TELECOM Digest     Wed, 17 Aug 94 13:54:00 CDT    Volume 14 : Issue 348

Inside This Issue:                           Editor: Patrick A. Townson

    EFF Analysis of Leahy/Edwards Digital Telephony Bill (Stanton McCandlish)
    Book Review: "Understanding Data Communications" by Held (Rob Slade)
    ISDN/Switched 56 Billing Problem (Ralph Woods)
    Re: Personal ACD vs. Telemarketers? (Alan Boritz)
    Re: Personal ACD vs. Telemarketers? (Mark E. Daniel)
    Re: Personal ACD vs. Telemarketers? (Scott Coleman)
    Re: Personal ACD vs. Telemarketers? (Gary Breuckman)

TELECOM Digest is an electronic journal devoted mostly but not
exclusively to telecommunications topics. It is circulated anywhere
there is email, in addition to various telecom forums on a variety of
public service systems and networks including Compuserve and GEnie.
It is also gatewayed to Usenet where it appears as the moderated
newsgroup 'comp.dcom.telecom'. 

Subscriptions are available at no charge to qualified organizations
and individual readers. Write and tell us how you qualify:

                 * telecom-request@eecs.nwu.edu *

The Digest is edited, published and compilation-copyrighted by Patrick
Townson of Skokie, Illinois USA. You can reach us by postal mail, fax 
or phone at:
                    9457-D Niles Center Road
                     Skokie, IL USA   60076
                       Phone: 708-329-0571
                        Fax: 708-329-0572
  ** Article submission address only: telecom@eecs.nwu.edu **

Our archives are located at lcs.mit.edu and are available by using
anonymous ftp. The archives can also be accessed using our email
information service. For a copy of a helpful file explaining how to
use the information service, just ask.

*************************************************************************
*   TELECOM Digest is partially funded by a grant from the              *
* International Telecommunication Union (ITU) in Geneva, Switzerland    * 
* under the aegis of its Telecom Information Exchange Services (TIES)   * 
* project.  Views expressed herein should not be construed as represent-*
* ing views of the ITU.                                                 *
*************************************************************************

Additionally, the Digest is funded by gifts from generous readers such
as yourself who provide funding in amounts deemed appropriate. Your help 
is important and appreciated.

All opinions expressed herein are deemed to be those of the author. Any
organizations listed are for identification purposes only and messages
should not be considered any official expression by the organization.

----------------------------------------------------------------------

From: mech@eff.org (Stanton McCandlish)
Subject: EFF Analysis of Leahy/Edwards Digital Telephony Bill
Date: 15 Aug 1994 11:58:23 PDT


EFF SUMMARY OF THE EDWARDS/LEAHY DIGITAL TELEPHONY BILL

OVERVIEW

The Edwards/Leahy Digital Telephony bill places functional
requirements on telecommunications carriers in order to enable law
enforcement to continue to conduct authorized electronic surveillance.
It allows a court to impose fines on carriers that violate the
requirements, and mandates that the processes for determining capacity
requirements and technical standards be open and public.  The bill
also contains significant new privacy protections; including an
increased standard for government access to transactional data (such
as addressing information contained in electronic mail logs), a
requirement that information acquired through the use of pen registers
or trap and trace devices not disclose the physical location of an
individual, and an expansion of current law to protect the radio
portion of cordless telephone conversations from unauthorized
surveillance.

SCOPE OF THE BILL.  WHO IS COVERED?

The requirements of the bill apply to "telecommunications carriers",
which are defined as any person or entity engaged in the transmission
or switching of wire or electronic communications as a common carrier
for hire (as defined by section 3 (h) of the Communications Act of
1934), including commercial mobile services (cellular, PCS, etc.).
The bill also applies to those persons or entities engaged in
providing wire or electronic communication switching or transmission
service to the extent that the FCC finds that such service is a
replacement for a substantial portion of the local telephone exchange.

The bill does not apply to online communication and information
services such as Internet providers, Compuserve, AOL, Prodigy, and
BBS's. It also excludes private networks, PBX's, and facilities which
only interconnect telecommunications carriers or private networks
(such as most long distance service).
        
