WPC ) 2^BP ZAntique Olive3|Jr Times New Roman (Bold)T6QPTimes New Roman"5^.=K\\!==\h.=.3\\\\\\\\\\33hhhQzzpf=Gpfzfpp=3=V\=Q\Q\Q=\\33\3\\\\=G3\\\\QX%Xc.====I=\\QQQQQzzQpQpQpQpQ=3=3=3=3\\\\\\\\\\Q\\\\\f\\QQzQzQpQpQpQ\\\\\I\=\===\G\fGN@.S\=Q\\\\\39\7\7==QQ\==\\=Q=7N=eehIjh\\j.=K\\!==\h.=.3\\\\\\\\\\33hhhQzzpf=Gpfzfpp=3=V\=Q\Q\Q=\\33\3\\\\=G3\\\\QX%Xc\=\Q\\=f===QQ@\=G=.=\\\\%\=3\h=\Ie77=jS.=79\Qzpppp====hf\QQQQQQzQQQQQ3333\\\\\\\e\\\\\\\yy2vo7ckknC{ohcnonwyXzXshn~|y;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;?Uvv3;;v;;;?vvvvvvvvvv;;rzvr7\}g}}kr}}}z;?;vcvro}Y;;r7\\\vovgYcYv;;3vMvvvkF;;;;33MMcvvz\F;;};?vvvvcvvcvk;cvvMMvov;vMvkrzvvvv7777}}}rrrrrro}}}};;;;vHP LaserJet 4Mroom 7024itional)HPLAS4M.WRSC\  P6Q,,,c%9P2 @3|ar Times New RomanTimes New Roman (Bold)Times New Roman (Italic) P6Q\B%gOP S- I. A. 1. a.(1)(a) i) a) 1. 1. 1. a.(1)(a) i) a)#C\  P6Qm8P##&I\  P6Q&P#2 vD p k* k a8DocumentgDocument Style StyleXX` `  ` a4DocumentgDocument Style Style . a6DocumentgDocument Style Style GX  a5DocumentgDocument Style Style }X(# 2[ 2 v tM  a2DocumentgDocument Style Style<o   ?  A.  a7DocumentgDocument Style StyleyXX` ` (#` BibliogrphyBibliography:X (# a1Right ParRight-Aligned Paragraph Numbers:`S@ I.  X(# 28  0  a2Right ParRight-Aligned Paragraph Numbers C @` A. ` ` (#` a3DocumentgDocument Style Style B b  ?  1.  a3Right ParRight-Aligned Paragraph Numbers L! ` ` @P 1. ` `  (# a4Right ParRight-Aligned Paragraph Numbers Uj` `  @ a. ` (# 2 j)a5Right ParRight-Aligned Paragraph Numbers _o` `  @h(1)  hh#(#h a6Right ParRight-Aligned Paragraph Numbersh` `  hh#@$(a) hh#((# a7Right ParRight-Aligned Paragraph NumberspfJ` `  hh#(@*i) (h-(# a8Right ParRight-Aligned Paragraph NumbersyW"3!` `  hh#(-@p/a) -pp2(#p 2#Tech InitInitialize Technical Style. k I. A. 1. a.(1)(a) i) a) 1 .1 .1 .1 .1 .1 .1 .1 Technicala1DocumentgDocument Style Style\s0  zN8F I. ׃  a5TechnicalTechnical Document Style)WD (1) . a6TechnicalTechnical Document Style)D (a) . 21a2TechnicalTechnical Document Style<6  ?  A.   a3TechnicalTechnical Document Style9Wg  2  1.   a4TechnicalTechnical Document Style8bv{ 2  a.   a1TechnicalTechnical Document StyleF!<  ?  I.   2 Q3 a7TechnicalTechnical Document Style(@D i) . a8TechnicalTechnical Document Style(D a) . Doc InitInitialize Document Stylez   0*0*0*  I. A. 1. a.(1)(a) i) a) I. 1. A. a.(1)(a) i) a)DocumentgPleadingHeader for Numbered Pleading PaperE!n    X X` hp x (#%'0*,.8135@8:"e@  %! !Heading 2Underlined Heading Flush Left14 Heading 1Centered Headingcal Style 4G Y * Ã  Bullet ListIndented Bullet List*M0 Y XX` ` (#` a1Order 8X X-I.x2;%!p"" ## #$p$a2Order!Ap X-xA.` ` a3Order"J* X-x` ` 1. a4Order#4 X- I. A. 1. a.(1)(a) i) a) I. A. 1. 1.(1)(a) i) a)I.xDocument[8]'Eg%Document StyleE O  O g% W4I O g$` ` ` 2;'%qm%&e%'eC&(&Document[4]'Eg%Document Style W4A O g% W4I O g%  . Document[6]'Eg%Document Style W4A O g% W4I O g&  Document[5]'Eg%Document Style W4A O g% W4I O g'  Document[2]'Eg%Document Style W4A O g% W4I O g(*    2))pm'*'+o(, )Document[7]'Eg%Document Style W4A O g% W4I O g)  ` ` ` Right Par[1]Eg%Right-Aligned Paragraph NumbersO g% W4I O g*8 @  Right Par[2]Eg%Right-Aligned Paragraph NumbersO g% W4I O g+A@` ` `  ` ` ` Document[3]'Eg%Document Style W4A O g% W4I O g,0     2,-).u*/"+0+Right Par[3]Eg%Right-Aligned Paragraph NumbersO g% W4I O g-J` ` ` @  ` ` ` Right Par[4]Eg%Right-Aligned Paragraph NumbersO g% W4I O g.S` ` `  @  Right Par[5]Eg%Right-Aligned Paragraph NumbersO g% W4I O g/\` ` `  @hhh hhh Right Par[6]Eg%Right-Aligned Paragraph NumbersO g% W4I O g0e` ` `  hhh@ hhh 2/1,2-3b.4/Right Par[7]Eg%Right-Aligned Paragraph NumbersO g% W4I O g1n` ` `  hhh@  Right Par[8]Eg%Right-Aligned Paragraph NumbersO g% W4I O g2w` ` `  hhh@ppp ppp Document[1]'Eg%Document Style W4A O g% W4I O g3F    ׃  Technical[5]Eg%Technical Document Style O g% W4I O g4&!"  . 225/6X07081Technical[6]Eg%Technical Document Style O g% W4I O g5&#$  . Technical[2]Eg%Technical Document Style O g% W4I O g6*%&    Technical[3]Eg%Technical Document Style O g% W4I O g7''(   Technical[4]Eg%Technical Document Style O g% W4I O g8&)*   2@9O2:2;3<v 4Technical[1]Eg%Technical Document Style O g% W4I O g94+$,     Technical[7]Eg%Technical Document Style O g% W4I O g:&-.  . Technical[8]Eg%Technical Document Style O g% W4I O g;&/0  . MACNormal<;     X` hp x (#%'0*,.8135@8:<    #:}D4P XP#T I. A. 1. a.(1)(a) i) a)T,0*ÍÍ,*Í ., US!!!! ! #:}D4P XP#     X` hp x (#%'0*,.8135@8:<    #:}D4P XP#,0*ÍÍ,*Í ., US!!!! ! #:}D4P XP#2C=o@> A?iA@CFootnote=Íčfootnote tex#>'p #FxX  Pg9CXP#header?Ax 4 <D  #FxX  Pg9CXP# reference@;#FxX  Pg9CXP#2aIA~CBiKEC^FDOHitemizeX1A&V 8F ` hp xr#FxX  Pg9CXP#header2BI ` hp x`    #FxX  Pg9CXP# heading 3CF` hp x #FxX  Pg9CXP# footer!D!!#d\  PCP#2eLE IFJGraKHKCitatorFormat Secretary's Citator Output FileEW r5-#d6X@`7Ͽ@# XX  X B r5-S  BFormat DownloadFormat Downloaded DocumentFiޛ r5- XX    \ #d6X@`7Ͽ@#a2AgendaGa1AgendaAgenda ItemsH7D yP ) I. 2NIrLJ MKML[Na3AgendaIHeadingChapter HeadingJJ d  ) I. ׃  Right ParRight-Aligned Paragraph NumbersK>a݅@  I.   X(# SubheadingSubheadingL0\ E A.  2eRMd#ONOOPP14QHIGHLIGHT 1Italics and BoldldeddM+. DRAFT ONHeader A Text = DRAFT and DateN X =8` (#FDRAFTă r  ` (#=D3 1, 43 12pt (Z)(PC-8))T2Dă  ӟDRAFT OFFTurn Draft Style offO@@    LETTER LANDLetter Landscape - 11 x 8.5P 3'3'Standard'3'3StandardLetter Portrait - 8.5 x 11 ;   2VQ1RR1SS1TTn*VLEGAL LANDLegal Landscape - 14 x 8.5Qf 3'3'Standard'A'AStandardZ K e6VE L"nu;   LETTER PORTLetter Portrait - 8.5 x 11RL 3'3'Standard3'3'StandardZ K e6VE L"nU9   LEGAL PORTLegal Portrait - 8.5 x 14S 3'3'StandardA'A'StandardLetter Portrait - 8.5 x 119   TITLETitle of a DocumentTK\ * ă28ZUVVdKWWjWXXBLOCK QUOTESmall, single-spaced, indentedUN X HIGHLIGHT 2Large and Bold LargeVB*d. HIGHLIGHT 3Large, Italicized and UnderscoredW V -qLETTERHEADLetterhead - date/marginsXu H XX  3'3'LetterheadZ K e VE L"n3'3'LetterheadZ K e VE L"nE9    * 3'3'LetterheadZ K e VE L"n3' II"n"Tv3'StandarddZ K e VE L"nU9 Ѓ   2L_YEjZZ-[[8\\8^INVOICE FEETFee Amount for Math InvoiceY ,, $0$0  MEMORANDUMMemo Page FormatZD.   ! M E M O R A N D U M ă r  y<N dddy   INVOICE EXPSEExpense Subtotals for Math Invoice[:A ,p, $0$00INVOICE TOTTotals Invoice for Math Macro\z 4p, $0$002-b]~_^Xa_[wa`[aINVOICE HEADRHeading Portion of Math Invoice]+C`*   4X 99L$0 **(  ӧ XX NORMALReturn to Normal Typestyle^SMALLSmall Typestyle_FINEFine Typestyle`2da[_bb[bc[cdpcLARGELarge TypestyleaEXTRA LARGEExtra Large TypestylebVERY LARGEVery Large TypestylecENVELOPEStandard Business Envelope with Headerd+w ,,EnvelopeZ K e VE L"n,,EnvelopeLarge, Italicized and Under;    ,, 88+  `   2keX%ef}egfhf1edfStyle 14Swiss 8 Pt Without Marginsf$$D Co> PfQ  )a [ PfQO Style 12Dutch Italics 11.5g$$F )^ `> XifQ  )a [ PfQO Style 11Initial Codes for Advanced IIhJ )a [ PfQK  dddn  #  [ X` hp x (#%'b, oT9 ! )^ `> XifQ ` Advanced Legal WordPerfect II Learning Guide   x )^ `> XifQ Advanced Legal WordPerfect II Learning Guide   j-n )^ `> XifQ    Copyright  Portola Systems, Inc. 1987, 1988`6 >Page  jBX )^ `> XifQ    Page ` Copyright  Portola Systems, Inc. 1987, 1988 2nilkj:mkml|bnStyle 3oDutch Roman 11.5 with Margins/Tabsi )a [ PfQO  ddn  # c0*b, oT9 !Style 4 PSwiss 8 Point with MarginsjDq Co> PfQ  dddd  #  Style 1.5Dutch Roman 11.5 Fontk4h )a [ PfQO  dddn Style 2Dutch Italic 11.5l$ )^ `> XifQ 2umonooPpppStyle 5Dutch Bold 18 Pointm$RH$L T~> pfQ_  )a [ PfQO Style 7Swiss 11.5n$$V )ao> PfQ ]  )a [ PfQO Style 6Dutch Roman 14 Pointo$$N w [ PfQ   )a [ PfQO Style 10oInitial Codes for Advancedp U )a [ PfQK  dddn  ##  [[ b, oT9 !b, oT9 !n )^ `> XifQ ` Advanced Legal WordPerfect Learning Guide   f )^ `> XifQ Advanced Legal WordPerfect Learning Guide   Q" )^ `> XifQ    Copyright  Portola Systems, Inc. 1987, 1988`6 >Page  QN~ )^ `> XifQ    Page ` Copyright  Portola Systems, Inc. 1987, 1988 2q)vr0{s5tlKStyle 8PfInitial Codes for Beginninggqi )a [ PfQK  dddn  # X` hp x (#%'b, oT9  [ &e )^ `> XifQ ` Beginning Legal WordPerfect Learning Guide   d )^ `> XifQ Beginning Legal WordPerfect Learning Guide   jH )^ `> XifQ    Copyright  Portola Systems, Inc. 1987, 1988`6 >Page  j )^ `> XifQ    Page ` Copyright  Portola Systems, Inc. 1987, 1988 Style 9Initial Codes for Intermediater )a [ PfQK  dddn  # X` hp x (#%'b, oT9 Њ [ e )^ `> XifQ ` Intermediate Legal WordPerfect Learning Guide   3 )^ `> XifQ Intermediate Legal WordPerfect Learning Guide   jf )^ `> XifQ    Copyright  Portola Systems, Inc.`+ >Page  jX )^ `> XifQ    Page ` Copyright  Portola Systems, Inc. 1987, 1988 UpdateInitial Codes for Update Modules )a [ PfQK  dddn  #  [ X` hp x (#%'b, oT9 !n )^ `> XifQ ` Legal WordPerfect 5.0 Update Class Learning Guide   f )^ `> XifQ Legal WordPerfect 5.0 Update Class Learning Guide   Q" )^ `> XifQ    Copyright  Portola Systems, Inc. 1987, 1988`7 CPage  jN~ )^ `> XifQ    Page ` Copyright  Portola Systems, Inc. 1987, 1988 footnote textft2uev Nwfx}2footnote reference#u MACDocumentv4     X` hp x (#%'0*,.8135@8:<     #:}D4P XP# T I. A. 1. a.(1)(a) i) a)T,0*ÍÍ,*Í ., US!!!! ! #:}D4P XP##u\4 PXP#     X` hp x (#%'0*,.8135@8:<     #:}D4P XP# ,0*ÍÍ,*Í ., US!!!! ! #:}D4P XP##:}D4PXP#para numnumbered indented paragraphsw' Y- 1.(i) 1) 1.#Xw P7[hXP# 1. 1.Ҳa1Paragraph R!1. a. i. (1) (a) (i) 1) a)D )DDDFrfx$ 2Cyzi{|a2Paragraph R!1. a. i. (1) (a) (i) 1) a)D )DDDFrfy/` ` ` a3Paragraph R!1. a. i. (1) (a) (i) 1) a)D )DDDFrfz:` ` `  a4Paragraph R!1. a. i. (1) (a) (i) 1) a)D )DDDFrf{E` ` `  a5Paragraph R!1. a. i. (1) (a) (i) 1) a)D )DDDFrf|P  ` ` ` hhh 2(}u~)va6Paragraph R!1. a. i. (1) (a) (i) 1) a)D )DDDFrf}[   a7Paragraph R!1. a. i. (1) (a) (i) 1) a)D )DDDFrf~f  a8Paragraph R!1. a. i. (1) (a) (i) 1) a)D )DDDFrfq heading 4heading 4 22vZvЛvFvheading 5heading 5 heading 6heading 6 heading 7heading 7 heading 8heading 8 2֠ldvНrFDefault Paragraph FoDefault Paragraph Font endnote textendnote text endnote referenceendnote reference toc 1toc 1` hp x (#(#`(#`` hp x (#2&Dbtoc 2toc 2` hp x (#` (#`` (#`` hp x (#toc 3toc 3` hp x (#` (#` (#` hp x (#toc 4toc 4` hp x (# (# (#` hp x (#toc 5toc 5` hp x (#h(#h(#` hp x (#2vЫFdtoc 6toc 6` hp x (#(# (# ` hp x (#toc 7toc 7 toc 8toc 8` hp x (#(# (# ` hp x (#toc 9toc 9` hp x (#(#`(#`` hp x (#2Ҳvindex 1index 1` hp x (#` (#` (#` hp x (#index 2index 2` hp x (#` (#`` (#`` hp x (#toa headingtoa heading` hp x (#(#(#` hp x (#captioncaption 2clZ"d|_Equation Caption_Equation Caption 1, 2, 3,?@65NumbersO@/"=(1*1÷$t ?.E1.A, B,t ?@65Uppercase Letters1 ?*1÷$t ?.E .footnote refK&7>footnote referenceGw) "7>NGI "+WX2akpage numberK&7>page number"Gw* "7>NGI "(YZDefault ParaK&7>Default Paragraph Fontw+ "7>NGI "([(\endnote refeK&7>endnote referenceGw- "7>NGI "+_+`annotation rK&7>annotation referenceGw. "7>NGI "OaOb#Xv P7XP##Xv P7XP#2E׽rannotation tK&7>annotation textGw/ "7>NGI "2c(d2G2*(K&7>Right-Aligned Paragraph Numbers"7>NGI "8ij@  3G3*(K&7>Right-Aligned Paragraph Numbers"7>NGI "Akl@` ` `  ` ` ` 4G4*(K&7>Right-Aligned Paragraph Numbers"7>NGI "Jmn` ` ` @  ` ` ` 22Hj5G5*(K&7>Right-Aligned Paragraph Numbers"7>NGI "Sop` ` `  @  6G6*(K&7>Right-Aligned Paragraph Numbers"7>NGI "\qr` ` `  @hhh hhh 7G7*(K&7>Right-Aligned Paragraph Numbers"7>NGI "est` ` `  hhh@ hhh 8G8*(K&7>Right-Aligned Paragraph Numbers"7>NGI "nuv` ` `  hhh@  2dp5U9G9*(K&7>Right-Aligned Paragraph Numbers"7>NGI "wwx` ` `  hhh@ppp ppp 10G0*(Q&7tDocument Style Gl0 "7t GI "צGH` ` ` 11G1*(Q&7tTechnical Document Style "7t GI "ק4I$J     12G2*(Q&7tTechnical Document Style "7t GI "ר*KL    2V#L13G3*(Q&7tTechnical Document Style "7t GI "ש'MN   14G4*(Q&7tTechnical Document Style "7t GI "ת&OP   15G5*(Q&7tTechnical Document Style "7t GI "׫&QR  . 16G6*(Q&7tTechnical Document Style "7t GI "׬&ST  . 2 $17G7*(Q&7tTechnical Document Style "7t GI "׭&UV  . 18G8*(Q&7tTechnical Document Style "7t GI "׮&WX  . 19G9*(Q&7tRight-Aligned Paragraph Numbers"7t GI "ׯ8YZ@  20G:*(Q&7tRight-Aligned Paragraph Numbers"7t GI "װA[\@` ` `  ` ` ` 2B21G;*(Q&7tRight-Aligned Paragraph Numbers"7t GI "ױJ]^` ` ` @  ` ` ` 22G<*(Q&7tRight-Aligned Paragraph Numbers"7t GI "ײS_`` ` `  @  23G=*(Q&7tRight-Aligned Paragraph Numbers"7t GI "׳\ab` ` `  @hhh hhh 24G>*(Q&7tRight-Aligned Paragraph Numbers"7t GI "״ecd` ` `  hhh@ hhh 2&25G?*(Q&7tRight-Aligned Paragraph Numbers"7t GI "׵nef` ` `  hhh@  26G@*(Q&7tRight-Aligned Paragraph Numbers"7t GI "׶wgh` ` `  hhh@ppp ppp 27wSg K6w Right-Aligned Paragraph Numbersܺ*HںwSg EJmn` ` @  ` `  28wSg L6w Right-Aligned Paragraph Numbersܺ*HںwSg ESop` `  @  2zB29wSg M6w Right-Aligned Paragraph Numbersܺ*HںwSg E\qr` `  @hh# hhh 30wSg N6w Right-Aligned Paragraph Numbersܺ*HںwSg Eest` `  hh#@( hh# 31wSg O6w Right-Aligned Paragraph Numbersܺ*HںwSg Enuv` `  hh#(@- ( 32wSg P6w Right-Aligned Paragraph Numbersܺ*HںwSg Ewwx` `  hh#(-@pp2 -ppp 2pEe33wSg R6w Document Style=(H8g Rܺ*HںwSg E{|` ` ` 34wSg S6w Technical Document Styleg Sܺ*HںwSg E4}$~     35wSg T6w Technical Document Styleg Tܺ*HںwSg E*    36wSg U6w Technical Document Styleg Uܺ*HںwSg E'   2\f37wSg V6w Technical Document Styleg Vܺ*HںwSg E&   38wSg W6w Technical Document Styleg Wܺ*HںwSg E&  . 39wSg X6w Technical Document Styleg Xܺ*HںwSg E&  . 40wSg Y6w Technical Document Styleg Yܺ*HںwSg E&  . 2s441wSg Z6w Technical Document Styleg Zܺ*HںwSg E&  . 42wSg [6w Right-Aligned Paragraph Numbersܺ*HںwSg E8@   43wSg \6w Right-Aligned Paragraph Numbersܺ*HںwSg EA@` `  ` ` ` 44wSg ]6w Right-Aligned Paragraph Numbersܺ*HںwSg EJ` ` @  ` `  2R45wSg ^6w Right-Aligned Paragraph Numbersܺ*HںwSg ES` `  @  46wSg _6w Right-Aligned Paragraph Numbersܺ*HںwSg E\` `  @hh# hhh 47wSg `6w Right-Aligned Paragraph Numbersܺ*HںwSg Ee` `  hh#@( hh# 48wSg a6w Right-Aligned Paragraph Numbersܺ*HںwSg En` `  hh#(@- ( 2L49wSg b6w Right-Aligned Paragraph Numbersܺ*HںwSg Ew` `  hh#(-@pp2 -ppp 50wSg c6w Document Style=(H8g cܺ*HںwSg EF *  ׃  51wSg d6w Right-Aligned Paragraph Numbersܺ*HںwSg EJ` ` @  ` `  52wSg e6w Right-Aligned Paragraph Numbersܺ*HںwSg ES` `  @  2D 53wSg f6w Right-Aligned Paragraph Numbersܺ*HںwSg E\` `  @hh# hhh 54wSg g6w Right-Aligned Paragraph Numbersܺ*HںwSg Ee` `  hh#@( hh# 55wSg h6w Right-Aligned Paragraph Numbersܺ*HںwSg En` `  hh#(@- ( 56wSg i6w Right-Aligned Paragraph Numbersܺ*HںwSg Ew` `  hh#(-@pp2 -ppp 2`p/57wSg j6w Document Style=(H8g jܺ*HںwSg E` ` ` 58wSg k6w Technical Document Styleg kܺ*HںwSg E4$     59wSg l6w Technical Document Styleg lܺ*HںwSg E*    60wSg m6w Technical Document Styleg mܺ*HںwSg E'   2&061wSg n6w Technical Document Styleg nܺ*HںwSg E&   62wSg o6w Technical Document Styleg oܺ*HںwSg E&  . 63wSg p6w Technical Document Styleg pܺ*HںwSg E&  . 64wSg q6w Technical Document Styleg qܺ*HںwSg E&  . 2=l65wSg r6w Technical Document Styleg rܺ*HںwSg E&  . 66wSg s6w Right-Aligned Paragraph Numbersܺ*HںwSg E8@   67wSg t6w Right-Aligned Paragraph Numbersܺ*HںwSg EA@` `  ` ` ` 68wSg u6w Right-Aligned Paragraph Numbersܺ*HںwSg EJ` ` @  ` `  2Yo69wSg v6w Right-Aligned Paragraph Numbersܺ*HںwSg ES` `  @  70wSg w6w Right-Aligned Paragraph Numbersܺ*HںwSg E\` `  @hh# hhh 71wSg x6w Right-Aligned Paragraph Numbersܺ*HںwSg Ee` `  hh#@( hh# 72wSg y6w Right-Aligned Paragraph Numbersܺ*HںwSg En` `  hh#(@- ( 2>\73wSg z6w Right-Aligned Paragraph Numbersܺ*HںwSg Ew` `  hh#(-@pp2 -ppp 74wSg {6w Document Style=(H8g {ܺ*HںwSg EF *  ׃  75wSg |6w Document Style=(H8g |ܺ*HںwSg E*   76wSg }6w Document Style=(H8g }ܺ*HںwSg E0    2qpeeFp77wSg ~6w Document Style=(H8g ~ܺ*HںwSg E  . 78wSg 6w Document Style=(H8g ܺ*HںwSg E  79wSg 6w Document Style=(H8g ܺ*HںwSg E  80wSg 6w Document Style=(H8g ܺ*HںwSg E` ` ` 2pMm 81wSg 6w Document Style=(H8g ܺ*HںwSg E` ` ` 82wSg 6w Technical Document Styleg ܺ*HںwSg E4$     83wSg 6w Technical Document Styleg ܺ*HںwSg E*    84wSg 6w Technical Document Styleg ܺ*HںwSg E'   2dn85wSg 6w Technical Document Styleg ܺ*HںwSg E&   86wSg 6w Technical Document Styleg ܺ*HںwSg E&  . 87wSg 6w Technical Document Styleg ܺ*HںwSg E&  . 88wSg 6w Technical Document Styleg ܺ*HںwSg E&  . 2{%<89wSg 6w Technical Document Styleg ܺ*HںwSg E&  . 90wSg 6w Right-Aligned Paragraph Numbersܺ*HںwSg E8@   91wSg 6w Right-Aligned Paragraph Numbersܺ*HںwSg EA@` `  ` ` ` 92wSg 6w Right-Aligned Paragraph Numbersܺ*HںwSg EJ` ` @  ` `  2Z93wSg 6w Right-Aligned Paragraph Numbersܺ*HںwSg ES` `  @  94wSg 6w Right-Aligned Paragraph Numbersܺ*HںwSg E\` `  @hh# hhh 95wSg 6w Right-Aligned Paragraph Numbersܺ*HںwSg Ee` `  hh#@( hh# 96wSg 6w Right-Aligned Paragraph Numbersܺ*HںwSg En` `  hh#(@- ( 2XhK97wSg 6w Right-Aligned Paragraph Numbersܺ*HںwSg Ew` `  hh#(-@pp2 -ppp 98wSg 6w Default Paragraph Font8g ܺ*HںwSg E;;#x6X@7X@##b6X@C@# ~)C8*,m8C  PT6QP -J=.,&J  PT6Q&P, -N=.,&N  pTQ& S,%, J,  PT6QJPSg9xS]?g9xSi+SS88WuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxNI\\>>>\g0>03\\\\\\\\\\33gggQyyrg>Frgygrr>3>T\>Q\Q\Q>\\33\3\\\\>F3\\\\QX%Xc>0cT>>>0>>>>>>>>\3QQQQQwyQrQrQrQrQ>3>3>3>3\\\\\\\\\\Q\Z\\\g\QQQyQyQycyQtrQrQrQrQ\\\c\c\>3>\>>>\gcc\r3rIr>r>r3\l\\\\y>y>y>gFgFgFgcrMr3rT\\\\\\crQrQrQ\r>\gFr>\t0\\=!=WxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxNBnnBT\>Q\\\\\3;\7;\7>>QQ\??n\\pBnnBmgg>Q\7"yyyy\njc\gnn\2i X0KKK Times New RomanTimes New Roman BoldTimes New Roman ItalicTimes New Roman Bold Italic"i~'^5>g\\>>>\g0>03\\\\\\\\\\>>ggg\yyrF\yrgyy>3>j\>\gQgQ>\g3>g3g\ggQF>g\\\QI(I_>0_j>>>0>>>>>>\>g3\\\\\QyQyQyQyQD3D3D3D3g\\\\gggg\\g\\\\pg\\\QQ_QyQyQyQyQ\\\_\gjF3FgF>Fgg__gy3ySy>yIy3ggg\\QQQgFgFgFg_y^y>yjgggggg_yQyQyQgy>ggFy>\0\\=2=WxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxNBnnBa\>\\\\\\7>\7>\7>>\\\??n\\pBnnBsgg>\\7"yyyy\nlc\gnn\"i~'^ %,77\V%%%7>%7777777777>>>0eOIIOD>OO%*ODaOO>OI>DOOgOOD%%37%07070%777V7777%*77O77055;%;3%%%%%%%%%%%7O0O0O0O0O0aHI0D0D0D0D0%%%%O7O7O7O7O7O7O7O7O7O7O0O7O6O7O7O7>7O0O0O0I0I0I;I0OED0D0D0D0O7O7O7O;O7O;O7%%7%%%7M>;;O7DD,D%D%DO7AO7O7O7O7aOI%I%I%>*>*>*>;D.DD3O7O7O7O7O7O7gOO;D0D0D0O7D%O7>*D%O7E77%%WMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxN(BB(37%07777j7#TT7!#TT7T!%%007n&&Bn77lCTn(nBB(A\\>>n%07\n!"IIIITTenn7TnB@;7>lBBn7"i~'^"(22TN"""28"2222222222888,\HBBH>8HH"&H>XHH8HB8>HH^HH>"".2",2,2,"222N2222"&22H22,006"6."""""""""""2H,H,H,H,H,XAB,>,>,>,>,""""H2H2H2H2H2H2H2H2H2H2H,H2H1H2H2H282H,H,H,B,B,B6B,H?>,>,>,>,H2H2H2H6H2H6H2""2"""2F866H2>>(>">">H2;H2H2H2H2XHB"B"B"8&8&8&86>*>>.H2H2H2H2H2H2^HH6>,>,>,H2>"H28&>"H2?22!!WFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxN$<<$.2",2222`2 LL2 LL2L"",,2d""M\\>>>\}0>03\\\\\\\\\\>>}}}\rryrr>Qygyrr\grrggF3FM\>\\Q\Q3\\33Q3\\\\FF3\QyQQFI3Ic>0cM>>>0>>>>>>\>\3r\r\r\r\r\yyQrQrQrQrQ>3>3>3>3y\\\\\\\\\gQr\\\\gQ\r\r\r\r\yQyQycyQnrQrQrQrQ\\\c\c\>3>\>>>\\ccyQg3gBg>g;g3y\jy\y\\\yrFrFrF\F\F\FccgBg3gM\\\\\\ygcgFgFgF\g>y\\Fg>g\n0\\=(=WddddddddddddddddddddddddddddddddddddddddNBnnB_\F\\\\\\3;\7;\7>>gg\??n\\pBnnBb\\>g\7"yyyy\njc\}nn\"i~'^09]SS999S]+9+/SSSSSSSSSS99]]]Sxnxxng?Snxgx]nxxxxn9/9aS9S]I]I9S]/9]/]S]]I?9]SxSSIC%CW9+Wa999+999999S9]/xSxSxSxSxSxxInInInInI>/>/>/>/x]SSSSx]x]x]x]xSxSx]SSxSxSf]xSxSxSxIxIxWxIx{nInInInISSSWS]a?/?]?9?]]WW]n/nKn9nCn/x]xx]x]SSxxIxIxI]?]?]?]WnUn9nax]x]x]x]x]x]xxWnInInIx]n9x]]?n9xSz+SS8-8WuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxN>>\g0>03\\\\\\\\\\>>ggg\yyyyyF\yrrygryyrr>3>g\>\\Q\Q>\g33\3g\\\FF3gQy\QF>(>g>0gg>>>0>>>>>>\>\3y\y\y\y\y\yQyQyQyQyQF3F3F3F3g\\\\ggggrQy\\\\rQ\r\y\y\y\yQyQygyQyQyQyQyQ\\\g\ggF3F\F>F\gggy\r3r_r>rFr3ggg\\yFyFyFgFgFgFggrcr3rgggggggyrgrFrFrF\r>ggFr>r\0\\=3=WddddddddddddddddddddddddddddddddddddddddNBnnB\\F\\\\\\07\7>\7>>\\\??n\\pBnnBigg>\\7"yyyy\nyc\gnn\"5^*7DTT77T^*7*.TTTTTTTTTT..^^^Jyooyf]yy7Ayfyy]yo]fyyyyf7.7NT7JTJTJ7TT..T.TTTT7A.TTyTTJP!PZ*7777B7TTyJyJyJyJyJooJfJfJfJfJ7.7.7.7.yTyTyTyTyTyTyTyTyTyTyJyTyTyTyTyT]TyTyJyJoJoJfJfJfJyTyTyTyTyTBT7T777TAyTy]AN:*LT7JTTTTT.4}}T2T}277JJT77TT7J72N7\\^B`^TT`*7DTT77T^*7*.TTTTTTTTTT..^^^Jyooyf]yy7Ayfyy]yo]fyyyyf7.7NT7JTJTJ7TT..T.TTTT7A.TTyTTJP!PZT7TJTT7]777JJ:T7A7yy*7TTTT!T7.T^7TB\227`L*724T}}}Jyyyyyyoffff7777yyyyyyy^yyyyyy]TJJJJJJoJJJJJ....TTTTTTT\TTTTTTT1a=5,<t&a9 xOG;&2% Z#"5^.=e\\3==\h.=.3\\\\\\\\\\==hhh\zzpG\zpfzz=3=j\=\fQfQ=\f3=f3f\ffQG=f\\\QH)H_.====I=\f\\\\\QzQzQzQzQG3G3G3G3f\\\\ffff\\f\\\\pf\\\QQzQzQzQ\\\ffIfGfG=Gf\\fGN@.c\=\\\\\\7<\7\7==\\\==\\=\=7N=eehIjh\\j.=e\\3==\h.=.3\\\\\\\\\\==hhh\zzpG\zpfzz=3=j\=\fQfQ=\f3=f3f\ffQG=f\\\QH)H_\=\\\\=f===\\@\=G=.=\\\\)\=7\h=\Ie77=jc.=7<\\zzzzGGGGhpf\\\\\\QQQQQ3333\f\\\\\e\ffff\f"5^%-77\V%%7>%7777777777>>>1ePIIPC=PP%+PCbPP=PI=CPPhPPC%%47%17171%777V7777%+77P77155<%%%%,%77P1P1P1P1P1bII1C1C1C1C1%%%%P7P7P7P7P7P7P7P7P7P7P1P7P7P7P7P7=7P7P1P1I1I1C1C1C1P7P7P7P7P7,7%7%%%7+P7bP=+N'27%177777"RR7!TT7R!%%117n%%77ln%1n%!N%<<>,?>77?VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV%-77\V%%7>%7777777777>>>1ePIIPC=PP%+PCbPP=PI=CPPhPPC%%47%17171%777V7777%+77P77155%T7,PPPPPP=7111111I111117777777<7777777"5^!)22SN!!28!2222222222888,\HCCH=8HH!'H=YHH8HC8=HH^HH=!!/2!,2,2,!222N2222!'22H22,006!!!!(!22H,H,H,H,H,YCC,=,=,=,=,!!!!H2H2H2H2H2H2H2H2H2H2H,H2H2H2H2H282H2H,H,C,C,=,=,=,H2H2H2H2H2(2!2!!!2'H2YH8'N#-2!,22222KK2LL2K!!,,2d!!22bd!,d!N!778(:822:NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN!)22SN!!28!2222222222888,\HCCH=8HH!'H=YHH8HC8=HH^HH=!!/2!,2,2,!222N2222!'22H22,006N2N!2,d22!d8!YNNNN!!,,#2d!b'!HNNH!22222!L28!L2(7!:-!2KKK,HHHHHHYC====!!!!HHHHHHH8HHHHHH82,,,,,,C,,,,,222222272222222 ~)C8*,m8C  PT6QP -J=.,&J  PT6Q&P, -N=.,&N  pTQ& S,%, J,  PT6QJP K(!,9,(  PT6Q,Pj ~)C8*,'C  xTQX$"'ԍ47 U.S.C.  1004.E  N'  ,%2.