A/CONF. 187/10 A/CONF. 187/10 9. In addition to conventional powers to search time, duration and date of any communication, the parties premises, many national legal systems allow courts to involved and the type of service or activity. (See the make production orders for tangible objects. In some cases, parallel to the example of the log file of a computer system parallel powers to order the production of specified data in paragraph 37 above. ) Such data are generally kept for a may also be provided. Such powers may be subject to limited period of time, depending on the commercial needs restrictions and specific conditions that do not apply to of the operator or provider and legal (in the European conventional production orders, to prevent them from Union)or commercial requirements for privacy protection being used as a means to obtain information other than that Many national laws allow law enforcement authorities or specified. Without such controls, for example, an order judicial authorities to order the collection of traffic data of could oblige an individual to collect, process or select any future communications. In cases where traffic data is part other kind of data that is not stored and under his or her of the communication such as the "header information " of control. Such an obligation would exceed the scope and e-mail messages, however, the collection of such traffic leaning of a production order. When seeking and using data may be considered an interception of the production orders, it may be useful for law enforcement to communication itself and subject to legal restrictions on include the log files of a computer system along with other that basis. In other cases, the collection of traffic data data being sought. Such files register all transactions on the without intercepting the contents of the communication system in chronological order, recording information about itself may be deemed less intrusive to the privacy of those such things as times, durations and terminals from which concerned and therefore subject to a lower legal threshold data were accessed or altered 43. Cases of hacking or electronic intrusion raise a 40. Under the traditional laws of many countries, it is particular need for the prompt interception of an electronic possible for a judicial or other authority to order the communication, as well as prompt availability of traffic interception and recording oftelecommunications in public and subscriber data in order to track down the source of the networks. Some countries have extended that authority to communication, preserve the data and eventually catch the private networks, to specifi of perpetrator in the act for evidential reasons. If telecommunications such as mobile systems or satellite criminalized, hacking may not be considered under some communication systems and to computer networks. The laws a crime serious enough to justify the application of rationale behind such legislative measures is that if interception measures. Generally, a hacking scheme communications can be intercepted in one network and not involves other more serious acts than can be established at in another, criminals will use the system with the lowest the time of detection of hacker activities. This may be seen risk of interception by law enforcement authorities. The as another reason to allow interception for electronic lawful interception of specified communications requires intrusion cases particular technical facilities, including a clear legal basis 44. Interception of electronic communications may be for the installation of the facilities and the prompt hampered by the fact that the communication is encrypted execution of a judicial order to intercept Encryption is used to allow the authentication of a 41. To identify the communications to be intercepted and message, identifying the sender and establishing the the persons engaged in an intercepted communication, the integrity of the message. A second function of encryption cooperation of operators of networks, such as telecom is to ensure the confidentiality of the message(by operators and Internet service providers, is indispensable. protecting it from third persons). Possible cryptography Only such operators have the necessary subscriber policies have been the subject of recent debate in a number information. Where appropriate, national law may impose of international organizations. Those interested in a legal obligation on operators and providers to give facilitating law enforcement and crime control are subscriber data promptly when so ordered by the concerned about diffculties in gaining legal access to competent authorities. Clear legal obligations of this kind encrypted data, while those concerned about privacy and should also protect individuals and companies from civil commercial interests want cryptography to protect personal liability to their subscribers and commercial information 42. Telecom operators and Internet service providers 45. Much of the debate is beyond the scope of the present usually have traffic data from past communications, paper, but two specific issues do warrant consideration generated by equipment that records details including the here. Some cryptography-producing countries haveA/CONF.187/10 A/CONF.187/10 10 39. In addition to conventional powers to search premises, many national legal systems allow courts to make production orders for tangible objects. In some cases, parallel powers to order the production of specified data may also be provided. Such powers may be subject to restrictions and specific conditions that do not apply to conventional production orders, to prevent them from being used as a means to obtain information other than that specified. Without such controls, for example, an order could oblige an individual to collect, process or select any other kind of data that is not stored and under his or her control. Such an obligation would exceed the scope and meaning of a production order. When seeking and using production orders, it may be useful for law enforcement to include the log files of a computer system along with other data being sought. Such files register all transactions on the system in chronological order, recording information about such things as times, durations and terminals from which data were accessed or altered. 40. Under the traditional laws of many countries, it is possible for a judicial or other authority to order the interception and recording of telecommunications in public networks. Some countries have extended that authority to private networks, to specific new forms of telecommunications such as mobile systems or satellite communication systems and to computer networks. The rationale behind such legislative measures is that if communications can be intercepted in one network and not in another, criminals will use the system with the lowest risk of interception by law enforcement authorities. The lawful interception of specified communications requires particular technical facilities, including a clear legal basis for the installation of the facilities and the prompt execution of a judicial order to intercept. 41. To identify the communications to be intercepted and the persons engaged in an intercepted communication, the cooperation of operators of networks, such as telecom operators and Internet service providers, is indispensable. Only such operators have the necessary subscriber information. Where appropriate, national law may impose a legal obligation on operators and providers to give subscriber data promptly when so ordered by the competent authorities. Clear legal obligations of this kind should also protect individuals and companies from civil liability to their subscribers. 42. Telecom operators and Internet service providers usually have traffic data from past communications, generated by equipment that records details including the time, duration and date of any communication, the parties involved and the type of service or activity. (See the parallel to the example of the log file of a computer system in paragraph 37 above.) Such data are generally kept for a limited period of time, depending on the commercial needs of the operator or provider and legal (in the European Union) or commercial requirements for privacy protection. Many national laws allow law enforcement authorities or judicial authorities to order the collection of traffic data of future communications. In cases where traffic data is part of the communication, such as the “header information” of e-mail messages, however, the collection of such traffic data may be considered an interception of the communication itself and subject to legal restrictions on that basis. In other cases, the collection of traffic data without intercepting the contents of the communication itself may be deemed less intrusive to the privacy of those concerned and therefore subject to a lower legal threshold. 43. Cases of hacking or electronic intrusion raise a particular need for the prompt interception of an electronic communication, as well as prompt availability of traffic and subscriber data in order to track down the source of the communication, preserve the data and eventually catch the perpetrator in the act for evidential reasons. If criminalized, hacking may not be considered under some laws a crime serious enough to justify the application of interception measures. Generally, a hacking scheme involves other more serious acts than can be established at the time of detection of hacker activities. This may be seen as another reason to allow interception for electronic intrusion cases. 44. Interception of electronic communications may be hampered by the fact that the communication is encrypted. Encryption is used to allow the authentication of a message, identifying the sender and establishing the integrity of the message. A second function of encryption is to ensure the confidentiality of the message (by protecting it from third persons). Possible cryptography policies have been the subject of recent debate in a number of international organizations. Those interested in facilitating law enforcement and crime control are concerned about diffculties in gaining legal access to encrypted data, while those concerned about privacy and commercial interests want cryptography to protect personal and commercial information. 45. Much of the debate is beyond the scope of the present paper, but two specific issues do warrant consideration here. Some cryptography-producing countries have