REQUIREMENTS IMPOSED ON CARRIERS

Telecommunications carriers would be required to ensure that they
possess sufficient capability and capacity to accommodate law
enforcement's needs.  The bill distinguishes between capability and
capacity requirements, and ensures that the determination of such
requirements occur in an open and public process.

CAPABILITY REQUIREMENTS

A telecommunications carrier is required to ensure that, within four years
from the date of enactment, it has the capability to:

1. expeditiously isolate the content of a targeted communication
   within its service area; 

2. isolate call-identifying information about the origin and
   destination of a targeted communication; 

3. enable the government to access isolated communications at a point away 
   from the carrier's premises and on facilities procured by the government,
   and;

4. to do so unobtrusively and in such a way that protects the privacy and 
   security of communications not authorized to be intercepted (Sec. 2601).  

However, the bill does not permit law enforcement agencies or officers
to require the specific design of features or services, nor does it
prohibit a carrier from deploying any feature or service which does
not meet the requirements outlined above.

CAPACITY REQUIREMENTS

Within one year of enactment of the bill, the Attorney General must
determine the maximum number of intercepts, pen register, and trap and
trace devices that law enforcement will require four years from the
date of enactment.  Notices of capacity requirements must be published
in the Federal Register (Sec. 2603).  Carriers have four years to comply
with capacity requirements.

PROCESS FOR DETERMINING TECH. STANDARDS TO IMPLEMENT CAPABILITY REQUIREMENTS
       
Telecommunications carriers, through trade associations or standards
setting bodies and in consultation with the Attorney General, must
determine the technical specifications necessary to implement the
capability requirements (Sec. 2606).

The bill contains a 'safe harbor' provision, which allows a carrier to
meet its obligations under the legislation if it is in compliance with
publicly available standards set through this process.  A carrier may
deploy a feature or service in the absence of technical standards,
although in such a case the carrier would not be covered by the safe
harbor provision and may be found in violation.

Furthermore, the legislation allows any one to file a motion at the
FCC in the event that a standard violates the privacy and security of
telecommunications networks or does not meet the requirements of the
bill (Sec. 2606).  If petitioned under this section, the FCC may
establish technical requirements or standards that:

1) meet the capability requirements (in Sec. 2602);

2) protect the privacy and security of communications not authorized
   to be intercepted, and;

3) encourage the provision of new technologies and services to the public.

ENFORCEMENT AND PENALTIES

In the event that a court or the FCC deems a technical standard to be
insufficient, or if law enforcement finds that it is unable to conduct
authorized surveillance because a carrier has not met the requirements
of this legislation, the Attorney General can request that a court
issue an enforcement order (an order directing a carrier to comply),
and/or a fine of up to $10,000 per day for each day in violation (Sec.
2607).  However, a court can issue an enforcement order or fine a
carrier only if it can be determined that no other reasonable
alternatives are available to law enforcement.  This provision allows
carriers to deploy features and services which may not meet the
requirements of the bill.  Furthermore, this legislation does not
permit the government to block the adoption or use of any feature or
service by a telecommunications carrier which does not meet the
requirements.

The bill requires the government to reimburse carriers for all
reasonable costs associated with complying with the capacity
requirements. In other words, the government will pay for upgrades of
current features or services, as well as any future upgrades which may
be necessary, pursuant to published notices of capacity requirements
(Sec. 2608).

There is $500,000,000 authorized for appropriation to cover the costs
of government reimbursements to carriers.  In the event that a smaller
sum is actually appropriated, the bill allows a court to determine
whether a carrier must comply (Sec. 2608 (d)).  This section
recognizes that telecommunications carriers may not be responsible for
meeting the requirements if the government does not cover reasonable
costs.

The government is also required to submit a report to congress within
four years describing all costs paid to carriers for upgrades (Sec. 4).

ENHANCED PRIVACY PROTECTIONS

The legislation contains enhanced privacy protections for transactional 
information (such as telephone toll records and electronic mail logs)
generated in the course of completing a communication.  Current law
permits law enforcement to gain access to transactional information
through a subpoena.  The bill establishes a higher standard for law
enforcement access to transactional data contained electronic mail
logs and other online records.  Telephone toll records would still be
available through a subpoena.  Under the new standard, law enforcement
is required to obtain a court order by demonstrating specific and
articulable facts that electronic mail logs and other online
transactional records are relevant and material to an ongoing criminal
investigation (Sec. 10).

