Federal Network Agency

The automated procedure for requesting/providing telecom data specified by the Federal Network Agency enables legally authorized actors, usually security and law enforcement organizations, but also public safety answering points, to request subscriber data such as name, address, or telephone number, automatically around the clock and under tight security. They may make these requests (or queries) insofar as they need the information in order to carry out their work within the law. The procedure is regulated by the new technical guideline for automated data request/provision (TR-AAV).

The Federal Network Agency does not keep its own databases for this purpose, but rather forwards these queries automatically in the form of a request to the telecommunications providers, summarizes their responses, and returns the results to the origin of the query. At this time there are over 100 organizations registered as authorized agencies, and a few more telecommunications providers who are obligated to comply with the procedure.

The automated procedure for data request/provision offers security organizations two concrete possibilities for formulating their queries: Requests can be made for information with reference to names and addresses, or with telephone numbers.

The manual procedure is always carried out bilaterally between security organizations and telecommunications providers and, in contrast to the automated procedure for data request/provision, is not free of charge. The Federal Network Agency is not involved in the operation of this procedure.

After the KDAV ordinance associated with §§ 111 and 112 of the Telecommunications Act went into effect on June 6th, 2017, the Federal Network Agency also published its associated technical guideline (TR-AAV) on Dec. 20th, 2017. This lays out the updated specifications for SARS/SARV and SBS/SBV, and puts the changes made to the Telecommunications Act since 2004 into effect. Whereas for the initiators of the requests (“authorized” entities) the changes to the electronic interface with the Federal Network Agency are manageable enough, the “obligated” entities need, besides new processes for providing additional types of data (such as date of birth, connection dates, and “other identifiers“), above all completely new software. Among other things, phonetic searches as well as searches in “historical” data sets are now supported. For both InfReq100 and InfBrok100, there are updates available that enable the implementation of TR-AAV.

The current technical guideline TR TKUEV 7.0, which must be implemented by June 14th, 2018, requires that telecommunications providers with more than 100,000 customers receive and respond to traffic data requests from investigative authorities through the ETSI-ESB interface. This interface is based on the exchange of XML documents via http in a VPN network administered by the Federal Network Agency. The application InfBrok100, which was developed by DIaLOGIKa for the integrated processing of authorized requests, and meanwhile put into operation by numerous large and medium-sized telecommunications providers, supports these and further interfaces and all associated requirements pursuant to TR TKÜV (including TKÜ and location detection in mobile communications). Connection to the systems that provide traffic and subscriber data is kept completely flexible and offers many different variations which we would be glad to explain to you in more detail.

Dialogika is, since March 23rd, 2020, a member of the European Telecommunication Standardization Institute (ETSI). Among other things, ETSI regulates the communication between investigative authorities and telecommunications providers within the framework of lawful interception and provision of information to authorities. It is ETSI’s technical specifications which form the basis for Federal Network Agency’s technical guidelines. So this ETSI membership now allows us, along with a few of our customers, to collaborate on the standardization process, which is to the advantage of all of our customers. This puts us among the first to receive the latest information. And naturally we incorporate it into our product development of InfReq100 and InfBrok100.