` ` In prescribing these rules, we have fully considered the comments filed in response to the  ,NPRM. As explained below, we take this action pursuant to the authority granted to the Commission  ,under section 105 of CALEA and section 229 of the Communications Act of 1934, as amended.  ,Accordingly, we conclude that telecommunications carriers must ensure that "any interception of  ,communications or access to callidentifying information effected within its switching premises can be  ,activated only in accordance with a court order or other lawful authorization and with the affirmative"( ,?)?)"  N' ,*intervention of an individual officer or employee of the carrier"G ~Jh'ԍ47 U.S.C.  1004. G acting in accordance with the regulations  N'adopted herein.YX ~J'ԍ47 U.S.C.  1004; 47 U.S.C.  229.Y  Sg'A II. BACKGROUND Đ\  S' e 3.` ` CALEA, enacted on October 25, 1994, was intended to preserve the ability of law  x enforcement officials to conduct electronic surveillance effectively and efficiently in the face of rapid  S' xadvances in telecommunications technology.}c` yO# 'ԍ140 Cong. Rec. H10779 (daily ed. October 7, 1994) (statement of Rep. Hyde).} In enacting this statute, however, Congress recognized the  xneed to protect privacy interests within the context of courtauthorized electronic surveillance. Thus, in  xdefining the terms and requirements of the Act, Congress sought to balance three important policies: "(1)  xto preserve a narrowly focused capability for law enforcement agencies to carry out properly authorized  xintercepts; (2) to protect privacy in the face of increasingly powerful and personally revealing  xtechnologies; and (3) to avoid impeding the development of new communications services and  Si 'technologies."ri xc` yO'ԍH.R. Rep. No. 103827, 103d Cong., 2d Sess., pt. 1, at 13 (1994).r   S ' e  4. ` ` Section 105: Systems Security and Integrity. Section 105 of CALEA specifically seeks  xto ensure the protection of telecommunications carriers' systems security and integrity by requiring that  x"[a] telecommunications carrier shall ensure that any interception of communications or access to call xidentifying information effected within its switching premises can be activated only in accordance with  xga court order or other lawful authorization and with the affirmative intervention of an individual officer  S' x7or employee of the carrier acting in accordance with regulations prescribed by the Commission."E c` yO'ԍ47 U.S.C.  1004.E As the  xplain language of the statute emphasizes, the Commission has the authority to prescribe rules that  xtelecommunications carriers must follow to accomplish this task. Section 301 of CALEA, amending the  xkCommunications Act of 1934 to add section 229, specifically grants the Commission the general authority  S8' xto "prescribe such rules as are necessary to implement the requirements of the Communications Assistance  S' xfor Law Enforcement Act."G c` yO='ԍ47 U.S.C.  229(a).G More specifically, as section 229(b) directs, "[t]he rules prescribed pursuant  x7to subsection (a) shall include rules to implement section 105 of the Communications Assistance for Law  S'Enforcement Act."G ( c` yOg!'ԍ47 U.S.C.  229(b).G  S9' e 5. ` ` With this goal in mind, the NPRM tentatively concluded that section 105 of CALEA  ximposes a duty on each telecommunications carrier to ensure that only lawful interceptions will occur on  xits premises, and that unlawful interceptions occurring on its premises will constitute a violation of that" ,''"  S' xduty.A c` yOh'ԍNPRM at  26.A We also tentatively concluded that this duty required each telecommunications carrier to ensure  x}that employees designated to implement and have access to these interceptions would only perform  xauthorized interceptions, and that they would not reveal the existence, or the content, of these interceptions  xto anyone other than authorized law enforcement personnel, except as required by a court of competent  S4'jurisdiction or appropriate legislative or regulatory body.F 4Xc` {O,'ԍId. at  26.F  S' e 6. ` ` To reconcile the different use of language between section 105 of CALEA and section  x229 of the Communications Act, we tentatively concluded that Congress intended rules prescribed to  xVimplement CALEA security requirements to apply to all telecommunications carriers as that term is  S5' xDdefined by section 102(8) of that statute.F5c` {O 'ԍId. at  38.F We further concluded that section 105 of CALEA and section  x229(b) of the Communications Act should be read consistently, and that the rules promulgated pursuant  S' xMto section 229 shall apply to all telecommunications carriers as defined by section 102(8) of CALEA.F|c` {O'ԍId. at  38.F   S6 ' e =7.` ` Section 229(b)(1): Appropriate Policies and Procedures for Employee Supervision. The  xNPRM proposed various rules to implement section 105 of CALEA. First, we tentatively concluded that  xappropriate legal authorization for the purposes of CALEA should encompass what is required by 18  S ' x&U.S.C.  2518. c` {OK' "N ԍId. at  29. For example, to obtain a court order authorizing the interception of a wire, or electronic  x communication, a law enforcement officer must submit a written application to a court of competent jurisdiction.  x The application must include information such as the identity of the officer making the application, a complete  xU statement of facts supporting the application, a statement of whether other investigative procedures have been tried  x and failed or of why they appear reasonably unlikely to succeed or are too dangerous to attempt, and a statement of the period of time for which the interception is required. 18 U.S.C.  2518(1). We therefore proposed a rule to require carriers to state in their internal policies and  xprocedures that their personnel must receive a court order or, under exigent circumstances, an order from  x7a specially designated investigative or law enforcement officer, before assisting law enforcement officials  S' x^in implementing electronic surveillance.G c` yO,'ԍNPRM at  29.G Additionally, we proposed to require carriers to incorporate into  S'their policies and procedures the list of the exigent circumstances found at 18 U.S.C.  2518(7).:c` {O 'ԍId.:  Sk' e 8.` ` Furthermore, to establish carriers' security policies, we examined the express language of  xsection 229(b)(1) and proposed that the term "appropriate authorization," as used therein, should be  xdefined as the authorization that a carrier's employee needs from the carrier to engage in interception  S' x7activity.Fc` {O&'ԍId. at  25.F Our proposals included a requirement for carriers to designate specific employees, officers, or"<,''{"  xpboth to assist law enforcement officials in implementing lawful interceptions and to indicate in their  S' xpolicies and procedures that only designated employees may conduct these interceptions.Fc` {O5'ԍId. at  30.F We further  x}proposed that nondesignated employees be permitted to assist with certain legal surveillance work,  xprovided that they did so without specific knowledge of the underlying interception and as part of their  S4' x/routine work assignments.F4Zc` {O.'ԍ  Id.F Moreover, because we determined that notations that nondesignated  xemployees might make while unknowingly effectuating electronic surveillance would not suffice for the  xpurposes of CALEA, we proposed that carriers' designated employees were required to create separate  xrecords of electronic surveillance information to effectively supervise the electronic surveillance work of  Sh'such nondesignated employees.:hc` {O 'ԍId.:  S' e 9. ` ` As a general matter, we sought comment on the nature of the information, if any, that  xtelecommunications carriers should be required to make available to law enforcement officials upon  S ' xrequest.A ~c` yO'ԍNPRM at  33.A Specifically, we requested comment on whether our rules should require telecommunications  x*carriers to create and maintain an official list of all personnel designated by the carriers to conduct lawful  S6 ' xZinterceptions.;6 c` {O'ԍId. ; We also sought comment on whether carriers should be required to designate a senior  S ' xxofficer or employee to serve as the point of contact for law enforcement officials.: c` {OC'ԍId.: Finally, we requested  xcomment on the information that should be included on this list, and whether it should contain each  xdesignated employee's name, personal identifying information such as their date and place of birth, social  Sj'security number, official title, and telephone and pager numbers.:j2 c` {O<'ԍId.:   S' e m 10. ` ` Section 229(b)(2): Maintaining Secure and Accurate Records. With regard to record  xkeeping, the NPRM proposed a rule to require that telecommunications carriers' internal policies and  xprocedures include a requirement that each employee and/or officer who knowingly conducts an  xinterception sign an affidavit containing the following information prior to each instance of participation  xgin an interception: (1) the telephone number(s) or the circuit identification number(s) involved; (2) the  xname of each employee and officer who effected the interception and possessed information concerning  xits existence, and their respective positions; (3) the start date and time of the interception; (4) the stop date  xZand time of the interception; (5) the type of interception (e.g., pen register, trap and trace, etc.); (6) a  xcopy or description of the written authorization for the employee and officer to participate in interception  x_activity; and (7) a statement that the employee or officer will not disclose information about the  S' xinterception to any person not properly authorized by statute or court order.F c` {Oj%'ԍId. at  31.F We also sought comment  x*on whether additional items should be included in each affidavit, and whether we should limit the number"V ,''"  x+of affidavits by requiring that an affidavit be prepared only by the employee responsible for the  S'interception activity.:c` {O5'ԍId.:  Sg' e  11.` ` Under section 229(b)(2), we also proposed to require carriers to keep records of all  S4' x interceptions, regardless of whether they were conducted with or without lawful authorization.A4Zc` yO.'ԍNPRM at  32.A We  xproposed that each record include the following information: (1) the telephone number(s) and circuit  xxidentification number(s) involved; (2) the start date and time of the interception; (3) the stop date and time  xof the interception; (4) the identity of the law enforcement officer presenting the authorization; (5) the  xxname of the judge or prosecuting attorney signing the authorization; (6) the type of interception (e.g., pen  xregister, trap and trace, etc.); and (7) the name(s) of all telecommunications carrier personnel involved  xIin performing, supervising, and internally authorizing, the interception and the names of those who  S' xpossessed knowledge of the interception.@c` {OY'ԍId.@ We further proposed that such records be compiled, either  S ' xcontemporaneously with each interception, or within 48 hours of the start of each interception.: |c` {O'ԍId.: We  xsought comment on the length of time each record should be retained within the custody of each  S6 ' xtelecommunications carrier,: 6 c` {O'ԍId.: and noted that 18 U.S.C.  2518(8)(a) requires law enforcement to retain  S 'intercepted communications for, at a minimum, ten years.:! c` {OC'ԍId.:  S ' e J 12.` ` Sections 229(b)(3) and 229(c): Submission of Policies and Procedures and Commission  Sj' xEReview. To establish procedures for the submission of carriers' policies and procedures to the  xCommission under section 229(b)(3), we sought comment regarding whether we should differentiate  S' xbetween small and large carriers in terms of those requirements.F"2 c` {O'ԍId. at  34.F We also sought comment on ways to  ximplement CALEA that would be consistent with congressional intent and would also reduce CALEA  S' xcompliance burdens on small carriers.A# c` yO'ԍNPRM at  35.A If the record indicated that it was in the public interest to  xminimize the burdens imposed on small incumbent local exchange carriers, we proposed defining "small  xtelecommunications carriers" for incumbent local exchange carriers (ILECs) in terms of the indexed  xrevenue threshold provided in 47 C.F.R.  32.9000, so that telecommunications carriers may determine  S' x@the indexed revenue threshold annually.:$T c` {O#'ԍId.: For carriers with annual revenues from telecommunications  x&operations exceeding that threshold, we proposed, pursuant to section 229(c)(3), to require individual  xfilings with the Commission that contain detailed statements of the policies, processes, and procedures that"l$,''5"  x7each carrier would use to comply with the requirements that are imposed by CALEA and by Commission  S'rules.:%c` {O5'ԍId.:  Sg' e r 13. ` ` We further proposed to permit any ILEC with annual operating revenues from  x7telecommunications services of less than the threshold to elect to either: (1) file a statement describing its  xsecurity policies, processes, and procedures; or (2) certify that it observes procedures consistent with our  S' xQprescribed systems security rules.:&Zc` {O'ԍId.: We stated that those ILECs that do not choose to certify compliance  xwith CALEA's requirements must submit their policies and procedures to the Commission for individual  Sh' xkreview.:'hc` {O 'ԍId.: We sought comment for alternative proposals.:(h~c` {O 'ԍId.: Additionally, we requested comment regarding  xxwhether we should use such a demarcation point for other classifications of telecommunications common  S' xZcarriers such as cable operators, competitive access providers, or CMRS providers.A)c` yO'ԍNPRM at  36.A We also sought  xcomment on whether we should adopt the same threshold or a lower dollar threshold for streamlined filing  S 'requirements for other telecommunications carriers with CALEA obligations.:* c` {O'ԍId.:  S6 ' e  14. ` ` Pursuant to 229(c), we requested comment on the date by which carriers should be  S ' x^required to file their initial procedures and certifications with the Commission.F+ 2 c` {O'ԍId. at  37.F We tentatively concluded  xthat 90 days from the effective date of the rules adopted in this proceeding should be sufficient time for  S ' xcarriers to complete and file their policies and procedures with the Commission.:, c` {O'ԍId.: We recognized that as  xtechnological advances occur, companies will merge or divest creating a continuing need for carriers to  x7update policies and procedures. Thus, we also requested comment on the time that carriers should have,  S'preceding and following a merger or divestiture, to make a new filing.:-V c` {O'ԍId.:  S' e  15. ` ` Section 229(d): Penalties. Finally, we sought comment on whether the procedures and  xpenalties for violations of Commission rules by common carriers in sections 503(b) of the  xCommunications Act and 1.8 of the Commission's rules should be applied to all entities that are subject  S' xto CALEA.:.c` {O$'ԍId.: We also requested comment on the extent to which a telecommunications carrier's duty to  x conduct only lawfully authorized interceptions extends vicarious criminal and civil liability to a carrier"z.,''"  S' xIif the carrier's employees are convicted of conducting illegal electronic interceptions.A/c` yOh'ԍNPRM at  27.A We further  xrequested comment on whether a Commission rule that requires carriers to report all illegal wiretapping  x@and compromises of the confidentiality of the interception, to the Commission and/or the affected law  x*enforcement agency or agencies, would modify or mitigate the carrier's liability under 18 U.S.C.  2511  S4'and 2520.:04Xc` {O,'ԍId.:  S'F III. DISCUSSION Đ S'\  Sh'A. The Commission's Authority to Prescribe "Necessary" Rules  S' e 16.` ` As explained above, sections 229(a) and (b) of the Communications Act authorize the  S' x'Commission to "prescribe such rules as are necessary to implement the requirements of the  S ' xtCommunications Assistance for Law Enforcement Act,"Z1 c` yO''ԍ47 U.S.C.  229(a) (emphasis added). Z including the rules to implement section 105  Sj ' xof that Act.G2j zc` yO'ԍ47 U.S.C.  229(b).G In response to the NPRM, several commenters expressed concern that the Commission's  S7 ' xkproposed regulations to implement section 105 of CALEA were unduly burdensome.R3x7 c` yO' "" ԍGTE Service Corporation (GTE) Comments at 7; Omnipoint Communications, Inc. (Omnipoint) Comments  x at 4; Bell Atlantic Mobile (BAM) Comments at 4; Sprint Spectrum L.P. (Sprint Spectrum) Comments at 1; Powertel,  x7 Inc. (Powertel) Comments at 3; AT&T Corporation and AT&T Wireless Services, Inc. (AT&T) Comments at 28;  x^ Omnipoint Reply Comments at 2; AT&T Reply Comments at 20; Motorola, Inc. (Motorola) Reply Comments at 9;  x AirTouch Communications, Inc. (AirTouch) Reply Comments at 1617; PrimeCo Personal Communications, Inc.  x (PrimeCo) Reply Comments at 7; Cellular Telecommunications Industry Association (CTIA) Reply Comments at 19; Nextel Communications, Inc. (Nextel) Reply Comments at 9.R Some commenters  xargue that section 105 regulations are not "necessary" under the language of section 229(a) because  S ' xcarriers already have sufficient policies and procedures in place.i4X J c` yO' " ԍGTE Comments at 7; BAM Comments at 34; SBC Communications (SBC) Comments at 17; Sprint  x Spectrum Comments at 1; U S West, Inc. (U S West) Reply Comments at 7; GTE Reply Comments at 7; SBC Reply Comments at 4; Telecommunications Industry Association (TIA) Reply Comments at 13. i For instance, the United States  xTelephone Association (USTA) maintains that the record does not support the necessity of creating section  Sk' x105 rules.k5kjc` yOu 'ԍUnited States Telephone Association (USTA) Comments at 5. k Likewise, BellSouth contends that the Commission's proposals for additional rules are  S8' xunwarranted because its current practices suffice to comply with section 105. 68c` yO"' " ԍBellSouth Corporation, BellSouth Telecommunications, Inc., BellSouth Cellular Corporation, BellSouth Personal Communications, Inc. and BellSouth Wireless Data, L.P. (BellSouth) Comments at 8.  BAM suggests that the  xCommission is directed under CALEA to take a measured approach to imposing new regulations and that  S' xR"[n]ew rules should . . . not be imposed unless they are shown to be clearly necessary."C7Rc` yO&'ԍBAM Comments at 4.C Law"7,''"  xenforcement, on the other hand, emphasizes the need for system security and integrity regulations to  x^ensure that internal carrier authorizations and procedures are designed to maintain the timeliness, security,  S'and accuracy of intercepts.8c` yO' " ԍUnited States Department of Justice and Federal Bureau of Investigation Joint Comments (FBI Comments) at 24.  S4' e 17. ` ` Decision. Based upon the record before us, we find that, pursuant to our statutory  xauthority, it is necessary for us to implement a very limited set of rules to assist telecommunications  xcarriers in complying with their obligations under section 105 of CALEA and sections 229(b) and (c) of  xthe Communications Act. The plain language of section 105 of CALEA and sections 229(b) and (c) of  xthe Communications Act reflects a congressional concern regarding the necessity of rules to ensure that  xcarriers have policies and procedures in place that require the affirmative intervention and knowledge of  x<their employees of any interception being effected through their switching premises, and that such  xinterception is done lawfully and carefully documented. Further, the legislative history of CALEA  xindicates that section 105 of the Act was enacted to "make clear that government agencies do not have  xMthe authority to activate remotely interceptions within the switching premises of a telecommunications  xcarrier. Nor may law enforcement enter onto a telecommunications carrier's switching office premises  xto effect an interception without the carrier's prior knowledge and consent when executing a wiretap under  xkexigent or emergency circumstances . . . All executions of court orders or authorizations requiring access  x'to the switching facilities will be made through individuals authorized and designated by the  Sj'telecommunications carrier."p9j c` yO*'ԍH. Rep. No. 103837 at 23, reprinted in 1994 U.S.C.C.A.N. 3489.p  S' e 18. ` ` While the Commission acknowledges that certain carriers currently have existing policies  xand procedures in place to secure and protect their telecommunications systems in a manner that would  xgcomply with section 105 of CALEA and sections 229(b) and (c) of the Communications Act, we find  xthat more recent entrants to the market are not as well equipped or prepared. For example, in the context  xtof arguing that administrative costs will attach to the implementation of section 105 regulations, Nextel  xgexplains that "[w]hile cellular providers and incumbent LECs may have established wiretap compliance  x*teams and processes, new entrants such as Nextel, PCS carriers and competitive LECs, have not had the  S' xopportunity to establish internal processes."r:c` {O'ԍNextel Comments at 14; see also Nextel Reply Comments at 9.r We conclude that it is precisely this void that the rules  xadopted herein are directed to fill. Accordingly, we find that it is necessary to implement a minimum set  xof requirements that all telecommunications carriers must follow to ensure compliance with section 105  xof CALEA and sections 229(b) and (c) of the Communications Act. In so doing, however, we decline  xDto adopt specific or detailed policies and procedures that telecommunications carriers must include within  xtheir internal operating practices pursuant to section 105 of CALEA or sections 229(b) or (c) of the  xCommunications Act because we agree that it is not the Commission's responsibility to "micro-manage"  S:' xtelecommunications carriers' corporate policies.M;:Bc` {O#'ԍSee BAM Comments at 3.M Rather, the rules we adopt herein serve to provide  xtelecommunications carriers with guidance for the minimum requirements necessary to achieve compliance  xwith section 105 of CALEA and sections 229(b) and (c) of the Communications Act in the least burdensome manner possible. "n;,''"Ԍ S' B. Section 229(b): Rules to Implement Section 105  S' e d19. ` ` Section 229(b) specifically directs that "[t]he rules prescribed pursuant to subsection (a)  x*shall include the rules to implement section 105 of the Communications Assistance for Law Enforcement  S4' xAct that require common carriers to" among other things, maintain appropriate policies and procedures.G<4c` yO'ԍ47 U.S.C.  229(b).G  xWe are persuaded by commenters who express concern that many of our proposals to ensure that carriers  xQestablish appropriate policies and procedures for the supervision and control of their personnel exceed the  S' xscope of CALEA's mandate and are unduly burdensome.