Law enforcement is also prohibited from remotely activating any
surveillance capability.  All intercepts must be conducted with the
affirmative consent of a telecommunications carrier and activated by a
designated employee of the carrier within the carrier's facilities
(Sec.  2604).

The bill further requires that, when using pen registers and trap and
trace devices, law enforcement will use, when reasonably available,
devices which only provide call set up and dialed number information
(Sec. 10).  This provision will ensure that as law enforcement employs
new technologies in pen register and trap and trace devices, it will
not gain access to additional call setup information beyond its
current authority.

Finally, the bill extends the Electronic Communications Privacy Act
(ECPA) protections against interception of wireless communications to
cordless telephones, making illegal the intentional interception of
the radio portion of a cordless telephone (the transmission between
the handset and the base unit).
        
CELLULAR SCANNERS  

The bill makes it a crime to possess or use an altered
telecommunications instrument (such as a cellular telephone or
scanning receiver) to obtain unauthorized access to telecommunications
services (Sec. 9).  This provision is intended to prevent the illegal
use of cellular and other wireless communications services.
Violations under this section face imprisonment for up to 15 years and
a fine of up to $50,000.

IMPROVEMENTS OF THE EDWARDS/LEAHY BILL OVER PREVIOUS FBI PROPOSALS

The Digital Telephony legislative proposal was first offered in 1992
by the Bush Administration.  The 1992 version of the bill:

* applied to all providers of wire or electronic communications
  services (no exemptions for information services, interexchange
  carriers or private networks);

* gave the government the explicit authority to block or enjoin a
  feature or service that did not meet the requirements;

* contained no privacy protections;

* contained no public process for determining the capacity
  requirements;

* contained no government reimbursement (carriers were responsible
  for meeting all costs);

* would have allowed remote access to communications by law
  enforcement, and; 

* granted telecommunications carriers only 18 months to comply.  

The Bush Administration proposal was offered on capitol hill for
almost a year, but did attract any congressional sponsors.

The proposal was again offered under the Clinton Administration's FBI
in March of 1993.  The Clinton Administration's bill was a moderated
version of the original 1992 proposal:

* It required the government to pay all reasonable costs incurred by 
  telecommunications carriers in retrofitting their facilities in
  order to correct existing problems;

* It encouraged (but did not require), the Attorney General to consult 
  with telecommunications industry representatives and standards
  bodies to facilitate compliance, 

* It narrowed the scope of the legislation to common carriers, rather
  than all providers of electronic communications services.  
        
  Although the Clinton Administration version was an improvement
  over the Bush Administration proposal, it did not address the
  larger concerns of public interest organizations or the
  telecommunications industry.  The Clinton Administration version:

* did not contain any protections for access to transactional
  information;

* did not contain any public process for determining the capability 
  requirements or public notice of law enforcement's capacity needs;

* would have allowed law enforcement to dictate system design and
  bar the introduction of features and services which did not meet
  the requirements, and;

* would have allowed law enforcement to use pen registers and trap and 
  trace devices to obtain tracking or physical location information.  

                     **************************

Locating Relevant Documents

** Original 1992 Bush-era draft **

ftp.eff.org, /pub/EFF/Policy/FBI/Old/digtel92_old_bill.draft
gopher.eff.org, 1/EFF/Policy/FBI/Old, digtel92_old_bill.draft
http://www.eff.org/pub/EFF/Policy/FBI/Old/digtel92_old_bill.draft
bbs: +1 202 638 6120 (8N1, 300-14400bps), file area: Privacy - Digital
     Telephony; file: digtel92.old

** 1993/1994 Clinton-era draft **

ftp.eff.org, /pub/EFF/Policy/FBI/digtel94_bill.draft
gopher.eff.org, 1/EFF/Policy/FBI, digtel94_bill.draft
http://www.eff.org/pub/EFF/Policy/FBI/digtel94_bill.draft
bbs: +1 202 638 6120 (8N1, 300-14400bps), file area: Privacy - Digital
     Telephony; file: digtel94.dft

