. ITU-R.

Kopal, R. (2001). Pojmovnik kriminalističke analitike s prikazom metodologije analize telefonskih izlista. Police and Security, Number 1-6/2001, pp. 84-97.

Maljak, M.; Parlov, N.; Sičaja, Ž. (2017). Intelligence services as part of the national security system, 10th international scientific conference Crisis management days, Book of papers (pp. 154-165), Velika Gorica, Croatia: University of Applied Sciences Velika Gorica.

Malnar, D.; Olujić, J. (2019). The Security Challenge of Disruptive Technologies. Annals of Disaster Risk Sciences, 2(1-2). Retrieved from .

SedamIT (2018). Matison, Zagreb. Retrieved from .

Tatalović, S. (2011). Treba li Hrvatskoj nova strategija nacionalne sigurnosti?, Političke analize, Zagreb, FPZ, no. 6, Year 11, pp. 34-38.

Tatalović, S.; Bilandžić, M. (2005). Osnove nacionalne sigurnosti, Ministry of the Interior, Zagreb.

The Security and Intelligence System Act (2006) Official Gazette of the Republic of Croatia, 79/06.

Whitman, M.E.; Mattford, H.J. (2018). Principles of Information Security, Sixth Edition, Cengage Learning, Kennesaw State University: USA .

How to Cite
Parlov Una, N., Sičaja, Željko, Katulić, T., & Lusa, R. (2020). Information Security and the Lawful Interception of Communications by Telecom Service Providers: Advanced Model System Architecture. Annals of Disaster Risk Sciences, 3(2).