24
ROMAN ZAKHAROV v. RUSSIA JUDGMENT
accessed through a privately maintained online legal database, which
reproduced it from the publication in SvyazInform.
116. Addendums nos. 1 and 3 describe the technical requirements for the
SORM on mobile-telephone networks. They specify that interception of
communications is performed by law-enforcement agencies from a remote
terminal connected to the interception equipment installed by the mobilenetwork operators. The equipment must be capable, inter alia, of
(a) creating databases of interception subjects, to be managed from the
remote terminal; (b) intercepting communications and transmitting the data
thereby obtained to the remote terminal; (c) protecting the data from
unauthorised access, including by the employees of the mobile-network
operator; (d) providing access to subscriber-address databases
(paragraphs 1.1 and 1.6 of Addendum no. 1).
117. More precisely, the equipment must ensure (a) interception of all
the incoming and outgoing calls of the interception subject; (b) access to
information about his whereabouts; (c) maintenance of interception
capability where an ongoing connection is transferred between the networks
of different mobile-network operators; (d) maintenance of interception
capability in cases involving supplementary services, such as call
forwarding, call transfer or conference calls, with the possibility of
registering the number or numbers to which the call is routed; (e) collection
of communications data concerning all types of connections, including fax,
SMS or other; (f) access to information about the services provided to the
interception subject (paragraph 2.1.2 of Addendum no. 1).
118. There are two types of interception: “total interception” and
“statistical monitoring”. Total interception is the real-time interception of
communications data and of the contents of all communications to or by the
interception subject. Statistical monitoring is real-time monitoring of
communications data only, with no interception of the content of
communications. Communications data include the telephone number
called, the start and end times of the connection, supplementary services
used, location of the interception subject and his connection status
(paragraphs 2.2 and 2.4 of Addendum no. 1).
119. The equipment installed must be capable of launching the
interception of communications within thirty seconds of receiving a
command from the remote terminal (paragraph 2.5 of Addendum no. 1).
120. Information about interception subjects or about the transmission of
any data to the remote terminal cannot be logged or recorded (paragraph 5.4
of Addendum no. 1).
121. The remote terminal receives a password from the mobile-network
operator giving it full access to the SORM. The remote terminal then
changes the password so that unauthorised persons cannot gain access to the
SORM. From the remote terminal, the SORM can be commanded, among
others, to start interception in respect of a subscriber, interrupt or