** 1994 final draft, as sponsored **

ftp.eff.org, /pub/EFF/Policy/FBI/digtel94.bill
gopher.eff.org, 1/EFF/Policy/FBI, digtel94.bill
http://www.eff.org/pub/EFF/Policy/FBI/digtel94.bill
bbs: +1 202 638 6120 (8N1, 300-14400bps), file area: Privacy - Digital
     Telephony; file: digtel94.bil

** EFF Statement on sponsored version **

ftp.eff.org, /pub/EFF/Policy/FBI/digtel94_statement.eff
gopher.eff.org, 1/EFF/Policy/FBI, digtel94_statement.eff
http://www.eff.org/pub/EFF/Policy/FBI/digtel94_statement.eff
bbs: +1 202 638 6120 (8N1, 300-14400bps), file area: Privacy - Digital
     Telephony; file: digtel94.eff

------------------------------

Date: Wed, 17 Aug 1994 12:19:01 MDT
From: Rob Slade <roberts@decus.ca>
Subject: Book Review: "Understanding Data Communications" by Held


BKUNDTCM.RVW  940603
 
SAMS
11711 N. College Ave., Suite 140
Carmel, IN   46032-5634
317-573-2500 317-581-3535
800-428-5331 800-428-3804
or
201 West 103rd St.
Indianapolis, IN   46290
317-581-3718 fax: 317-581-4669
"Understanding Data Communications", Held, 1991, 0-672-30005-2, U$24.95/C$31.95
 
The first edition of this book had six authors, and one could
therefore have understood some disjointedness between chapters.  The
second and third editions, however, were revised by a single author.
Why, then, does this purported textbook seem more like a collection of
essays only loosely linked by a common topic?
 
The choice of topics for the chapters seems to be quite "application"
specific for a general text on data communications.  The overview of
chapter one is the usual historical look at various electronic
communications systems.  Chapter two, "Data Terminals", is quite
dated, as well as displaying a decided IBM bias in both terminology
and concepts.  Chapter three is supposed to say something about
messages, but concentrates primarily on transmission media.  This
chapter highlights the widely varying technical level in the book, as
well as the disorganization of the material.  There are discussions of
attenuation and impedance, as well as lists of utilized frequencies --
but no discussion of keying or fibre optic functioning.  Although the
definitions of keying and fibre optics are missing, certain details
are discussed -- which make little sense without the background.
 
Chapters four and five discuss modems.  Again, the discussion is quite
anachronistic, and, again, the content fails to find a logical flow.
Keying is discussed in chapter four -- but only frequency shift
keying.  Chapter five then details quadrature amplitude modulation --
which makes little sense without amplitude and phase shift keying.
(Actually, amplitude and phase shift keying were illustrated in
chapter four -- literally.  The figures in the book are generally
clear when they list tables of information, but the graphical figures
are often incomprehensible.)
 
Chapters six to twelve are again mostly concerned with specific
applications; multiplexing, fibre and satellite, protocols, LANs,
packet data, network management and ISDN.  The questions at the end of
each chapter are not only highly simplistic but also "multiple guess".
It would be difficult to use this as a comprehensive text for data
communications.
 
In spite of the flaws, however, there is some good information buried
here.  The engineering and hardware aspects of data communications is
quite strong, and this tends to be a weakness in some other texts.
Therefore, while not perhaps suitable as the sole text for a data comm
course, it may see good use as an adjunct text or reference.
 
copyright Robert M. Slade, 1994   BKUNDTCM.RVW  940603. Distribution
permitted in TELECOM Digest and associated mailing lists/newsgroups.


DECUS Canada Communications, Desktop, Education and Security group newsletters
Editor and/or reviewer ROBERTS@decus.ca, RSlade@sfu.ca, Rob Slade at 1:153/733
DECUS Symposium '95, Toronto, ON, February 13-17, 1995, contact: rulag@decus.ca

------------------------------

Date: Wed, 17 Aug 1994 14:37:02 EDT
From: ralphradio! <RWOODS@npr.org>
Subject: ISDN/Switched 56 Billing Problem


This is a "HEADS UP!" to folks regarding a potential billing problem
for ISDN and switched 56 services. We recently received bills from our
long distance carrier (AT&T) that duplicated charges found on our
invoices from the local carrier (Bell Atlantic) for our ISDN and
switched 56 lines. The dates, times of day, locations, and telephone
numbers match up on the two bills, although, interestingly enough, the
LENGTH of the calls don't always match!

