LALS

Lawful Access Location Services

Security
Introduced in Rel-13
A set of 3GPP standardized capabilities enabling law enforcement agencies to request and receive location information of a target subscriber's User Equipment (UE) for lawful interception purposes. It defines the interfaces, procedures, and security requirements to ensure authorized, reliable, and auditable access to location data.

Description

Lawful Access Location Services (LALS) is a standardized framework within 3GPP that extends lawful interception (LI) capabilities to include the provisioning of real-time or historical location information of a target subscriber. It operates as a specialized service within the broader LI architecture, interfacing with network elements capable of determining UE location, such as the Gateway Mobile Location Centre (GMLC), Serving Mobile Location Centre (SMLC), or Location Management Function (LMF). The system is triggered by a lawful authorization from a Law Enforcement Agency (LEA), which is mediated through a Lawful Enforcement Monitoring Facility (LEMF). The 3GPP network's Administration Function (ADMF) and Delivery Functions (DFs) receive the authorized interception request and coordinate with the relevant location service nodes to collect the required location data.

The technical operation involves several key interfaces defined in the 33.1xx series specifications. The ADMF receives the lawful intercept order and distributes the relevant identities (e.g., IMSI, MSISDN) and location service parameters to the appropriate network Delivery Function. For location services, this is typically the DF for location information (DF-L). The DF-L then interfaces, via standardized reference points (e.g., X1_1, X2), with the core network location service infrastructure. This infrastructure could be the GMLC in 4G/5G networks or the SMLC in 2G/3G contexts. The location request is processed, and the resulting geographical coordinates (e.g., latitude, longitude, uncertainty) and timestamp are delivered back through the DF-L to the LEMF.

Security and integrity are paramount in LALS. All communications between the network operator's LI infrastructure (ADMF, DF) and the LEA's LEMF are highly secured, often using dedicated, isolated networks or strong encryption over IPsec tunnels. The system ensures that only properly authorized requests are actioned and that all activities are logged for audit purposes. LALS supports various location determination methods, including network-based (e.g., Cell-ID, timing advance, OTDOA), UE-based (e.g., A-GNSS), or hybrid techniques, with the specific method often dictated by the network capabilities and the precision required by the interception warrant. Its role is critical in balancing the operational needs of law enforcement with the strict privacy and legal compliance frameworks governing telecommunications.

Purpose & Motivation

LALS was created to address a specific gap in early lawful interception standards, which primarily focused on intercepting communication content (CC) and intercept related information (IRI) like call logs, but did not formally standardize the provisioning of location data. As mobile devices became ubiquitous, the location of a subscriber became a crucial piece of information for law enforcement and national security investigations. The lack of a standardized method led to proprietary, operator-specific implementations, which were inefficient for LEAs operating across multiple networks and jurisdictions.

The introduction of LALS in 3GPP Release 13 provided a unified, secure, and reliable technical standard for the lawful interception of location information. It solved the problem of interoperability between different network vendors' equipment and the diverse systems used by law enforcement agencies globally. By defining clear architectural roles, interfaces, and data formats, it ensured that location data could be requested and delivered in a consistent, verifiable, and legally admissible manner. This standardization was motivated by evolving legal requirements worldwide that mandated telecommunications providers to assist in lawful investigations, including providing real-time tracking capabilities under proper judicial oversight.

Furthermore, LALS addresses the technical and security challenges of integrating sensitive location services into the LI framework. It ensures that location requests are properly authenticated and authorized, that data delivery is secure and reliable, and that all actions are auditable to prevent misuse. This protects both the privacy of individuals and the integrity of the legal process, providing a necessary tool for modern criminal investigations while upholding fundamental rights.

Key Features

  • Standardized interfaces (e.g., HI2, X1_1, X2) for requesting and delivering location data
  • Support for both real-time location tracking and provision of historical location records
  • Integration with core network location services (GMLC, SMLC, LMF)
  • Strong security mechanisms for authentication, authorization, and secure data transmission
  • Comprehensive auditing and logging of all interception-related activities
  • Support for multiple location determination technologies (Cell-ID, A-GNSS, OTDOA)

Evolution Across Releases

Rel-13 Initial

Initial introduction of LALS. Defined the basic architecture integrating location services into the lawful interception framework. Specified the roles of the ADMF, DF for location (DF-L), and interfaces to location service nodes like the GMLC for 4G. Established core procedures for authorization, request, and delivery of location information.

TS 33.106TS 33.107TS 33.108TS 33.126TS 33.127TS 33.128
Rel-14

Enhanced LALS capabilities with support for new location services and improved precision requirements. Introduced refinements to the interfaces and data formats to accommodate evolving location technologies. Strengthened security and privacy provisions in alignment with broader 3GPP security enhancements.

TS 33.106TS 33.107TS 33.108TS 33.126TS 33.127TS 33.128
Rel-15

Adapted LALS for 5G system architecture, integrating with the new Location Management Function (LMF) and Network Exposure Function (NEF). Defined procedures for lawful location access in Service-Based Architecture (SBA) and supported network slicing awareness for interception requests.

TS 33.106TS 33.107TS 33.108TS 33.126TS 33.127TS 33.128
Rel-16

Further enhancements for 5G, including support for vertical location (altitude) and improved accuracy for industrial and emergency service scenarios. Enhanced support for UE-based and hybrid location methods within the lawful interception context.

TS 33.106TS 33.107TS 33.108TS 33.126TS 33.127TS 33.128
Rel-17

Continued evolution for 5G Advanced, focusing on integration with enhanced positioning techniques like sidelink positioning and support for non-terrestrial networks (NTN). Refined privacy safeguards and data minimization techniques for location interception.

TS 33.106TS 33.107TS 33.108TS 33.126TS 33.127TS 33.128
Rel-18

Ongoing work to support AI/ML-based location services, improved energy efficiency for UE-based reporting in LALS, and further enhancements for extreme coverage scenarios and integrated sensing.

TS 33.106TS 33.107TS 33.108TS 33.126TS 33.127TS 33.128
Rel-19

Expected to include further refinements for 6G preparatory studies, advanced privacy-preserving techniques, and support for novel use cases requiring lawful location access in future network paradigms.

TS 33.106TS 33.107TS 33.108TS 33.126TS 33.127TS 33.128

Defining Specifications

SpecificationTitle
TS 33.106 3GPP TR 33.106
TS 33.107 3GPP TR 33.107
TS 33.108 3GPP TR 33.108
TS 33.126 3GPP TR 33.126
TS 33.127 3GPP TR 33.127
TS 33.128 3GPP TR 33.128