=Xc` {O ' "l ԍSee, e.g., AT&T Comments at 3637; BAM Comments at 4; Paging Network, Inc. (PageNet) Comments at 67; USTA Comments at 12. However, we are also sensitive to the FBI's  xVcontention that specific carrier personnel policies and procedures are required because "any carrier  xactivities that threaten to compromise the security of surveillance activities could endanger lives and  S'impede prosecutions."G>c` yOT'ԍFBI Comments at 1819.G  S ' e 20. ` ` Decision. We therefore replace much of our proposed regulatory scheme with a minimum  xkset of requirements intended to allow carriers to develop their own policies and procedures that assure the  xkmaintenance of their systems security and integrity in compliance with section 105 of CALEA and section  x229(b)(1) of the Communications Act. We conclude that section 105 of CALEA, together with section  x229(b)(1) of the Communications Act, requires telecommunications carriers to establish policies and  xprocedures that ensure that any interception of communications or access to callidentifying information  xeffected within its switching premises can be activated only in accordance with lawful authorization and  xwith the affirmative intervention of an individual officer or employee of the carrier acting in accordance  S' xwith regulations prescribed by the Commission.[?Bc` yO'ԍ47 U.S.C  1004; 47 U.S.C.  229(b).[ Specifically, pursuant to section 229(b)(1) of the  xCommunications Act, carriers must ensure that the policies and procedures which they establish for the  xsupervision and control of their officers and employees: (1) require appropriate authorization to activate  x"interception of communications or access to callidentifying information and (2) prevent any such  S8' x}interception or access without such authorization.G@8c` yO'ԍ47 U.S.C.  229(b).G Finally, we affirm the tentative conclusion we  xxreached in the NPRM and we find that the regulations we prescribe herein apply to all telecommunications  S'carriers as that term is defined in section 102(8) of CALEA.MAb c` {O'ԍSee NPRM at  38. M  Sl' e 21.` ` 229(b)(1) Establish Policies for Employee Supervision and Control. The majority of  xcommenters inform us that our proposals to ensure supervision and control of   authorized employees by  xrequiring carriers (1) to designate and list specific employees and officers to assist law enforcement  S' xofficials in implementing lawful interceptions,OB c` {Og%'ԍId. at  30, 33. O (2) to include a statement in carriers' policies and" B,''"  S' xprocedures that only designated employees or officers may participate in lawful interception activities,GCc` {Oh'ԍId. at  27. G  xM(3) to permit nondesignated employees to effectuate surveillance work only when they do such work  S' xIunknowingly,;DZc` {O'ԍId. ; and (4) to have designated employees create separate records containing electronic  xsurveillance information for the purpose of guaranteeing the effective supervision of electronic surveillance  S4' xDwork performed by nondesignated employees,;E4c` {O'ԍId. ; are administratively impractical and burdensome.F4~c` yOR ' " ԍAirTouch Comments at 24; AT&T Comments at 32; BAM Comments at 7; BellSouth Comments at 11; SBC Comments at 1920; U S West Comments at 2324; GTE Reply Comments at 8. SBC  x7states that it employs several individuals to perform an interception and that this interception duty is often  S' x8only a small part of the job function of these employees.DGc` yOD'ԍSBC Comments at 19.D SBC believes that to attempt to limit  xDinterception activities to a few designated individuals "would cause undue delays in the effectuation of the  xsurveillance, since it would no longer be possible to assign various steps of the process to the most readily  S5' xyavailable employees.EH5f c` {O;'ԍId. at 1920. E Moreover, BellSouth contends that the geographic dispersion of qualified  xEemployees and the incidence of employee turnover or absence does not permit a carrier to limit  S' xwiretapping work to only select employees.nI c` {Og'ԍBellSouth Comments at 11. See also SBC Comments at 20.n Furthermore, AT&T argues that such rules are unnecessary  xbecause any employee that conducts unauthorized interceptions would be terminated and could face civil  Si ' xor criminal prosecution.bJi c` yO'ԍAT&T Comments at 32; AT&T Reply Comments at 710.b Most commenters also opposed our proposed adoption of a rule that requires  xcarriers to create and make available to law enforcement officials upon request a record of each designated  S ' xemployee's name, personal identifying information, official title, and contact numbers.pKZ c` {O' " ԍNPRM at  33. See, e.g. AT&T Comments at 36; BellSouth Comments at 13; Center for Democracy and  xp Technology (CDT) Comments at 16; CTIA Comments at 26; GTE Comments at 9; PageNet Comments at 9; Powertel, Inc. (Powertel) Comments at 4; SBC Comments at 20, 23; USTA Comments at 7.p They maintain  xthat such information is invasive to carrier personnel and may compromise the very confidentiality that  S 'CALEA and Title 18 seek to protect.-LZ <c` {Oy ' " ԍSee, e.g. AT&T Comments at 36; BellSouth Comments at 13; CDT Comments at 16; CTIA Comments at  x 26; GTE Comments at 9; Powertel Comments at 4; SBC Comments at 20; U S West Comments at 2425; GTE Reply Comments at 9. -  S7' e =22. ` ` Several commenters propose that, instead of being required to create and submit lists of  xdesignated and nondesignated employees who participate in surveillance work, carriers should only be" ^L,''"  xrequired to appoint a senior officer or employee responsible for effectuating requests for the interception  S'of communications or access to callidentifying information and that employee's contact information.vMc` yO5'ԍGTE Comments at 9; Omnipoint Comments at 6; U S West Comments at 32. v""  Sg' e z23. ` ` In contrast, the FBI supports our proposal to designate specific employees because it  S4' xbelieves this requirement will assist law enforcement authorities in conducting lawful interceptions.^N4Xc` yO,'ԍFBI Comments at 24; FBI Reply Comments at 34.^  xHowever, except in situations where it is impossible for the nondesignated employee to infer the nature  xof his assignment, the FBI does not support our proposal permitting nondesignated employees to  xeffectuate certain surveillance work because it strongly believes that, to prevent any possible compromises  xof security, only specifically designated personnel should be permitted to participate in surveillance work  S5' xin any way.aO5c` yO 'ԍFBI Comments at 2425; FBI Reply Comments at 35.a Also, while the FBI agrees that only designated personnel may create surveillance records,  xit does not believe that a separate recordkeeping function performed by designated employees would be  xsufficient to eliminate the concerns posed by the prospect of nondesignated employees conducting  S ' x<surveillance functions.^P xc` yO'ԍFBI Comments at 26; FBI Reply Comments at 38.^ The FBI supports the compilation of a confidential list of a core group of  xdesignated personnel that must be made available to law enforcement authorities upon request because it  xMbelieves that such information is important to show a clear chain of custody for the interception when  S ' xDcarrier personnel are required to testify in a criminal prosecution.JQ c` yO'ԍFBI Reply Comments at 37.J The FBI also seeks to require carriers  xto have a designated security officer and technical personnel available, either on duty or on call by pager,  S ' xD24 hours a day, seven days a week to assure that carriers respond promptly to interception orders.eR c` yO'ԍFBI Comments at 3132; FBI Reply Comments at 39, 47.e The  xFBI further recommends that, to assure the timeliness of interceptions, carriers should be required to  S7' xeffectuate an interception within 8 hours of receipt of the court order, certification, or consent.^S7( c` yO'ԍFBI Comments at 31; FBI Reply Comments at 47.^ In cases  S' x3of exigent circumstances, the FBI wants carriers to be required to respond within two hours.^T c` yO\'ԍFBI Comments at 31; FBI Reply Comments at 47.^ GTE,  xkhowever, argues that such effectuation deadlines should not be imposed, and that it is sufficient to require  xcarriers to respond in an expeditious manner consistent with the condition of the network and the needs  Sk'of customer service.JUkH c` yOS!'ԍGTE Reply Comments at 11.J  S' e 24. ` ` In addition, the FBI recommends that a carrier's policies and procedures should include  x^a background check and trustworthiness determination commensurate with the sensitivity of the activities  S' xQin which the designated employee will be engaged.aVc` yO&'ԍFBI Comments at 19; FBI Reply Comments at 3839.a The FBI maintains that such background checks are" hV,''e"  S' x3consistent with existing carrier practice to supervise personnel handling surveillance work.DWc` yOh'ԍFBI Comments at 19.D The FBI  xxfurther states that the Commission should require carriers to collect this employee information and include  x^it in individual records for all designated personnel because this information would assist law enforcement  Sg' xZauthorities when a compromise or improper disclosure occurs.:XgXc` {O_'ԍId.: CTIA disputes the necessity of such  S4' xrequirements and contends that such collection of information is intrusive to carrier personnel.EY4c` yO'ԍCTIA Comments at 26.E However,  xwe note that Omnipoint and PCIA state that the FBI should be required to conduct background checks  xcon carrier employees at the carrier's request to assist the carrier in fulfilling its duty to supervise its  S' xDpersonnel.Zzc` yO 'ԍOmnipoint Comments at 6; Personal Communications Industry Association (PCIA) Comments at 12. Moreover, the FBI contends that, as part of their policies and procedures, carriers should be  xrequired to reassign designated employees whose integrity is questioned and to compel designated carrier  S5' xpersonnel to execute nondisclosure agreements.a[5 c` yO'ԍFBI Comments at 20; FBI Reply Comments at 3637.a Besides ensuring the security of law enforcement  xgauthorities, the FBI contends that these procedures would protect carriers from liability in the event an  xunlawful disclosure occurs because the carrier would be able to demonstrate the existence of clear and  S ' xspecific policies and procedures to safeguard the security of the carrier, law enforcement, and the public.D\ c` yO'ԍFBI Comments at 20.D  x^Other commenters, however, contend that such requirements would impinge upon the carrier's discretion  S6 ' xover its own employees.e]6 * c` yO'ԍAT&T Comments at 32; BellSouth Reply Comments at 10.e We note that SBC states that it would prefer that designated employees only  xbe required to sign a nondisclosure statement, rather than having to complete an affidavit for each  S 'interception.D^ c` yO*'ԍSBC Comments at 21.D  S '  Sj' e m25. ` ` Decision. We are persuaded by commenters who state that our proposals to require  x*carriers to make a list of all designated employees and to have separate functions for designated and non xQdesignated employees are administratively impractical. Instead, we conclude that carriers, as part of their  x7policies and procedures, must appoint the senior authorized officer(s) or employee(s) whose job function  xincludes being the point of contact for law enforcement to reach on a daily, around the clock basis. We  xtherefore require carriers to include a description of the job function(s) of such points of contact and a  xmethod to enable law enforcement authorities to contact the individual(s) employed in this capacity in their  xpolicies and procedures. We decline to adopt the FBI's proposal to require carriers to maintain records  x*of each designated employee's name, personal identifying information, official title, and contact numbers.  x^We conclude that such information is invasive to carrier personnel and could even compromise a carrier's  xability to maintain a secure system by identifying the personnel charged with effectuating surveillance functions. " J ^,''"Ԍ S' e N26. ` ` Furthermore, we decline to adopt the FBI's recommendations to require carriers to conduct  x&background checks, to reassign personnel in specific situations, and to compel their personnel to sign  xnondisclosure agreements. While we do not dispute that such practices may ensure a greater level of  xinternal carrier systems security, we believe that carriers will take necessary actions to perform their duty  xto ensure lawfully authorized interceptions of communications or access to callidentifying information.  xAlso, we decline to require carriers to respond to an interception request within a specific time frame, as  S' xsuggested by the FBI.D_c` yO6'ԍFBI Comments at 31.D We conclude that such a requirement goes beyond the scope of section 105 of  xtCALEA, which addresses the security of intercepts not their implementation. However, we encourage  xcarriers to respond promptly and comply with any other relevant statutes concerning their duty to assist  xlaw enforcement authorities to perform an interception of communications or access to callidentifying information.  S ' e 27.  ` ` 229(b)(1)(A) Appropriate Authorization. As we explained above, section 229(b)(1)(A)  xstates that common carriers must establish appropriate personnel supervision and control policies and  xprocedures "to require appropriate authorization to activate interception of communications or access to  S ' xcallidentifying information(.)"M` Xc` yO'ԍ47 U.S.C.  229(b)(1)(A).M Commenters generally agree with our tentative conclusions that section  xg105 of CALEA imposes a duty upon each carrier to ensure that only lawful interceptions will occur on  S ' xkits premises and that only assigned carrier personnel will perform authorized interceptions.2aX c` yO%' "} ԍNPRM at  26. Ameritech Operating Companies and Ameritech Mobile Communications, Inc. (Ameritech)  x Comments at 4; FBI Comments at 18; Sprint Spectrum Comments at 3; AT&T Reply Comments at 21; BellSouth Reply Comments at 4.2 Commenters  xalso do not dispute our finding that the provisions of section 229 of the Communications Act implement  S7' xQthe requirements of section 105 of CALEA.b7c` yO'ԍNPRM at  25. Ameritech Comments at 4; AT&T Comments at 28, 32; Sprint Spectrum Comments at 3. Furthermore, commenters support our tentative conclusion  xthat the requirement in section 105 of CALEA that law enforcement present to a carrier appropriate legal  xauthorization to conduct an interception of communications or access to callidentifying information  S'encompasses the provisions of section 2518 of Title 18 of the United States Code.scXc` yO' " ԍNPRM at  29. 18 U.S.C  2518. Section 2518 concerns the procedure that law enforcement must follow  xo to obtain a lawful authorization when seeking to conduct the interception of wire, oral, or electronic communications. FBI Comments at 15; PageNet Comments at 8; SBC Comments at 15.s  S8' e =28.` ` Although some commenters maintain that the term "appropriate authorization" in section  x229(b)(1)(A) refers only to the authorization that law enforcement authorities must obtain to conduct an  S' xinterception,d c` yO*"' "l ԍ360 Communications Company (360) Comments at 2; Ameritech Comments at 3; AT&T Comments at 30; CTIA Comments at 27; SBC Comments at 9. the FBI and Teleport agree with our tentative conclusion that such language also refers to  S' xthe authorization that a carrier's employee needs from the carrier to engage in the interception activity.ec` yOO%'ԍNPRM at  25. FBI Comments at 16; Teleport Communications Group, Inc. (Teleport) Comments at 2.  x In opposing the latter interpretation of "appropriate authorization," CDT and AT&T point to CALEA's"l e,''"  xlegislative history and argue that CALEA was not intended to require any generalized changes in carrier  S'practices with respect to operational security of interceptions._fc` yO5'ԍCDT Comments at 15; AT&T Reply Comments at 21._  Sg' e W29.` ` Commenters also differ on the standard of scrutiny a carrier must apply in exercising its  xduty to ensure appropriate authorization of any interception of communications or access to callidentifying  xinformation. The FBI recommends that, to protect public safety, "the Commission should specify that the  x duty of the carrier upon receipt of a facially valid court order or statutorilybased authorization for an  x4intercept extends only to the prompt and good faith implementation of such court orders or  Sh' x authorizations."^ghXc` yO` 'ԍFBI Comments at 17; FBI Reply Comments at 31.^ The FBI further states that, to ensure that an interception is conducted in a timely,  xsecure, and accurate manner, a carrier's review of a court order or certificate of authorization should be  xQlimited to whether the document is valid on its face, i.e., whether it is what it purports to be, and whether  S' xthe interception can technically be implemented.Dhc` yOW'ԍFBI Comments at 17.D The FBI argues that carriers are not vested with the  xauthority to review the underlying validity and basis for a court order, or authorization in the case of  Si ' xexigent circumstances.kii xc` yO'ԍFBI Comments at 16, 2223; FBI Reply Comments at 30.k The FBI, thus, contends that the Commission should not adopt a rule that  xcarriers include in their internal policies and procedures provisions that would separately define the legal  xauthorizations required for carriers to implement an interception because carrier maintenance of such  x@detailed criteria "could erroneously suggest to carrier personnel that they are entitled to substitute their  S ' xreview for that of a judge" when presented with a facially valid order.Fj c` yOE' "/ ԍFBI Comments at 22; FBI Reply Comments at 31. The FBI states that anecdotal reports exist of instances  x! where carriers have not cooperated with law enforcement authorities even after being presented with a facially valid  x7 order because the carrier "did not recognize" a judge's signature or the description of the requested interception  xI service did not precisely match the carrier's official name for that service. FBI Comments at 16; FBI Reply Comments at 30. F In addition, the FBI informs us  xthat the proper basis to determine appropriate authorization should not be limited to 18 U.S.C.  2518  S7' xbecause additional provisions are contained in federal trap and trace statutes,Rk7 c` {O'ԍ18 U.S.C.  3121 et seq.R collateral state statutes,l7J c` {O!'ԍSee, e.g., D.C. Code Ann.  23541 et seq. (1981); 18 Pa. Const. Stat. Ann.  5701 et seq. (1983).  S'and the Foreign Intelligence Surveillance Act (FISA).gmc` {O 'ԍ50 U.S.C.  1801 et seq. FBI Comments at 23.g pp  S' e ~30. ` ` Other commenters, however, state that such a limitation on the carrier's duty in ensuring  xthat an interception is lawful would constitute a standard of scrutiny less than that required by 18 U.S.C.  