Ordinance
on the Surveillance of Post and Telecommunications
(SPTO)

¹ Sur­veil­lance Type RT_22_N­A_IRI com­prises the real-time sur­veil­lance of a net­work ac­cess ser­vice in the mo­bile com­mu­nic­a­tions sec­tor.

² The fol­low­ing sec­ond­ary tele­com­mu­nic­a­tions data of tele­com­mu­nic­a­tions traffic sent or re­ceived via the net­work ac­cess ser­vice un­der sur­veil­lance must be trans­mit­ted in real time:

a.

when ac­cess to the net­work is es­tab­lished or dis­con­nec­ted: the date, the time, the type of event and the tech­no­logy and, if ap­plic­able, the reas­on for dis­con­nec­tion;

b.

the type of cur­rent ac­cess to the net­work;

c.

the AAA in­form­a­tion used by the net­work ac­cess ser­vice un­der sur­veil­lance, in par­tic­u­lar the sub­scriber iden­ti­fi­ers and the as­so­ci­ated IM­SI or SUPI;

d.

the IP ad­dresses as­signed to the net­work ac­cess ser­vice and the as­so­ci­ated ter­min­al devices un­der sur­veil­lance and the date and time of each as­sign­ment;

e.

the avail­able ad­dress­ing re­sources and iden­ti­fi­ers of the net­work ac­cess ser­vice un­der sur­veil­lance, in par­tic­u­lar the as­so­ci­ated MS­ISDN or GP­SI and the as­so­ci­ated IM­SI or SUPI;

f.

the unique device iden­ti­fi­ers in ac­cord­ance with in­ter­na­tion­al stand­ards for the cur­rently as­so­ci­ated ter­min­al devices of the net­work ac­cess ser­vice un­der sur­veil­lance (e.g. IMEI, PEI, MAC ad­dress);

g.

the type, date and time of the start and if ap­plic­able the end of events that modi­fy the tech­nic­al prop­er­ties of the net­work ac­cess ser­vice un­der sur­veil­lance or its mo­bil­ity man­age­ment, and, if known, their causes;

h.

the cur­rent loc­a­tion data for the tar­get, the cells used or the non-3GPP ac­cess used, de­term­ined by the net­work if pos­sible and in­dic­ated ac­cord­ingly, whereby the loc­a­tion in­form­a­tion re­lat­ing to the tar­get from NAS sig­nalling mes­sages shall also be trans­mit­ted and, in the case of EPS and 5GS, the loc­a­tion in­form­a­tion shall be sup­ple­men­ted with the re­spect­ive as­so­ci­ated time stamp or the age of the loc­a­tion data, if avail­able;

i.

if pos­sible, in­form­a­tion on the pre­vi­ous and cur­rent net­work provid­ing the ser­vice;

j.

in­form­a­tion about any change in the as­signed ser­vice and device iden­ti­fi­ers, loc­a­tion-re­lated events and if ap­plic­able their reas­on, about any change in the net­work ele­ment provid­ing the ser­vice and iden­ti­fic­a­tion and au­then­tic­a­tion events in­volving the tar­get;

k.

in the case of 5G-tech­no­logy: ad­di­tion­al in­form­a­tion about as­sign­ing a new tem­por­ary iden­ti­fi­er for the tar­get.

³ The loc­a­tion data com­prise the as­so­ci­ated timestamps and, if avail­able, the type of net­work ac­cess point tech­no­logy used and:

a.

the iden­ti­fi­ers (e.g. cell or geo­graph­ic­al area iden­ti­fi­er) and the geo­graph­ic­al co­ordin­ates of the cells and if ap­plic­able the dir­ec­tions of emis­sion of the cells and in the case of a com­bined cell, ad­di­tion­al loc­a­tion data in ac­cord­ance with the ap­plic­able FD­JP reg­u­la­tions;

b.

the po­s­i­tion of the tar­get de­term­ined by the net­work, for ex­ample in the form of geo­graph­ic­al co­ordin­ates and the re­lated un­cer­tainty value, or in the form of poly­gons with de­tails of the geo­graph­ic­al co­ordin­ates of each poly­gon point;

c.

oth­er data on the loc­a­tion of the tar­get or of the cells in ac­cord­ance with in­ter­na­tion­al stand­ards;

d.

in the case of a non-3GPP ac­cess:

1.

the iden­ti­fi­ers or an­oth­er suit­able des­ig­na­tion (e.g. hot­spot name) for the non-3GPP ac­cess, the pub­lic source IP ad­dress for the se­cured con­nec­tion of the tar­get to the gate­way and, in the case of NAT, the source port num­ber and the pro­tocol, or

2.

the iden­ti­fi­er for the net­work ac­cess point and, if avail­able, its postal ad­dress.