We received a letter from AT&T acknowledging an "error in processing"
regarding the discrepancies in length, but only today did they finally
acknowledge the double billing. It is worth noting that the AT&T rep
did not realize that "Accunet" was an AT&T product offering, but
rather insisted that Accunet must be some kind of reseller. Our Common
Carrier Manager damn near blew a fuse on that one!

I pass this along as a suggestion to you to check your carrier bills 
<<carefully>>.


Ralph Woods, Manager, Satellite Operations
Distribution Division
National Public Radio             phone: 202-414-2664
635 Massachusetts Avenue, NW      FAX:   202-414-3035
Washington, D.C.  20001-3753      Internet: rwoods@npr.org

------------------------------

Subject: Re: Personal ACD vs. Telemarketers?
From: drharry!aboritz@uunet.uu.net (Alan Boritz)
Date: Wed, 17 Aug 94 10:56:33 EDT
Organization: Harry's Place - Mahwah NJ - +1 201 934 0861


bellcore!ctt.bellcore.com!quasar@uunet.uu.net (Laurence R. Brothers)
writes:

> I want a device to do the following:

> * Intercept incoming call and not pass ring to phone.
> * Play message: "If this is a personal call press 1 now, otherwise
>   hang up."
> * Hang up in 10 seconds if 1 is not pressed.
> * If 1 is pressed, ring the phone.

> Basically my goal is to preempt all non-personal calls so that I don't
> even know I'm being called.

You must be one of those Bellcore people that assumed that just
because a cellular phone's ESN was "buried within" the equipment that
no one would have the nerve to intercept it off the air and clone it.
<grin>

Telemarketers didn't earn their nickname, "telesleaze" for nothing.
Anyone who bothers to call you to pitch something won't be the slightest 
bit deterred by the "dial 1" message.  Most of these obnoxious morons will 
push any buttons, or tell you, or your secretary, just about anything
to get you on the phone.  However, you WILL eliminate all incoming
calls from anyone who is not calling from a fully-functional touch-tone 
phone.

We get lots of telemarketer calls in my office, most of them stock and
phony investment pitches.  Easiest way to deal with them is to either
hang up on them if they won't identify themselves and from where
they're calling before speaking to the requested party, or let them
start their pitch and put the phone down until you hear dialtone.

Rude telesleaze that think we have nothing more important to do with
our day but to listen to their pitches deserve the rudest treatment in
return.


Alan
aboritz%drharry@uunet.uu.net  or  uunet!drharry!aboritz
Harry's Place (drharry.UUCP) - Mahwah NJ USA - +1-201-934-0861

------------------------------

Date: Wed, 17 Aug 94 07:15:56 EDT
From: mark@legend.akron.oh.us (Mark E Daniel)
Subject: Re: Personal ACD vs. Telemarketers?


[Person wants a device that answers the phone and says press 1 for
personal calls.]  

Maybe I missed something (like the 1 was just an example) but what's
to stop a smart ass telemarketer from pressing 1 and annoying you
anyway?


Mark E Daniel                   (Loving SysOp of The Legend BBS)
Inet: mark@legend.akron.oh.us  medaniel@delphi.com (Direct INet)


[TELECOM Digest Editor's Note: Nothing will stop such a person from
punching whatever buttons are required to get you on the phone. Telling
them specifically to punch a button (if thus and so) is an open invi-
tation for anyone to punch the buttons. The original correspondent needs
to have a secret code *which only his friends know about to start with*
which is not announced on the recording. That's the way my 800 number
that I got from MyLine works:  If you press the proper code number during
the greeting your call gets automatically forwarded to where I am at;
otherwise you go to voicemail.  The thing is, I don't tell the caller
that ahead of time -- they have to know about it.   MyLine is a very good
800 service with user-defined forwarding of incoming calls, voicemail and
other nice features.   PAT]

