ISO/TR 11769:2010

TECHNICAL ISO/TR
REPORT 11769
First edition
2010-10-01
Intelligent transport systems —
Communications access for land mobiles
(CALM) — Data retention for law
enforcement
Systèmes intelligents de transport — Accès aux communications des
services mobiles terrestres (CALM) — Conservation des données pour
application de la loi
Reference number
©
ISO 2010
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.

©  ISO 2010
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2010 – All rights reserved

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies
(ISO member bodies). The work of preparing International Standards is normally carried out through ISO
technical committees. Each member body interested in a subject for which a technical committee has been
established has the right to be represented on that committee. International organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the
International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of technical committees is to prepare International Standards. Draft International Standards
adopted by the technical committees are circulated to the member bodies for voting. Publication as an
International Standard requires approval by at least 75 % of the member bodies casting a vote.
In exceptional circumstances, when a technical committee has collected data of a different kind from that
which is normally published as an International Standard (“state of the art”, for example), it may decide by a
simple majority vote of its participating members to publish a Technical Report. A Technical Report is entirely
informative in nature and does not have to be reviewed until the data it provides are considered to be no
longer valid or useful.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO/TR 11769 was prepared by Technical Committee ISO/TC 204, Intelligent transport systems.

TECHNICAL REPORT ISO/TR 11769:2010(E)

Intelligent transport systems — Communications access for
land mobiles (CALM) — Data retention for law enforcement
1 Scope
This Technical Report reviews the intelligent transport systems (ITS) landscape and the provisions of data
retention (DR) to ITS deployments. In particular, it considers the communications access for land mobiles
(CALM) environment and the services offered in the IPv6 domain served by CALM and ITS in general.
NOTE The analysis in this Technical Report has been made with respect to the European Data Retention Directive
and applies in general.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of
data generated or processed in connection with the provision of publicly available electronic communications
services or of public communications networks and amending Directive 2002/58/EC
3 Terms and definitions
For the purposes of this document, the terms and definitions given in Directive 2006/24/EC and the following
apply.
3.1
retention storage
functional and physical means which serve as the repository where all data to be retained are stored,
enforcing all required security measures
3.2
supervisory authority
public authority which has been authorized by national legislation or regulation to act as the supervisor for the
data retention (DR) regulations and procedures in accordance with Directive 2006/24/EC
3.3
target
legal entity for which data retrieval is requested from the communications service provider (CSP), through the
data retention (DR) system
4 Abbreviated terms
CSP Communications Service Provider
DR Data Retention
DSL Digital Subscriber Line
ECN Electronic Communication Network
ECS Electronic Communication Service
IMEI International Mobile Equipment Identity
IMSI International Mobile Subscriber Identity
ITS Intelligent Transport Systems
LEA Law Enforcement Agency
LEMF Law Enforcement Monitoring Facility
5 Overview
The act of data retention (DR) is primarily to support the actions of law enforcement agencies acting in support
of investigation of criminal and terrorist offences, and for support of general forensic investigation resulting
from criminal and terrorist offences. In addition, access to retained data may be used in societal supporting
activities, such as the tracking of missing persons.
The EU directive on data retention (DR), Directive 2006/24/EC, defines the set of data to be retained and the
conditions under which the retained data is maintained by communications service providers (CSPs) operating
within the EU. Within the EU, CSPs are required to retain data sufficient to identify the form of communication
and the communicating parties of all complying communications for all users of the CSP's facilities
(irrespective of there being a direct relationship between the user and the CSP) for a pre-set period of time,
the retention period, after which the data should be deleted. During the retention period the retained data of a
subscriber can be made available to authorized law enforcement agencies (LEAs).
As the data may be required to be used in legal processes there is an implicit requirement to maintain and to
verify the integrity, validity, and quality of the retained data, that does not compromise the privacy of
subscribers and their data. CSPs are also required to report any failure of the DR system.
Data retention applies to all CSPs.
A CSP should provide mechanisms to ensure the retention and handover of signalling of specific CSP users if
required to by a lawful authority.
6 Data that can be retained by CSPs
6.1 Data identified in EU Directive 2006/
...