S8' x3 2520(d) and the legislative history of the Electronic Communications Privacy Act of 1986.in8nc` yOF%'ԍAT&T Reply Comments at 1517; CTIA Reply Comments at 21.i Citing  xto legislative history, CTIA contends that Congress "settled this dispute long ago when it said that a carrier"n,''"  xQwould be acting in bad faith if it failed to "read the order" or if it "acted beyond the scope of a court order  S' xor certification."yoc` {O5'ԍCTIA Reply Comments at 21 (citing to S. Rep. No. 99541 at 2627.)y AT&T states that the Commission should recognize that CALEA specifically requires  x3carriers to protect the privacy of communications not authorized to be intercepted because "Congress  xtintended carriers to do more than blindly implement a surveillance order presented by law enforcement  S4' xagencies."SpZ4Zc` yO.' "h ԍAT&T Reply Comments at 1617. AT&T states that if is not uncommon for it to receive a wireless  xt surveillance order than contains a subscriber name that does not match the electronic serial number or mobile  {O'identification number. Id.S AT&T also expresses concern that failure to perform this duty might result in carrier liability  S' xfor violating customers' privacy rights.Kq|c` yO 'ԍAT&T Reply Comments at 18.K In response to the FBI's concerns regarding a possible lack of  xcooperation from carriers, AT&T notes that 18 U.S.C.  2518(8)(c) grants law enforcement authorities  S'the ability to compel carrier compliance with a court order.br c` yOG'ԍ18 U.S.C. 2518(8)(c). AT&T Reply Comments at 15.b   S5' e 31. ` ` Commenters are also divided in regard to our proposal to require carriers to list the exigent  x^circumstances that appear in 18 U.S.C.  2518(7) in their policies and procedures. The FBI recommends  x7that carriers should not incorporate a list of exigent circumstances in their policies and proposals because  xa carrier that is presented with certification of emergency circumstances is dutybound to implement the  xinterception effort and has no right to attempt to discern the factual or legal basis of the statutory  S6 ' xemergency.Ds6 c` yOr'ԍFBI Comments at 23.D The FBI further states that such a list should not be incorporated because emergency  xgauthority and varying exigent circumstances are found in a number of statutes, including 18 U.S.C.   x82518(7), 3125, and 50 U.S.C.  1805(e). In addition, Omnipoint states that this requirement is  xunnecessary because carriers' compliance obligations under Title 18 already require the carrier's authorized  Sj' xofficer or employee to be apprised of the provisions of this statute.tj, c` yO6' " ԍOmnipoint Comments at 5. Omnipoint states that all the requirements that carriers must follow are found  {O'in 18 U.S.C.  2511(2)(ii)(B).  Id. Omnipoint also contends that the  S7' xinclusion of this list would only serve to confuse engineers and nonlawyer personnel.@u7 c` {O]'ԍId. at 5.@ Nevertheless,  xsome carriers support the inclusion of a list of exigent circumstances in the carrier's policies and  xprocedures to assist carrier personnel in performing their duty to ensure only lawfully authorized  S' xDinterception of communications or access to callidentifying information.uvc` yOV!'ԍBellSouth Comments at 12; GTE Comments at 7; Powertel Comments at 6.u We note, however, that GTE  Sk'does not support a requirement to maintain an updated list of exigent circumstances.Cwkc` yO#'ԍGTE Comments at 7.C  S' e J32. ` ` Decision. We find the explicit language of section 105 of CALEA and section 229(b) of  xthe Communications Act to be dispositive of the issue of whether the reference in section 229 to"8w,''"  x"appropriate authorization" refers to the authorization that a carrier's employee needs from the carrier to  S' xengage in the interception activity.[xc` yO5'ԍ47 U.S.C  1004; 47 U.S.C.  229(b).[ Section 105 of CALEA states that a carrier must ensure that an  xZinterception be conducted with the "affirmative intervention of an individual officer or employee of the  Sg' xZcarrier acting in accordance with regulations prescribed by the Commission."DygXc` yO_'ԍ47 U.S.C  1004.D Section 229(b) of the  xCommunications Act states that the Commission shall include rules to implement section 105 that require  xcommon carriers "to establish appropriate policies and procedures for the supervision and control of its  S' xofficers and employees."Gzc` yOV 'ԍ47 U.S.C.  229(b).G We therefore conclude that the manifest language of these statutory provisions  xkdemonstrates Congress's concern that carriers supervise the conduct of their personnel to ensure that any interception of communications or access to callidentifying information is lawfully conducted.  S' e  33.` ` Therefore, based on the explicit language of section 105 of CALEA and section 229(b)  xof the Communications Act, we conclude that "appropriate authorization" refers to both the legal  xZauthorization that law enforcement must present to a carrier in the form of an order, warrant, or other  xauthorization issued by a judge or magistrate pursuant to federal or state statutory authority ("appropriate  xlegal authorization") and the authorization a carrier's employee must receive from the carrier to assist law  xenforcement ("appropriate carrier authorization") to engage in the interception of communication or the  S ' xaccess to callidentifying information.[{ xc` yO'ԍ47 U.S.C  1004; 47 U.S.C.  229(b).[ We further conclude that a carrier satisfies this requirement in  xsection 229(b)(1)(A) for requiring appropriate authorization when a carrier employee implements the  xinterception of communications or access to callidentifying information only after receiving appropriate  xlegal authorization, and such implementation is in accordance with appropriate carrier authorization. We  x+require that all telecommunications carriers use this comprehensive interpretation of the phrase  x"appropriate authorization" in their CALEA policies and procedures. In addition, we find that the  xlanguage in section 229(b)(1)(A) of the Communications Act requiring "appropriate authorization to  x/activate interception of communications or access to callidentifying information[;]" subsumes the  xrequirement in section 105 of CALEA that any interception of callidentifying information can be  S' xactivated only in accordance with appropriate legal authorization.[|c` yO'ԍ47 U.S.C  1004; 47 U.S.C.  229(b).[ We thus conclude that the use of the  xterm "lawful authorization" in section 105 of CALEA is encompassed by the term "appropriate  S' xauthorization" in section 229(b)(1).[}c` yO'ԍ47 U.S.C  1004; 47 U.S.C.  229(b).[ Therefore, we require carriers to state in their internal policies and  xDprocedures that carrier personnel must receive both appropriate legal authorization and appropriate carrier  xauthorization before taking any action to affirmatively implement the interception of communications or"9( },''"  S' xaccess to callidentifying information.~c` yOh' " ԍWe note that we modify the rule we proposed in the NPRM to respond to commenters' concerns that it  {O0' x7 appeared ambiguous and overly broad. See NPRM at  29 and App. A,  64.1703. See also AT&T Comments at  {O' x 2930. But see BellSouth Comments at 10. The rule we adopt states that "carrier personnel must receive appropriate  x& legal authorization and appropriate carrier authorization before enabling law enforcement officials and carrier  {O' x personnel to implement the interception of communications or access to callidentifying information." Infra, App. A,  64.2103(d).  We note that most carriers support this requirement as part of  S'their policies and procedures.JFc` yO'ԍBellSouth Comments at 10.J ` `  Sg' e !34. ` ` Additionally, we conclude that in order to satisfy sections 105 and 229, a carrier must,  xupon receipt of a proffered authorization by law enforcement, determine if such authorization is what it  S' xpurports to be, and whether it can be implemented technically, including that the authorization is  xsufficiently and accurately detailed to enable the carrier to comply with its terms. We agree with those  xcommenters that contend that sections 105 and 229 require a carrier to review the court order/certification  xZin order to act within its stated scope. We agree with the FBI that neither section 105 nor section 229  S5' xQvest carriers with the authority to conduct a de novo review of the validity of any court order, warrant or  S' x+other lawful authorization prior to initiating an interception request.Oc` yOy'ԍAmeritech Reply Comments at 4.O We further note that our  xdetermination under sections 105 and 229 with regard to the level of scrutiny applicable to a carrier's  xreview of a court order or certification is in no way intended to alter or replace any standard or level of  xcscrutiny imposed under any other state or federal statute (e.g., 18 U.S.C.  2520(d), the Electronic  xVCommunication Privacy Act of 1986) or applicable to any claim for civil liability. Accordingly, we  xrequire that, as part of their policies and procedures, carriers should also comply with appropriate  xauthorization requirements contained in any other relevant state or federal statute (i.e., 18 U.S.C.  2518,  S ' xfederal trap and trace statutes,R f c` {O'ԍ18 U.S.C.  3121 et seq.R collateral state statutes, FISA) when reviewing an authorization.R c` {O6'ԍ50 U.S.C.  1801 et seq.R To  x"achieve this compliance, we require that carriers ensure that their senior officer(s) or employee(s)  xresponsible for affirmatively intervening to activate the interception of communications or access to call xidentifying information is fully apprised of any additional relevant federal and state statutory provisions.  Sl' e "35. ` ` Finally, we depart from our proposal to require carriers to include, in their policies and  xprocedures, a current list of the exigent circumstances that appear in 18 U.S.C.  2518(7) and other  xcollateral state statutes. We believe that this requirement is unnecessary because carriers are already  S' xrequired to be fully apprised of the standard outlined in 18 U.S.C.  2518(7) and to be able to apply it.` c` {O"'ԍSee 18 U.S.C.  2511(2)(ii)(B). `  xUnder these circumstances, incorporating the text of the statute into their policies and procedures is unduly  xburdensome and serves little purpose. Because we are aware that these statutory designations of exigent  xcircumstances may change in the future, we direct the carrier to ensure that its appointed senior officer(s)":,''"  xor employee(s) is fully apprised of the different applicable exigent circumstances as part of their job description.  Sg' e #36. ` ` 229(b)(1)(B) Prevention of Unauthorized Interception or Access. The FBI supports our  xsuggestion to require carriers to report to law enforcement authorities and the Commission any security  xcompromises because of the potential threat to the safety of witnesses, undercover agents, and intercept  S' xsubjects that a compromise could represent.pc` yO6'ԍNPRM at  27. FBI Comments at 21; FBI Reply Comments at 44.p Specifically, the FBI recommends that carriers should be  xrequired to report security compromises to the affected law enforcement agencies within two hours and  Sh' xxto the Commission every two years.NZhXc` yO` ' " ԍFBI Comments at 21; FBI Reply Comments at 44. The FBI states that the filing of reports of security  x* breaches will enable the Commission to exercise more effectively its continuing jurisdiction over CALEArelated  {O 'matters.  Id. N The FBI further recommends that the Commission should develop  xa standard for determining what preventive measures would be reasonably required by carriers to ensure  S' xthat compromised interceptions do not go undiscovered or unreported.Dzc` yO'ԍFBI Comments at 21.D Commenters generally oppose  x3a requirement to report incidents of compromises and illegal electronic surveillance immediately to the  S ' xCommission. c` yOF'ԍAmeritech Comments at 5; AT&T Comments at 34; BAM Comments at 4; BellSouth Comments at 10. Although commenters generally support requiring carriers to report incidents of  xcompromises and illegal electronic surveillance to the affected law enforcement agency, they oppose being  S6 ' xZrequired to do so within two hours.6 c` yOp'ԍAmeritech Comments at 5; SBC Comments at 1314; BellSouth Reply Comments at 9. BellSouth argues that the FBI has not justified the imposition of  x^this time limit and the Commission should not "attempt to establish a onesizefitsall standard determining  xDwhat preventive measures would reasonably be required to ensure that compromised intercepts do not go  S ' xundiscovered or unreported.P * c` yOg'ԍBellSouth Reply Comments at 10.P The commenters further state that they already have such reporting  xZprocedures in place in the event a lawful electronic surveillance is compromised or an illegal electronic  S7' xsurveillance is conducted.a7 c` yO'ԍAmeritech Comments at 5; SBC Comments at 1314.a Moreover, GTE and NTCA oppose a requirement to report a breach of  xsecurity to both the Commission and law enforcement authorities because they contend that such reporting  x*is burdensome and could expose carriers to penalties and damages under sections 2511 and 2520 of Title  S'18.J c` yO 'ԍGTE Comments at 67; National Telephone Cooperative Association (NTCA) Comments at 3.  S8' e q$37.` ` In addition, CDT contends that, consistent with Congress's desire to ensure that CALEA  xcompliance measures adopted within carrier switches will not result in increasing system vulnerability to  x^unauthorized interception, the Commission should assure that carriers have appropriate computer security  S' xplans in place.Cc` yO&'ԍCDT Comments at 7.C CDT thus recommends that carriers' policies and procedures include authentication"j,''X"  xVprocedures, audit trails, intrusion detection measures, and other standard components of computer  S' xsecurity.@c` {O5'ԍId. at 8.@ CDT argues that these measures would be more helpful in assuring carrier systems security,  S'rather than the employee supervision and recordkeeping proposals.:Zc` {O'ԍId.:  S4' e %38. ` ` Decision. We conclude that, pursuant to duties imposed by 18 U.S.C.  2518 and as part  xof their policies and procedures, telecommunications carriers must report all acts of unauthorized electronic  xsurveillance that occurred on the telecommunications carriers' premises and any compromises of the  xcarrier's system security and integrity procedures that involve the execution of electronic surveillance to  xthe appropriate law enforcement agency. We, however, decline to impose a specific time frame within  xwhich a carrier must report a security breach. Instead, we require carriers to report such breaches within  xQa reasonable period of time and in compliance with any other relevant statutes. We also decline to require  xcarriers to report to the Commission incidents of illegal electronic interceptions and compromises of the  S ' xconfidentiality of a lawful interception.C c` yO('ԍNPRM at  27. C We believe that law enforcement agencies are better suited to  x*respond timely and appropriately to such information. However, as discussed more fully below, we note  xthat carriers must maintain accurate records of any unauthorized interceptions or access to callidentifying  xinformation as part of their section 229(b)(2) responsibilities. Furthermore, we agree with CDT that  xauthentication procedures, audit trails, and other intrusion detection measures would also assist carriers  xin performing its duty to prevent unauthorized interceptions and access. However, we decline to require  xcarriers to implement these measures at this time because we believe that each carrier should be allowed  xto independently determine the extent of its security needs to comply with the rules we prescribe herein.  xAs discussed more fully below, carriers that violate the rules we prescribe to implement section 105 of  S'CALEA will be subject to the penalties of section 229(d).  Sk' C. Section 229(b)(2) Maintaining Secure and Accurate Records  S' a. Recordkeeping of Interceptions  S' e &39.` ` Section 229(b)(2) of the Communications Act requires carriers to maintain secure and  xaccurate records of any interception of communications or access to callidentifying information made with  S9' xor without appropriate authorization.L9|c` yOU'ԍ47 U.S.C.  229(b)(2). L As noted above, the Commission proposed dual record keeping  xrequirements for carriers to follow, including the execution of an affidavit by each employee of a carrier  xengaged in an interception activity as well as the maintenance of a separate record for every interception  xwhich included the following checklist of information: (1) the telephone number(s) and circuit  xidentification numbers involved; (2) the start date and time of the interception; (3) the stop date and time  xMof the interception; (4) the identity of the law enforcement officer presenting the authorization; (5) the  S' xname of the judge or prosecuting attorney signing the authorization; (6) the type of interconnection (e.g.,  x<pen register, trap and trace, Title III, FISA); and (7) the name(s) of all telecommunications carrier" ,''"  xpersonnel involved in performing, supervising, and internally authorizing the interception, and all names  S'of those who possessed knowledge of the interception.Ac` yO5'ԍNPRM at  32.A  Sg' e '40.` ` Commenters oppose the Commission's proposed affidavit requirement. BAM argues that  x7this proposal is burdensome and that the NPRM fails to explain how requiring such an affidavit will allow  S' x<a carrier to achieve any CALEA objective.CXc` yO'ԍBAM Comments at 7.C Many carriers echo this view and generally reject the  xrequirement of an affidavit on the grounds that the record does not support such an unnecessary,  S' xgimpractical, inefficient, and redundant requirement.yXc` yO# ' " ԍUSTA Comments at 6; AT&T Comments at 33; Omnipoint Comments at 5; BellSouth Response to Initial  yO ' xZ Regulatory Flexibility Analysis (BellSouth IRFA Response) at 3; BellSouth Comments at 12; U S West Reply Comments at 14; PrimeCo Reply Comments at 8; USTA Reply Comments at 1011. y GTE adds that, not only does the requirement of  x&an affidavit do nothing to enhance the ability of a carrier to meet its CALEA obligations, it "introduces  xDa meaningless exercise which adds additional costs and, more importantly, time to the process when time  S' x*may be very scarce."Cc` yO'ԍGTE Comments at 8.C In fact, based on the majority of such comments, even the FBI concedes that "a  xless stringent means than an affidavit would suffice to show the validity of the implementation of an  S 'electronic surveillance."J c` yO'ԍFBI Reply Comments at 42.J  S6 ' e (41. ` ` Commenters find the proposal to maintain a separate checklist record for every  x@interception far less objectionable. Several carriers explain that they currently maintain records which  S ' x incorporate much of the checklist information that the Commission is proposing for inclusion." ( c` yO' " ԍGTE Comments at 8; Ameritech Comments at 6; SBC Communications Comments at 22; Omnipoint Reply  {O`' x Comments at 2; AirTouch Reply Comments at 17; but see AirTouch Reply Comments at 17 n. 52 ("AirTouch cannot  x7 agree with the Commission's conclusion that the current rule proposals would allow carriers 'to use their existing practices to the maximum extent possible.'") For  xinstance, GTE notes that, like many other carriers, it chooses to maintain the type of information suggested  xyin the checklist record because such information is "logistically" necessary to manage the actual  S7' xpintercept.C7c` yO'ԍGTE Comments at 8.C Except for recording the time during which the intercept is initiated and/or terminated,  S' xDAmeritech also maintains this type of records.Ic` yOF!'ԍAmeritech Comments at 6.I Moreover, Ameritech recommends that carriers' records  S' x/should include copies of the legal authorization they receive from law enforcement.;2c` {O#'ԍId. ; SBC agrees,  x@explaining that its existing records for interceptions include the court order or other legal authorization  Sk' xtand one or two routine work order documents.Dkc` yO&'ԍSBC Comments at 22.D Ameritech and SBC note, however, that they do not"kT,''%"  xcurrently keep records on the start and stop date and times for interceptions because, in most instances,  xthey merely open the circuit for law enforcement and have no way of knowing when law enforcement  S'begins or ends the actual interception.]c` yO'ԍSBC Comments at 22; Ameritech Comments at 6.]  