I need help in resolving the following question:
I have a company which uses Voip which has a server with all the company user’s registered names. That server is used to set up each call by giving each participant the IP address of the other party. The actual phone calls are peer to peer encrypted links ( which do not go through any of my servers, and the keys do not come from the company but, instead it comes from a Diffie Helman exchange).
My company is required to comply with the Communications Assistance for Law Enforcement Act (CALEA) for all calls to and from USA phones.
A) How can my company determine if a phone call is being made in the USA?
B) Where would the CALEA have to put the hardware or software to eavesdrop on the calls?