Blog Careers Support +1 408 944 0250

Meeting Lawful Intelligence Challenges for IoT

Meeting Lawful Intelligence Challenges for IoT - SS8 Networks

As billions of IoT devices are provisioned, their multitude of roles are mirrored by their complex impact on lawful intelligence. Endpoints that range from consumer electronic devices to sensors on industrial systems, each contribute to an ever-increasing current of diverse data. And while an IoT sensor on an oil pipeline is theoretically just a data-communication endpoint in the same way as a cell phone, there are significant differences. IoT has the potential to dramatically enrich lawful intelligence used to investigate and prosecute criminal activity, but it also adds significant complexity.

Communication service providers (CSPs) must contend with huge numbers of IoT endpoints—arranged in complex topologies of data transmission and control—from which data could potentially be required for interception and hand-over to law enforcement agencies (LEAs). At the same time, LEAs face significant complexity in analyzing the data, both because of the large volumes involved and the difficulty of interpreting unstandardized, context-poor machine-to-machine communications.

CSPs Cast a Huge Net as IoT Devices Proliferate

Vast numbers of devices, massive data sizes, and diversity of endpoints are defining characteristics of IoT. Compared to conventional networks, the scope of messages that could potentially be subject to lawful intercept requirements may be larger by multiple orders of magnitude. Some of these data streams may closely resemble those already familiar to service providers in the context of lawful intercept, such as voice from smart speakers, location data from wearables, and video from surveillance cameras.

For the most part, however, the lingua franca of IoT is machine-to-machine communication, with a complexion that is dramatically different from human-oriented forms. Consisting largely of control messages, individual machine-to-machine transmissions tend to be quite small but plentiful, with the vast majority being of little importance, in an investigative sense.

IoT dramatically increases the diversity and the sheer number of devices involved. For example, where a conventional, human-oriented investigation may require interception from dozens of subjects, forensic investigation of a terrorist organization could easily involve thousands of IoT sources. Identifying specific individual devices of interest can be a significant challenge, given the lack of device-specific context in many machine-to-machine messages, which makes tracking and coordinating interception a significant computational challenge.

In addition, it isn’t yet clear which IoT devices will be subject to emerging requirements for lawful interception. The legal frameworks to identify IoT lawful-intercept mandates will still be some years in development. As intelligence and communication abilities are built into more everyday objects, and the potential for them to be used in cyber-attacks and nefarious activities, definitions of what constitutes a potential lawful intercept target become more ambiguous. CSPs must therefore increasingly rely on the expertise and capability of trusted providers who focus on meeting these evolving requirements as a core competency.

LEAs Face New Challenges of Volume and Interpretation

The challenges raised by massive numbers of IoT endpoints can prove difficult for LEAs to drive intelligence. Especially from the hard-to-understand scraps of information in machine-to-machine transmissions. These communications lack format standardization, making it harder both to parse them individually and to understand them as a coherent whole. 

While the actual content of communications intercepted from IoT infrastructures tends to be of less interest than that of traditional data, it still can offer valuable insights used in lawful intelligence. For example, audio from a phone call may contain a conversation that is rich in details about a past, present, or future crime, whether expressed directly or surmised through synthesis with other information. On the other hand, IoT machine-to-machine communications tend to be much more discrete data points that reveal their meaning only through patterns and relationships with other messages.  

The problems of interpretation and analysis are therefore more complex with IoT than in conventional lawful intelligence, requiring the development of specialized algorithms and other measures that may vary significantly from the needs of one investigation to another. To effectively drive meaning from large sets of IoT data transmissions, LEAs must rely on tools that are capable of handling and executing complex queries against huge IoT datasets, synthesizing together the results with other data sources, and developing chains of evidence from them.


IoT represents a significant evolution in the requirements placed on both CSPs and LEAs to enact lawful intercept and intelligence. SS8 builds on its more than 20 years of industry leadership to meet the lawful intelligence challenges of IoT’s new topologies, billions of devices, and unprecedented diversity of information.  

CSPs can use the AXS-7100 Sensor and the SS8 Xcipio platform to cost-effectively support lawful intercept requirements across thousands of diverse IoT endpoints. This capability includes deploying Xcipio at the network edge where a significant amount of IoT processing occurs, to filter and intercept essential data that might not otherwise be retrievable.  

LEAs implement Intellego XT for data discovery and analysis, making it possible to drive meaning from huge numbers of information-sparse data streams. Applying advanced logic to the interpretation of IoT messages, Intellego XT provides powerful data analytics and visualization that transform machine-to-machine communications into investigative insight. 

The lawful intelligence challenges created by billions of IoT devices are a logical extension of the work that SS8 has been focused on since its inception. SS8 solutions enable streamlined, cost-effective compliance for CSPs, and for LEAs, the ability to transform a universe of IoT data into actionable insights. 

Learn more about Intellego XT, a scalable real-time analytics solution that provides actionable intelligence into a subject of interest.

About Dr. Cemal Dikmen

Dr Cemal Dikmen Head Shot SS8

As SS8’s CTO, Cemal plays an integral role in the company’s strategic direction, development, and future growth. A renowned expert and thought leader in the legal compliance and communications analysis domain, he has been a frequent speaker at various industry conferences over the past 10 years. Cemal holds BS, MS, and PhD degrees in Electrical Engineering. You can learn more about Cemal on his LinkedIn profile by clicking here.

About SS8 Networks

SS8 provides Lawful Intelligence platforms. They work closely with leading intelligence agencies, communication providers, law enforcement agencies and standards bodies and their technology incorporates the methodologies discussed in this blog. Xcipio® is already proven to meet the very high demands of 5G and provides the ability to transcode (convert) between lawful intercept handover versions and standard families. Intellego® XT natively supports ETSI, 3GPP and CALEA handovers, as well as national variants. Intellego XT’s MetaHub component is a best-in-class data analytics tool. Both product portfolios are used worldwide for the capture, analysis and delivery of data for the purposes of criminal investigations.

Tweet Us @SS8                        Follow Us LinkedIn

SS8 Newsletter



How to Ingest, Filter and Query 5G Volumes

Webinar Presented by Kevin McTiernan

CLICK HERE to watch!