S4' e )42. ` ` Focusing on public safety and evidentiary concerns, the FBI endorses the requirement for  S' xcarriers to maintain a separate checklist record for every interception.JXc` yO'ԍFBI Reply Comments at 39.J The FBI contends that "carriers  xDshould be required to maintain separate records of each electronic surveillance activity, and those records  x(including FISArelated materials) should be maintained in a separate and secure storage area, access to  Sh' xwhich should be limited to a small number of designated carrier personnel."Ahc` {O 'ԍId. at 40.A In addition to the  x&information that the Commission proposed for inclusion in the checklist record, the FBI suggests that  x3carriers should add the name of the issuing court in the case of a court order because doing so would  S'assist both carriers and law enforcement in retrieving information.Jzc` yO'ԍFBI Reply Comments at 40.J  Si ' e *43. ` ` Other carriers disagree with the Commission's checklist proposal and consider it to be  x&overly burdensome. AT&T believes such a checklist exceeds any record a carrier might maintain for  S ' x3business purposes.F c` yO'ԍAT&T Comments at 34. F BellSouth and AirTouch argue that CALEA does not require the maintenance of  S ' xsuch detailed records.g c` yO 'ԍBellSouth IRFA Response at 3; AirTouch Comments at 22.g While Omnipoint notes that it already keeps much of the records proposed by  xVthe Commission, it suggests that we should allow a single sworn statement which does not require  xxnotarization by the employee or officer responsible for the interception activity to satisfy a carrier's record  S7' xkeeping obligations.I7* c` yO'ԍOmnipoint Comments at 5.I The FBI, in large part, agrees with this suggestion and notes that "a single  xcertification executed by the security officer in charge, that captures the relevant factual information  S' x3required by law enforcement would be appropriate and consistent with CALEA."J c` yO+'ԍFBI Reply Comments at 42.J Nevertheless, like  xcommenters above, the FBI also suggests deleting from the proposed checklist the requirement for each  xrecord to include information regarding when an interception terminates, because such information is often  S8'outside of the knowledge of the carriers' personnel.;8J c` {O""'ԍId. ;  S' e =+44. ` ` Decision. In light of the comments we received, we decline to adopt our proposed rules  xto require both an affidavit and a separate record of all interception of communications or access to call x3identifying information. We are persuaded by commenters that our dual record keeping proposals are  x^duplicative and overly burdensome. Accordingly, we find that in order to comply with section 229(b)(2),"9,''"  xDcarriers must maintain a secure and accurate record of each interception of communications or access to  xcallidentifying information, made with or without appropriate authorization, in the form of single  x@certification. We require that this certification must include, at a minimum, the following information:  x(1) the telephone number(s) and/or circuit identification numbers involved; (2) the start date and time of  xQthe opening of the circuit for law enforcement; (3) the identity of the law enforcement officer presenting  x7the authorization; (4) the name of the judge or prosecuting attorney signing the authorization; (5) the type  S' xof interception of communications or access to callidentifying information (e.g., pen register, trap and  xQtrace, Title III, FISA); and (6) the name of the telecommunications carriers' personnel who is responsible  x&for overseeing the interception of communication or access to callidentifying information and who is  xacting in accordance with the carriers' policies established under section 229(b)(1). This record shall be  xsigned by the individual who is responsible for overseeing the interception of communication or access  xto callidentifying information and who is acting in accordance with the carriers' policies established under  x<section 229(b)(1). This individual will, by his/her signature, certify that the record is complete and  xaccurate. This certification must be compiled either contemporaneously with, or within a reasonable  xperiod of time after the initiation of the interception of the communications or access to callidentifying information.  S ' e ,45. ` ` Having reached the determination to require only a single certification, we nonetheless  xagree with AirTouch that it is possible that much of this required checklist information can generally be  xfound in the appropriate legal authorization served upon a carrier. Thus, a carrier may satisfy its record  xkeeping obligation by requiring the individual who is responsible for overseeing the interception of  xcommunications or access to callidentifying information, and who is acting in accordance with the  xcarriers' policies established under section 229(b)(1), to sign the certification and append the appropriate  xlegal authorization as well as any extensions that have been granted. This combined record must at a  xMminimum, include all of the information in the aboveadopted checklist. Moreover, we conclude that it  xis the carriers' responsibility to ensure that its records are complete and accurate. We emphasize that a violation of this rule is subject to the penalties of section 229(d), discussed more fully below.  Sm' e -46. ` ` We note that we have declined to include information regarding the termination time of  x}an interception as part of our required checklist because we are persuaded by commenters that this  xMinformation is likely to fall outside of the knowledge of a carrier's personnel. This does not, however,  xtrelieve carriers of their duty to carefully follow the termination time parameters of the appropriate legal  x&authorization. We have also modified our NPRM checklist proposal from including the name(s) of all  xtelecommunications carrier personnel involved in performing, supervising, and internally authorizing the  xDinterception, and all names of those who possessed knowledge of the interception to the less burdensome  xZrequirement of a single name and signature because we agree with AirTouch that our original proposal  x@would cause additional work and would likely result in a repetitive list of the same employees for each  S' xinterception.Oc` yO 'ԍAirTouch Comments at 23.O Instead, we believe that carriers may meet their record keeping obligation by identifying  x&the individual responsible for overseeing the interception and by having that individual certify, by their  xsignature, that the record is accurate and complies with the carriers' policies and procedures established under section 229(b)(1).  S!' e .47. ` ` We also decline to adopt our proposal to have carriers compile this record within 48 hours  xof the start of each interception. Instead, we believe that by requiring that each certification be compiled  x*either contemporaneously with or within a reasonable period of time after the initiation of the interception  xof the communication or access to callidentifying information, carriers have the flexibility they need to" $X,''$"  xestablish their own reasonable practices and procedures for record keeping compliance. In reaching this  x@decision, we rely on comments which express concern that carriers' paperwork burden should not be  S' xpermitted to impede the timeliness with which intercept requests are implemented."Xc` yO' " ԍFBI Comments at 28; GTE Comments at 8; GTE Reply Comments at 8; USTA Reply Comments at 9;  x U S West Reply Comments at 8 (stating that the Commission should not add another layer of bureaucratic requirements)." Given that we have  xgreatly reduced carriers' record keeping obligations to a minimum amount of required information, much  xof which they contend they already maintain, we believe that carriers will be able to compile their certifications either contemporaneously with each intercept or within a reasonable amount of time.  S' e /48.` ` Additionally, we are not persuaded by the FBI's recommendation that we should adopt  x3a regulation for telecommunications carriers to provide law enforcement officials with the originals or  x^certified copies of carriers' record for each electronic surveillance by no later than five days following the  S' xDconclusion of an intercept.Jc` yO 'ԍFBI Reply Comments at 41.J We find that the imposition of such a requirement would be duplicative and  xunduly burdensome. BellSouth explains, however, that such records "can, of course, be provide to law  S ' xenforcement upon a reasonable request and pursuant to appropriate legal authority."J xc` yO'ԍBellSouth Comments at 12.J Accordingly, where  xlaw enforcement officials require the records maintained by telecommunications carriers for evidentiary purposes, they can follow the appropriate discovery procedures to obtain those records.  S ' b. Record Retention Period  Sj' e 049. ` ` As mentioned above, the NPRM sought comment on the length of time carriers should  S7' xretain interception records.A7c` yO'ԍNPRM at  32.A We noted that 18 U.S.C.  2518(8)(a) requires a ten year retention by law  S' xenforcement authorities of intercepted communications.;c` {O<'ԍId. ; Commenters, including the FBI, generally state  xthat a tenyear record retention requirement is unnecessary and duplicative of the retention rule presently  S' ximposed on law enforcement.* c` yOh' " ԍAirTouch Comments at 24; Ameritech Comments at 6 n.5; BAM Comments at 7; U S West Comments at 31; FBI Reply Comments at 4041; U S West Reply Comments at 1415. Commenters also argue that a tenyear record retention period is expensive  Sk' xto implement.ak c` yO 'ԍAmeritech Comments at 6 n.5; GTE Comments at 8. a U S West argues that carriers should be allowed to determine their own retention period  S8' xpbased on industry custom and practice.k8c` yO"'ԍU S West Comments at 31; U S West Reply Comments at 1415.k AirTouch recommends a three year retention period and  xexplains that it follows this timeframe because there is a two year statute of limitations for civil suits  S' x*against carriers.Ic` yO&'ԍAirTouch Comments at 24.I Sprint Spectrum proposes a fiveyear record retention period, stating that such a time"2,''"  S' xframe is consistent with record keeping requirements that carriers already have in place.1c` yOh' " ԍSprint Spectrum Comments at 2. Sprint Spectrum notes that the Department of Labor requires a record  {O0'retention period of five years and that financial records are typically retained between three and seven years. Id. 1 GTE  S'discourages record retention requirements beyond "reasonable limits."C"c` yO'ԍGTE Comments at 8.C  Sg' e 150.  ` ` Decision. The plain language of section 229(b)(2) requires carriers to maintain secure  xand accurate records of any interception of communications or access to callidentifying information. It  S' xdoes not, however, provide any direction regarding how long carriers should retain such records.Jc` yOS 'ԍ47 U.S.C.  229(b)(2).J In  xestablishing a retention period, we are sensitive to commenters' concerns about the cost of retaining  xrecords and agree that records should be retained only as long as reasonably necessary to comply with  xsection 229(b)(2). We therefore adopt a two tier record retention requirement. First, we conclude that,  xDin compliance with section 229(b)(2), carriers should maintain records of callidentifying information and  xunauthorized interceptions for ten years. We choose a tenyear retention period to maintain consistency  S' xwith the retention period for content information in 18 U.S.C.  2518(8)(a). Bc` yO' " ԍ18 U.S.C. 2518(8)(a) requires the "contents of any wire, oral or electronic communication intercepted by  x7 any means authorized by this chapter shall, if possible, be recorded on tape or wire or other comparable device. .  xx . . [The recordings] shall not be destroyed except upon an order of the issuing or denying judge and in any event shall be kept for ten years." We believe this  xrequirement is necessary because the record retention obligation imposed under 18 U.S.C.  2518(8)(a)  Si ' xgis limited to the content of an authorized interception.Ki * c` yO3'ԍ18 U.S.C.  2518(8)(a).K Neither section 2518(8)(a) nor the federal trap  S6 ' xDand trace statuteZ6 c` {O'ԍ18 U.S.C.  3121 et seq. Z provide for the retention of records of callidentifying information. Moreover, section  S ' x2518(8)(a) does not encompass the retention of records of unauthorized interceptions.Y L c` yO'ԍ18 U.S.C.  2518(8)(a).  Y Thus, in order  xIto ensure that records of callidentifying information and unauthorized interceptions are maintained  xsecurely and accurately, we will require carriers to maintain records of callidentifying information and  xunauthorized interceptions (including the content of the unauthorized interception) for ten years. We do  xnot believe a tenyear record retention requirement for callidentifying information will be unduly  xQburdensome on carriers because the quantity of callidentifying information required to be collected under  xta court order is likely to be substantially less than the full content of a communication. Moreover, we  xanticipate that carriers' policies and procedures will ensure that a carrier will not experience the occurrence  x<of unauthorized interceptions at a frequency that would make the retention of these records overly burdensome.  S' e 251.` ` With regard to the second tier, we decline to set a specific time period for maintaining  xrecords relating to the content of an authorized interception. Given the record retention requirement  ximposed on law enforcement under 18 U.S.C.  2518(8)(a), we find that imposing a duplicative ten year  xrecord retention requirement is unnecessary. Instead, we will require carriers to maintain secure and"9,''"  xaccurate records of the content of each authorized interception of communications for a period of time  xdetermined by them in accordance with the policies and procedures that they establish under section  x229(b)(1) of the Communications Act and applicable state and federal statutes of limitation. As part of  xthe policies and procedures that are submitted to the Commission for review, carriers must include a  xdetailed description of how long they will maintain their records of intercept content. Further, the time  xpperiod that carriers choose for their individual record retention must have a reasonable justification.  xMoreover, pursuant to our authority under section 229(c) of the Communications Act, we will modify any  S'carrier's policy or procedure that we determine does not comply with our regulations.Hc` yO'ԍ47 U.S.C. 229(c). H  S5' D. Sections 229(b)(3) and 229(c): Submission and Review of Policies and Procedures  S' e 352. ` ` Section 229(b)(3) requires common carriers to submit to the Commission the policies and  S ' xprocedures adopted to comply with the requirements established under sections 229(b)(1) and (b)(2).J Xc` yO 'ԍ47 U.S.C.  229(b)(3).J  xgSection 229(c) states that the Commission shall review those policies and procedures and shall order a  xcommon carrier to modify any such policy or procedure that the Commission determines does not comply  S ' xgwith its regulations.G c` yO'ԍ47 U.S.C.  229(c).G The Commission shall also conduct such investigations as may be necessary to  xinsure compliance by common carriers with the requirements of the regulations prescribed under this  S 'section.: xc` {O'ԍId.:  S7' e 453. ` ` As stated above, we requested comment on whether the Commission should establish less  xburdensome filing requirements for small carriers as determined by their annual operating revenues. Many  xcarriers disagree with the Commission's distinction between small and large carriers as the determining  S' xfactor by which carriers must submit their policies and procedures to the Commission. c` {OH' " ԍSee, e.g., Omnipoint Comments at 7 (arguing that the Commission should treat all carriers the same with  x regard to their obligations under CALEA); FBI Comments at 32; BellSouth Comments at 14; SBC Comments at  {O' x 78; U S West Comments at 35; GTE Reply Comments at 11. But see Teleport Comments at 8 (stating that small  x carriers should be permitted to file a certification of compliance in lieu of security procedures and policies); NTCA Comments at 4 (supporting the proposal to give small carriers the certification option). Alternatively,  xsome carriers argue that all telecommunications carriers should be permitted to take advantage of the  S8' xstreamlined certification procedure proposed for small carriers in the NPRM.SZ8 c` {O ' " ԍSee, e.g., PCIA Comments at 10; USTA Comments at 8; PrimeCo Comments at 7; BellSouth Comments  x7 at 14; SBC Comments at 8; 360 Comments at 5; AirTouch Comments at 25; GTE Reply Comments at 12; CTIA Comments at 28; PCIA Reply Comments at 13. S Under that proposal,  xcarriers could either file a statement describing their policies and procedures or certify their compliance",''"  S' x^with Commission rules.Qc` {Oh'ԍSee NPRM at  35.Q AirTouch argues, for example, that streamlined procedures promote the public  S'interest because they reduce administrative burden and expense and thereby increase efficiency.IZc` yO'ԍAirTouch Comments at 25.I  Sg' e 554.` ` Decision. We conclude that the plain language of section 229(b)(3) requires all  xtelecommunications carriers to submit to the Commission the policies and procedures adopted to comply  xwith the requirements established under sections 229(b)(1)(2). We agree with commenters that CALEA's  xstatutory language does not make a distinction between carriers, based on size, for the purpose of  S' xDdetermining who must submit their policies and procedures to the Commission.Dc` yO% 'ԍFBI Comments at 32.D We are also persuaded  xby Omnipoint's argument that law enforcement officials consider all electronic surveillance to be  xkimportant, all telecommunications carriers are equally responsible for cooperating with lawful requests for  x assistance with interceptions, and therefore all carriers should be required to submit their policies and  S' x}procedures for Commission review.Izc` yO'ԍOmnipoint Comments at 7.I Accordingly, we depart from our proposal in the NPRM to  xestablish different filing requirements for large and small carriers and conclude that all telecommunications  xcarriers must file their policies and procedures with the Commission regardless of their gross revenues.  xpAs noted by the FBI, the integrity and security of interceptions, and the impact that the loss of vital  xevidence may have on public safety and the successful conduct of criminal prosecutions, is unrelated to  S ' xsize.D c` yOz'ԍFBI Comments at 32.D Some carriers argue that the Commission should ease the administrative burden on all carriers by  S ' xallowing them to certify that they are in compliance with statutory requirements.m c` {O'ԍSee, e.g., USTA Comments at 8; PrimeCo Comments at 7.m While the Commission  xis sympathetic to this argument and recognizes the administrative burden placed on both carriers and the  xDCommission by section 229(b)(3) and 229(c), we reject this alternative because it is inconsistent with the  S' xpplain language of the statute.J, c` yO'ԍ47 U.S.C.  229(b)(3).J Moreover, as the FBI notes, the Commission may not have enough  xinformation, in a certification or a description, to carry out its obligations under section 229(c) to order  xany necessary modifications and insure that a carrier's policies and procedures comply with Commission  Sk'rules.Dk c` yO'ԍFBI Comments at 33.D  S' e 655. ` ` Given that most commenters focused on the Commission's request for information  xRregarding whether we should adopt less burdensome filing requirements for small carriers, few  xcommenters discussed what the Commission's obligations are under section 229(c). We conclude,  xkhowever, that the statute is clear on the procedure the Commission must follow to review the policies and  S9' xprocedures submitted pursuant to section 229(b)(3).Q9L c` {O%&'ԍSee 47 U.S.C.  229(c).Q Accordingly, the Commission shall review carriers'"9,''"  xppolicies and procedures to determine whether they comply with the Commission's rules established  S' xpursuant to sections 229(b)(1)(2).Qc` {O5'ԍSee 47 U.S.C.  229(c).Q If the Commission determines that a carrier's policies and procedures  xVare noncompliant, the carrier shall modify its policies and procedures in accordance with an order  Sg' x^released by the Commission.:gZc` {Oa'ԍId.: Finally, the Commission shall conduct investigations as may be necessary  x@to insure compliance by telecommunications carriers with the requirements of rules established by the  S' xCommission under sections 229 of the Communications Act and section 105 of CALEA.:c` {O 'ԍId.: This approach  xadvances the objectives of CALEA and, as stated above, is consistent with the plain language of section 229(c).   S5' e 756. ` ` We affirm the tentative conclusion reached in the NPRM and we will require that all  xcarriers file their policies and procedures with the Commission within 90 days from the effective date of  S' xthe Commission's rules adopted in this Report and Order to implement CALEA.