While browsing Wikileaks, I came across a document titled “An Overview of VOIP for Law Enforcement, 23 Dec 2008”. It reads as a “VoIP explained” document for law enforcement , explaining the basics and the restrictions that law enforcement agencies have when it comes to VoIP. Here’s a summary:
- The difference between a traditional phone call and a VoIP phone call is discussed (signals and circuits versus packets)
- With VoIP various devices may be used: software (softphones) installed on a pc, VoIP gateways and IP Phones
- Discussion of caller id spoofing, how it makes it harder for LE to tell if the call is from a VoIP provider or a real number or not (anonymous calls)
- Vishing, the act of phishing by involving VoIP
- Actively tracing VoIP calls is almost impossible
- 911 emergency calls or VoIP E911 is mentioned
- There are 4 ways to identify VoIP usage: the Caller ID (which may be spoofed), Phone records (where tracing is similar to tracing the source of email), VoIP hardware (eg. phones connected to ethernet) and VoIP software
- CALEA was updated in 2005 to cover VoIP providers so that LE to allow tapping, recording and tracing of phone calls
- Due to the international nature of the Internet, if the provider is not US-based, then it does not have to comply with these laws or LE requests