------------------------------

From: genghis@ilces.ag.uiuc.edu (Scott Coleman)
Subject: Re: Personal ACD vs. Telemarketers?
Date: 17 Aug 94 14:12:09 GMT
Organization: University of Illinois at Urbana


This system has one very large flaw: You rely on the telemarketing
slime being HONEST enough to hang up instead of pressing the '1'. You
also rely on the telemarketing slime to be intelligent enough to
understand that your definition of a "personal call" excludes them;
they're more inclined to think that, since they are calling a person,
it is a personal call and therefore they are qualified to press '1'.

I have set up my PC-based voice mail card to do call screening in a
much more reliable fashion. All ringers on all phones are kept off at
all times. The PC answers all incoming calls, identifies the caller,
and takes some action based on the caller's identity and a caller
database which the system and I maintain. Callers can be identified
either by Caller*ID or via a passcode entered using the DTMF keypad.
Since my friends and family have been given the code, they can easily
get through to me. Telemarketing slime don't have the passcode, so
they can either be routed to the voicemail (where they can leave a
message) or dumped.  Since the phones do not ring, I never know they
called unless they leave a message (which I'll only discover when I
specifically check for it). Calls that make it through are announced
by the screener using either a synthesized voice ("Incoming call from
Mom on line one..."), via a few musical notes played through the PC
speaker, or by illuminating/flashing an ordinary table lamp.

What you seek can indeed be done, with acceptable reliability and
convenience for all (well, all except the telemarketers ;-).


[TELECOM Digest Editor's Note: I must say however what some people 
will do do avoid a phone call is really amazing. Generally that kind
of paranoia where incoming calls are concerned -- that one must have
multiple layers of screening in the hope of avoiding someone wanting
to sell them something, rather than simply saying 'no' and replacing
the receiver -- seems to be very common on Usenet. Personally, I hope
all your mothers and family members and close friends all decide to
go back to using rotary dial, just to thwart you.   PAT]

------------------------------

Date: Wed, 17 Aug 1994 09:29:54 PDT
From: Gary Breuckman <puma@netcom.com>
Subject: Re: Personal ACD vs. Telemarketers? 


On Fri, 12 Aug 1994, Laurence R. Brothers wrote:

> I imagine an ACD could be trivially programmed to do this, but I also
> imagine it would be rather expensive for an ordinary consumer to
> purchase an ACD to serve just one line.

You can do this, at relatively low cost compared to an ACD, with a
fax/voice switch and an answering machine.  I'm using a "ComSwitch
660" (from Command Communications, 10800 E. Bethany Drive, Suite 300,
Aurora CO 80014, (303) 750-6434) with a fax machine, but it could do
this.

Basically, the switch answers the call after one ring and listens for
FAX CNG tones or Reverse Modem Tones (a modem calling in Answer mode)
and if heard routes the call to the FAX or AUX outputs.  It also
accepts two sets of touchtone codes and uses them to route to the FAX
or AUX outputs.  Otherwise, it send the call to the PHONE and ANS MACH
connections, which are actually in parallel.

You can defeat the CNG or MODEM tone recognition, and can set the
touchtone codes to up to four digits each.  Even after the call is sent
to the PHONE/ANS jack, it will still recognize the Touchtone or other
signals.

What I'm suggesting is that you let it answer calls, and send the call
to an answering machine.  All this can be done without ringing any
bells, so far.  The caller could enter the touchtone code now, or
could listen to the answering machine and enter the code.  The
answering machine could take messages by default if you wanted it to,
or could be set to announce only.

Cost of the switch as about $80.  Your choice of answering machines.


puma@netcom.com   Gary Breuckman


[TELECOM Digest Editor's Note: But it isn't expensive enough and compli-
cated enough! Isn't there a terrible RISK that a telemarketer will sit
there and dial over nine thousand codes until he finds the one that will
(shudder!) allow him to get through to me so that I will (shudder!) have
to actually answer my phone and listen to him?    grin ....    PAT]

------------------------------

End of TELECOM Digest V14 #348
******************************