~c` {O' " ԍSee NPRM at  37. But see 360 Comments at 7 (suggesting that 180 days would be a more appropriate time period). Few commenters  xobjected to our 90 day deadline and we believe that this is a sufficient amount of time for carriers to  xestablish and file their policies and procedures in accordance with Commission rules. Most carriers already  S6 ' xkhave such policies and procedures in place,KX6 c` yO' "} ԍU S West Comments at 3435; AirTouch Comments at 1920; BAM Comments at 9; BellSouth Comments  x at 78; GTE Comments at 67; 360 Comments at 3; SBC Comments at 1720; Teleport Comments at 67; USTA Comments at 8; CTIA Reply Comments at 19.K thereby decreasing the amount of time necessary to prepare  xgthem in accordance with Commission rules. We also adopt the FBI's suggestion, unchallenged by any  xgcommenter, that carriers be required to file their policies and procedures with the Commission no later  xthan 90 days after the effective date of a merger or divestiture in which a carrier becomes the surviving  xgor divested entity. In addition, we extend this 90day filing requirement to the amendment by a carrier  S7' xof existing policies and procedures that it has filed.D7 c` yO'ԍFBI Comments at 35.D We believe that 90 days is a reasonable amount  x@of time to incorporate any modifications to already existing policies and procedures and file them with the Commission.   Sk' e =857. ` ` Furthermore, we decline to adopt Omnipoint's suggestion that the Commission establish  xits carrier security and recordkeeping policies in a manner that would prevent such sensitive and  x/confidential information from being made publicly available under the Freedom of Information Act  S' x(FOIA).S c` {O"'ԍSee Omnipoint Comments at 7.S While we are aware of the sensitive nature of a carrier's policies and procedures for systems  xDsecurity and integrity, we must evaluate each FOIA request on a case by case basis to determine whether  xthe requested record falls within one of the FOIA exemptions. As such, adoption of a general rule that automatically exempts all such documents from public inspection is inappropriate at this time. ",''"Ԍ S'  E. Section 229(d): Penalties  S' e O958. ` ` Section 229(d) of the Communications Act states that a violation by an officer or  xemployee of any policy or procedure adopted by a common carrier pursuant to subsection (b), or of a rule  xprescribed by the Commission pursuant to subsection (a), shall be considered to be a violation by the  S8' xcarrier of a rule prescribed by the Commission pursuant to this Act.G8* yO'ԍ47 U.S.C.  229(d).G As noted above, the NPRM sought  xcomment on the extent to which a telecommunications carrier's duty to conduct only lawfully authorized  xinterceptions extends vicarious criminal and civil liability to a carrier if the carrier's employees are  S' xconvicted of conducting illegal electronic interceptions.QX* {O 'ԍSee NPRM at  27.Q Commenters overwhelmingly disagree with any  xattempt by the Commission to create new forms of criminal and/or civil liability, vicarious or otherwise,  Sp' xunder section 105 of CALEA.p* {O ' "V ԍSee, e.g., Ameritech Comments at 4; BellSouth Comments at 8; Sprint Spectrum Comments at 3; Powertel Comments at 6; USTA Comments at 7; SBC Comments at 11; U S West Comments at 44; FBI Comments at 17. While commenters generally agree that they have a responsibility to  xprevent unlawful interceptions and to enforce policies to prohibit such activity, they note that unless they  xfail to monitor and enforce such policies, they cannot be held liable for the unlawful acts of their  S 'employees. D* {O' "l ԍSee, e.g., Ameritech Comments at 4; SBC Comments at 12 (stating that the employer can only be held liable if the unlawful act is authorized by the employer).   S ' e e:59.` ` Decision. We agree with commenters that carrier liability for violations of the  ,ZCommission's rules implementing section 105 of CALEA have been established by Congress under the  ,plain language of section 229(d) and that promulgating rules that would impose additional liability on  S0' ,Zcarriers is inappropriate. 0* {On' " ԍSee BellSouth Comments at 8; see also BAM Comments at 4 (stating that determining vicarious liability  x is not within the Commission's rulemaking authority under CALEA); Sprint Spectrum Comments at 3 (stating that  x unlawful interceptions are addressed in 18 U.S.C.  2511, and civil remedies and criminal penalties for violating  x 2511 are already prescribed in  2511 and 2520); USTA Comments at 7 (stating that any such liability would  x have to be determined pursuant to the established principles of agency as well as the statutory requirements of 18 U.S.C.  2511); PrimeCo Comments at 6; FBI Comments at 17.  As noted by U S West, in the absence of an explicit statutory mandate, the  ,&Commission should not take any action that might expand the criminal and/or civil liability of a carrier  S' ,ywithout having clear evidence that doing so would substantially promote the goals of CALEA.m* {O 'ԍU S West Comments at 45; see also NTCA Comments at 3.m  ,cCommenters also note that nothing in the language of CALEA suggests that a carrier's duties under  S' ,section 105 affect its liability under 18 U.S.C.  2511 and 2520.* {O#'ԍSee, e.g., U S West Comments at 44; USTA Comments at 7; NTCA Comments at 3. Moreover, we agree with those  ,commenters who argue that, even assuming the existence of a carrier's vicarious liability for the acts of  ,its employees, a Commission requirement to report illegal wiretaps or compromises of confidentiality to"@<,''"  ,Dthe Commission or law enforcement cannot, without express direction from Congress, operate to alter or  S'modify civil and criminal liabilities that might arise under Title III.r* yO@'ԍSBC Comments at 14; NTCA Comments at 3; U S West Comments at 44.r  S' ,%;60. ` ` We, therefore, decline to adopt any additional rules that extend criminal and/or civil  ,liability, vicarious or otherwise, to a carrier for the violations of section 105 of CALEA and section 229  ,tof the Communications Act. Instead, if a carrier violates the Commission's rules implementing section  ,105 of CALEA, the Commission shall enforce, pursuant to section 229(d), the penalties articulated in  S' ,sections 503(b) of the Communications Act and 1.80 of the Commission's rules.eX* {O 'ԍSee 47 U.S.C.  229(d); 47 C.F.R.  1.8.e We believe that this  S'decision is consistent with the plain language of the statute and is based on sound public policy.* yOJ '  (} ԍFurthermore, we conclude that sections 105 of CALEA and 229 of the Communications Act do not modify  ,D the criminal and/or civil liability of a carrier or its employees pursuant to 18 U.S.C.  2511 and 2520, or any other  ,D federal, state or local statutes. Finally, we decline to determine whether reporting illegal wiretaps or compromises  ,! of confidentiality to the Commission and/or affected law enforcement agency serves to modify or mitigate a carrier's  , liability under 18 U.S.C.  2511 and 2520 because we find that to do so is outside the scope of our jurisdiction under CALEA.    Sp' IV. PROCEDURAL MATTERS Đ6  S ' A. Effective Date  S ' ,% <61.` ` Background. In the NPRM, we asked for comment on how much time  ,ctelecommunications carriers would need to comply with Commission system security and integrity  ,regulations promulgated under 47 U.S.C.  229, and we tentatively concluded that 90 days from the  S2' ,effective date of this Report and Order should be sufficient.A2b * yO4'ԍNPRM at  37.A Most parties commenting to our 90day  ,compliance period proposal fell into two categories: (1) carriers that agreed with the compliance period  S' ,because they already had extensive electronic surveillance policies and procedures in place,U * {Ot'ԍSee, e.g., SBC Comments at 23.U and (2)  ,carriers that were concerned that they would need more time to comply, because they lacked either the  S' ,resources or experience in supporting law enforcement agencies' electronic surveillance requirements.  * {O '  ( ԍSee, e.g., 360 Comments at 7 (180 days are necessary). But see Rural Telecommunications Group (RTG) Comments at 4 (90day compliance period is moot without section 103 capability standards).   ,The FBI offered to work with the Commission and develop model policies and procedures for  ,telecommunications carriers to use as a starting point, from which to develop more specific policies and  S'procedures their companies' unique attributes.J* yO%'ԍFBI Reply Comments at 50.J "n,''"Ԍ S'  ,%  =62.` ` Discussion. We conclude that 90 days, from the effective date of this Report and Order,  ,is sufficient time for telecommunications carriers to comply with CALEA section 105 and Commission  ,regulations under 47 U.S.C.  229. We have lessened significantly the number and extent of our proposed  ,regulations in response to recommendations by commenting parties, including the FBI, and regard the final  ,"regulations as the minimum that will satisfy CALEA. In addition, we will not begin to enforce our CALEA implementation regulations until 90 days from the effective date of this Report and Order.  S' B. Final Regulatory Flexibility Analysis  S'  ,% >63.` ` As required by section 603 of the Regulatory Flexibility Act (RFA), 5 U.S.C.  603, an  Sr' ,tInitial Regulatory Flexibility Analysis (IRFA) was incorporated in the NPRM. The Commission sought  SL ' ,gwritten public comments on the proposals in the NPRM, including the IRFA. The Commission's Final  S& ' ,@Regulatory Flexibility Analysis (FRFA) in this Report and Order conforms to the RFA, as amended by  ,Zthe Contract With America Advancement Act of 1996 (CWAAA), Pub. L. No. 104121, 110 Stat. 847  S '(1996). * yO>'  (' ԍSubtitle II of the CWAAA is "The Small Business Regulatory Enforcement Fairness Act of 1996"  {O'(SBREFA), codified at 5 U.S.C.  601 et. seq.  S '` `  (1) Need for and Purpose of this Action  S6' ,%a ?64.` ` This Report and Order responds to the legislative mandate contained in the  ,Communications Assistance for Law Enforcement Act, Pub. L. No. 103414, 108 Stat. 4279 (1994)  ,(codified as amended in sections of 18 U.S.C. and 47 U.S.C.). The Commission, in compliance with 47  S' ,U.S.C.  229,D"* yO'ԍ47 U.S.C.  229.D promulgated rules in this Report and Order to ensure the prompt implementation of  ,ksection 105 of the Communications Assistance for Law Enforcement Act (CALEA). In enacting CALEA,  ,tCongress sought to "make clear a telecommunications carrier's duty to cooperate in the interception of  SF' ,communications for law enforcement purposes. . ."QF* {O'ԍCALEA, supra, at preamble.Q Specifically, Congress sought to balance three key  , policies with CALEA: "(1) to preserve a narrowly focused capability for law enforcement agencies to  ,carry out properly authorized intercepts; (2) to protect privacy in the face of increasingly powerful and  ,3personally revealing technologies; and (3) to avoid impeding the development of new communications  S'services and technologies."wD* {O'ԍH. Rep. No. 103837 at 23, reprinted in 1994 U.S.C.C.A.N. 3489.w  SV'  ,% @65.` ` The rules adopted in this Report and Order implement Congress's goal to make clear a  ,"telecommunications carrier's duty to cooperate with law enforcement agencies that request lawful  S' ,telectronic surveillance,Q* {O|$'ԍCALEA, supra, at preamble.Q and to balance the three key policies enumerated above. The objective of the  S' ,rules adopted in this Report and Order is to implement as quickly and effectively as possible the national"h ,''+"  ,telecommunications policy for telecommunications carriers to support the lawful electronic surveillance needs of law enforcement agencies.  S'  ,%g` `  (2) Summary of the Issues Raised by Public Comments Made in Response to the ####  S`' IRFA  S' ,%> A66.` ` Summary of Initial Regulatory Flexibility Analysis (IRFA). In the NPRM, the  ,Commission performed an IRFA and asked for comments that specifically addressed issues raised in the  S' ,IRFA.H* yO( 'ԍNPRM at  5476.H In the IRFA, the Commission found that the rules it proposed to adopt in this proceeding may  ,have a significant impact on a substantial number of small businesses as defined by section 601(3) of the  Sp'RFA.   S ' ,% B67.` ` In the IRFA, we reiterated our proposed rules in the NPRM requiring telecommunications  ,gcarriers to establish policies and procedures governing the conduct of officers and employees who are  ,3engaged in surveillance activity. The proposed rules required telecommunications carriers to maintain  ,records of all interceptions of communications and call identification information. In addition, the  ,+proposed rules required telecommunications carriers to execute an affidavit for each electronic  ,surveillance, and maintain a separate record of each electronic surveillance. Furthermore, we sought  ,comment on the length of time telecommunications carriers should retain electronic surveillance records,  ,and noted that 18 U.S.C.  2518(8)(a) calls for a retention period of ten years for intercepted  ,communications. The proposed rules also required telecommunications carriers to report security breaches  ,D(compromises to lawful electronic surveillance and illegal electronic surveillance) to both the Commission and the affected law enforcement agency.  SB' ,%  C68.` ` In the IRFA we reiterated that our proposed rules required telecommunications carriers  ,classified as Class A companies pursuant to 47 U.S.C.  32.11 to file individually with the Commission  ,a statement of its processes and procedures used to comply with the systems security rules promulgated  ,7by the Commission. Telecommunications carriers classified as Class B companies pursuant to 47 U.S.C.  , 32.11 could elect to either file a statement describing their security processes and procedures or to  ,*certify that they observed procedures consistent with the security rules promulgated by the Commission.  SR' ,We noted in paragraph 43 of the NPRM that since electronic surveillance capacity and capability  ,requirements are still being developed, it is not possible to predict with certainty whether the costs of compliance will be proportionate between small and large telecommunications carriers.  S' ,% D69.` ` In the IRFA we tentatively concluded that a substantial number of telecommunications  ,carriers, who have been subjected to demands from law enforcement personnel to provide lawful  ,interceptions and callidentifying information for a period time preceding CALEA, already have in place  ,ypractices for proper employee conduct and recordkeeping. We noted that as a practical matter,  ,!telecommunications carriers need such practices to protect themselves from suit by persons who claim they  ,were the victims of illegal surveillance. By providing general guidance regarding the conduct of carrier  S!' ,personnel and the content of records in the proposed regulations, the Commission intended  ,telecommunications carriers to use their existing practices to the maximum extent possible. Thus, in the  St#' ,yIRFA, we tentatively concluded that the additional cost to most telecommunications carriers for conforming to the Commission's proposed regulations, should be minimal. "N$X,''#"Ԍ S'  ,%qԙ E70.` ` Comments. Only one party filed comments in response to the IRFA,J* yOh'ԍBellSouth IRFA Response. J but many parties  ,tcommented on the Commission's proposed system security and integrity regulations in response to the  S' ,NPRM.X* {O'ԍSee, e.g., FBI Comments at 1535, GTE Comments at 610, and Nextel Comments at 1415. As noted above, the record provided by all of these commenting parties clearly disfavors the  S' ,Qamount of recordkeeping proposed by the Commission in the NPRM, and includes numerous suggestions  ,to reduce the amount of paperwork required by the proposed regulations, without jeopardizing statutory  ,compliance. In response thereto, our final regulations reduce significantly the amount of paperwork  S' ,required of telecommunications carriers. Other parties commented that the Commission should not  S' ,promulgate any new rules to implement CALEA.W* {Or 'ԍSee, e.g., USTA Comments at 56.W As we noted in paragraph 17, supra, a plain reading  ,of 47 U.S.C.  229(b) shows that Congress requires the Commission to promulgate regulations ensuring  ,the system security and integrity of carriers, compelling carriers to submit their CALEA system security  ,and integrity policies and procedures to the Commission, and providing records that prove to the  ,DCommission how each telecommunications carrier is complying with the requirements of CALEA section 105. Thus, commentary against any new regulations contradict the plain language of 47 U.S.C.  229.  S ' ,%3` `  (3) Description and Estimates of the Number of Entities Affected by This Report  S 'and ` `  Order  SZ' ,% F71.` `  Consistent with our prior practice, we shall continue to exclude small incumbent LECs  ,Dfrom the definition of a small entity for the purpose of this FRFA. Nevertheless, as mentioned above, we  ,pinclude small incumbent LECs in our FRFA. Accordingly, our use of the terms "small entities" and  ,"small businesses" does not encompass "small incumbent LECs." We use the term "small incumbent  ,LECs" to refer to any incumbent LECs that arguably might be defined by SBA as "small business  S'concerns."]|* {O'ԍSee 13 C.F.R.  121.210 (SIC 4813).]   SB' ,% G72.` ` Total Number of Telephone Companies Affected.  Many of the decisions and rules adopted  ,herein may have a significant effect on a substantial number of the small telephone companies identified  ,by SBA. The United States Bureau of the Census ("the Census Bureau") reports that, at the end of 1992,  S' ,there were 3,497 firms engaged in providing telephone services, as defined therein, for at least one year.* {Oz'  ( ԍUnited States Department of Commerce, Bureau of the Census, 1992 Census of Transportation,  {OD 'Communications, and Utilities: Establishment and Firm Size, at Firm Size 1123 (1995) (1992 Census).  ,This number contains a variety of different categories of carriers, including local exchange carriers,  ,interexchange carriers, competitive access providers, cellular carriers, mobile service carriers, operator  ,service providers, pay telephone operators, PCS providers, covered SMR providers, and resellers. It seems  ,/certain that some of those 3,497 telephone service firms may not qualify as small entities or small  S' ,pincumbent LECs because they are not "independently owned and operated."Jj * yO&'ԍ15 U.S.C.  632(a)(1).J For example, a PCS" ,''h"  ,kprovider that is affiliated with an interexchange carrier having more than 1,500 employees would not meet  ,the definition of a small business. It seems reasonable to conclude, therefore, that fewer than 3,497  , telephone service firms are small entity telephone service firms or small incumbent LECs that may be  S'affected by this Report and Order.  S:' ,% H73.` ` Wireline Carriers and Service Providers. SBA has developed a definition of small entities  ,for telephone communications companies other than radiotelephone (wireless) companies. The Census  ,Bureau reports that, there were 2,321 such telephone companies in operation for at least one year at the  S' ,end of 1992.^* {O, 'ԍ1992 Census, supra, at Firm Size 1123.^ According to SBA's definition, a small business telephone company other than a  S' ,radiotelephone company is one employing fewer than 1,500 persons.|Z* yO 'ԍ13 C.F.R.  121.201, Standard Industrial Classification (SIC) Code 4812.| All but 26 of the 2,321 non ,radiotelephone companies listed by the Census Bureau were reported to have fewer than 1,000 employees.  ,Thus, even if all 26 of those companies had more than 1,500 employees, there would still be 2,295 non ,}radiotelephone companies that might qualify as small entities or small incumbent LECs. Although it  ,^seems certain that some of these carriers are not independently owned and operated, we are unable at this  ,time to estimate with greater precision the number of wireline carriers and service providers that would  ,qualify as small business concerns under SBA's definition. Consequently, we estimate that there are fewer  ,than 2,295 small entity telephone communications companies other than radiotelephone companies that  S\'may be affected by the decisions and rules adopted in this Report and Order.  S' ,%I74. ` ` Local Exchange Carriers. Neither the Commission nor SBA has developed a definition  ,of small providers of local exchange services (LECs). The closest applicable definition under SBA rules  ,is for telephone communications companies other than radiotelephone (wireless) companies. The most  ,reliable source of information regarding the number of LECs nationwide of which we are aware appears  ,to be the data that we collect annually in connection with the Telecommunications Relay Service (TRS).  ,According to our most recent data, 1,347 companies reported that they were engaged in the provision of  S ' ,local exchange services.j^ * {O'  ( ԍFederal Communications Commission, CCB, Industry Analysis Division, Telecommunications Industry  {Ot' ,7 Revenue: TRS Fund Worksheet Data, Tbl. 1 (Average Total Telecommunications Revenue Reported by Class of  {O>'Carrier) (Dec. 1996) (TRS Worksheet).j Although it seems certain that some of these carriers are not independently  ,owned and operated, or have more than 1,500 employees, we are unable at this time to estimate with  ,greater precision the number of LECs that would qualify as small business concerns under SBA's  ,Zdefinition. Consequently, we estimate that there are fewer than 1,347 small incumbent LECs that may  S'be affected by the decisions and rules adopted in this Report and Order.  S0' ,%z J75.` `   Interexchange Carriers. Neither the Commission nor SBA has developed a definition  ,/of small entities specifically applicable to providers of interexchange services (IXCs). The closest  ,happlicable definition under SBA rules is for telephone communications companies other than  ,radiotelephone (wireless) companies. The most reliable source of information regarding the number of  ,IXCs nationwide of which we are aware appears to be the data that we collect annually in connection with  Sj' ,the TRS Worksheet. According to our most recent data, 130 companies reported that they were engaged"j!,''g"  S' ,xin the provision of interexchange services.:* {Oh'ԍId.: Although it seems certain that some of these carriers are not  , independently owned and operated, or have more than 1,500 employees, we are unable at this time to  ,estimate with greater precision the number of IXCs that would qualify as small business concerns under  ,@SBA's definition. Consequently, we estimate that there are fewer than 130 small entity IXCs that may  S`'be affected by the decisions and rules adopted in this Report and Order.   S' ,%i K76.` ` Competitive Access Providers. Neither the Commission nor SBA has developed a  ,kdefinition of small entities specifically applicable to providers of competitive access services (CAPs). The  ,closest applicable definition under SBA rules is for telephone communications companies other than  ,radiotelephone (wireless) companies. The most reliable source of information regarding the number of  ,CAPs nationwide of which we are aware appears to be the data that we collect annually in connection with  SL ' ,the TRS Worksheet. According to our most recent data, 57 companies reported that they were engaged  S& ' ,in the provision of competitive access services.:& Z* {O 'ԍId.: Although it seems certain that some of these carriers  ,xare not independently owned and operated, or have more than 1,500 employees, we are unable at this time  ,to estimate with greater precision the number of CAPs that would qualify as small business concerns under  ,SBA's definition. Consequently, we estimate that there are fewer than 57 small entity CAPs that may be  S 'affected by the decisions and rules adopted in this Report and Order.  S8' ,% L77.` ` Operator Service Providers. Neither the Commission nor SBA has developed a definition  ,7of small entities specifically applicable to providers of operator services. The closest applicable definition  ,under SBA rules is for telephone communications companies other than radiotelephone (wireless)  ,companies. The most reliable source of information regarding the number of operator service providers  ,nationwide of which we are aware appears to be the data that we collect annually in connection with the  Sr' ,xTRS Worksheet. According to our most recent data, 25 companies reported that they were engaged in the  SL' ,provision of operator services.:L* {O'ԍId.: Although it seems certain that some of these companies are not  , independently owned and operated, or have more than 1,500 employees, we are unable at this time to  ,estimate with greater precision the number of operator service providers that would qualify as small  ,business concerns under SBA's definition. Consequently, we estimate that there are fewer than 25 small  S' ,entity operator service providers that may be affected by the decisions and rules adopted in this Report and Order.  S4' ,%= M78.` ` Wireless (Radiotelephone) Carriers. SBA has developed a definition of small entities for  ,7radiotelephone (wireless) companies. The Census Bureau reports that there were 1,176 such companies  S' ,tin operation for at least one year at the end of 1992.J~* {O#'ԍ1992 Census, supra.J According to SBA's definition, a small business  S' ,radiotelephone company is one employing fewer than 1,500 persons.|* yOn%'ԍ13 C.F.R.  121.201, Standard Industrial Classification (SIC) Code 4812.| The Census Bureau also reported  ,that 1,164 of those radiotelephone companies had fewer than 1,000 employees. Thus, even if all of the"",''"  ,Iremaining 12 companies had more than 1,500 employees, there would still be 1,164 radiotelephone  ,3companies that might qualify as small entities if they are independently owned are operated. Although  ,it seems certain that some of these carriers are not independently owned and operated, we are unable at  ,this time to estimate with greater precision the number of radiotelephone carriers and service providers  ,Mthat would qualify as small business concerns under SBA's definition. Consequently, we estimate that  ,there are fewer than 1,164 small entity radiotelephone companies that may be affected by the decisions  S'and rules adopted in this Report and Order.   S' ,% N79.` ` Cellular Service Carriers. Neither the Commission nor the SBA has developed a  ,definition of small entities specifically applicable to Cellular Service Carriers and to Mobile Service  ,Carriers. The closest applicable definition under SBA rules for both services is for telephone companies  ,tother than radiotelephone (wireless) companies. The most reliable source of information regarding the  ,}number of Cellular Service Carriers and Mobile Service Carriers nationwide of which we are aware  S ' ,appears to be the data that we collect annually in connection with the TRS Worksheet. According to our  S ' ,gmost recent data, 792 companies reported that they are engaged in the provision of cellular services. * {O<'ԍTRS Worksheet at Tbl. 1 (Number of Carriers Reporting by Type of Carrier and Type of Revenue).  ,Although it seems certain that some of these carriers are not independently owned and operated, or have  ,more than 1,500 employees, we are unable at this time to estimate with greater precision the number of  ,cellular service carriers that would qualify as small business concerns under SBA's definition.  ,Consequently, we estimate that there are fewer than 792 small entity cellular service carriers that might  S 'be affected by the actions and rules adopted in this Report and Order.  S' ,%J O80.` ` Mobile Service Carriers. Neither the Commission or the SBA has developed a definition  ,^of small entities specifically applicable to mobile service carriers, such as paging companies. The closest  ,capplicable definition under SBA rules is for radiotelephone (wireless) companies. The most reliable  ,Qsource of information regarding the number of mobile service carriers nationwide os which we are aware  S' ,appears to be the data that we collect annually in connection with the TRS Worksheet. According to our  S' ,most recent data, 138 companies reported that they were engaged in the provision of mobile services.:Z* {O'ԍId.:  ,Although it seems certain that some of these carriers are not independently owned and operated, or have  ,more than 1,500 employees, we are unable at this time to estimate with greater precision the number of  ,mobile service carriers that would qualify under SBA's definition. Consequently, we estimate that there  ,are fewer than 138 small entity mobile service carriers that may be affected by the decision and rules adopted in this Report and Order.  S' ,%d  P81.` ` Broadband Personal Communications Service. The broadband PCS spectrum is divided  ,into six frequency blocks designated A through F, and the Commission has held auctions for each block.  ,The Commission defined "small entity" for Blocks C and F as an entity that has average gross revenues  Sj' ,of less than $40 million in the three previous calendar years.T\j* {O#'  (< ԍSee Amendment of Parts 20 and 24 of the Commission's rules Broadband PCS Competitive Bidding and  {O$' , the Commercial Mobile Radio Service Spectrum Cap, Report and Order, 11 FCC Rcd 7824, 7850 (1996); see also 47 CFR  24.720(b).T For Block F, an additional classification  ,for "very small business" was added, and is defined as an entity that, together with its affiliates, has"B#,''7"  S' ,average gross revenues of not more than $15 million for the preceding three calendar years.F* {Oh'ԍId. at  60.F These  ,7regulations defining "small entity" in the context of broadband PCS auctions have been approved by SBA.  ,M No small businesses within the SBAapproved definition bid successfully for licenses in Blocks A and  ,B. There were 90 winning bidders that qualified as small entities in the Block C auctions. A total of 93  ,Dsmall and very small business bidders won approximately 40% of the 1,479 licenses for Blocks D, E, and  S8' ,F.8Z* {O2'ԍFCC News, Broadband PCS, D, E and F Block Auction Closes, No. 71744 (rel. January 14, 1997). However, licenses for Blocks C through F have not been awarded fully, therefore there are few, if  ,*any, small businesses currently providing PCS services. Based on this information, we conclude that the  ,number of small broadband PCS licenses will include the 90 winning C Block bidders and the 93  ,qualifying bidders in the D, E, and F blocks, for a total of 183 small PCS providers as defined by the SBA and the Commission's auction rules.  SH ' ,%m   Q82.` `  SMR Licensees.  Pursuant to 47 C.F.R.  90.814(b)(1), the Commission has defined  ,"small entity" in auctions for geographic area 800 MHz and 900 MHz SMR licenses as a firm that had  ,average annual gross revenues of less than $15 million in the three previous calendar years. This  ,&definition of a "small entity" in the context of 800 MHz and 900 MHz SMR has been approved by the  S ' ,SBA.1 * {O6'  ( ԍSee Amendment of Parts 2 and 90 of the Commission's Rules to Provide for the use of 200 Channels  ,* Outside the Designated Filing Areas in the 896911 MHz and the 935940 MHz Bands Allotted to the Specialized  {O' ,^ Mobile Radio Pool, PR Docket No. 89583, Second Order on Reconsideration and Seventh Report and Order, 11  , FCC Rcd 2639, 2693702 (1995); Amendment of Part 90 of the Commission's Rules to Facilitate Future  {OZ' , Development of SMR Systems in the 800 MHz Frequency Band, PR Docket No. 93144, First Report and Order,  {O$'Eighth Report and Order, and Second Further Notice of Proposed Rulemaking, 11 FCC Rcd 1463 (1995). 1 The rules adopted in this Report and Order may apply to SMR providers in the 800 MHz and  ,V900 MHz bands that either hold geographic area licenses or have obtained extended implementation  ,authorizations. We do not know how many firms provide 800 MHz or 900 MHz geographic area SMR  ,xservice pursuant to extended implementation authorizations, nor how many of these providers have annual  ,<revenues of less than $15 million. We assume, for purposes of this FRFA, that all of the extended  ,implementation authorizations may be held by small entities, which may be affected by the decisions and  S'rules adopted in this Report and Order.   Sl'  ,%  R83.` `  The Commission recently held auctions for geographic area licenses in the 900 MHz SMR  ,band. There were 60 winning bidders who qualified as small entities in the 900 MHz auction. Based on  , this information, we conclude that the number of geographic area SMR licensees affected by the rule  ,3adopted in this Report and Order includes these 60 small entities. No auctions have been held for 800  ,tMHz geographic area SMR licenses. Therefore, no small entities currently hold these licenses. A total  ,xof 525 licenses will be awarded for the upper 200 channels in the 800 MHz geographic area SMR auction.  ,QThe Commission, however, has not yet determined how many licenses will be awarded for the lower 230  ,Ichannels in the 800 MHz geographic area SMR auction. There is no basis, moreover, on which to  ,estimate how many small entities will win these licenses. Given that nearly all radiotelephone companies  ,3have fewer than 1,000 employees and that no reliable estimate of the number of prospective 800 MHz  ,licensees can be made, we assume, for purposes of this FRFA, that all of the licenses may be awarded  S'to small entities who, thus, may be affected by the decisions adopted in this Report and Order."$l ,''"Ԍ S' ,%ԙ S84.` ` Resellers. Neither the Commission nor SBA has developed a definition of small entities  ,specifically applicable to resellers. The closest applicable definition under SBA rules is for all telephone  ,tcommunications companies. The most reliable source of information regarding the number of resellers  ,nationwide of which we are aware appears to be the data that we collect annually in connection with the  ,TRS. According to our most recent data, 260 companies reported that they were engaged in the resale  S:' ,of telephone services.O:* {O'ԍTRS Worksheet at Tbl. 1.O Although it seems certain that some of these carriers are not independently  ,owned and operated, or have more than 1,500 employees, we are unable at this time to estimate with  ,greater precision the number of resellers that would qualify as small business concerns under SBA's  ,definition. Consequently, we estimate that there are fewer than 260 small entity resellers that may be  S'affected by the decisions and rules adopted in this Report and Order.  SJ ' ,%B T85.` ` Pay Telephone Operators. Neither the Commission nor the SBA has developed a  ,cdefinition of small entities specifically applicable to pay telephone operators. The closest applicable  ,definition under SBA rules is for telephone communications companies other than radiotelephone  ,Z(wireless) companies. The most reliable source of information regarding the number of pay telephone  S ' ,7operators nationwide of which we are aware appears to be the data that we collect annually with the TRS  S ' ,gWorksheet. According to our most recent data, 271 companies reported that they were engaged in the  S`' ,provision of pay telephone services.:`Z* {OZ'ԍId.: Although it seems certain that some of these carriers are not  , independently owned and operated, or have more than 1,500 employees, we are unable at this time to  ,estimate with greater precision the number of pay telephone operators that would qualify as small business  ,concerns under SBA's definition. Consequently, we estimate that there are fewer than 271 small entity  S'pay telephone operators that may be affected by the decisions and rules adopted in this Report and Order.  Sr'  ,%z  U86.` `  Cable Services or Systems. SBA has developed a definition of small entities for cable  ,and other pay television services, which includes all such companies generating $11 million or less in  S$' ,revenue annually.W$* yO'ԍ13 C.F.R.  121.201, SIC Code 4841.W This definition includes cable systems operators, closed circuit television services,  ,gdirect broadcast satellite services, multipoint distribution systems, satellite master antenna systems and  ,7subscription television services. According to the Census Bureau, there were 1,788 such cable and other  S'pay television services and 1,439 had less than $11 million in revenues. |* {O'  ( ԍ1992 Economic Census Industry and Enterprise Receipts Size Report, Table 2D, SIC 4841 (U.S. Bureau of the Census data under contract to the Office of Advocacy of the U.S. Small Business Administration).   S\'  ,%  V87.` `  The Commission has developed its own definition of a small cable system operator for  ,the purposes of rate regulation. Under the Commission's Rules, a "small cable company" is one serving  S ' ,fewer than 400,000 subscribers nationwide.Z * yO$'  ( ԍ47 C.F.R.  76.901(e). The Commission developed this definition based on its determination that a small  , cable system operator is one with annual revenues of $100 million or less. Implementation of Sections of the 1992  {O&' ,7 Cable Act: Rate Regulation, Sixth Report and Order and Eleventh Order on Reconsideration, 10 FCC Rcd. 7393"&,''"&" (1995).  Based on our most recent information, we estimate that" %X,''4"  S' ,@there were 1,439 cable operators that qualified as small cable system operators at the end of 1995.X* {O'ԍPaul Kagan Associates, Inc., Cable TV Investor, Feb. 29, 1996 (based on figures for December 30, 1995).  ,Since then, some of those companies may have grown to serve over 400,000 subscribers, and others may  ,lhave been involved in transactions that caused them to be combined with other cable operators.  ,Consequently, we estimate that there are fewer than 1,439 small entity cable system operators that may  S`'be affected by the decisions and rules adopted in this Report and Order.  S' ,%S  W88.` ` The Communications Act also contains a definition of a small cable system operator,  ,}which is "a cable operator that, directly or through an affiliate, serves in the aggregate fewer than 1  ,percent of all subscribers in the United States and is not affiliated with any entity or entities whose gross  S' ,gannual revenues in the aggregate exceed $250,000,000."J* yO" 'ԍ47 U.S.C.  543(m)(2).J The Commission has determined that there  ,xare 61,700,000 subscribers in the United States. Therefore, we found that an operator serving fewer than  ,617,000 subscribers shall be deemed a small operator, if its annual revenues, when combined with the total  S ' ,annual revenues of all of its affiliates, do not exceed $250 million in the aggregate.K z* yO:'ԍ47 C.F.R.  76.1403(b).K Based on available  S ' ,data, we find that the number of cable operators serving 617,000 subscribers or less totals 1,450.m * {O'ԍPaul Kagan Associates, Inc., Cable TV Investor, supra.m We  ,do not request nor do we collect information concerning whether cable system operators are affiliated with  S ' ,*entities whose gross annual revenues exceed $250,000,000, * yO'  (y ԍWe receive such information on a casebycase basis only if a cable operator appeals a local franchise authority's finding that the operator does not qualify as a small cable operator pursuant to 47 C.F.R.  76.1403(b). and thus are unable at this time to estimate  ,with greater precision the number of cable system operators that would qualify as small cable operators  ,under the definition in the Communications Act. We further note that recent industry estimates project  ,that there will be a total of 65,000,000 subscribers, and we have based our fee revenue estimates on that figure.  S4 ,%q X89.` ` Other Pay Services. In the IRFA, we included a category entitled "other pay services."A * yOL'ԍNPRM at  72.A  , Other pay services are also classified under SIC 4841, which include cable operators, closed circuit  ,television services, direct broadcast satellite services (DBS), multipoint distribution systems (MDS),  SB' ,satellite master antenna systems (SMATV), and subscription television services. We received no  S' ,@comments regarding service providers in this category in response to either the IRFA or the NPRM at  ,large. Accordingly, we cannot determine at this time the number of service providers in this category that  ,3intend to offer services to the public as telecommunications carriers, and become subject to CALEA's requirements.  SR'` `  (4) Summary Analysis of the Projected Reporting, Recordkeeping and Other  ,%Z` ` Compliance Requirements and Steps Taken to Minimize the Significant Economic"*& ,''"  ,%` ` Impact of this Report and Order on Small Entities, Including Significant Alternatives ` ` Considered and Rejected.  S'  S' ,%Y90.` ` In this section of the FRFA, we analyze the projected reporting, recordkeeping, and other  ,compliance requirements that may apply to small entities as a result of this Report and Order. We also  ,7describe the steps taken to minimize the economic impact of our decisions on small entities, including the significant alternatives considered and rejected.  S'  ,%d Z91.` ` In the final regulations, we affirm our proposal in the NPRM to establish regulations that  ,<are general in nature and provide as guidance, so that telecommunications carriers may utilize their  ,existing policies and procedures to the greatest extent possible. In addition, we eliminated all references  ,to proposed rules and tentative conclusions relating to vicarious liability arising out of a telecommunications carrier's failure to accomplish either of CALEA section 105's two objectives.  S ' ,% [92.` ` In the final regulations, we eliminated all regulations originally proposed pursuant to 47  ,IU.S.C.  229(b)(1) that appeared to go beyond the scope of CALEA section 105, overlapped other  ,7proposed regulations, were unnecessarily cumbersome, or otherwise unnecessary. Accordingly, carriers  ,*must: 1) appoint a senior officer or employee as point of contact responsible for affirmatively intervening  ,to ensure that interception of communications or access to callidentifying information can be activated  ,Zonly in accordance with the appropriate legal authorization; 2) include a description of the job function  ,of the appointed point of contact for law enforcement to reach on a daily, around the clock basis in their  ,7policies and procedures; 3) effectuate a requested interception promptly; 4) incorporate our interpretation  ,of the phrase "appropriate authorization" in their policies and procedures; 5) state in their policies and  ,procedures that carrier personnel must receive appropriate legal authorization, before enabling law  ,}enforcement officials to implement the interception of communications or access to callidentifying  ,^information; 6) require the appointed senior point of contact to be apprised of all relevant federal and state  ,statutory provisions concerning the lawful interception of communications or access to callidentifying  ,information; 7) report security compromises and unlawful interception of communications or access to  ,callidentifying information to the appropriate law enforcement authorities within a reasonable length of  ,Qtime after discovery; 8) maintain a secure and accurate record of each interception of communications or  ,access to callidentifying information, made with or without appropriate authorization, in the form of  ,Vsingle certification; 9) maintain secure and records of callidentifying information and unauthorized  ,interceptions (including the content of the unauthorized interception) for ten years; 10) maintain secure  ,and accurate records of the content of each authorized interception of communications for a period of time  ,determined by them in accordance with the policies and procedures that they establish under section  ,229(b)(1) of the Communications Act and applicable state and federal statutes of limitation; 11) provide  ,a detailed description of how long it will maintain its records of intercept content; and 12) file with the  ,3Commission, within 90 days of the effective date of these rules, the policies and procedures it uses to  ,comply with the requirements of this subpart, and thereafter, within 90 days of a carrier's merger or divestiture or a carrier's amendment of its existing policies and procedures.  S"' ,% \93.` ` We eliminated the requirement of "designated employees," and the requirement for  ,telecommunications carriers to provide updated lists of designated employees that included personal  ,information about them, to law enforcement agencies. Instead, telecommunications carriers, as part of  ,gtheir policies and procedures, should only appoint a senior authorized officer or employee as a point of  ,contact for law enforcement to reach on a daily, around the clock basis. Telecommunications carriers will"%',''$"  ,Minclude a description of the job function of the designated point of contact and a method to enable law  ,xenforcement authorities to contact the individual employed in this capacity in their polices and procedures.  S' ,% ]94.` ` We eliminated the proposed regulation requiring a separate affidavit and a separate record  ,for each surveillance. Instead, our final regulation requires that telecommunications carriers compile and  ,@maintain a single record of each intercepted communications or access to callidentifying information,  ,<certified by a carrier employee in charge of that electronic surveillance, that contains the following  ,information: 1) the telephone number(s) and/or circuit identification number(s) involved; 2) the start date  ,*and time of the opening of the circuit for law enforcement; 3) the identity of the law enforcement officer  ,presenting the authorization; 4) the name of the judge or prosecuting attorney who signed the  ,authorization; 5) the type of intercepted communications or access to callidentifying information; 6) the  ,xname(s) of the telecommunications carriers' personnel who are responsible for overseeing the interception  ,of communications or access to callidentifying information and who are acting in accordance with the  ,Dcarriers' policies and procedures established under 47 U.S.C.  229(b)(1). This record shall be signed by  ,the individual who is responsible for overseeing the interception of communications or access to call ,identifying information and who is acting in accordance with the carriers' policies and procedures  ,established under 47 U.S.C.  229(b)(1). To avoid duplicating the existing ten year record retention  ,Rrequirement for records of authorized interception content in 18 U.S.C.  2518(8)(a), we allow  ,telecommunications carriers to retain records of the content of authorized interceptions for a period of time  ,&that they find reasonably necessary. However, because 18 U.S.C.  2518(8)(a) does not encompass  ,records of callidentifying information and records of unauthorized interceptions, we require carriers to  ,maintain secure and records of callidentifying information and unauthorized interceptions (including the content of the unauthorized interception) for ten years.  S@'  ,% ^95.` ` In the final regulations, we did not affirm our proposal to provide a lessened reporting  ,requirement for carriers that fell below the gross annual revenue threshold established in 47 C.F.R.   ,32.9000 of the Commission's rules. As noted above, we conclude that 47 U.S.C.  229(b)(3) requires  ,all telecommunications carriers to submit their policies and procedures to the Commission established  ,gunder 47 U.S.C.  229(b)(1) and (2). As noted on the record above, the statute makes no distinction  ,Zbetween classes of telecommunications carriers for the purpose of lessening the regulatory burden for  ,smaller carriers. Accordingly, our final regulations contain the requirement that all telecommunications  ,Dcarriers must file their system security and integrity policies and procedures with the Commission, within  S' ,D90 days of this Report and Order's effective date. We note, however, that since the proposed regulations  ,have been drastically reduced, the burden imposed by the regulations adopted herein is also significantly reduced for all telecommunications carriers, including the smaller ones.  S`' ` `  (5) Report to Congress  S '  ,% _96.` ` The Commission shall send a copy of this FRFA, along with this Report and Order, in  ,a report to Congress pursuant to the Small Business Regulatory Enforcement Fairness Act of 1996, 5 U.S.C.  801(a)(1)(A). A copy of this FRFA will also be published in the Federal Register.  Sp#' C. Paperwork Reduction Act of 1995 Analysis  S %' ,%`97.` ` This Report and Order contains a modified information collection, which has been  ,submitted to the Office of Management and Budget for approval. As part of our continuing effort to"%(,''$"  ,preduce paperwork burdens, we invite the general public to take this opportunity to comment on the  ,information collection contained in this Report and Order, as required by the Paperwork Reduction Act  ,of 1995, Pub. L. No. 10413. Public comments should be submitted to OMB and the Commission, and  ,are due thirty days from publication of this Report and Order in the Federal Register. Comments should  ,address: (a) whether the proposed collection of information is necessary for the performance of the proper  ,/functions of the Commission, including whether the information shall have practical utility; (b) the  ,xaccuracy of the Commission's burden estimates; (c) ways to enhance the quality, utility, and clarity of the  ,"information collected; and (d) ways to minimize the burden of the collection of information on the  ,respondents, including the use of automated collection techniques or other forms of information  S'techn ology.  SH 'w IV. ORDERING CLAUSES Đ6  S ' ,%a98.` ` Accordingly, IT IS ORDERED that, pursuant to sections 4(i), 4(j), and 229 of the  ,Communications Act of 1934, as amended, 47 U.S.C.  154(i), 154(j), and 229, and section 105 of the  ,^Communications Assistance for Law Enforcement Act, 47 U.S.C.  1004, the rules specified in Appendix A are adopted.  S0' ,%b99.` ` IT IS FURTHER ORDERED that the rules set forth in Appendix A WILL BECOME EFFECTIVE 90 days after publication in the Federal Register.  S' ,%c100.` ` IT IS FURTHER ORDERED that the Regulatory Flexibility Analysis, as required by Section 604 of the Regulatory Flexibility Act, and as set forth above is adopted.  S@' ,%0d101.` ` IT IS FURTHER ORDERED that the Commission's Office of Public Affairs, Reference  ,Operations Division, SHALL SEND a copy of this REPORT AND ORDER, including the Final Regulatory Flexibility Analysis, to the Chief Counsel for Advocacy of the Small Business Administration.  ` `  MhhFEDERAL COMMUNICATIONS COMMISSION ` `  Mhh  S'` `  MhhMagalie Roman  h&t Salas,     ` `  MhhSecretary  S' "),''}"  S' APPENDIX A FINAL RULES6 `t AMENDMENTS TO THE CODE OF FEDERAL REGULATIONS6  S`',,PART 64 MISCELLANEOUS RULES RELATING TO COMMON CARRIERS Đ6 Part 64 of the Code of Federal Regulations (C.F.R.) is amended as follows:  S'1.The authority citation for Part 64 is amended to read as follows:   (AUTHORITY: 47 U.S.C.  151, 154, 201, 202, 205, 218220, and 332 unless otherwise noted.  ,Interpret or apply  201, 218, 225, 226, 227, 229, 332, 48 Stat. 1070, as amended. 47 U.S.C.  201204, 208, 225, 226, 227, 229, 332, 501 and 503 unless otherwise noted.  S '2.The table of contents for Part 64 is amended to add Subpart U to read as follows:  S ' , Subpart U Telecommunications Carrier Systems Security and Integrity Pursuant to the  SX'Communications Assistance for Law Enforcement Act (CALEA)  S' 64.2100 Purpose.  64.2101 Scope.  64.2102 Definitions.  64.2103 Policies and Procedures for Employee Supervision and Control.  64.2104 Maintaining Secure and Accurate Records.  64.2105 Submission of Policies and Procedures and Commission Review.  S' 64.2106 Penalties. Part 64 is amended to add Subpart U to read as follows:  Sx'  64.2100 ` ` Purpose.  ,Pursuant to the Communications Assistance for Law Enforcement Act, Pub. L. No. 103414, 108 Stat.  ,4279 (1994) (codified as amended in sections of 18 U.S.C. and 47 U.S.C.), this subpart contains rules that  ,7require a telecommunications carrier to ensure that any interception of communications or access to call ,identifying information effected within its switching premises can be activated only in accordance with  ,appropriate legal authorization, appropriate carrier authorization, and with the affirmative intervention of  ,tan individual officer or employee of the carrier acting in accordance with regulations prescribed by the Commission.  S '  64.2101 ` ` Scope.  ,The definitions included in this subpart shall be used solely for the purpose of implementing CALEA requirements. "H$*,''#"  S'  64.2102 ` ` Definitions. (a) Appropriate Legal Authorization. The term "appropriate legal authorization" means:  x(1) a court order signed by a judge or magistrate authorizing or approving interception of wire or electronic communications; or (2) other authorization, pursuant to 18 U.S.C.  2518(7), or any other relevant federal or state statute.  xZ (b) Appropriate Carrier Authorization. The term "appropriate carrier authorization" means the policies  xand procedures adopted by telecommunications carriers to supervise and control officers and employees  xDauthorized to assist law enforcement in conducting any interception of communications or access to callidentifying information.  x (c) Appropriate Authorization. The term "appropriate authorization" means both appropriate legal authorization and appropriate carrier authorization.  S '  64.2103 ` ` Policies and Procedures for Employee Supervision and Control. A telecommunications carrier shall: (a) establish policies and procedures to ensure the supervision and control of its officers and employees;  x (b) appoint a senior officer or employee as a point of contact responsible for affirmatively intervening  xto ensure that interception of communications or access to callidentifying information can be activated  xonly in accordance with appropriate legal authorization, and include, in its policies and procedures, a  x*description of the job function of the appointed point of contact for law enforcement to reach on a seven days a week, 24 hours a day basis;  x (c) incorporate, in its polices and procedures, an interpretation of the phrase "appropriate authorization"  xthat encompasses the definitions of "Appropriate Legal Authorization" and "Appropriate Carrier Authorization", as stated above;  x (d) state, in its policies and procedures, that carrier personnel must receive appropriate legal authorization  xtand appropriate carrier authorization before enabling law enforcement officials and carrier personnel to implement the interception of communications or access to callidentifying information; (e) report to the affected law enforcement agencies, within a reasonable time upon discovery:  x (1) any act of compromise of a lawful interception of communications or access to callidentifying information to unauthorized persons or entities; and (2) any act of unlawful electronic surveillance that occurred on its premises.  x (f) include, in its policies and procedures, a detailed description of how long it will maintain its records of the content of an interception. "H$+,'' #"  S'  64.2104 ` ` Maintaining Secure and Accurate Records. A telecommunications carrier shall:  x (a) maintain a secure and accurate record of each interception of communications or access to call xkidentifying information, made with or without appropriate authorization, in the form of single certification.  x^ (1) This certification must include, at a minimum, the following information: (i) the telephone number(s)  xand/or circuit identification numbers involved; (ii) the start date and time of the opening of the circuit for  x&law enforcement; (iii) the identity of the law enforcement officer presenting the authorization; (iv) the  xname of the person signing the appropriate legal authorization; (v) the type of interception of  S ' xcommunications or access to callidentifying information (e.g., pen register, trap and trace, Title III,  xQFISA); and (vi) the name of the telecommunications carriers' personnel who is responsible for overseeing  xythe interception of communication or access to callidentifying information and who is acting in accordance with the carriers' policies established under  64.2103 of this subpart.  x7 (2) This certification must be signed by the individual who is responsible for overseeing the interception  x3of communications or access to callidentifying information and who is acting in accordance with the  xtelecommunications carrier's policies established under  64.2103 of this subpart. This individual will, by his/her signature, certify that the record is complete and accurate.  xZ (3) This certification must be compiled either contemporaneously with, or within a reasonable period  xof time after the initiation of the interception of the communications or access to callidentifying information.  x (4) A telecommunications carrier may satisfy the obligations of subsection (a) of this rule by requiring  xthe individual who is responsible for overseeing the interception of communication or access to call xidentifying information and who is acting in accordance with the carriers' policies established under   x364.2103 of this subpart to sign the certification and append the appropriate legal authorization and any  x<extensions that have been granted. This form of certification must at a minimum include all of the information listed in subsection (a) of this rule. (b) A telecommunications carrier shall maintain secure and accurate records of:  x (1) callidentifying information and unauthorized interceptions (including the content of the unauthorized interception) for ten years;  xt (2) the content of each authorized interception of communications for a reasonable period of time as determined by the carrier.  x (c) It is the telecommunications carrier's responsibility to ensure its records are complete and accurate. (d) Violation of this rule is subject to the penalties of  64.2106 of this subpart.  SJ$'  64.2105 ` ` Submission of Policies and Procedures and Commission Review. ""%,,''#"Ԍ x (a) Each telecommunications carrier shall file with the Commission the policies and procedures it uses  xMto comply with the requirements of this subpart. These policies and procedures shall be filed with the  xFederal Communications Commission within 90 days of the effective date of these rules, and thereafter,  xwithin 90 days of a carrier's merger or divestiture or a carrier's amendment of its existing polices and procedures.  S8'  S' x (b) The Commission shall review each telecommunications carrier's policies and procedures to determine whether they comply with the requirements of  64.2103 and  64.2104 of this subpart.  x (1) If, upon review, the Commission determines that a telecommunications carrier's policies and  xprocedures do not comply with the requirements established under  64.2103 and  64.2104 of this  xtsubpart, the telecommunications carrier shall modify its policies and procedures in accordance with an order released by the Commission.  x (2) The Commission shall review and order modification of a telecommunications carrier's policies and  x!procedures as may be necessary to insure compliance by telecommunications carriers with the requirements of the regulations prescribed under  64.2103 and  64.2104 of this subpart.  S '  64.2106 ` ` Penalties  S0' xg In the event of a telecommunications carrier's violation of  64.2103 or  64.2104 of this subpart, the  xCommission shall enforce the penalties articulated in 47 U.S.C.  503(b) of the Communications Act of 1934 and 47 C.F.R.  1.8 of the Commission's rules. "-,''*"  S',  APPENDIX B LIST OF COMMENTERS Đ S'\   S'Parties Filing Comments 1. AirTouch Communications, Inc. (AirTouch) 2. American Civil Liberties Union (ACLU) 3. Ameritech Operating Companies and Ameritech Mobile Communications, Inc. (Ameritech) 4. AT&T Corporation, and AT&T Wireless Services Inc. (AT&T) 5. Bell Atlantic Mobile, Inc. (BAM) 6. BellSouth Corporation, BellSouth Telecommunications, Inc., BellSouth Cellular Corporation, BellSouth Personal Communications, Inc. and BellSouth Wireless Data, L.P. (BellSouth) 7. Cellular Telecommunications Industry Association (CTIA) 8. Center for Democracy and Technology (CDT) 9. GTE Service Corporation (GTE) 10. National Telephone Cooperative Association (NTCA) 11. Nextel Communications, Inc. (Nextel) 12. Omnipoint Communications, Inc. (Omnipoint) 13. Organization for the Promotion and Advancement of Small Telecommunications Companies (OPASTCO) 14. Paging Network, Inc. (PageNet) 15. Personal Communications Industry Association (PCIA) 16. Powertel, Inc. (Powertel) 17. PrimeCo Personal Communications, L.P. (PrimeCo) 18. Rural Telecommunications Group (RTG) 19. SBC Communications (SBC) 20. Sprint Spectrum L.P. d/b/a Sprint PCS (Sprint) 21. Teleport Communications Group, Inc. (Teleport) 22. United States Cellular Corporation (USCC) 23. United States Department of Justice and Federal Bureau of Investigation (filing jointly) (FBI) 24. United States Telephone Association (USTA) 25. U S West, Inc. (U S West) 26. 360 Communications Company (360)  S'Parties Filing Reply Comments 1. AirTouch Communications, Inc. (AirTouch) 2. Ameritech Operating Companies and Ameritech Mobile Communications, Inc. (Ameritech) 3. AT&T Corporation, and AT&T Wireless Services Inc. (AT&T) 4. BellSouth Corporation, BellSouth Telecommunications, Inc., BellSouth Cellular Corporation, BellSouth Personal Communications, Inc. and BellSouth Wireless Data, L.P. (BellSouth) 5. Cellular Telecommunications Industry Association (CTIA) 6. Center for Democracy and Technology (CDT) 7. City of East Ridge Police Department 8. GTE Service Corporation (GTE) 9. Indiana State Police 10. Motorola, Inc. (Motorola)"%.,''$"Ԍ11. National Technical Investigators' Association 12. New Jersey State Police 13. Nextel Communications, Inc. (Nextel) 14. Office of the Hudson County Prosecutor 15. Omnipoint Communications, Inc. (Omnipoint) 16. Personal Communications Industry Association (PCIA) 17. PrimeCo Personal Communications, L.P. (PrimeCo) 18. SBC Communications (SBC) 19. Telecommunications Industry Association (TIA) 20. Teleport Communications Group, Inc. (TCG) 21. United States Department of Justice and Federal Bureau of Investigation (filing jointly) (FBI) 22. United States Telephone Association (USTA) 23. U S West, Inc. (U S West)